This repository has been archived by the owner on May 18, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathhttp_server.go
124 lines (109 loc) · 2.9 KB
/
http_server.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
package httpx
import (
"context"
"crypto/tls"
"log"
"net/http"
"strings"
"time"
)
type HTTPServer struct {
certificatePEM string
keyPEM string
inner *http.Server
}
func NewHTTPServer(listenAddress string, handler http.Handler) *HTTPServer {
if len(listenAddress) == 0 {
log.Println("[INFO] No listen address provided. No HTTP server will be created.")
return nil
}
return &HTTPServer{
inner: &http.Server{
Addr: listenAddress,
Handler: handler,
ReadTimeout: time.Second * 15,
WriteTimeout: time.Second * 15,
MaxHeaderBytes: 1024 * 64,
ErrorLog: newServerLogger(),
},
}
}
func (this *HTTPServer) WithTLSFiles(cert, key string, tlsConfig *tls.Config) *HTTPServer {
if this == nil {
return nil
}
tlsConfig = defaultTLSConfig(tlsConfig)
this.certificatePEM = cert
this.keyPEM = key
return this
}
func (this *HTTPServer) WithTLS(certificatePEM string, tlsConfig *tls.Config) *HTTPServer {
if this == nil {
return nil
}
tlsConfig = defaultTLSConfig(tlsConfig)
if strings.Contains(certificatePEM, "----BEGIN") {
if cert, err := tls.X509KeyPair([]byte(certificatePEM), []byte(certificatePEM)); err == nil {
tlsConfig.Certificates = append(tlsConfig.Certificates, cert)
} else {
log.Fatal("[ERROR] Unable to parse TLS certificate data: ", err)
}
} else {
this.certificatePEM = certificatePEM
}
this.inner.TLSConfig = tlsConfig
return this
}
func defaultTLSConfig(config *tls.Config) *tls.Config {
if config != nil {
return config
}
return &tls.Config{
MinVersion: tls.VersionTLS12,
PreferServerCipherSuites: true,
SessionTicketsDisabled: true,
CipherSuites: []uint16{
tls.TLS_FALLBACK_SCSV,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
},
}
}
func (this *HTTPServer) Listen() {
if this == nil {
return
}
log.Printf("[INFO] Listening for HTTP traffic on %s.\n", this.inner.Addr)
if err := this.listen(); err == nil {
return
} else if err == http.ErrServerClosed {
log.Println("[INFO] HTTP listener shut down gracefully.")
} else {
log.Fatal("[ERROR] Unable to listen to HTTP traffic: ", err)
}
}
func (this *HTTPServer) listen() error {
if len(this.certificatePEM) == 0 && (this.inner.TLSConfig == nil || len(this.inner.TLSConfig.Certificates) == 0) {
return this.inner.ListenAndServe()
}
return this.inner.ListenAndServeTLS(this.certificatePEM, this.privateKeyPEM())
}
func (this *HTTPServer) privateKeyPEM() string {
if len(this.keyPEM) == 0 {
return this.certificatePEM
} else {
return this.keyPEM
}
}
func (this *HTTPServer) Shutdown(timeout time.Duration) error {
if this == nil {
return nil
}
ctx, cancel := context.WithTimeout(context.Background(), timeout)
defer cancel()
return this.inner.Shutdown(ctx)
}
func (this *HTTPServer) Close() {
this.Shutdown(DefaultShutdownTimeout)
}
var DefaultShutdownTimeout = time.Second