Skip to content

Commit

Permalink
Merge pull request #90 from sunvim/master
Browse files Browse the repository at this point in the history 
support tls certificates update
  • Loading branch information
@lesismal
lesismal authored Sep 11, 2021
2 parents a868128 + c1c377a commit 37b79bf
Showing 1 changed file with 22 additions and 12 deletions.
34 changes: 22 additions & 12 deletions nbhttp/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,12 @@ type Server struct {

mux sync.Mutex
conns map[*nbio.Conn]struct{}

tlsConfig *tls.Config
}

func (s *Server) SetTLSConfig(config *tls.Config) {
s.tlsConfig = wrapTLSConfig(config)
}

// OnOpen registers callback for new connection
Expand Down Expand Up @@ -351,6 +357,20 @@ func NewServer(conf Config, handler http.Handler, messageHandlerExecutor func(f
return svr
}

func wrapTLSConfig(tlsConfig *tls.Config) *tls.Config {
// setup prefer protos: http2.0, other protos to be added
preferenceProtos := map[string]struct{}{
// "h2": {},
}
for _, v := range tlsConfig.NextProtos {
delete(preferenceProtos, v)
}
for proto := range preferenceProtos {
tlsConfig.NextProtos = append(tlsConfig.NextProtos, proto)
}
return tlsConfig
}

// NewServerTLS .
func NewServerTLS(conf Config, handler http.Handler, messageHandlerExecutor func(f func()), tlsConfig *tls.Config) *Server {
if conf.MaxLoad <= 0 {
Expand Down Expand Up @@ -412,17 +432,6 @@ func NewServerTLS(conf Config, handler http.Handler, messageHandlerExecutor func
messageHandlerExecutor = messageHandlerExecutePool.Go
}

// setup prefer protos: http2.0, other protos to be added
preferenceProtos := map[string]struct{}{
// "h2": {},
}
for _, v := range tlsConfig.NextProtos {
delete(preferenceProtos, v)
}
for proto := range preferenceProtos {
tlsConfig.NextProtos = append(tlsConfig.NextProtos, proto)
}

gopherConf := nbio.Config{
Name: conf.Name,
Network: conf.Network,
Expand All @@ -448,6 +457,7 @@ func NewServerTLS(conf Config, handler http.Handler, messageHandlerExecutor func
ReleaseWebsocketPayload: conf.ReleaseWebsocketPayload,
CheckUtf8: utf8.Valid,
conns: map[*nbio.Conn]struct{}{},
tlsConfig: wrapTLSConfig(tlsConfig),
}

isClient := false
Expand All @@ -462,7 +472,7 @@ func NewServerTLS(conf Config, handler http.Handler, messageHandlerExecutor func
svr.conns[c] = struct{}{}
svr.mux.Unlock()
svr._onOpen(c)
tlsConn := tls.NewConn(c, tlsConfig, isClient, true, mempool.DefaultMemPool)
tlsConn := tls.NewConn(c, svr.tlsConfig, isClient, true, mempool.DefaultMemPool)
processor := NewServerProcessor(tlsConn, handler, conf.KeepaliveTime, conf.EnableSendfile)
parser := NewParser(processor, false, conf.ReadLimit, c.Execute)
parser.Conn = tlsConn
Expand Down

0 comments on commit 37b79bf

Please sign in to comment.