tjamet · April 13, 2018 18:57
diff --git a/tls-http-server.go b/tls-http-server.go
 // From https://github.com/golang/go/blob/c0547476f342665514904cf2581a62135d2366c3/src/net/http/server.go#L3223
 // tcpKeepAliveListener sets TCP keep-alive timeouts on accepted
 // connections. It's used by ListenAndServe and ListenAndServeTLS so
 // dead TCP connections (e.g. closing laptop mid-download) eventually
 // go away.
 type tcpKeepAliveListener struct {
 	*net.TCPListener
 }

 func (ln tcpKeepAliveListener) Accept() (c net.Conn, err error) {
 	tc, err := ln.AcceptTCP()
 	if err != nil {
 		return
 	}
 	tc.SetKeepAlive(true)
 	tc.SetKeepAlivePeriod(3 * time.Minute)
 	return tc, nil
 }

 // ListenAndServeTLSKeyPair start a server using in-memory TLS KeyPair
 func ListenAndServeTLSKeyPair(addr string, cert tls.Certificate, handler http.Handler) error {

 	// as defined in https://github.com/golang/go/blob/c0547476f342665514904cf2581a62135d2366c3/src/net/http/server.go#L3034
 	if addr == "" {
 		addr = ":https"
 	}
 	// as defined in https://github.com/golang/go/blob/c0547476f342665514904cf2581a62135d2366c3/src/net/http/server.go#L3037
 	ln, err := net.Listen("tcp", addr)
 	if err != nil {
 		return err
 	}
 	server := &http.Server{
 		Addr:    addr,
 		Handler: handler,
 		TLSConfig: &tls.Config{
      // alternatifely we can use GetCertificate func(*ClientHelloInfo) (*Certificate, error)
      // for host-dependant certificates (possibly let's encrypt)
 			Certificates: []tls.Certificate{cert},
 		},
 	}
 	// if TLS config is defined, and no actual key path is provided, ServeTLS keeps the certificate
 	// https://github.com/golang/go/blob/c0547476f342665514904cf2581a62135d2366c3/src/net/http/server.go#L2832
 	return server.ServeTLS(ln, "", "")
 }
	// From https://github.com/golang/go/blob/c0547476f342665514904cf2581a62135d2366c3/src/net/http/server.go#L3223
	// tcpKeepAliveListener sets TCP keep-alive timeouts on accepted
	// connections. It's used by ListenAndServe and ListenAndServeTLS so
	// dead TCP connections (e.g. closing laptop mid-download) eventually
	// go away.
	type tcpKeepAliveListener struct {
	*net.TCPListener
	}

	func (ln tcpKeepAliveListener) Accept() (c net.Conn, err error) {
	tc, err := ln.AcceptTCP()
	if err != nil {
	return
	}
	tc.SetKeepAlive(true)
	tc.SetKeepAlivePeriod(3 * time.Minute)
	return tc, nil
	}

	// ListenAndServeTLSKeyPair start a server using in-memory TLS KeyPair
	func ListenAndServeTLSKeyPair(addr string, cert tls.Certificate, handler http.Handler) error {

	// as defined in https://github.com/golang/go/blob/c0547476f342665514904cf2581a62135d2366c3/src/net/http/server.go#L3034
	if addr == "" {
	addr = ":https"
	}
	// as defined in https://github.com/golang/go/blob/c0547476f342665514904cf2581a62135d2366c3/src/net/http/server.go#L3037
	ln, err := net.Listen("tcp", addr)
	if err != nil {
	return err
	}
	server := &http.Server{
	Addr: addr,
	Handler: handler,
	TLSConfig: &tls.Config{
	// alternatifely we can use GetCertificate func(ClientHelloInfo) (Certificate, error)
	// for host-dependant certificates (possibly let's encrypt)
	Certificates: []tls.Certificate{cert},
	},
	}
	// if TLS config is defined, and no actual key path is provided, ServeTLS keeps the certificate
	// https://github.com/golang/go/blob/c0547476f342665514904cf2581a62135d2366c3/src/net/http/server.go#L2832
	return server.ServeTLS(ln, "", "")
	}