2 * Copyright 2020 Huawei Technologies Co., Ltd.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
32 var cipherSuiteMap = map[string]uint16{
33 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
34 "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
38 func RegisterToMep(param string, url string) (string, error) {
39 response, errPost := DoPost(param, url)
41 log.Println("Failed to send request")
44 defer response.Body.Close()
46 if response.StatusCode != http.StatusCreated {
47 return "", errors.New("request failed, status is " + strconv.Itoa(response.StatusCode))
49 body, err := ioutil.ReadAll(response.Body)
51 log.Println("Failed to read response")
55 return string(body), nil
58 func DoPost(param string, url string) (*http.Response, error) {
59 sslMode := os.Getenv("APP_SSL_MODE")
61 //if ssl mode is enabled, then config tls
63 response, errPost := http.Post(url, "application/json", strings.NewReader(param))
65 log.Println("Failed to create http request")
70 req, errReq := http.NewRequest("POST", url, strings.NewReader(param))
72 log.Println("Failed to create https request")
75 response, errDo := DoRegister(req)
77 log.Println("Failed to post https request %s", errDo)
84 func DoRegister(req *http.Request) (*http.Response, error) {
85 config, err := TlsConfig()
87 log.Println("Failed to config HTTPS")
91 trans := &http.Transport{
92 TLSClientConfig: config,
95 client := &http.Client{Transport: trans}
100 func TlsConfig() (*tls.Config, error) {
101 caCert, err := ioutil.ReadFile(os.Getenv("SSL_ROOT"))
103 log.Println("Failed to read cert from file")
107 CACERT := x509.NewCertPool()
108 CACERT.AppendCertsFromPEM(caCert)
110 appconf, err1 := GetAppConf("./conf/app_info.yaml")
112 log.Println("Failed to read cipher from file")
116 cipherslist := appconf.SslCipherSuite
117 if cipherslist == "" {
118 log.Println("no cipher provided in conf")
122 ciphermap := getcipher(cipherslist)
123 if ciphermap == nil {
129 ServerName: os.Getenv("CA_CERT_DOMAIN_NAME"),
130 CipherSuites: ciphermap,
131 MinVersion: tls.VersionTLS12,
135 func getcipher(ciphers string) []uint16 {
136 ciphersmap := make([]uint16, 0)
137 cipherlist := strings.Split(ciphers, ",")
138 for _, ciphername := range cipherlist {
139 ciphernametrim := strings.TrimSpace(ciphername)
140 if len(ciphernametrim) == 0 {
144 ciphervalue, ok := cipherSuiteMap[ciphernametrim]
146 log.Println("not recommended cipher")
149 ciphersmap = append(ciphersmap, ciphervalue)
152 if len(ciphersmap) <= 0 {
153 log.Println("no cipher in list")