[feat] reuse certificate if found in config folder

author: kali kaneko (leap communications) <kali@leap.se> 2021-05-17 12:53:24 +0200
committer: kali kaneko (leap communications) <kali@leap.se> 2021-05-17 17:52:46 +0200
commit: 083f4095319b734f33f3e28a9f3234ff9cf6a7d7 (patch)
tree: d6e81c51862f1a7157d8e1de719e214df579104d /pkg/vpn/certs.go
parent: 1d0bdcd6d82b1edcb56268198b242a5814a04fd9 (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/pkg/vpn/certs.go b/pkg/vpn/certs.go
new file mode 100644
index 0000000..300871e
--- /dev/null
+++ b/pkg/vpn/certs.go
@@ -0,0 +1,34 @@
+package vpn
+
+import (
+	"crypto/x509"
+	"encoding/pem"
+	"io/ioutil"
+	"log"
+	"time"
+)
+
+func isValidCert(path string) bool {
+	data, err := ioutil.ReadFile(path)
+	if err != nil {
+		return false
+	}
+	// skip private key, but there should be one
+	_, rest := pem.Decode(data)
+	certBlock, rest := pem.Decode(rest)
+	if len(rest) != 0 {
+		log.Println("ERROR bad cert data")
+		return false
+	}
+	cert, err := x509.ParseCertificate(certBlock.Bytes)
+	loc, _ := time.LoadLocation("UTC")
+	expires := cert.NotAfter
+	tomorrow := time.Now().In(loc).Add(24 * time.Hour)
+
+	if !expires.After(tomorrow) {
+		return false
+	} else {
+		log.Println("DEBUG We have a valid cert:", path)
+		return true
+	}
+}
author	kali kaneko (leap communications) <kali@leap.se>	2021-05-17 12:53:24 +0200
committer	kali kaneko (leap communications) <kali@leap.se>	2021-05-17 17:52:46 +0200
commit	083f4095319b734f33f3e28a9f3234ff9cf6a7d7 (patch)
tree	d6e81c51862f1a7157d8e1de719e214df579104d /pkg/vpn/certs.go
parent	1d0bdcd6d82b1edcb56268198b242a5814a04fd9 (diff)