From 838d3abc3db643ec3cf4352c067bf8cde515886d Mon Sep 17 00:00:00 2001 From: Erik Dubbelboer Date: Sat, 6 Feb 2021 10:39:40 +0100 Subject: [PATCH] Allow concurrent ServeTLS --- server.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/server.go b/server.go index 3bf0c71e78..bf5a521a75 100644 --- a/server.go +++ b/server.go @@ -1566,11 +1566,14 @@ func (s *Server) ListenAndServeTLSEmbed(addr string, certData, keyData []byte) e // If the certFile or keyFile has not been provided the server structure, // the function will use previously added TLS configuration. func (s *Server) ServeTLS(ln net.Listener, certFile, keyFile string) error { + s.mu.Lock() err := s.AppendCert(certFile, keyFile) if err != nil && err != errNoCertOrKeyProvided { + s.mu.Unlock() return err } if s.tlsConfig == nil { + s.mu.Unlock() return errNoCertOrKeyProvided } @@ -1578,6 +1581,8 @@ func (s *Server) ServeTLS(ln net.Listener, certFile, keyFile string) error { // But since we also support older versions we'll keep this here. s.tlsConfig.BuildNameToCertificate() //nolint:staticcheck + s.mu.Unlock() + return s.Serve( tls.NewListener(ln, s.tlsConfig), ) @@ -1590,11 +1595,15 @@ func (s *Server) ServeTLS(ln net.Listener, certFile, keyFile string) error { // If the certFile or keyFile has not been provided the server structure, // the function will use previously added TLS configuration. func (s *Server) ServeTLSEmbed(ln net.Listener, certData, keyData []byte) error { + s.mu.Lock() + err := s.AppendCertEmbed(certData, keyData) if err != nil && err != errNoCertOrKeyProvided { + s.mu.Unlock() return err } if s.tlsConfig == nil { + s.mu.Unlock() return errNoCertOrKeyProvided } @@ -1602,6 +1611,8 @@ func (s *Server) ServeTLSEmbed(ln net.Listener, certData, keyData []byte) error // But since we also support older versions we'll keep this here. s.tlsConfig.BuildNameToCertificate() //nolint:staticcheck + s.mu.Unlock() + return s.Serve( tls.NewListener(ln, s.tlsConfig), )