Exemplo n.º 1
1
func main() {
	certpath := flag.String("cert", "", "The path to a PEM certificate")
	keypath := flag.String("key", "", "The path to a PEM key")
	flag.Parse()
	if len(*certpath) == 0 || len(*keypath) == 0 {
		flag.PrintDefaults()
		return
	}
	ctx := gossl.NewContext(gossl.SSLv3Method())
	ctx.SetOptions(gossl.OpNoCompression)
	err := ctx.UsePrivateKeyFile(*keypath, gossl.FileTypePem)
	if err != nil {
		panic(err)
	}
	ctx.UseCertificateFile(*certpath, gossl.FileTypePem)
	if err != nil {
		panic(err)
	}
	l, err := net.Listen("tcp", ":8000")
	if err != nil {
		panic(err)
	}
	l, err = gossl.NewListener(l, ctx)
	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
		fmt.Fprintf(w, "Hello, %q\n", html.EscapeString(r.URL.Path))
	})
	http.Serve(l, nil)

}
Exemplo n.º 2
0
//Wrap an existing listener + crypto config and return a new TLS enabled listener.
func NewListener(inner net.Listener, config *tls.Config) (net.Listener, error) {
	l := new(gossl.Listener)
	l.Listener = inner
	//FIXME hardcoded in method
	l.Context = gossl.NewContext(gossl.SSLv23Method())
	if l.Context == nil {
		msg := sslerr.SSLErrorMessage().String()
		return nil, errors.New("problem creating ssl context:\n" + msg)
	}
	//set certificates
	//grab the private key
	Kr := config.Certificates[0].PrivateKey
	private_key_der, err := extractDERKey(Kr)
	private_key, err := evp.LoadPrivateKeyDER(private_key_der)
	if err != nil {
		return nil, err
	}
	//set the private key into the context
	err = l.Context.UsePrivateKey(private_key)
	if err != nil {
		return nil, errors.New("problem loading key " + sslerr.SSLErrorMessage().String())
	}
	cert, err := x509.ParseCertificate(config.Certificates[0].Certificate[0])
	if err != nil {
		return nil, err
	}
	err = l.Context.UseCertificate(cert)
	if err != nil {
		return nil, errors.New("problem loading key " + sslerr.SSLErrorMessage().String())
	}
	return l, nil
}
Exemplo n.º 3
0
func main() {
	flag.Parse()

	context = gossl.NewContext(gossl.SSLv23ClientMethod())
	context.SetCipherList("ALL:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP")

	transport := &OpenSSLRoundTripper{context}
	client := &http.Client{Transport: transport}

	logger.Printf("retrieving url=%q", *url)
	response, err := client.Get(*url)
	if err != nil {
		logger.Printf("error with http: %+v", err)
		return
	}

	fmt.Println("Output:")
	io.Copy(os.Stdout, response.Body)
}