rekby/server.go

## server.go
package main
import (
	"crypto/tls"
	"fmt"
	"time"
	"crypto/x509"
)

const rootCert = `-----BEGIN CERTIFICATE-----
MIIEMzCCAxugAwIBAgIBATANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJSVTEM
MAoGA1UECBMDdG1wMQwwCgYDVQQKEwN0bXAxDjAMBgNVBAMTBXRtcENBMCAXDTE1
MDgwNzExMzMwMFoYDzIzODAwODA3MTEzMzAwWjA5MQswCQYDVQQGEwJSVTEMMAoG
A1UECBMDdG1wMQwwCgYDVQQKEwN0bXAxDjAMBgNVBAMTBXRtcENBMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOiU93evlvTLEoQSa2jxaYDGw7ZrRDu5
OlUSwIrz6yQJxWTdvtbhsj2gKOfE9umNQTZrW5l+T+4FwXwuvKOaiM+RP2vqH1Ly
TKsAagpU/yv27k3DPP/vVCuoRs8lEDVSedcw+WAOEuIZEdf9o1VHT+KvFTSDp1As
pmwNEJ+oSIqI4LFuFWC3yDakU3tzmo/e6l1thnQvmBNhhZCClzRkKyEbM41QsZOQ
ZrEbD1LPjij9tFqgDn0lmwl/Pn4MGQNcDhMB+SBpEnDVR5RH8eBKDyLmaeFiuDru
d/IEOXPmet7ABuTiswVNbKWsOf8U/p585pTqSkgHEmOcoVFZEqMrbwIDAQABo4IB
QjCCAT4wDAYDVR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMIHsBgNVHSUEgeQwgeEG
CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcD
CAYKKwYBBAGCNwIBFQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoD
AwYKKwYBBAGCNwoDBAYJYIZIAYb4QgQBBgsrBgEEAYI3CgMEAQYIKwYBBQUHAwUG
CCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUIAgIGCisGAQQBgjcUAgIGCCsGAQUF
BwMJBggrBgEFBQcDDQYIKwYBBQUHAw4GBysGAQUCAwUwEQYJYIZIAYb4QgEBBAQD
AgD3MB4GCWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwDQYJKoZIhvcNAQEF
BQADggEBAB6ob12Jyy/8O+wb6tisnIMiuDK2xKqraOGydQCOq/za9gwJNu5MC5yi
FOu//dhWQCu7JgeAudm8LJl+jFCTIigCbad3qDU0Or4AlRRnIVaz2BikXvD3NXa+
o9iSZwc2LGVzeYyFBHKmVtNhHLaHkNpSlJKqzGzM51cYjwAfwsQeluzy3qusFMtY
LFxKDp+CjzU2ghhImHbaABrLNLjp14z/OTPSSr65oVP4C66Ib600nKhSVKY0srB9
/kXAm2pZyczQYpPsY/p3W1/ch8ry7fXR7Iw/eUhZ5SACyNQEim9YEr907rFl0gdS
ODCONcjoYXoXuoK7J3mvYoNgB+WOPco=
-----END CERTIFICATE-----`

const serverCert = `-----BEGIN CERTIFICATE-----
MIIDRjCCAi6gAwIBAgIBAzANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJSVTEM
MAoGA1UECBMDdG1wMQwwCgYDVQQKEwN0bXAxDjAMBgNVBAMTBXRtcENBMB4XDTE1
MDgwNzExMzUwMFoXDTE2MDgwNjExMzUwMFowPTELMAkGA1UEBhMCUlUxDDAKBgNV
BAgTA3RtcDEMMAoGA1UEChMDdG1wMRIwEAYDVQQDEwl0bXBTZXJ2ZXIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNk21GtnfirmXsnedBKDR8x+nVhcMe
Nxh20V8QBzqs1hUKG/IUgPVlRbXGZkH+WD+Qz5JrTP92ZYXajg58RDX/BIsidEpW
Zo4zedfIFL8P8v2B6uo76EPM7Vr1kdxtL3Q9FYIr3IdMljV4P/YaVUarBAeyLPyN
FqmRYhOuz0cX1JeR1RIXkzJe3dou83ihzIfj3mNJ9/s0F6TUxbKsGHQpHZRw4ry3
leX2kNRSJgh3Ly8N633kxDwTvioyFJx2/ZZHBkhJ9WebCu5/4BeuFRnsyukzpctq
MEqiJCW+IHVtDKnq6gQeEzzyL+XVhPDIP6IiJwsxCacoKH5A5MIL1asFAgMBAAGj
VTBTMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEB
BAQDAgZAMB4GCWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwDQYJKoZIhvcN
AQEFBQADggEBADiLfncfLicC1APdPvjnrK9e5qRpiRO8ZESf+Rryix9nA6uGTSuO
b3ayUZ/PdHTB/4/rpYDNmCjp9uLl2yO5JipbqwiO43sjo8k0JwKPsNVKvCa0tEcD
y1O/1vmjI5dYZmKsQ5mWHZbAtmQ+WThk85PIq4iEmhxT83BHPJvRnix+1JmjZ9Jl
//j0pb6ayMbk+hsjob1U+5NzbqTexoLLnpqBpCCprnlNl5F9VNL6682GdbDZQwAa
hMIKB2ykSOuFDxlhRr0TpCfgjTVIHK5IzusHjsAm+i/9QbK6HPbmu2batiniwUOO
++kFXRzBvOR2Gc0/tfRFfv03tDCjiRQC96Y=
-----END CERTIFICATE-----`

