blob: ed442ce84587e367bcd86f5c6c1af91def2df05d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
package tlsauth
import (
"context"
"crypto/x509"
"tildegit.org/tjp/sliderule"
)
// Approver is a function that validates a certificate.
//
// It should not be have to handle a nil argument.
type Approver func(context.Context, *sliderule.Request) bool
// RequireSpecificIdentity builds an approver that demands one specific client certificate.
func RequireSpecificIdentity(identity *x509.Certificate) Approver {
return func(_ context.Context, request *sliderule.Request) bool {
cert := Identity(request)
return cert != nil && identity.Equal(cert)
}
}
// Allow is an approver which permits anything.
func Allow(_ context.Context, _ *sliderule.Request) bool { return true }
// Reject is an approver which denies everything.
func Reject(_ context.Context, _ *sliderule.Request) bool { return false }
|
