From 3fec571183461c91a52a64f008cb0dacd194443d Mon Sep 17 00:00:00 2001
From: Runxi Yu <me@runxiyu.org>
Date: Sun, 12 Jan 2025 13:40:11 +0800
Subject: Add incoming STARTTLS support

---
 config.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'config.go')

diff --git a/config.go b/config.go
index c76fa94..6605262 100644
--- a/config.go
+++ b/config.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"bufio"
+	"crypto/tls"
 	"os"
 	"sync"
 
@@ -15,6 +16,7 @@ var config struct {
 		Cert string `scfg:"cert"`
 		Key  string `scfg:"key"`
 	} `scfg:"tls"`
+	_tls_config *tls.Config
 }
 var config_mutex sync.RWMutex
 
@@ -31,6 +33,14 @@ func load_config(path string) error {
 		if err != nil {
 			return err
 		}
+		cer, err := tls.LoadX509KeyPair(config.TLS.Cert, config.TLS.Key)
+		if err != nil {
+			return err
+		}
+		config._tls_config = &tls.Config{
+			Certificates: []tls.Certificate{cer},
+			MinVersion: tls.VersionTLS13,
+		}
 		return nil
 	}() != nil {
 		return err
-- 
cgit v1.2.3