const serverKey = `-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDNk21GtnfirmXs
nedBKDR8x+nVhcMeNxh20V8QBzqs1hUKG/IUgPVlRbXGZkH+WD+Qz5JrTP92ZYXa
jg58RDX/BIsidEpWZo4zedfIFL8P8v2B6uo76EPM7Vr1kdxtL3Q9FYIr3IdMljV4
P/YaVUarBAeyLPyNFqmRYhOuz0cX1JeR1RIXkzJe3dou83ihzIfj3mNJ9/s0F6TU
xbKsGHQpHZRw4ry3leX2kNRSJgh3Ly8N633kxDwTvioyFJx2/ZZHBkhJ9WebCu5/
4BeuFRnsyukzpctqMEqiJCW+IHVtDKnq6gQeEzzyL+XVhPDIP6IiJwsxCacoKH5A
5MIL1asFAgMBAAECggEBALOecsZsPAe19Zxuw1Ys+N9mFSvZegh2f0uh2Hu6tUu6
qhtxG21K2B8qb47wXg0Lsk6m7voOBs++GNxDbuio+LzfjWoHTcR8SxczCJTre51F
5LaVOSAq6sKtSOJ0FbLY2aldl6UXRKhoPkPZLwEHLX3TQZ4urGPiPzqmBSiiNy3b
oqwmpkae43OShaPxM1fC+kf7wQbfnMK0sQAp5M6Dd4wLE0uRPL5HDbbAFWN1wiVt
U7w4n7qY/6u3bH7R2H3r0nLx1Y/aVSpqEcy6qBhOsM1Agc9P1RQz7gm3278hpQwS
w8UPx4skSm1Cz7c+pERDGO7m3OnX3oCipL9wM2F67ukCgYEA9x8FE7xHA32Tsfm3
7w+rGuEqaFScP8IPxJj3+TyDC29NhdWuuQCTQXWwtVHe/BTNA4LsVSuI6DCsJRsH
DI54wHXrPXFYETnJtJ3Amob2tBaWbUSBs7FLI4FPd6YKcf8gGyZUw0jtXGiAKFjN
UTg1pOum7BfrTl93PRH0xhB59ZcCgYEA1PZHwJDwxnqLbreoCPaFz2x881+UK/P+
75UEN7QyyR/ycs8mbBk0iRAyiHCKQyddKqsxZE/vYOuYdhAhftllzFFSzGRlMvNu
d+o0NhUkokfTcFaIEHGeerIcRFcZNGS9+5ygSMAi8j5lDHT9h20HCsSbO4UAX7PK
lE1FbuXKT8MCgYBWwa0moJLNxuhzMxg/9WA8r5AT0KCKQbcHbiygc34OJaUxtzMA
ABOyh37iKTv/g831zaDqxb3qxiupWzO+VMZPyxYrG/+vDHqjzj4wAfHah5OICOUA
EN4wONWNS92e59J9tZdMd+3c41Ma1xI90V4D6DdR65PQj/NsnUExx9cJQQKBgQCd
Gm5GXeZx1VdlPzFEI3EFWxg2hi0N27sXTUxGN7Y7b0jxb2X92v5JmtxckQE+lxyA
7LfMM7f5PPRFLJM5O/GAMAIv7GRHmRPGfM01lJVo7inKNtu7ncX258w4kjRy1Vrd
8mbAJJXjNSpgbTHXJRRL2kxWNUDYWQ86JmLxc62y9wKBgBN6XxoWXNYlHLRXJSc9
MfkUKVP7EwasuGvvaAuM6JDZlMVEi/17R00l3AWoQM3aw2I/8KmbOzxpww4XOwU3
pLRqn3AcVxmycriW0wW+9lVobZwFZIyH0UketiR9VI8j23epb2duTbVZzazvr/0o
KQVaqXkdTNbe+Enr5DekmN3B
-----END PRIVATE KEY-----`


