-
Notifications
You must be signed in to change notification settings - Fork 109
/
configbuilder.go
89 lines (70 loc) · 2.33 KB
/
configbuilder.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
// Copyright Fuzamei Corp. 2018 All Rights Reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package core
import (
"fmt"
"io/ioutil"
"path/filepath"
"os"
"github.com/33cn/plugin/plugin/dapp/cert/authority/utils"
)
func getPemMaterialFromDir(dir string) ([][]byte, error) {
authLogger.Debug(fmt.Sprintf("Reading directory %s", dir))
_, err := os.Stat(dir)
if os.IsNotExist(err) {
return nil, err
}
content := make([][]byte, 0)
files, err := ioutil.ReadDir(dir)
if err != nil {
return nil, fmt.Errorf("Could not read directory %s, err %s", err, dir)
}
for _, f := range files {
if f.IsDir() {
continue
}
fullName := filepath.Join(dir, string(filepath.Separator), f.Name())
authLogger.Debug(fmt.Sprintf("Inspecting file %s", fullName))
item, err := utils.ReadPemFile(fullName)
if err != nil {
authLogger.Warn(fmt.Sprintf("Failed readgin file %s: %s", fullName, err))
continue
}
content = append(content, item)
}
return content, nil
}
const (
cacerts = "cacerts"
intermediatecerts = "intermediatecerts"
crlsfolder = "crls"
)
// GetAuthConfig 获取证书文件配置
func GetAuthConfig(dir string) (*AuthConfig, error) {
cacertDir := filepath.Join(dir, cacerts)
intermediatecertsDir := filepath.Join(dir, intermediatecerts)
crlsDir := filepath.Join(dir, crlsfolder)
cacerts, err := getPemMaterialFromDir(cacertDir)
if err != nil || len(cacerts) == 0 {
return nil, fmt.Errorf("Could not load a valid ca certificate from directory %s, err %s", cacertDir, err)
}
intermediatecerts, err := getPemMaterialFromDir(intermediatecertsDir)
if os.IsNotExist(err) {
authLogger.Debug(fmt.Sprintf("Intermediate certs folder not found at [%s]. Skipping. [%s]", intermediatecertsDir, err))
} else if err != nil {
return nil, fmt.Errorf("Failed loading intermediate ca certs at [%s]: [%s]", intermediatecertsDir, err)
}
crls, err := getPemMaterialFromDir(crlsDir)
if os.IsNotExist(err) {
authLogger.Debug(fmt.Sprintf("crls folder not found at [%s]. Skipping. [%s]", crlsDir, err))
} else if err != nil {
return nil, fmt.Errorf("Failed loading crls at [%s]: [%s]", crlsDir, err)
}
authconf := &AuthConfig{
RootCerts: cacerts,
IntermediateCerts: intermediatecerts,
RevocationList: crls,
}
return authconf, nil
}