pages/pages-server
1
0
Fork 0
mirror of https://codeberg.org/Codeberg/pages-server.git synced 2025-04-25 06:16:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

minor improvements

Browse source
This commit is contained in:
crapStone 2024-04-27 22:13:02 +02:00 committed by crapStone
parent 7071ee9bff
commit acd02709c7
2 changed files with 14 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

16
server/certificates/certificates.go
View file

@ -28,8 +28,6 @@ import (
var ErrUserRateLimitExceeded = errors.New("rate limit exceeded: 10 certificates per user per 24 hours")
var keyCache *lru.Cache[string, tls.Certificate]
// TLSConfig returns the configuration for generating, serving and cleaning up Let's Encrypt certificates.
func TLSConfig(mainDomainSuffix string,
giteaClient *gitea.Client,
@ -40,6 +38,12 @@ func TLSConfig(mainDomainSuffix string,
noDNS01 bool,
rawDomain string,
) *tls.Config {
keyCache, err := lru.New[string, tls.Certificate](32)
if err != nil {
panic(err) // This should only happen if 32 < 0 at the time of writing, which should be reason enough to panic.
}
return &tls.Config{
// check DNS name & get certificate from Let's Encrypt
GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
@ -109,14 +113,6 @@ func TLSConfig(mainDomainSuffix string,
}
}
if keyCache == nil {
var err error
keyCache, err = lru.New[string, tls.Certificate](4096)
if err != nil {
panic(err) // This should only happen if 4096 < 0 at the time of writing, which should be reason enough to panic.
}
}
if tlsCertificate, ok := keyCache.Get(domain); ok {
// we can use an existing certificate object
return &tlsCertificate, nil