func main(){
	roots := x509.NewCertPool()
	if !roots.AppendCertsFromPEM([]byte(rootCert)){
		panic("Can't parse root cert")
	}


	cert, err := tls.X509KeyPair([]byte(serverCert), []byte(serverKey))
	if err != nil {
		panic(err)
	}

	tlsConfig := &tls.Config{
		ClientAuth: tls.RequireAndVerifyClientCert,
		ClientCAs: roots,
	}
	tlsConfig.Certificates = make([]tls.Certificate, 0)
	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)

	listener, err := tls.Listen("tcp", "0.0.0.0:1234", tlsConfig)
	if err != nil {
		panic(err)
	}
	fmt.Println("START")
	for {
		connection, err := listener.Accept()
		if err != nil {
			panic(err)
		}
		fmt.Println("OK ", connection.RemoteAddr())
		connection.SetReadDeadline(time.Now().Add(time.Second))

		tlsconn, ok := connection.(*tls.Conn)
		if ! ok{
			fmt.Println("It isn't tlsconn")
			connection.Close()
			continue
		}

		fmt.Println("TLS")
		fmt.Println(tlsconn.ConnectionState().PeerCertificates)

		nullBuf := []byte{1}
		connection.Read(nullBuf)
		fmt.Println(nullBuf)


		fmt.Println("TLS")
		fmt.Println(tlsconn.ConnectionState().PeerCertificates[0].Subject.CommonName)

		connection.Close()
	}
}
	package main
	import (
	"crypto/tls"
	"fmt"
	"time"
	"crypto/x509"
	)

	const rootCert = `-----BEGIN CERTIFICATE-----
	MIIEMzCCAxugAwIBAgIBATANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJSVTEM
	MAoGA1UECBMDdG1wMQwwCgYDVQQKEwN0bXAxDjAMBgNVBAMTBXRtcENBMCAXDTE1
	MDgwNzExMzMwMFoYDzIzODAwODA3MTEzMzAwWjA5MQswCQYDVQQGEwJSVTEMMAoG
	A1UECBMDdG1wMQwwCgYDVQQKEwN0bXAxDjAMBgNVBAMTBXRtcENBMIIBIjANBgkq
	hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOiU93evlvTLEoQSa2jxaYDGw7ZrRDu5
	OlUSwIrz6yQJxWTdvtbhsj2gKOfE9umNQTZrW5l+T+4FwXwuvKOaiM+RP2vqH1Ly
	TKsAagpU/yv27k3DPP/vVCuoRs8lEDVSedcw+WAOEuIZEdf9o1VHT+KvFTSDp1As
	pmwNEJ+oSIqI4LFuFWC3yDakU3tzmo/e6l1thnQvmBNhhZCClzRkKyEbM41QsZOQ
	ZrEbD1LPjij9tFqgDn0lmwl/Pn4MGQNcDhMB+SBpEnDVR5RH8eBKDyLmaeFiuDru
	d/IEOXPmet7ABuTiswVNbKWsOf8U/p585pTqSkgHEmOcoVFZEqMrbwIDAQABo4IB
	QjCCAT4wDAYDVR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMIHsBgNVHSUEgeQwgeEG
	CCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcD
	CAYKKwYBBAGCNwIBFQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoD
	AwYKKwYBBAGCNwoDBAYJYIZIAYb4QgQBBgsrBgEEAYI3CgMEAQYIKwYBBQUHAwUG
	CCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUIAgIGCisGAQQBgjcUAgIGCCsGAQUF
	BwMJBggrBgEFBQcDDQYIKwYBBQUHAw4GBysGAQUCAwUwEQYJYIZIAYb4QgEBBAQD
	AgD3MB4GCWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwDQYJKoZIhvcNAQEF
	BQADggEBAB6ob12Jyy/8O+wb6tisnIMiuDK2xKqraOGydQCOq/za9gwJNu5MC5yi
	FOu//dhWQCu7JgeAudm8LJl+jFCTIigCbad3qDU0Or4AlRRnIVaz2BikXvD3NXa+
	o9iSZwc2LGVzeYyFBHKmVtNhHLaHkNpSlJKqzGzM51cYjwAfwsQeluzy3qusFMtY
	LFxKDp+CjzU2ghhImHbaABrLNLjp14z/OTPSSr65oVP4C66Ib600nKhSVKY0srB9
	/kXAm2pZyczQYpPsY/p3W1/ch8ry7fXR7Iw/eUhZ5SACyNQEim9YEr907rFl0gdS
	ODCONcjoYXoXuoK7J3mvYoNgB+WOPco=
	-----END CERTIFICATE-----`

