diff options
author | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-02-11 21:21:21 +0300 |
---|---|---|
committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-02-11 21:21:21 +0300 |
commit | 3824fc8ca34b8f94ae7ef7550aec196dbbfdecf5 (patch) | |
tree | 87232d79817efbfc51cef62d6cf37e38d51d7d6d /server.go | |
parent | ab00ebdb114513eb3c77b6b45c5adf7848b1fc87 (diff) |
Move most of configuration to appConfig
Diffstat (limited to 'server.go')
-rw-r--r-- | server.go | 59 |
1 files changed, 44 insertions, 15 deletions
@@ -4,29 +4,31 @@ import ( "crypto/tls" "golang.org/x/net/http2" "net/http" +"net" + "time" + "os" + "fmt" ) type tlsHandlerFunc func(*tls.ClientHelloInfo) (*tls.Certificate, error) -func listenAndServe(addr string, handler http.HandlerFunc) error { - // create server - server := &http.Server{Addr: addr, Handler: handler} +type tcpKeepAliveListener struct { + *net.TCPListener +} - if *http2proto { - err := http2.ConfigureServer(server, &http2.Server{}) - if err != nil { - return err - } +func (ln tcpKeepAliveListener) Accept() (c net.Conn, err error) { + tc, err := ln.AcceptTCP() + if err != nil { + return } - - return server.ListenAndServe() + tc.SetKeepAlive(true) + tc.SetKeepAlivePeriod(3 * time.Minute) + return tc, nil } -func listenAndServeTLS(addr string, certFile, keyFile string, handler http.HandlerFunc, tlsHandler tlsHandlerFunc) error { +func listenAndServe(fd uintptr, handler http.HandlerFunc, tlsConfig *tls.Config) error { // create server - server := &http.Server{Addr: addr, Handler: handler} - server.TLSConfig = &tls.Config{} - server.TLSConfig.GetCertificate = tlsHandler + server := &http.Server{Handler: handler, TLSConfig: tlsConfig} if *http2proto { err := http2.ConfigureServer(server, &http2.Server{}) @@ -35,5 +37,32 @@ func listenAndServeTLS(addr string, certFile, keyFile string, handler http.Handl } } - return server.ListenAndServeTLS(certFile, keyFile) + l, err := net.FileListener(os.NewFile(fd, "[socket]")) + if err != nil { + return fmt.Errorf("failed to listen on FD %d: %v", fd, err) + } + + if tlsConfig != nil { + tlsListener := tls.NewListener(tcpKeepAliveListener{l.(*net.TCPListener)}, server.TLSConfig) + return server.Serve(tlsListener) + } else { + return server.Serve(&tcpKeepAliveListener{l.(*net.TCPListener)}) + } +} + +func listenAndServeTLS(fd uintptr, cert, key []byte, handler http.HandlerFunc, tlsHandler tlsHandlerFunc) error { + certificate, err := tls.X509KeyPair(cert, key) + if err != nil { + return err + } + + tlsConfig := &tls.Config{} + tlsConfig.GetCertificate = tlsHandler + tlsConfig.NextProtos = []string { + "http/1.1", + } + tlsConfig.Certificates = []tls.Certificate{ + certificate, + } + return listenAndServe(fd, handler, tlsConfig) } |