On Sat, Nov 14, 2009 at 5:23 PM, Hans Stimer <
hans....@gmail.com> wrote:
> Does the HTTP library support HTTPS?
(repost since the first didn't seem to go through:)
There's basic support for TLS serving in crypto/tls.
There's basic support for TLS as a client in my local working directory.
You could try something like this (you'll need to move it out of
package tls by importing crypto/tls and putting tls. in front of the
local names).
If you're not on amd64, it'll be very slow.
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package tls
import (
"net";
"os";
"io";
"encoding/pem";
"crypto/x509";
"testing";
"time";
"http";
)
func currentTime() uint32 {
return uint32(time.Seconds());
}
func readFile(name string) ([]byte, os.Error) {
file, err := os.Open(name, os.O_RDONLY, 0);
if err != nil {
return nil, err;
}
stat, err := file.Stat();
if err != nil {
return nil, err;
}
contents := make([]byte, stat.Size);
_, err = io.ReadFull(file, contents);
if err != nil {
return nil, err;
}
file.Close();
return contents, nil;
}
func TestServer(t *testing.T) {
urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0);
if err != nil {
t.Errorf("Failed to open urandom: %s\n", err);
return;
}
pemBytes, err := readFile("server.crt");
if err != nil {
t.Errorf("Failed to read server.crt: %s", err);
return;
}
cert, _ := pem.Decode(pemBytes);
if cert == nil {
t.Error("Failed to parse server.crt");
return;
}
keyBytes, err := readFile("server.key.insecure");
if err != nil {
t.Errorf("Failed to read server.key.insecure: %s", err);
return;
}
pkPEM, _ := pem.Decode(keyBytes);
if pkPEM == nil {
t.Errorf("Failed to parse server.key.insecure: %s", err);
return;
}
if pkPEM.Type != "RSA PRIVATE KEY" {
t.Errorf("server.key.insecure is not an RSA private key. Found '%s'",
pkPEM.Type);
return;
}
if len(pkPEM.Headers) != 0 {
t.Error("server.key.insecure has headers and is probably encrypted.");
return;
}
priv, err := x509.ParsePKCS1PrivateKey(pkPEM.Bytes);
if err != nil {
t.Errorf("Invalid key in server.key.insecure: %s", err);
return;
}
config := new(Config);
config.Rand = urandom;
config.Time = time.Seconds;
config.Certificates = make([]Certificate, 1);
config.Certificates[0].Certificate = [][]byte{cert.Bytes};
config.Certificates[0].PrivateKey = priv;
l, err := net.ListenTCP("tcp",
&net.TCPAddr{net.ParseIP("0.0.0.0"), 8555});
if err != nil {
t.Errorf("Cannot bind: %s\n", err);
return;
}
tls := NewTLSListener(l, config);
http.Serve(tls, http.NotFoundHandler());
}