func (s *StartTLSElement) Handle(st stream.ServerStream, opts features.Options) error {
conf := opts.(*startTLSConf)
cert, err := tls.LoadX509KeyPair(conf.PEMPath, conf.KeyPath)
if err != nil {
log.Println("Could not load keys:", err)
return err
}
config := &tls.Config{
Certificates: []tls.Certificate{cert},
ClientAuth: tls.VerifyClientCertIfGiven,
Rand: rand.Reader,
}
err = st.UpdateRW(func(srwc io.ReadWriteCloser) (io.ReadWriteCloser, error) {
if conn, ok := srwc.(net.Conn); ok {
tls_conn := tls.Server(conn, config)
// Once we inialized - let client proceed
if err := st.WriteElement(&ProceedElement{}); err != nil {
return nil, err
}
// Now do a handshake
if err := tls_conn.Handshake(); err != nil {
log.Println("TLS Handshake error:", err)
return nil, err
}
return tls_conn, nil
}
return nil, errors.New("Wrong ReadWriteCloser, expected connection")
})
if err != nil {
log.Println("Could not replace connection", err)
return err
}
state := NewStartTLSState()
state.Started = true
st.State().Push(state)
st.ReOpen()
return nil
}
func (c *compressElement) Handle(s stream.ServerStream, opts features.Options) error {
var compressor Compressor
conf := opts.(CompressionConfig)
if _, ok := conf[c.Method]; ok {
if compr, ok := Methods[c.Method]; ok {
compressor = compr
}
}
if compressor == nil {
if err := s.WriteElement(&MethodNotSupportedError{}); err != nil {
return err
}
return fmt.Errorf("Unsupported compression method requested")
}
var state *CompressState
if err := s.State().Get(&state); err != nil {
state = NewCompressState()
s.State().Push(state)
}
state.Compressed = true
if err := s.WriteElement(&CompressionSuccess{}); err != nil {
return err
}
if err := swapStreamRW(s, compressor); err != nil {
if err := s.WriteElement(&ProcessingFailedError{}); err != nil {
return err
}
return err
}
s.ReOpen()
return nil
}
