From cce3166bdd3dc35a5d081874d91fc48df8e659b8 Mon Sep 17 00:00:00 2001
From: "Stephen McQuay (smcquay)" <stephen@mcquay.me>
Date: Sun, 17 Apr 2016 18:26:45 -0700
Subject: [PATCH] Add TLS support

Fixes #20.

Change-Id: I9c6b4ff3195f05e8a3c17d6704ee06b1f77db562
---
 cmd/vaind/main.go | 18 +++++++++++++++---
 server.go         |  6 +++++-
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/cmd/vaind/main.go b/cmd/vaind/main.go
index 7e5baca..2311d72 100644
--- a/cmd/vaind/main.go
+++ b/cmd/vaind/main.go
@@ -55,6 +55,9 @@ const usage = "vaind [init] <dbname>"
 
 type config struct {
 	Port int
+
+	Cert string
+	Key  string
 }
 
 func main() {
@@ -114,8 +117,17 @@ func main() {
 	sm := http.NewServeMux()
 	vain.NewServer(sm, db)
 	addr := fmt.Sprintf(":%d", c.Port)
-	if err := http.ListenAndServe(addr, sm); err != nil {
-		log.Printf("problem with http server: %v", err)
-		os.Exit(1)
+
+	if c.Cert == "" || c.Key == "" {
+		log.Printf("INSECURE MODE")
+		if err := http.ListenAndServe(addr, sm); err != nil {
+			log.Printf("problem with http server: %v", err)
+			os.Exit(1)
+		}
+	} else {
+		if err := http.ListenAndServeTLS(addr, c.Cert, c.Key, sm); err != nil {
+			log.Printf("problem with http server: %v", err)
+			os.Exit(1)
+		}
 	}
 }
diff --git a/server.go b/server.go
index a87d2c9..895149c 100644
--- a/server.go
+++ b/server.go
@@ -130,7 +130,11 @@ func (s *Server) register(w http.ResponseWriter, req *http.Request) {
 		http.Error(w, err.Message, err.Code)
 		return
 	}
-	log.Printf("http://%s/api/v0/confirm/%+v", req.Host, tok)
+	proto := "https"
+	if req.TLS == nil {
+		proto = "http"
+	}
+	log.Printf("%s://%s/api/v0/confirm/%+v", proto, req.Host, tok)
 	fmt.Fprintf(w, "please check your email\n")
 }