	const serverCert = `-----BEGIN CERTIFICATE-----
	MIIDRjCCAi6gAwIBAgIBAzANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJSVTEM
	MAoGA1UECBMDdG1wMQwwCgYDVQQKEwN0bXAxDjAMBgNVBAMTBXRtcENBMB4XDTE1
	MDgwNzExMzUwMFoXDTE2MDgwNjExMzUwMFowPTELMAkGA1UEBhMCUlUxDDAKBgNV
	BAgTA3RtcDEMMAoGA1UEChMDdG1wMRIwEAYDVQQDEwl0bXBTZXJ2ZXIwggEiMA0G
	CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNk21GtnfirmXsnedBKDR8x+nVhcMe
	Nxh20V8QBzqs1hUKG/IUgPVlRbXGZkH+WD+Qz5JrTP92ZYXajg58RDX/BIsidEpW
	Zo4zedfIFL8P8v2B6uo76EPM7Vr1kdxtL3Q9FYIr3IdMljV4P/YaVUarBAeyLPyN
	FqmRYhOuz0cX1JeR1RIXkzJe3dou83ihzIfj3mNJ9/s0F6TUxbKsGHQpHZRw4ry3
	leX2kNRSJgh3Ly8N633kxDwTvioyFJx2/ZZHBkhJ9WebCu5/4BeuFRnsyukzpctq
	MEqiJCW+IHVtDKnq6gQeEzzyL+XVhPDIP6IiJwsxCacoKH5A5MIL1asFAgMBAAGj
	VTBTMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEB
	BAQDAgZAMB4GCWCGSAGG+EIBDQQRFg94Y2EgY2VydGlmaWNhdGUwDQYJKoZIhvcN
	AQEFBQADggEBADiLfncfLicC1APdPvjnrK9e5qRpiRO8ZESf+Rryix9nA6uGTSuO
	b3ayUZ/PdHTB/4/rpYDNmCjp9uLl2yO5JipbqwiO43sjo8k0JwKPsNVKvCa0tEcD
	y1O/1vmjI5dYZmKsQ5mWHZbAtmQ+WThk85PIq4iEmhxT83BHPJvRnix+1JmjZ9Jl
	//j0pb6ayMbk+hsjob1U+5NzbqTexoLLnpqBpCCprnlNl5F9VNL6682GdbDZQwAa
	hMIKB2ykSOuFDxlhRr0TpCfgjTVIHK5IzusHjsAm+i/9QbK6HPbmu2batiniwUOO
	++kFXRzBvOR2Gc0/tfRFfv03tDCjiRQC96Y=
	-----END CERTIFICATE-----`

