From 1f4a463c0a9fb411827916c0df60df4538702307 Mon Sep 17 00:00:00 2001 From: Thomas Habets Date: Sun, 8 Jun 2014 02:08:13 +0200 Subject: [PATCH] Add SSL support. --- goircd.go | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/goircd.go b/goircd.go index 824b5f0..3d69545 100644 --- a/goircd.go +++ b/goircd.go @@ -19,6 +19,7 @@ package main import ( "bytes" + "crypto/tls" "flag" "log" "net" @@ -34,6 +35,10 @@ var ( motd = flag.String("motd", "", "Path to MOTD file") logdir = flag.String("logdir", "", "Absolute path to directory for logs") statedir = flag.String("statedir", "", "Absolute path to directory for states") + + ssl = flag.Bool("ssl", false, "Use SSL only.") + sslKey = flag.String("ssl_key", "", "SSL keyfile.") + sslCert = flag.String("ssl_cert", "", "SSL certificate.") ) func Run() { @@ -97,9 +102,23 @@ func Run() { log.Println(*statedir, "statekeeper initialized") } - listener, err := net.Listen("tcp", *bind) - if err != nil { - log.Fatalln("Can not listen on ", *bind) + var listener net.Listener + if *ssl { + cert, err := tls.LoadX509KeyPair(*sslCert, *sslKey) + if err != nil { + log.Fatalf("Could not load SSL keys from %s and %s: %s", *sslCert, *sslKey, err) + } + config := tls.Config{Certificates: []tls.Certificate{cert}} + listener, err = tls.Listen("tcp", *bind, &config) + if err != nil { + log.Fatalf("Can not listen on %s: %v", *bind, err) + } + } else { + var err error + listener, err = net.Listen("tcp", *bind) + if err != nil { + log.Fatalf("Can not listen on %s: %v", *bind, err) + } } log.Println("Listening on", *bind)