support cert file download

git/git.go

@@ -1,6 +1,7 @@
 package git
 
 import (
+	"bytes"
 	"errors"
 	"fmt"
 	"io"
@@ -22,32 +23,48 @@ var repoRegex = regexp.MustCompile(`content="(.+?)\s+git\s+(.+)?"`)
 
 // NewServer create a Server instance
 // The gopath should be a valid folder and will store git repositories later
-func NewServer(gopath string) *Server {
+func NewServer(gopath, certpath string) *Server {
 	err := os.Setenv("GOPATH", gopath)
 	if err != nil {
 		panic(err)
 	}
 
+	certfile, err := ioutil.ReadFile(certpath)
+	if err != nil {
+		panic(err)
+	}
+
 	g := &Server{
-		gopath: gopath,
-		queue:  make(chan *cloneTask, 1024),
+		gopath:   gopath,
+		certfile: certfile,
+		queue:    make(chan *cloneTask, 1024),
 	}
 	go g.cloneLoop()
 	return g
 }
 
 // Server implement interface of betproxy.Client
 type Server struct {
-	gopath string
-	queue  chan *cloneTask
-	upTime sync.Map
+	gopath   string
+	certfile []byte
+	queue    chan *cloneTask
+	upTime   sync.Map
 }
 
 // Do receive client requests and return git repository information
 func (g *Server) Do(req *http.Request) (*http.Response, error) {
 	match := urlRegex.FindStringSubmatch(req.URL.String())
 	if match == nil {
-		return HTTPRedirect("https://github.com/faceair/gotit", req), nil
+		switch req.URL.Path {
+		case "/ssl":
+			res := betproxy.NewResponse(http.StatusOK, http.Header{
+				"Content-Disposition": []string{"attachment; filename=gotit.crt"},
+			}, bytes.NewReader(g.certfile), req)
+			res.ContentLength = int64(len(g.certfile))
+			return res, nil
+		default:
+			return HTTPRedirect("https://github.com/faceair/gotit", req), nil
+		}
 	}
 
 	repoPath := match[1]

git/git_test.go

@@ -17,7 +17,7 @@ func NewTestServer() *Server {
 		log.Fatal(err)
 	}
 
-	return NewServer(dir)
+	return NewServer(dir, "./git.go")
 }
 
 func TestURLNotMatch(t *testing.T) {

main.go

@@ -33,7 +33,10 @@ func main() {
 		os.Exit(0)
 	}
 
-	cacert, cakey, err := loadCA(capath)
+	certpath := path.Join(capath, "gotit.cert.pem")
+	keypath := path.Join(capath, "gotit.key.pem")
+
+	cacert, cakey, err := loadCA(certpath, keypath)
 	if err != nil {
 		panic(err)
 	}
@@ -49,17 +52,14 @@ func main() {
 	if err != nil {
 		panic(err)
 	}
-	service.SetClient(git.NewServer(gopath))
+	service.SetClient(git.NewServer(gopath, certpath))
 
 	log.Fatal(service.Listen())
 }
 
-func loadCA(capath string) (*x509.Certificate, *rsa.PrivateKey, error) {
-	certpath := path.Join(capath, "gotit.cert.pem")
-	keypath := path.Join(capath, "gotit.key.pem")
-
+func loadCA(certpath, keypath string) (*x509.Certificate, *rsa.PrivateKey, error) {
 	if _, err := os.Stat(certpath); os.IsNotExist(err) {
-		err := generateCA(capath, certpath, keypath)
+		err := generateCA(certpath, keypath)
 		if err != nil {
 			return nil, nil, err
 		}
@@ -93,12 +93,7 @@ func loadCA(capath string) (*x509.Certificate, *rsa.PrivateKey, error) {
 	return rawCert, rawKey, nil
 }
 
-func generateCA(capath, certpath, keypath string) error {
-	err := os.MkdirAll(capath, os.ModePerm)
-	if err != nil {
-		return err
-	}
-
+func generateCA(certpath, keypath string) error {
 	cacert, cakey, err := mitm.NewAuthority("gotit", "faceair", 10*365*24*time.Hour)
 	if err != nil {
 		return err