Add native SSL/TLS listener support from @enmand for our new config

2025-12-20 02:00:11 -08:00 · 2016-04-13 20:45:09 +10:00 · 2016-04-13 20:45:09 +10:00 · c3288823af
commit c3288823af
parent 8dc2732137
5 changed files with 57 additions and 9 deletions
--- a/irc/config.go
+++ b/irc/config.go
@ -1,6 +1,7 @@
 package irc

 import (
+	"crypto/tls"
 	"errors"
 	"io/ioutil"
 	"log"
@ -12,6 +13,24 @@ type PassConfig struct {
 	Password string
 }

+// SSLListenConfig defines configuration options for listening on SSL
+type SSLListenConfig struct {
+	Cert string
+	Key  string
+}
+
+// Certificate returns the SSL certificate assicated with this SSLListenConfig
+func (conf *SSLListenConfig) Config() (*tls.Config, error) {
+	cert, err := tls.LoadX509KeyPair(conf.Cert, conf.Key)
+	if err != nil {
+		return nil, errors.New("ssl cert+key: invalid pair")
+	}
+
+	return &tls.Config{
+		Certificates: []tls.Certificate{cert},
+	}, err
+}
+
 func (conf *PassConfig) PasswordBytes() []byte {
 	bytes, err := DecodePassword(conf.Password)
 	if err != nil {
@ -35,6 +54,8 @@ type Config struct {
 		MOTD     string
 	}

+	SSLListener map[string]*SSLListenConfig
+
 	Operator map[string]*PassConfig

 	Theater map[string]*PassConfig
@ -60,6 +81,18 @@ func (conf *Config) Theaters() map[Name][]byte {
 	return theaters
 }

+func (conf *Config) SSLListeners() map[Name]*tls.Config {
+	sslListeners := make(map[Name]*tls.Config)
+	for s, sslListenersConf := range conf.SSLListener {
+		config, err := sslListenersConf.Config()
+		if err != nil {
+			log.Fatal(err)
+		}
+		sslListeners[NewName(s)] = config
+	}
+	return sslListeners
+}
+
 func LoadConfig(filename string) (config *Config, err error) {
 	data, err := ioutil.ReadFile(filename)
 	if err != nil {