highperfocused/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2025-09-18 19:41:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

lnd: use TLS code from cert package

Browse Source
This commit is contained in:
Oliver Gugger
2019-11-13 14:03:10 +01:00
parent b18698c321
commit dbbb169e06
3 changed files with 17 additions and 228 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cert/selfsigned.go
View File

@@ -17,10 +17,10 @@ import (
)
const (
// defaultAutogenCertValidity is the default validity of a self-signed
// DefaultAutogenValidity is the default validity of a self-signed
// certificate. The value corresponds to 14 months
// (14 months * 30 days * 24 hours).
defaultAutogenCertValidity = 14 * 30 * 24 * time.Hour
DefaultAutogenValidity = 14 * 30 * 24 * time.Hour
)
var (
@@ -31,7 +31,7 @@ var (
serialNumberLimit = new(big.Int).Lsh(big.NewInt(1), 128)
)
// genCertPair generates a key/cert pair to the paths provided. The
// GenCertPair generates a key/cert pair to the paths provided. The
// auto-generated certificates should *not* be used in production for public
// access as they're self-signed and don't necessarily contain all of the
// desired hostnames for the service. For production/public use, consider a
@@ -39,7 +39,7 @@ var (
//
// This function is adapted from https://github.com/btcsuite/btcd and
// https://github.com/btcsuite/btcutil
func genCertPair(org, certFile, keyFile string, tlsExtraIPs,
func GenCertPair(org, certFile, keyFile string, tlsExtraIPs,
tlsExtraDomains []string, certValidity time.Duration) error {
now := time.Now()

8
cert/tls.go
View File

@@ -24,10 +24,10 @@ var (
}
)
// loadCert loads a certificate and its corresponding private key from the PEM
// LoadCert loads a certificate and its corresponding private key from the PEM
// files indicated and returns the certificate in the two formats it is most
// commonly used.
func loadCert(certPath, keyPath string) (tls.Certificate, *x509.Certificate,
func LoadCert(certPath, keyPath string) (tls.Certificate, *x509.Certificate,
error) {
// The certData returned here is just a wrapper around the PEM blocks
@@ -49,9 +49,9 @@ func loadCert(certPath, keyPath string) (tls.Certificate, *x509.Certificate,
return certData, x509Cert, nil
}
// tLSConfFromCert returns the default TLS configuration used for a server,
// TLSConfFromCert returns the default TLS configuration used for a server,
// using the given certificate as identity.
func tlsConfFromCert(certData tls.Certificate) *tls.Config {
func TLSConfFromCert(certData tls.Certificate) *tls.Config {
return &tls.Config{
Certificates: []tls.Certificate{certData},
CipherSuites: tlsCipherSuites,