mirror of
https://github.com/yusing/godoxy.git
synced 2026-04-19 23:41:38 +02:00
v0.26.0
This commit is contained in:
yusing
@@ -3,6 +3,7 @@ package route
|
||||
import (
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"errors"
|
||||
"net/url"
|
||||
"os"
|
||||
"strings"
|
||||
@@ -25,7 +26,8 @@ type HTTPConfig struct {
|
||||
}
|
||||
|
||||
// BuildTLSConfig creates a TLS configuration based on the HTTP config options.
|
||||
func (cfg *HTTPConfig) BuildTLSConfig(targetURL *url.URL) (*tls.Config, gperr.Error) {
|
||||
func (cfg *HTTPConfig) BuildTLSConfig(targetURL *url.URL) (*tls.Config, error) {
|
||||
//nolint:gosec
|
||||
tlsConfig := &tls.Config{}
|
||||
|
||||
// Handle InsecureSkipVerify (legacy NoTLSVerify option)
|
||||
@@ -54,15 +56,12 @@ func (cfg *HTTPConfig) BuildTLSConfig(targetURL *url.URL) (*tls.Config, gperr.Er
|
||||
if cfg.SSLTrustedCertificate != "" {
|
||||
caCertData, err := os.ReadFile(cfg.SSLTrustedCertificate)
|
||||
if err != nil {
|
||||
return nil, gperr.New("failed to read trusted certificate file").
|
||||
Subject(cfg.SSLTrustedCertificate).
|
||||
With(err)
|
||||
return nil, gperr.PrependSubject(err, cfg.SSLTrustedCertificate)
|
||||
}
|
||||
|
||||
caCertPool := x509.NewCertPool()
|
||||
if !caCertPool.AppendCertsFromPEM(caCertData) {
|
||||
return nil, gperr.New("failed to parse trusted certificates").
|
||||
Subject(cfg.SSLTrustedCertificate)
|
||||
return nil, gperr.PrependSubject(errors.New("failed to parse trusted certificates"), cfg.SSLTrustedCertificate)
|
||||
}
|
||||
tlsConfig.RootCAs = caCertPool
|
||||
}
|
||||
@@ -70,16 +69,16 @@ func (cfg *HTTPConfig) BuildTLSConfig(targetURL *url.URL) (*tls.Config, gperr.Er
|
||||
// Handle ssl_certificate and ssl_certificate_key (client certificates)
|
||||
if cfg.SSLCertificate != "" {
|
||||
if cfg.SSLCertificateKey == "" {
|
||||
return nil, gperr.New("ssl_certificate_key is required when ssl_certificate is specified")
|
||||
return nil, errors.New("ssl_certificate_key is required when ssl_certificate is specified")
|
||||
}
|
||||
|
||||
clientCert, err := tls.LoadX509KeyPair(cfg.SSLCertificate, cfg.SSLCertificateKey)
|
||||
if err != nil {
|
||||
return nil, gperr.New("failed to load client certificate").
|
||||
Subject(cfg.SSLCertificate).
|
||||
With(err)
|
||||
return nil, gperr.PrependSubject(err, cfg.SSLCertificate)
|
||||
}
|
||||
tlsConfig.Certificates = []tls.Certificate{clientCert}
|
||||
} else if cfg.SSLCertificateKey != "" {
|
||||
return nil, errors.New("ssl_certificate is required when ssl_certificate_key is specified")
|
||||
}
|
||||
|
||||
// Handle ssl_protocols (TLS versions)
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package route
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"strconv"
|
||||
|
||||
gperr "github.com/yusing/goutils/errs"
|
||||
@@ -13,8 +14,8 @@ type Port struct {
|
||||
} // @name Port
|
||||
|
||||
var (
|
||||
ErrInvalidPortSyntax = gperr.New("invalid port syntax, expect [listening_port:]target_port")
|
||||
ErrPortOutOfRange = gperr.New("port out of range")
|
||||
ErrInvalidPortSyntax = errors.New("invalid port syntax, expect [listening_port:]target_port")
|
||||
ErrPortOutOfRange = errors.New("port out of range")
|
||||
)
|
||||
|
||||
// Parse implements strutils.Parser.
|
||||
@@ -30,7 +31,7 @@ func (p *Port) Parse(v string) (err error) {
|
||||
p.Proxy, err2 = strconv.Atoi(parts[1])
|
||||
err = gperr.Join(err, err2)
|
||||
default:
|
||||
return ErrInvalidPortSyntax.Subject(v)
|
||||
return gperr.PrependSubject(ErrInvalidPortSyntax, v)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
@@ -38,11 +39,11 @@ func (p *Port) Parse(v string) (err error) {
|
||||
}
|
||||
|
||||
if p.Listening < MinPort || p.Listening > MaxPort {
|
||||
return ErrPortOutOfRange.Subjectf("%d", p.Listening)
|
||||
return gperr.PrependSubject(ErrPortOutOfRange, strconv.Itoa(p.Listening))
|
||||
}
|
||||
|
||||
if p.Proxy < MinPort || p.Proxy > MaxPort {
|
||||
return ErrPortOutOfRange.Subjectf("%d", p.Proxy)
|
||||
return gperr.PrependSubject(ErrPortOutOfRange, strconv.Itoa(p.Proxy))
|
||||
}
|
||||
|
||||
return nil
|
||||
|
||||
@@ -2,6 +2,7 @@ package route
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"strconv"
|
||||
|
||||
gperr "github.com/yusing/goutils/errs"
|
||||
@@ -9,7 +10,7 @@ import (
|
||||
|
||||
type Scheme uint8
|
||||
|
||||
var ErrInvalidScheme = gperr.New("invalid scheme")
|
||||
var ErrInvalidScheme = errors.New("invalid scheme")
|
||||
|
||||
const (
|
||||
SchemeHTTP Scheme = 1 << iota
|
||||
@@ -79,7 +80,7 @@ func (s *Scheme) Parse(v string) error {
|
||||
case schemeStrFileServer:
|
||||
*s = SchemeFileServer
|
||||
default:
|
||||
return ErrInvalidScheme.Subject(v)
|
||||
return gperr.PrependSubject(ErrInvalidScheme, v)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user