func startHttp() {
http.HandleFunc("/register", register)
http.HandleFunc("/unregister", unregister)
laddr := fmt.Sprintf(":%d", *port)
tlsConfig := tlsdefaults.Server()
_, _, err := keyman.StoredPKAndCert(PKFile, CertFile, "Lantern", "localhost")
if err != nil {
log.Fatalf("Unable to initialize private key and certificate: %v", err)
}
cert, err := tls.LoadX509KeyPair(CertFile, PKFile)
if err != nil {
log.Fatalf("Unable to load certificate and key from %s and %s: %s", CertFile, PKFile, err)
}
tlsConfig.Certificates = []tls.Certificate{cert}
log.Debugf("About to listen at %v", laddr)
l, err := tls.Listen("tcp", laddr, tlsConfig)
if err != nil {
log.Fatalf("Unable to listen for tls connections at %s: %s", laddr, err)
}
log.Debug("About to serve")
err = http.Serve(l, nil)
if err != nil {
log.Fatalf("Unable to serve: %s", err)
}
}
func (server *Server) listenTLS() (net.Listener, error) {
host, _, err := net.SplitHostPort(server.Addr)
if err != nil {
return nil, fmt.Errorf("Unable to split host and port for %v: %v", server.Addr, err)
}
err = server.CertContext.InitServerCert(host)
if err != nil {
return nil, fmt.Errorf("Unable to init server cert: %s", err)
}
tlsConfig := server.TLSConfig
if server.TLSConfig == nil {
tlsConfig = tlsdefaults.Server()
}
cert, err := tls.LoadX509KeyPair(server.CertContext.ServerCertFile, server.CertContext.PKFile)
if err != nil {
return nil, fmt.Errorf("Unable to load certificate and key from %s and %s: %s", server.CertContext.ServerCertFile, server.CertContext.PKFile, err)
}
tlsConfig.Certificates = []tls.Certificate{cert}
listener, err := tls.Listen("tcp", server.Addr, tlsConfig)
if err != nil {
return nil, fmt.Errorf("Unable to listen for tls connections at %s: %s", server.Addr, err)
}
return listener, err
}
func listenTLS(addr string) (net.Listener, error) {
host, _, err := net.SplitHostPort(addr)
if err != nil {
return nil, fmt.Errorf("Unable to split host and port for %v: %v\n", addr, err)
}
ctx := CertContext{
PKFile: "key.pem",
ServerCertFile: "cert.pem",
}
err = ctx.InitServerCert(host)
if err != nil {
return nil, fmt.Errorf("Unable to init server cert: %s\n", err)
}
tlsConfig := tlsdefaults.Server()
cert, err := tls.LoadX509KeyPair(ctx.ServerCertFile, ctx.PKFile)
if err != nil {
return nil, fmt.Errorf("Unable to load certificate and key from %s and %s: %s\n", ctx.ServerCertFile, ctx.PKFile, err)
}
tlsConfig.Certificates = []tls.Certificate{cert}
listener, err := tls.Listen("tcp", addr, tlsConfig)
if err != nil {
return nil, fmt.Errorf("Unable to listen for tls connections at %s: %s\n", addr, err)
}
return listener, err
}
func listenTLS(addr, pkfile, certfile string) (net.Listener, error) {
host, _, err := net.SplitHostPort(addr)
if err != nil {
return nil, fmt.Errorf("Unable to split host and port for %v: %v\n", addr, err)
}
mypkfile := pkfile
if mypkfile == "" {
mypkfile = "key.pem"
}
mycertfile := certfile
if mycertfile == "" {
mycertfile = "cert.pem"
}
ctx := CertContext{
PKFile: mypkfile,
ServerCertFile: mycertfile,
}
_, err1 := os.Stat(ctx.ServerCertFile)
_, err2 := os.Stat(ctx.PKFile)
if os.IsNotExist(err1) || os.IsNotExist(err2) {
fmt.Println("At least one of the Key/Cert files is not found -> Generating new key pair")
err = ctx.initServerCert(host)
if err != nil {
return nil, fmt.Errorf("Unable to init server cert: %s\n", err)
}
} /* else if *debug {
fmt.Println("Using provided Key/Cert files")
}*/
tlsConfig := tlsdefaults.Server()
cert, err := tls.LoadX509KeyPair(ctx.ServerCertFile, ctx.PKFile)
if err != nil {
return nil, fmt.Errorf("Unable to load certificate and key from %s and %s: %s\n", ctx.ServerCertFile, ctx.PKFile, err)
}
tlsConfig.Certificates = []tls.Certificate{cert}
listener, err := tls.Listen("tcp", addr, tlsConfig)
if err != nil {
return nil, fmt.Errorf("Unable to listen for tls connections at %s: %s\n", addr, err)
}
return listener, err
}