Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 06:40:54 +03:00
Code Issues Packages Projects Releases Wiki Activity

FTP: add support for client certificate authentication

Browse Source
This commit is contained in:
Nicola Murino
2020-12-29 09:20:09 +01:00
parent 141ca6777c
commit 40e759c983
10 changed files with 62 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ftpd/server.go
View File

@@ -152,10 +152,15 @@ func (s *Server) AuthUser(cc ftpserver.ClientContext, username, password string)
// GetTLSConfig returns a TLS Certificate to use
func (s *Server) GetTLSConfig() (*tls.Config, error) {
if certMgr != nil {
return &tls.Config{
tlsConfig := &tls.Config{
GetCertificate: certMgr.GetCertificateFunc(),
MinVersion: tls.VersionTLS12,
}, nil
}
if s.binding.ClientAuthType == 1 {
tlsConfig.ClientCAs = certMgr.GetRootCAs()
tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert
}
return tlsConfig, nil
}
return nil, errors.New("no TLS certificate configured")
}