dispatch/storage/user_cert.go

package storage

import (
	"crypto/tls"
	"errors"
	"io/ioutil"
)

var (
	ErrInvalidCert      = errors.New("Invalid certificate")
	ErrCouldNotSaveCert = errors.New("Could not save certificate")
)

func (u *User) GetCertificate() *tls.Certificate {
	u.lock.Lock()
	cert := u.certificate
	u.lock.Unlock()

	return cert
}

func (u *User) SetCertificate(certPEM, keyPEM []byte) error {
	cert, err := tls.X509KeyPair(certPEM, keyPEM)
	if err != nil {
		return ErrInvalidCert
	}
	u.lock.Lock()
	u.certificate = &cert
	u.lock.Unlock()

	err = ioutil.WriteFile(Path.Certificate(u.Username), certPEM, 0600)
	if err != nil {
		return ErrCouldNotSaveCert
	}

	err = ioutil.WriteFile(Path.Key(u.Username), keyPEM, 0600)
	if err != nil {
		return ErrCouldNotSaveCert
	}

	return nil
}

func (u *User) loadCertificate() error {
	cert, err := tls.LoadX509KeyPair(Path.Certificate(u.Username), Path.Key(u.Username))
	if err != nil {
		return err
	}

	u.certificate = &cert
	return nil
}
Add support for client certificates 2016-01-11 20:04:57 +00:00			`package storage`

			`import (`
			`"crypto/tls"`
			`"errors"`
			`"io/ioutil"`
			`)`

			`var (`
			`ErrInvalidCert = errors.New("Invalid certificate")`
			`ErrCouldNotSaveCert = errors.New("Could not save certificate")`
			`)`

Synchronize user.certificate access 2016-01-11 23:32:40 +00:00			`func (u User) GetCertificate() tls.Certificate {`
			`u.lock.Lock()`
			`cert := u.certificate`
			`u.lock.Unlock()`

			`return cert`
			`}`

Add support for client certificates 2016-01-11 20:04:57 +00:00			`func (u *User) SetCertificate(certPEM, keyPEM []byte) error {`
			`cert, err := tls.X509KeyPair(certPEM, keyPEM)`
			`if err != nil {`
			`return ErrInvalidCert`
			`}`
			`u.lock.Lock()`
Synchronize user.certificate access 2016-01-11 23:32:40 +00:00			`u.certificate = &cert`
Add support for client certificates 2016-01-11 20:04:57 +00:00			`u.lock.Unlock()`

Implement old storage.Path API 2020-04-20 01:02:15 +00:00			`err = ioutil.WriteFile(Path.Certificate(u.Username), certPEM, 0600)`
Add support for client certificates 2016-01-11 20:04:57 +00:00			`if err != nil {`
			`return ErrCouldNotSaveCert`
			`}`

Implement old storage.Path API 2020-04-20 01:02:15 +00:00			`err = ioutil.WriteFile(Path.Key(u.Username), keyPEM, 0600)`
Add support for client certificates 2016-01-11 20:04:57 +00:00			`if err != nil {`
			`return ErrCouldNotSaveCert`
			`}`

			`return nil`
			`}`

			`func (u *User) loadCertificate() error {`
Load client cert with LoadX509KeyPair 2020-05-17 22:36:15 +00:00			`cert, err := tls.LoadX509KeyPair(Path.Certificate(u.Username), Path.Key(u.Username))`
Add support for client certificates 2016-01-11 20:04:57 +00:00			`if err != nil {`
			`return err`
			`}`

Synchronize user.certificate access 2016-01-11 23:32:40 +00:00			`u.certificate = &cert`
Add support for client certificates 2016-01-11 20:04:57 +00:00			`return nil`
			`}`