webserver: use wkfs for tls cert/key

Change-Id: Ifdccd5421f54bad206b03d48bad264c3a4539e70
2014-08-08 10:58:56 -07:00 · 2014-08-08 10:58:56 -07:00 · d2e964a9da
parent 7146e3b1e9
commit d2e964a9da
1 changed files with 16 additions and 1 deletions
--- a/pkg/webserver/webserver.go
+++ b/pkg/webserver/webserver.go
@ -37,6 +37,7 @@ import (
 	"time"

 	"camlistore.org/pkg/throttle"
+	"camlistore.org/pkg/wkfs"
 	"camlistore.org/third_party/github.com/bradfitz/runsit/listen"
 )

@ -172,7 +173,8 @@ func (s *Server) Listen(addr string) error {
 			NextProtos: []string{"http/1.1"},
 		}
 		config.Certificates = make([]tls.Certificate, 1)
-		config.Certificates[0], err = tls.LoadX509KeyPair(s.tlsCertFile, s.tlsKeyFile)
+
+		config.Certificates[0], err = loadX509KeyPair(s.tlsCertFile, s.tlsKeyFile)
 		if err != nil {
 			return fmt.Errorf("Failed to load TLS cert: %v", err)
 		}
@ -240,3 +242,16 @@ func runTestHarnessIntegration(listener net.Listener) {
 		}
 	}
 }
+
+// loadX509KeyPair is a copy of tls.LoadX509KeyPair but using wkfs.
+func loadX509KeyPair(certFile, keyFile string) (cert tls.Certificate, err error) {
+	certPEMBlock, err := wkfs.ReadFile(certFile)
+	if err != nil {
+		return
+	}
+	keyPEMBlock, err := wkfs.ReadFile(keyFile)
+	if err != nil {
+		return
+	}
+	return tls.X509KeyPair(certPEMBlock, keyPEMBlock)
+}