(clientHello *tls.ClientHelloInfo)
| 132 | } |
| 133 | |
| 134 | func (c *certCache) GetCertificate(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) { |
| 135 | c.lock.Lock() |
| 136 | defer c.lock.Unlock() |
| 137 | |
| 138 | name := clientHello.ServerName |
| 139 | |
| 140 | if val, ok := c.cache.Get(name); ok { |
| 141 | return val.(*tls.Certificate), nil |
| 142 | } |
| 143 | |
| 144 | cert, err := makeCert(CACert, name) |
| 145 | if err != nil { |
| 146 | return nil, err |
| 147 | } |
| 148 | |
| 149 | c.cache.Add(name, cert) |
| 150 | |
| 151 | return cert, nil |
| 152 | } |
| 153 | |
| 154 | func makeCert( |
| 155 | parent *tls.Certificate, |