diff options
author | Balasankar "Balu" C <balasankarc@autistici.org> | 2021-03-03 15:46:20 +0300 |
---|---|---|
committer | Balasankar "Balu" C <balasankarc@autistici.org> | 2021-03-04 06:29:25 +0300 |
commit | 3a1484281a9e4fd7c1af4cdda1f850c391eadc09 (patch) | |
tree | 89c6c35b6281f8c7b0625d70955476193768fed7 | |
parent | 47c286fcfac10fe5d1b2af17caabbec2b799740d (diff) |
Move tlsconfig package to be a nested package under config
Signed-off-by: Balasankar "Balu" C <balasankarc@autistici.org>
-rw-r--r-- | app.go | 10 | ||||
-rw-r--r-- | internal/config/config.go | 8 | ||||
-rw-r--r-- | internal/config/flags.go | 6 | ||||
-rw-r--r-- | internal/config/tls/tls.go (renamed from internal/tlsconfig/tlsconfig.go) | 2 | ||||
-rw-r--r-- | internal/config/tls/tls_test.go (renamed from internal/tlsconfig/tlsconfig_test.go) | 2 |
5 files changed, 14 insertions, 14 deletions
@@ -1,7 +1,7 @@ package main import ( - "crypto/tls" + cryptotls "crypto/tls" "errors" "fmt" "net" @@ -24,6 +24,7 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/artifact" "gitlab.com/gitlab-org/gitlab-pages/internal/auth" cfg "gitlab.com/gitlab-org/gitlab-pages/internal/config" + "gitlab.com/gitlab-org/gitlab-pages/internal/config/tls" "gitlab.com/gitlab-org/gitlab-pages/internal/domain" "gitlab.com/gitlab-org/gitlab-pages/internal/handlers" "gitlab.com/gitlab-org/gitlab-pages/internal/httperrors" @@ -34,7 +35,6 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/request" "gitlab.com/gitlab-org/gitlab-pages/internal/serving/disk/zip" "gitlab.com/gitlab-org/gitlab-pages/internal/source" - "gitlab.com/gitlab-org/gitlab-pages/internal/tlsconfig" "gitlab.com/gitlab-org/gitlab-pages/metrics" ) @@ -60,7 +60,7 @@ func (a *theApp) isReady() bool { return a.domains.IsReady() } -func (a *theApp) ServeTLS(ch *tls.ClientHelloInfo) (*tls.Certificate, error) { +func (a *theApp) ServeTLS(ch *cryptotls.ClientHelloInfo) (*cryptotls.Certificate, error) { if ch.ServerName == "" { return nil, nil } @@ -546,7 +546,7 @@ func fatal(err error, message string) { log.WithError(err).Fatal(message) } -func (a *theApp) TLSConfig() (*tls.Config, error) { - return tlsconfig.Create(a.config.General.RootCertificate, a.config.General.RootKey, a.ServeTLS, +func (a *theApp) TLSConfig() (*cryptotls.Config, error) { + return tls.Create(a.config.General.RootCertificate, a.config.General.RootKey, a.ServeTLS, a.config.General.InsecureCiphers, a.config.TLS.MinVersion, a.config.TLS.MaxVersion) } diff --git a/internal/config/config.go b/internal/config/config.go index 85f0aad2..dafb5b7d 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -11,7 +11,7 @@ import ( "github.com/namsral/flag" log "github.com/sirupsen/logrus" - "gitlab.com/gitlab-org/gitlab-pages/internal/tlsconfig" + "gitlab.com/gitlab-org/gitlab-pages/internal/config/tls" ) // Config stores all the config options relevant to GitLab Pages. @@ -307,8 +307,8 @@ func loadConfig() *Config { Environment: *sentryEnvironment, }, TLS: TLS{ - MinVersion: tlsconfig.AllTLSVersions[*tlsMinVersion], - MaxVersion: tlsconfig.AllTLSVersions[*tlsMaxVersion], + MinVersion: tls.AllTLSVersions[*tlsMinVersion], + MaxVersion: tls.AllTLSVersions[*tlsMaxVersion], }, Zip: ZipServing{ ExpirationInterval: *zipCacheExpiration, @@ -356,7 +356,7 @@ func loadConfig() *Config { checkAuthenticationConfig(config) // Validating TLS settings - if err := tlsconfig.ValidateTLSVersions(*tlsMinVersion, *tlsMaxVersion); err != nil { + if err := tls.ValidateTLSVersions(*tlsMinVersion, *tlsMaxVersion); err != nil { fatal(err, "invalid TLS version") } diff --git a/internal/config/flags.go b/internal/config/flags.go index c51298e8..820218f5 100644 --- a/internal/config/flags.go +++ b/internal/config/flags.go @@ -5,7 +5,7 @@ import ( "github.com/namsral/flag" - "gitlab.com/gitlab-org/gitlab-pages/internal/tlsconfig" + "gitlab.com/gitlab-org/gitlab-pages/internal/config/tls" ) var ( @@ -49,8 +49,8 @@ var ( authScope = flag.String("auth-scope", "api", "Scope to be used for authentication (must match GitLab Pages OAuth application settings)") maxConns = flag.Int("max-conns", 5000, "Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners") insecureCiphers = flag.Bool("insecure-ciphers", false, "Use default list of cipher suites, may contain insecure ones like 3DES and RC4") - tlsMinVersion = flag.String("tls-min-version", "tls1.2", tlsconfig.FlagUsage("min")) - tlsMaxVersion = flag.String("tls-max-version", "", tlsconfig.FlagUsage("max")) + tlsMinVersion = flag.String("tls-min-version", "tls1.2", tls.FlagUsage("min")) + tlsMaxVersion = flag.String("tls-max-version", "", tls.FlagUsage("max")) zipCacheExpiration = flag.Duration("zip-cache-expiration", 60*time.Second, "Zip serving archive cache expiration interval") zipCacheCleanup = flag.Duration("zip-cache-cleanup", 30*time.Second, "Zip serving archive cache cleanup interval") zipCacheRefresh = flag.Duration("zip-cache-refresh", 30*time.Second, "Zip serving archive cache refresh interval") diff --git a/internal/tlsconfig/tlsconfig.go b/internal/config/tls/tls.go index 9babf374..941b5e14 100644 --- a/internal/tlsconfig/tlsconfig.go +++ b/internal/config/tls/tls.go @@ -1,4 +1,4 @@ -package tlsconfig +package tls import ( "crypto/tls" diff --git a/internal/tlsconfig/tlsconfig_test.go b/internal/config/tls/tls_test.go index 00a08066..8f574eae 100644 --- a/internal/tlsconfig/tlsconfig_test.go +++ b/internal/config/tls/tls_test.go @@ -1,4 +1,4 @@ -package tlsconfig +package tls import ( "crypto/tls" |