MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-10 05:59:43 -05:00
Code Issues Packages Projects Releases Wiki Activity

Support mTLS Authentication in Webhooks (#9777)

Browse Source
This commit is contained in:
Praveen raj Mani
2020-06-08 18:25:44 +05:30
committed by GitHub
parent c7599d323b
commit 2ce2e88adf
7 changed files with 84 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/certs/certs.go
View File

@@ -185,6 +185,14 @@ func (c *Certs) GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate, er
return c.cert, nil
}
// GetClientCertificate returns the loaded certificate for use by
// the TLSConfig fields GetClientCertificate field in a http.Server.
func (c *Certs) GetClientCertificate(_ *tls.CertificateRequestInfo) (*tls.Certificate, error) {
c.RLock()
defer c.RUnlock()
return c.cert, nil
}
// Stop tells loader to stop watching for changes to the
// certificate and key files.
func (c *Certs) Stop() {

10
pkg/certs/certs_test.go
View File

@@ -93,6 +93,16 @@ func TestValidPairAfterWrite(t *testing.T) {
if !reflect.DeepEqual(gcert.Certificate, expectedCert.Certificate) {
t.Error("certificate doesn't match expected certificate")
}
rInfo := &tls.CertificateRequestInfo{}
gcert, err = c.GetClientCertificate(rInfo)
if err != nil {
t.Fatal(err)
}
if !reflect.DeepEqual(gcert.Certificate, expectedCert.Certificate) {
t.Error("client certificate doesn't match expected certificate")
}
}
func TestStop(t *testing.T) {