Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff --git a/cmd/chihaya/main.go b/cmd/chihaya/main.go
- index 9e48dad..7da79e1 100644
- --- a/cmd/chihaya/main.go
- +++ b/cmd/chihaya/main.go
- @@ -4,8 +4,14 @@
- package main
- -import "github.com/chihaya/chihaya"
- +import (
- + "github.com/chihaya/chihaya"
- + "github.com/chihaya/chihaya/config"
- + "os"
- +)
- func main() {
- + config.DefaultConfig.TLSKeyPath = os.Getenv("THRIFT_TLS_CL_KEY_PATH")
- + config.DefaultConfig.TLSCertPath = os.Getenv("THRIFT_TLS_CL_CERT_PATH")
- chihaya.Boot()
- }
- diff --git a/config/config.go b/config/config.go
- index c46cb04..1297bf9 100644
- --- a/config/config.go
- +++ b/config/config.go
- @@ -87,6 +87,8 @@ type Config struct {
- ClientWhitelistEnabled bool `json:"client_whitelist_enabled"`
- ClientWhitelist []string `json:"client_whitelist,omitempty"`
- + TLSCertPath string `json:"tls_cert_path"`
- + TLSKeyPath string `json:"tls_key_path"`
- StatsConfig
- NetConfig
- @@ -135,6 +137,8 @@ var DefaultConfig = Config{
- },
- ClientWhitelistEnabled: false,
- + TLSCertPath: "",
- + TLSKeyPath: "",
- }
- // Open is a shortcut to open a file, read it, and generate a Config.
- diff --git a/http/http.go b/http/http.go
- index 31774b0..d907a17 100644
- --- a/http/http.go
- +++ b/http/http.go
- @@ -6,13 +6,18 @@
- package http
- import (
- + "crypto/rand"
- + "crypto/tls"
- +
- "net"
- "net/http"
- "time"
- + "strings"
- "github.com/golang/glog"
- "github.com/julienschmidt/httprouter"
- - "github.com/stretchr/graceful"
- + "github.com/tylerb/graceful"
- + "github.com/soheilhy/cmux"
- "github.com/chihaya/chihaya/config"
- "github.com/chihaya/chihaya/stats"
- @@ -133,13 +138,47 @@ func Serve(cfg *config.Config, tkr *tracker.Tracker) {
- },
- }
- + l, err := net.Listen("tcp", cfg.Addr)
- + if err != nil {
- + panic(err)
- + }
- +
- + // Create a cmux.
- + m := cmux.New(l)
- + httpl := m.Match(cmux.HTTP1Fast())
- + go grace.Serve(httpl)
- +
- + if cfg.TLSCertPath != "" && cfg.TLSKeyPath != "" {
- + tlsl := m.Match(cmux.Any())
- +
- + certificate, err := tls.LoadX509KeyPair(cfg.TLSCertPath, cfg.TLSKeyPath)
- + if err != nil {
- + panic(err)
- + }
- + config := &tls.Config{
- + Certificates: []tls.Certificate{certificate},
- + }
- +
- + // Create TLS listener.
- + tlslL := tls.NewListener(tlsl, config)
- +
- + // Serve HTTP over TLS.
- + go grace.Serve(tlslL)
- + }
- +
- grace.SetKeepAlivesEnabled(false)
- + if err := m.Serve(); !strings.Contains(err.Error(), "use of closed network connection") {
- + panic(err)
- + }
- +
- +/*
- if err := grace.ListenAndServe(); err != nil {
- if opErr, ok := err.(*net.OpError); !ok || (ok && opErr.Op != "accept") {
- glog.Errorf("Failed to gracefully run HTTP server: %s", err.Error())
- }
- }
- + */
- if err := srv.tracker.Close(); err != nil {
- glog.Errorf("Failed to shutdown tracker cleanly: %s", err.Error())
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement