make tlshandler public

app.go

@@ -115,7 +115,7 @@ type App struct {
 	latestRoute *Route
 	latestGroup *Group
 	// TLS handler
-	tlsHandler *tlsHandler
+	tlsHandler *TLSHandler
 }
 
 // Config is a struct holding the server settings.
@@ -563,6 +563,14 @@ func (app *App) handleTrustedProxy(ipAddress string) {
 	}
 }
 
+// You can use SetTLSHandler to use ClientHelloInfo when using TLS with Listener.
+func (app *App) SetTLSHandler(tlsHandler *TLSHandler) {
+	// Attach the tlsHandler to the config
+	app.mutex.Lock()
+	app.tlsHandler = tlsHandler
+	app.mutex.Unlock()
+}
+
 // Mount attaches another app instance as a sub-router along a routing path.
 // It's very useful to split up a large API as many independent routers and
 // compose them as a single service using Mount. The fiber's error handler and

app_test.go

@@ -6,6 +6,7 @@ package fiber
 
 import (
 	"bytes"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"io"
@@ -1560,3 +1561,17 @@ func Test_App_Test_no_timeout_infinitely(t *testing.T) {
 		t.FailNow()
 	}
 }
+
+func Test_App_SetTLSHandler(t *testing.T) {
+	tlsHandler := &TLSHandler{clientHelloInfo: &tls.ClientHelloInfo{
+		ServerName: "example.golang",
+	}}
+
+	app := New()
+	app.SetTLSHandler(tlsHandler)
+
+	c := app.AcquireCtx(&fasthttp.RequestCtx{})
+	defer app.ReleaseCtx(c)
+
+	utils.AssertEqual(t, "example.golang", c.ClientHelloInfo().ServerName)
+}

ctx.go

@@ -68,13 +68,13 @@ type Ctx struct {
 	viewBindMap         *dictpool.Dict       // Default view map to bind template engine
 }
 
-// tlsHandle object
-type tlsHandler struct {
+// TLSHandler object
+type TLSHandler struct {
 	clientHelloInfo *tls.ClientHelloInfo
 }
 
 // GetClientInfo Callback function to set CHI
-func (t *tlsHandler) GetClientInfo(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
+func (t *TLSHandler) GetClientInfo(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
 	t.clientHelloInfo = info
 	return nil, nil
 }
@@ -811,6 +811,7 @@ func (c *Ctx) MultipartForm() (*multipart.Form, error) {
 
 // ClientHelloInfo return CHI from context
 func (c *Ctx) ClientHelloInfo() *tls.ClientHelloInfo {
+	fmt.Print(c.app.tlsHandler)
 	if c.app.tlsHandler != nil {
 		return c.app.tlsHandler.clientHelloInfo
 	}

ctx_test.go

@@ -1288,7 +1288,7 @@ func Test_Ctx_ClientHelloInfo(t *testing.T) {
 		PSSWithSHA256 = 0x0804
 		VersionTLS13  = 0x0304
 	)
-	app.tlsHandler = &tlsHandler{clientHelloInfo: &tls.ClientHelloInfo{
+	app.tlsHandler = &TLSHandler{clientHelloInfo: &tls.ClientHelloInfo{
 		ServerName:        "example.golang",
 		SignatureSchemes:  []tls.SignatureScheme{PSSWithSHA256},
 		SupportedVersions: []uint16{VersionTLS13},

listen.go

@@ -26,15 +26,9 @@ import (
 
 // Listener can be used to pass a custom listener.
 func (app *App) Listener(ln net.Listener) error {
-	// ClientHelloInfo support
-	tlsHandler := &tlsHandler{}
-	addr, tlsConfig := lnMetadata(app.config.Network, ln)
-	if tlsConfig != nil {
-		tlsConfig.GetCertificate = tlsHandler.GetClientInfo
-	}
-
 	// Prefork is supported for custom listeners
 	if app.config.Prefork {
+		addr, tlsConfig := lnMetadata(app.config.Network, ln)
 		return app.prefork(app.config.Network, addr, tlsConfig)
 	}
 
@@ -51,9 +45,6 @@ func (app *App) Listener(ln net.Listener) error {
 		app.printRoutesMessage()
 	}
 
-	// Attach the tlsHandler to the config
-	app.tlsHandler = tlsHandler
-
 	// Start listening
 	return app.server.Serve(ln)
 }
@@ -67,17 +58,21 @@ func (app *App) Listen(addr string) error {
 	if app.config.Prefork {
 		return app.prefork(app.config.Network, addr, nil)
 	}
+
 	// Setup listener
 	ln, err := net.Listen(app.config.Network, addr)
 	if err != nil {
 		return err
 	}
+
 	// prepare the server for the start
 	app.startupProcess()
+
 	// Print startup message
 	if !app.config.DisableStartupMessage {
 		app.startupMessage(ln.Addr().String(), false, "")
 	}
+
 	// Print routes
 	if app.config.EnablePrintRoutes {
 		app.printRoutesMessage()
@@ -96,19 +91,22 @@ func (app *App) ListenTLS(addr, certFile, keyFile string) error {
 	if len(certFile) == 0 || len(keyFile) == 0 {
 		return errors.New("tls: provide a valid cert or key path")
 	}
+
 	// Set TLS config with handler
 	cert, err := tls.LoadX509KeyPair(certFile, keyFile)
 	if err != nil {
 		return fmt.Errorf("tls: cannot load TLS key pair from certFile=%q and keyFile=%q: %s", certFile, keyFile, err)
 	}
-	tlsHandler := &tlsHandler{}
+
+	tlsHandler := &TLSHandler{}
 	config := &tls.Config{
 		MinVersion: tls.VersionTLS12,
 		Certificates: []tls.Certificate{
 			cert,
 		},
 		GetCertificate: tlsHandler.GetClientInfo,
 	}
+
 	// Prefork is supported
 	if app.config.Prefork {
 		return app.prefork(app.config.Network, addr, config)
@@ -117,23 +115,27 @@ func (app *App) ListenTLS(addr, certFile, keyFile string) error {
 	// Setup listener
 	ln, err := net.Listen(app.config.Network, addr)
 	ln = tls.NewListener(ln, config)
-
 	if err != nil {
 		return err
 	}
+
 	// prepare the server for the start
 	app.startupProcess()
+
 	// Print startup message
 	if !app.config.DisableStartupMessage {
 		app.startupMessage(ln.Addr().String(), true, "")
 	}
+
 	// Print routes
 	if app.config.EnablePrintRoutes {
 		app.printRoutesMessage()
 	}
 
 	// Attach the tlsHandler to the config
+	app.mutex.Lock()
 	app.tlsHandler = tlsHandler
+	app.mutex.Unlock()
 
 	// Start listening
 	return app.server.Serve(ln)
@@ -161,7 +163,7 @@ func (app *App) ListenMutualTLS(addr, certFile, keyFile, clientCertFile string)
 	clientCertPool := x509.NewCertPool()
 	clientCertPool.AppendCertsFromPEM(clientCACert)
 
-	tlsHandler := &tlsHandler{}
+	tlsHandler := &TLSHandler{}
 	config := &tls.Config{
 		MinVersion: tls.VersionTLS12,
 		ClientAuth: tls.RequireAndVerifyClientCert,
@@ -197,7 +199,9 @@ func (app *App) ListenMutualTLS(addr, certFile, keyFile, clientCertFile string)
 	}
 
 	// Attach the tlsHandler to the config
+	app.mutex.Lock()
 	app.tlsHandler = tlsHandler
+	app.mutex.Unlock()
 
 	// Start listening
 	return app.server.Serve(ln)