summaryrefslogtreecommitdiffhomepage
path: root/modules/caddytls/fileloader.go
diff options
context:
space:
mode:
Diffstat (limited to 'modules/caddytls/fileloader.go')
-rw-r--r--modules/caddytls/fileloader.go61
1 files changed, 61 insertions, 0 deletions
diff --git a/modules/caddytls/fileloader.go b/modules/caddytls/fileloader.go
new file mode 100644
index 000000000..fae2275a8
--- /dev/null
+++ b/modules/caddytls/fileloader.go
@@ -0,0 +1,61 @@
+package caddytls
+
+import (
+ "crypto/tls"
+ "fmt"
+ "io/ioutil"
+
+ "bitbucket.org/lightcodelabs/caddy2"
+)
+
+func init() {
+ caddy2.RegisterModule(caddy2.Module{
+ Name: "tls.certificates.load_files",
+ New: func() (interface{}, error) { return fileLoader{}, nil },
+ })
+}
+
+// fileLoader loads certificates and their associated keys from disk.
+type fileLoader []CertKeyFilePair
+
+// CertKeyFilePair pairs certificate and key file names along with their
+// encoding format so that they can be loaded from disk.
+type CertKeyFilePair struct {
+ Certificate string `json:"certificate"`
+ Key string `json:"key"`
+ Format string `json:"format,omitempty"` // "pem" is default
+}
+
+// LoadCertificates returns the certificates to be loaded by fl.
+func (fl fileLoader) LoadCertificates() ([]tls.Certificate, error) {
+ var certs []tls.Certificate
+ for _, pair := range fl {
+ certData, err := ioutil.ReadFile(pair.Certificate)
+ if err != nil {
+ return nil, err
+ }
+ keyData, err := ioutil.ReadFile(pair.Key)
+ if err != nil {
+ return nil, err
+ }
+
+ var cert tls.Certificate
+ switch pair.Format {
+ case "":
+ fallthrough
+ case "pem":
+ cert, err = tls.X509KeyPair(certData, keyData)
+ default:
+ return nil, fmt.Errorf("unrecognized certificate/key encoding format: %s", pair.Format)
+ }
+ if err != nil {
+ return nil, err
+ }
+
+ certs = append(certs, cert)
+ }
+ return certs, nil
+}
+
+// Interface guard
+var _ CertificateLoader = (fileLoader)(nil)
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 13:46:59 +0000