gh-ost/vendor/github.com/go-mysql-org/go-mysql/client/tls.go

package client

import (
	"crypto/tls"
	"crypto/x509"
)

// NewClientTLSConfig: generate TLS config for client side
// if insecureSkipVerify is set to true, serverName will not be validated
func NewClientTLSConfig(caPem, certPem, keyPem []byte, insecureSkipVerify bool, serverName string) *tls.Config {
	pool := x509.NewCertPool()
	if !pool.AppendCertsFromPEM(caPem) {
		panic("failed to add ca PEM")
	}

	cert, err := tls.X509KeyPair(certPem, keyPem)
	if err != nil {
		panic(err)
	}

	config := &tls.Config{
		Certificates:       []tls.Certificate{cert},
		RootCAs:            pool,
		InsecureSkipVerify: insecureSkipVerify,
		ServerName:         serverName,
	}
	return config
}
updated go-mysql 2019-01-01 08:58:12 +00:00			`package client`

			`import (`
			`"crypto/tls"`
			`"crypto/x509"`
			`)`

Add go mod (#935) * Add a go.mod file * run go mod vendor again * Move to a well-supported ini file reader * Remove GO111MODULE=off * Use go 1.16 * Rename github.com/outbrain/golib -> github.com/openark/golib * Remove .go-e files Fix for `strconv.ParseInt: parsing "": invalid syntax` error * Add test for '[osc]' section Co-authored-by: Nate Wernimont <nate.wernimont@workiva.com> 2021-06-24 18:19:37 +00:00			`// NewClientTLSConfig: generate TLS config for client side`
updated go-mysql 2019-01-01 08:58:12 +00:00			`// if insecureSkipVerify is set to true, serverName will not be validated`
			`func NewClientTLSConfig(caPem, certPem, keyPem []byte, insecureSkipVerify bool, serverName string) *tls.Config {`
			`pool := x509.NewCertPool()`
			`if !pool.AppendCertsFromPEM(caPem) {`
			`panic("failed to add ca PEM")`
			`}`

			`cert, err := tls.X509KeyPair(certPem, keyPem)`
			`if err != nil {`
			`panic(err)`
			`}`

			`config := &tls.Config{`
			`Certificates: []tls.Certificate{cert},`
			`RootCAs: pool,`
			`InsecureSkipVerify: insecureSkipVerify,`
			`ServerName: serverName,`
			`}`
			`return config`
			`}`