73 lines
2.0 KiB
Go
73 lines
2.0 KiB
Go
package util
|
|
|
|
import "strings"
|
|
|
|
import "codit/config"
|
|
import "codit/internal/models"
|
|
|
|
func TLSSettingsFromConfig(appCfg config.Config) models.TLSSettings {
|
|
var settings models.TLSSettings
|
|
var addrs []string
|
|
|
|
addrs = config.NormalizeHTTPAddrs(appCfg.CTL.Service.Addrs)
|
|
settings = models.TLSSettings{
|
|
EndpointPolicies: DefaultTLSEndpointPolicies(),
|
|
TLSServerCertSource: normalizeTLSServerCertSource(appCfg.CTL.TLS.ServerCertSource),
|
|
TLSCertFile: strings.TrimSpace(appCfg.CTL.TLS.CertFile),
|
|
TLSKeyFile: strings.TrimSpace(appCfg.CTL.TLS.KeyFile),
|
|
TLSPKIServerCertID: strings.TrimSpace(appCfg.CTL.TLS.PKIServerCertID),
|
|
TLSClientAuth: normalizeTLSClientAuth(appCfg.CTL.TLS.ClientAuth),
|
|
TLSClientCAFile: strings.TrimSpace(appCfg.CTL.TLS.ClientCAFile),
|
|
TLSPKIClientCAID: strings.TrimSpace(appCfg.CTL.TLS.PKIClientCAID),
|
|
TLSMinVersion: normalizeTLSMinVersion(appCfg.CTL.TLS.MinVersion),
|
|
}
|
|
if appCfg.CTL.TLS.Enabled {
|
|
settings.HTTPSAddrs = addrs
|
|
} else {
|
|
settings.HTTPAddrs = addrs
|
|
}
|
|
return settings
|
|
}
|
|
|
|
func DefaultTLSEndpointPolicies() []models.TLSEndpointPolicy {
|
|
var services []string
|
|
var items []models.TLSEndpointPolicy
|
|
var i int
|
|
|
|
services = []string{"api", "git", "rpm", "v2"}
|
|
for i = 0; i < len(services); i++ {
|
|
items = append(items, models.TLSEndpointPolicy{
|
|
Service: services[i],
|
|
PolicyID: "tls-auth-default",
|
|
})
|
|
}
|
|
return items
|
|
}
|
|
|
|
func normalizeTLSServerCertSource(value string) string {
|
|
var v string
|
|
v = strings.ToLower(strings.TrimSpace(value))
|
|
if v == "files" {
|
|
return "files"
|
|
}
|
|
return "pki"
|
|
}
|
|
|
|
func normalizeTLSClientAuth(value string) string {
|
|
var v string
|
|
v = strings.ToLower(strings.TrimSpace(value))
|
|
if v == "request" || v == "require" || v == "verify_if_given" || v == "require_and_verify" {
|
|
return v
|
|
}
|
|
return "none"
|
|
}
|
|
|
|
func normalizeTLSMinVersion(value string) string {
|
|
var v string
|
|
v = strings.ToLower(strings.TrimSpace(value))
|
|
if v == "1.0" || v == "1.1" || v == "1.3" || v == "tls1.0" || v == "tls1.1" || v == "tls1.3" {
|
|
return v
|
|
}
|
|
return "1.2"
|
|
}
|