Kyren223/eko
1
1
Fork 0
mirror of https://github.com/Kyren223/eko.git synced 2025-09-05 21:18:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactored to better embed the certifcates and also made sure to read at

Browse Source 
runtime the server.key instead of containing it in the server's
executable using go embed
This commit is contained in:
Kyren223
2025-01-07 17:21:02 +02:00
parent 740bb37620
commit 06a15e6c70
5 changed files with 39 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -1,5 +1,4 @@
internal/server/certs/
*.crt
*.key
*.log
*.db
*.db-shm

6
certs/certs.go Normal file
View File

@@ -0,0 +1,6 @@
package certs
import _ "embed"
//go:embed server.crt
var CertPEM []byte

21
certs/server.crt Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIUZyvzq7LOxKqTttTRjChoJWOO4pYwDQYJKoZIhvcNAQEL
BQAwOjEhMB8GCSqGSIb3DQEJARYSa3lyZW4yMjNAcHJvdG9uLm1lMRUwEwYDVQQD
DAxreXJlbjIyMy5kZXYwHhcNMjQxMDA5MjE1NzQzWhcNMjUxMDA5MjE1NzQzWjA6
MSEwHwYJKoZIhvcNAQkBFhJreXJlbjIyM0Bwcm90b24ubWUxFTATBgNVBAMMDGt5
cmVuMjIzLmRldjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK7hd+zT
kqrn/8EhLEO0uMKKHgfoyczYWTlA9uPFADOsjdzXRLuR/Y3rK0PBE4u55xcjYZSf
mzJmVHuv1rEFOt634YOoE2UwJd9V2M0p+cD716XIEDNPfVCUe77FoZoYaH1h8QF5
Mrx2eDH5JZt690F05O39zYzbb7+RlChWlt1kBcmLEZ1GKJeXznbL6lLMh20deYX9
7oemqYMqP9DFbFeHkubeZ20yQvKW9cOWae9M+IhE9dAa8fm5WdfiDoTdAHfbIawx
r1OB4YqfXlXler9wAHfHWeCS0KgZCTdghF1h6wtYlwyQZcUuv+dHN7SP7zVo8pOD
b7NUqjFAMGlNgf0CAwEAAaNrMGkwCQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwMAYD
VR0RBCkwJ4IJbG9jYWxob3N0ggsqLmxvY2FsaG9zdIINZWtvLmxvY2FsaG9zdDAd
BgNVHQ4EFgQUf32SXO976zgO0K/wlgWdyT3EPzcwDQYJKoZIhvcNAQELBQADggEB
AHVMGCkaZv5eIOQwevfrsEJQo3dNG34om8wBVGS5iQyho0VJZpKZSiQ16yv4x2kc
UICfVEFcfO/7/hRlA5yLWE/wpeqCgTSgtQ74gvc8D6H26wCznSPj9MIRWxYhSmPM
YO+7UKqyvFoaKiW4OkqJvCRzrpwr/lbXcGpD47UqT5gRvjJ91ULCHIUt8qDUS6+8
mEGJAe/xFkiJ6zT0bThlqMaCA4v5g9tHGXzooIZ+YSgTvlWhAM6mVwt34l2rDSOw
4YNGUJXKCoGpy8U0NteIOOs6HhaslJpKe1mSSxmMQcgBcaf6yBT08mYfQPSsaeOk
OSoncuVBnT64liAtShpsgTc=
-----END CERTIFICATE-----

7
internal/client/gateway/gateway.go
View File

@@ -5,7 +5,6 @@ import (
"crypto/ed25519"
"crypto/tls"
"crypto/x509"
_ "embed"
"encoding/binary"
"errors"
"log"
@@ -15,15 +14,13 @@ import (
tea "github.com/charmbracelet/bubbletea"
"github.com/kyren223/eko/certs"
"github.com/kyren223/eko/internal/client/ui"
"github.com/kyren223/eko/internal/packet"
"github.com/kyren223/eko/pkg/assert"
"github.com/kyren223/eko/pkg/snowflake"
)
//go:embed server.crt
var certPEM []byte
var (
tlsConfig *tls.Config
@@ -42,7 +39,7 @@ type (
func init() {
certPool := x509.NewCertPool()
if !certPool.AppendCertsFromPEM(certPEM) {
if !certPool.AppendCertsFromPEM(certs.CertPEM) {
log.Fatalln("failed to append server certificate")
}

17
internal/server/server.go
View File

@@ -5,17 +5,18 @@ import (
"crypto/ed25519"
"crypto/rand"
"crypto/tls"
_ "embed"
"encoding/binary"
"errors"
"fmt"
"io"
"log"
"net"
"os"
"strconv"
"sync"
"time"
"github.com/kyren223/eko/certs"
"github.com/kyren223/eko/internal/packet"
"github.com/kyren223/eko/internal/server/api"
"github.com/kyren223/eko/internal/server/session"
@@ -23,19 +24,19 @@ import (
"github.com/kyren223/eko/pkg/snowflake"
)
//go:embed certs/server.crt
var certPEM []byte
//go:embed certs/server.key
var keyPEM []byte
var (
nodeId int64 = 0
tlsConfig *tls.Config
)
func init() {
cert, err := tls.X509KeyPair(certPEM, keyPEM)
path := "certs/server.key"
keyPEM, err := os.ReadFile(path)
if err != nil {
log.Fatalln("failed to read certificate key from", path)
}
cert, err := tls.X509KeyPair(certs.CertPEM, keyPEM)
if err != nil {
log.Fatalln("error loading certificate:", err)
}