braised-babbage/server.go Secret

## server.go
package main

import (
	"crypto/tls"
	"io"
	"log"
	"net/http"
	"os"
)

func main() {
	// get keylog file path from env var; used for wireshark to decrypt tls traffic
	keylogPath := os.Getenv("sslkeylogfile")
	var keyLogWriter io.Writer
	if keylogPath != "" {
		f, err := os.OpenFile(keylogPath, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0600)
		if err != nil {
			log.Fatalf("failed to open keylog file: %v", err)
		}
		defer f.Close()
		keyLogWriter = f
	}

	// tls config with key logging; require tls 1.2+
	tlsConfig := &tls.Config{
		KeyLogWriter: keyLogWriter,
		MinVersion:   tls.VersionTLS13,
	}

	// create a simple mux for our endpoints
	mux := http.NewServeMux()
	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
		// respond with a greeting at root
		w.Write([]byte("hello, world"))
	})
	mux.HandleFunc("/foo", func(w http.ResponseWriter, r *http.Request) {
		// respond with a hardcoded message for /foo
		w.Write([]byte("bar"))
	})

	// create a server with our tls config and handler
	server := &http.Server{
		Addr:      ":8443",
		Handler:   mux,
		TLSConfig: tlsConfig,
	}

	log.Println("starting https server on https://localhost:8443")
	// start tls server using provided certificate and key (server.crt & server.key must exist)
	if err := server.ListenAndServeTLS("server.crt", "server.key"); err != nil {
		log.Fatalf("server failed: %v", err)
	}
}
	package main

	import (
	"crypto/tls"
	"io"
	"log"
	"net/http"
	"os"
	)

	func main() {
	// get keylog file path from env var; used for wireshark to decrypt tls traffic
	keylogPath := os.Getenv("sslkeylogfile")
	var keyLogWriter io.Writer
	if keylogPath != "" {
	f, err := os.OpenFile(keylogPath, os.O_WRONLY\|os.O_CREATE\|os.O_APPEND, 0600)
	if err != nil {
	log.Fatalf("failed to open keylog file: %v", err)
	}
	defer f.Close()
	keyLogWriter = f
	}

	// tls config with key logging; require tls 1.2+
	tlsConfig := &tls.Config{
	KeyLogWriter: keyLogWriter,
	MinVersion: tls.VersionTLS13,
	}

	// create a simple mux for our endpoints
	mux := http.NewServeMux()
	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
	// respond with a greeting at root
	w.Write([]byte("hello, world"))
	})
	mux.HandleFunc("/foo", func(w http.ResponseWriter, r *http.Request) {
	// respond with a hardcoded message for /foo
	w.Write([]byte("bar"))
	})

	// create a server with our tls config and handler
	server := &http.Server{
	Addr: ":8443",
	Handler: mux,
	TLSConfig: tlsConfig,
	}

	log.Println("starting https server on https://localhost:8443")
	// start tls server using provided certificate and key (server.crt & server.key must exist)
	if err := server.ListenAndServeTLS("server.crt", "server.key"); err != nil {
	log.Fatalf("server failed: %v", err)
	}
	}