a
/
badguardhome
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

/tls/ -- prevent encryption errors when changing certificates mid-request

This commit is contained in:
Eugene Bujak 2019-02-19 17:52:19 +03:00
parent 0b7f0396de
commit 885e4e16c8
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app.go
View File

@ -185,8 +185,13 @@ func run(args options) {
} }
config.TLS = data // update warnings config.TLS = data // update warnings
// prepare cert for HTTPS server // prepare certs for HTTPS server
cert, err := tls.X509KeyPair([]byte(config.TLS.CertificateChain), []byte(config.TLS.PrivateKey)) // important -- they have to be copies, otherwise changing the contents in config.TLS will break encryption for in-flight requests
certchain := make([]byte, len(config.TLS.CertificateChain))
copy(certchain, []byte(config.TLS.CertificateChain))
privatekey := make([]byte, len(config.TLS.PrivateKey))
copy(privatekey, []byte(config.TLS.PrivateKey))
cert, err := tls.X509KeyPair(certchain, privatekey)
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
os.Exit(1) os.Exit(1)