patchy/elect
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Package ca-certificates.crt

Browse Source
This commit is contained in:
Ian Gulliver
2023-06-11 15:46:40 -07:00
parent 906e3df38a
commit 8b2467e7e0
2 changed files with 3538 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3517
ca-certificates.crt Normal file
View File

File diff suppressed because it is too large Load Diff

21
voter.go
View File

@@ -2,6 +2,9 @@ package elect
import ( import (
"crypto/hmac" "crypto/hmac"
"crypto/tls"
"crypto/x509"
_ "embed"
"encoding/json" "encoding/json"
"log" "log"
"time" "time"
@@ -38,9 +41,13 @@ type voteResponse struct {
ResponseSent time.Time `json:"responseSent"` ResponseSent time.Time `json:"responseSent"`
} }
//go:embed ca-certificates.crt
var caCertificates []byte
func NewVoter(url string, signingKey string) *Voter { func NewVoter(url string, signingKey string) *Voter {
v := &Voter{ v := &Voter{
client: resty.New(). client: resty.New().
SetTLSClientConfig(getTLSClientConfig()).
SetCloseConnection(true). SetCloseConnection(true).
SetBaseURL(url), SetBaseURL(url),
signingKey: []byte(signingKey), signingKey: []byte(signingKey),
@@ -167,3 +174,17 @@ func (v *Voter) sendVote() {
func (v *Voter) log(format string, args ...any) { func (v *Voter) log(format string, args ...any) {
log.Printf("[voter] "+format, args...) log.Printf("[voter] "+format, args...)
} }
func getTLSClientConfig() *tls.Config {
pool := x509.NewCertPool()
ok := pool.AppendCertsFromPEM(caCertificates)
if !ok {
panic("invalid ca-certificates")
}
return &tls.Config{
MinVersion: tls.VersionTLS12,
RootCAs: pool,
}
}