42 lines
1.0 KiB
Go
42 lines
1.0 KiB
Go
|
package main
|
||
|
|
||
|
import (
|
||
|
"crypto/tls"
|
||
|
"net"
|
||
|
|
||
|
"gitlab.com/gitlab-org/labkit/log"
|
||
|
|
||
|
"gitlab.com/gitlab-org/gitlab/workhorse/internal/config"
|
||
|
)
|
||
|
|
||
|
var tlsVersions = map[string]uint16{
|
||
|
"": 0, // Default value in tls.Config
|
||
|
"tls1.0": tls.VersionTLS10,
|
||
|
"tls1.1": tls.VersionTLS11,
|
||
|
"tls1.2": tls.VersionTLS12,
|
||
|
"tls1.3": tls.VersionTLS13,
|
||
|
}
|
||
|
|
||
|
func newListener(name string, cfg config.ListenerConfig) (net.Listener, error) {
|
||
|
if cfg.Tls == nil {
|
||
|
log.WithFields(log.Fields{"address": cfg.Addr, "network": cfg.Network}).Infof("Running %v server", name)
|
||
|
|
||
|
return net.Listen(cfg.Network, cfg.Addr)
|
||
|
}
|
||
|
|
||
|
cert, err := tls.LoadX509KeyPair(cfg.Tls.Certificate, cfg.Tls.Key)
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
|
||
|
log.WithFields(log.Fields{"address": cfg.Addr, "network": cfg.Network}).Infof("Running %v server with tls", name)
|
||
|
|
||
|
tlsConfig := &tls.Config{
|
||
|
MinVersion: tlsVersions[cfg.Tls.MinVersion],
|
||
|
MaxVersion: tlsVersions[cfg.Tls.MaxVersion],
|
||
|
Certificates: []tls.Certificate{cert},
|
||
|
}
|
||
|
|
||
|
return tls.Listen(cfg.Network, cfg.Addr, tlsConfig)
|
||
|
}
|