	const serverKey = `-----BEGIN PRIVATE KEY-----
	MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDNk21GtnfirmXs
	nedBKDR8x+nVhcMeNxh20V8QBzqs1hUKG/IUgPVlRbXGZkH+WD+Qz5JrTP92ZYXa
	jg58RDX/BIsidEpWZo4zedfIFL8P8v2B6uo76EPM7Vr1kdxtL3Q9FYIr3IdMljV4
	P/YaVUarBAeyLPyNFqmRYhOuz0cX1JeR1RIXkzJe3dou83ihzIfj3mNJ9/s0F6TU
	xbKsGHQpHZRw4ry3leX2kNRSJgh3Ly8N633kxDwTvioyFJx2/ZZHBkhJ9WebCu5/
	4BeuFRnsyukzpctqMEqiJCW+IHVtDKnq6gQeEzzyL+XVhPDIP6IiJwsxCacoKH5A
	5MIL1asFAgMBAAECggEBALOecsZsPAe19Zxuw1Ys+N9mFSvZegh2f0uh2Hu6tUu6
	qhtxG21K2B8qb47wXg0Lsk6m7voOBs++GNxDbuio+LzfjWoHTcR8SxczCJTre51F
	5LaVOSAq6sKtSOJ0FbLY2aldl6UXRKhoPkPZLwEHLX3TQZ4urGPiPzqmBSiiNy3b
	oqwmpkae43OShaPxM1fC+kf7wQbfnMK0sQAp5M6Dd4wLE0uRPL5HDbbAFWN1wiVt
	U7w4n7qY/6u3bH7R2H3r0nLx1Y/aVSpqEcy6qBhOsM1Agc9P1RQz7gm3278hpQwS
	w8UPx4skSm1Cz7c+pERDGO7m3OnX3oCipL9wM2F67ukCgYEA9x8FE7xHA32Tsfm3
	7w+rGuEqaFScP8IPxJj3+TyDC29NhdWuuQCTQXWwtVHe/BTNA4LsVSuI6DCsJRsH
	DI54wHXrPXFYETnJtJ3Amob2tBaWbUSBs7FLI4FPd6YKcf8gGyZUw0jtXGiAKFjN
	UTg1pOum7BfrTl93PRH0xhB59ZcCgYEA1PZHwJDwxnqLbreoCPaFz2x881+UK/P+
	75UEN7QyyR/ycs8mbBk0iRAyiHCKQyddKqsxZE/vYOuYdhAhftllzFFSzGRlMvNu
	d+o0NhUkokfTcFaIEHGeerIcRFcZNGS9+5ygSMAi8j5lDHT9h20HCsSbO4UAX7PK
	lE1FbuXKT8MCgYBWwa0moJLNxuhzMxg/9WA8r5AT0KCKQbcHbiygc34OJaUxtzMA
	ABOyh37iKTv/g831zaDqxb3qxiupWzO+VMZPyxYrG/+vDHqjzj4wAfHah5OICOUA
	EN4wONWNS92e59J9tZdMd+3c41Ma1xI90V4D6DdR65PQj/NsnUExx9cJQQKBgQCd
	Gm5GXeZx1VdlPzFEI3EFWxg2hi0N27sXTUxGN7Y7b0jxb2X92v5JmtxckQE+lxyA
	7LfMM7f5PPRFLJM5O/GAMAIv7GRHmRPGfM01lJVo7inKNtu7ncX258w4kjRy1Vrd
	8mbAJJXjNSpgbTHXJRRL2kxWNUDYWQ86JmLxc62y9wKBgBN6XxoWXNYlHLRXJSc9
	MfkUKVP7EwasuGvvaAuM6JDZlMVEi/17R00l3AWoQM3aw2I/8KmbOzxpww4XOwU3
	pLRqn3AcVxmycriW0wW+9lVobZwFZIyH0UketiR9VI8j23epb2duTbVZzazvr/0o
	KQVaqXkdTNbe+Enr5DekmN3B
	-----END PRIVATE KEY-----`


	func main(){
	roots := x509.NewCertPool()
	if !roots.AppendCertsFromPEM([]byte(rootCert)){
	panic("Can't parse root cert")
	}


	cert, err := tls.X509KeyPair([]byte(serverCert), []byte(serverKey))
	if err != nil {
	panic(err)
	}

	tlsConfig := &tls.Config{
	ClientAuth: tls.RequireAndVerifyClientCert,
	ClientCAs: roots,
	}
	tlsConfig.Certificates = make([]tls.Certificate, 0)
	tlsConfig.Certificates = append(tlsConfig.Certificates, cert)

	listener, err := tls.Listen("tcp", "0.0.0.0:1234", tlsConfig)
	if err != nil {
	panic(err)
	}
	fmt.Println("START")
	for {
	connection, err := listener.Accept()
	if err != nil {
	panic(err)
	}
	fmt.Println("OK ", connection.RemoteAddr())
	connection.SetReadDeadline(time.Now().Add(time.Second))

	tlsconn, ok := connection.(*tls.Conn)
	if ! ok{
	fmt.Println("It isn't tlsconn")
	connection.Close()
	continue
	}

	fmt.Println("TLS")
	fmt.Println(tlsconn.ConnectionState().PeerCertificates)

	nullBuf := []byte{1}
	connection.Read(nullBuf)
	fmt.Println(nullBuf)


	fmt.Println("TLS")
	fmt.Println(tlsconn.ConnectionState().PeerCertificates[0].Subject.CommonName)

	connection.Close()
	}
	}