Golang Config.AuthenticateClient Examples

Programming Language: Golang

Namespace/Package Name: crypto/tls

Class/Type: Config

Method/Function: AuthenticateClient

Examples at hotexamples.com: 2

Golang Config.AuthenticateClient - 2 examples found. These are the top rated real world Golang examples of crypto/tls.Config.AuthenticateClient extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

NextProtos(30)

Certificates(30)

ClientCAs(30)

ServerName(30)

RootCAs(30)

Rand(30)

InsecureSkipVerify(30)

MinVersion(30)

ClientAuth(28)

BuildNameToCertificate(28)

CipherSuites(14)

PreferServerCipherSuites(10)

Time(8)

MaxVersion(6)

GetCertificate(6)

SessionTicketsDisabled(4)

Clone(3)

CurvePreferences(2)

ClientSessionCache(2)

AuthenticateClient(2)

Renegotiation(1)

SessionTicketKey(1)

SetSessionTicketKeys(1)

Example #1

Show file

File: listen.go Project: jbeshir/OddComm

// Listen for incoming node connections, which are sent on the given channel.
// RemoteCerts must be setup by this point.
func Listen(addr string, ch chan<- *tls.Conn) {

	config := new(tls.Config)
	config.Certificates = []tls.Certificate{Cert}
	config.AuthenticateClient = true

	listener, err := tls.Listen("tcp", addr, config)
	if err != nil {
		panic(err)
	}

	for {
		conn, err := listener.Accept()
		if err != nil {
			panic(err)
		}
		tlsConn := conn.(*tls.Conn)

		err = tlsConn.Handshake()
		if err != nil {
			println(err.Error())
			tlsConn.Close()
			continue
		}

		ch <- tlsConn
	}
}

Example #2

Show file

File: tlsserver.go Project: pcgod/grumble

func NewTLSListener(port int) (rl *tls.Listener) {
	rl = nil

	// Load the certificate
	pemBytes, err := ioutil.ReadFile("grumble.crt")
	if err != nil {
		log.Printf("Failed to read server.crt: %s", err)
		return
	}

	// Decode the certificate
	cert, _ := pem.Decode(pemBytes)
	if cert == nil {
		log.Printf("Failed to parse server.crt")
		return
	}

	// Load the private key
	keyBytes, err := ioutil.ReadFile("grumble.key")
	if err != nil {
		log.Printf("Failed to read server.key.insecure: %s", err)
		return
	}

	// Decode the private key
	pkPEM, _ := pem.Decode(keyBytes)
	if pkPEM == nil {
		log.Printf("Failed to parse server.key.insecure: %s", err)
		return
	}

	// Determine if we are an RSA private key
	if pkPEM.Type != "RSA PRIVATE KEY" {
		log.Printf("server.key.insecure is not an RSA private key. Found '%s'",
			pkPEM.Type)
		return
	}

	// Check if the PEM file has headers. This will typically
	// mean that it requires a passphrase to decrypt it. For now,
	// let us just assume that people will decrypt them for us, so
	// we can use them without too much work.
	if len(pkPEM.Headers) != 0 {
		log.Printf("server.key.insecure has headers and is probably encrypted.")
		return
	}

	// Parse the PKCS12 private key.
	priv, err := x509.ParsePKCS1PrivateKey(pkPEM.Bytes)
	if err != nil {
		log.Printf("Invalid key in server.key.insecure: %s", err)
		return
	}

	// Create a new TLS config.
	config := new(tls.Config)
	config.Rand = rand.Reader
	config.Time = time.Seconds
	config.Certificates = make([]tls.Certificate, 1)
	config.Certificates[0].Certificate = [][]byte{cert.Bytes}
	config.Certificates[0].PrivateKey = priv
	config.AuthenticateClient = true

	l, err := net.ListenTCP("tcp", &net.TCPAddr{
		net.ParseIP("0.0.0.0"),
		port,
	})
	if err != nil {
		log.Printf("Cannot bind: %s\n", err)
		return
	}

	rl = tls.NewListener(l, config)

	return
}