CL-Softwares
/
modelRT
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

optimize code of init rabbitmq connect func

This commit is contained in:
douxu 2026-02-04 17:43:09 +08:00
parent 9be984899c
commit f45b7d5fa4
1 changed files with 39 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
mq/rabbitmq_init.go
View File

@ -48,9 +48,9 @@ func GetConn() *amqp.Connection {
// InitRabbitProxy return instance of rabbitMQ connection // InitRabbitProxy return instance of rabbitMQ connection
func InitRabbitProxy(ctx context.Context, rCfg config.RabbitMQConfig) *RabbitMQProxy { func InitRabbitProxy(ctx context.Context, rCfg config.RabbitMQConfig) *RabbitMQProxy {
amqpURI := generateRabbitMQURI(rCfg) amqpURI := generateRabbitMQURI(rCfg)
certConf, err := readCertFiles(ctx, rCfg) certConf, err := initCertConf(rCfg)
if err != nil { if err != nil {
logger.Error(ctx, "read rabbitMQ cert files failed", "error", err) logger.Error(ctx, "init rabbitMQ cert config failed", "error", err)
panic(err) panic(err)
} }
rabbitMQOnce.Do(func() { rabbitMQOnce.Do(func() {
@ -63,7 +63,7 @@ func InitRabbitProxy(ctx context.Context, rCfg config.RabbitMQConfig) *RabbitMQP
// initRabbitMQ return instance of rabbitMQ connection // initRabbitMQ return instance of rabbitMQ connection
func initRabbitMQ(ctx context.Context, rabbitMQURI string, certConf *RabbitMQCertConf) *amqp.Connection { func initRabbitMQ(ctx context.Context, rabbitMQURI string, certConf *RabbitMQCertConf) *amqp.Connection {
logger.Info(ctx, fmt.Sprintf("connecting to rabbitMQ server at: %s", rabbitMQURI)) logger.Info(ctx, "connecting to rabbitMQ server", "rabbit_uri", rabbitMQURI)
tlsConfig := &tls.Config{ tlsConfig := &tls.Config{
Certificates: []tls.Certificate{certConf.clientCert}, Certificates: []tls.Certificate{certConf.clientCert},
@ -78,7 +78,7 @@ func initRabbitMQ(ctx context.Context, rabbitMQURI string, certConf *RabbitMQCer
Heartbeat: 10 * time.Second, Heartbeat: 10 * time.Second,
}) })
if err != nil { if err != nil {
logger.Error(ctx, "Error opening connection: ", "error", err) logger.Error(ctx, "init rabbitMQ connection failed", "error", err)
} }
defer conn.Close() defer conn.Close()
@ -131,55 +131,54 @@ func generateRabbitMQURI(rCfg config.RabbitMQConfig) string {
return amqpURI return amqpURI
} }
func readCertFiles(ctx context.Context, rCfg config.RabbitMQConfig) (*RabbitMQCertConf, error) { func initCertConf(rCfg config.RabbitMQConfig) (*RabbitMQCertConf, error) {
var initFailedFlag bool certConf := &RabbitMQCertConf{
certConf := RabbitMQCertConf{
insecureSkipVerify: rCfg.InsecureSkipVerify, insecureSkipVerify: rCfg.InsecureSkipVerify,
serverName: rCfg.ServerName,
} }
caCert, err := os.ReadFile(rCfg.CACertPath) caCert, err := os.ReadFile(rCfg.CACertPath)
if err != nil { if err != nil {
logger.Error(ctx, "read server ca file failed", "error", err) return nil, fmt.Errorf("read server ca file failed: %w", err)
initFailedFlag = true
} }
caCertPool := x509.NewCertPool() caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(caCert) if ok := caCertPool.AppendCertsFromPEM(caCert); !ok {
return nil, fmt.Errorf("failed to parse root certificate from %s", rCfg.CACertPath)
}
certConf.caCertPool = caCertPool certConf.caCertPool = caCertPool
keyData, err := os.ReadFile(rCfg.ClientKeyPath)
if err != nil {
logger.Error(ctx, "read private key file failed", "error", err)
initFailedFlag = true
}
block, _ := pem.Decode(keyData)
privateKey, err := pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte(rCfg.ClientKeyPassword))
if err != nil {
logger.Error(ctx, "parse private key failed", "error", err)
initFailedFlag = true
}
pemBytes, err := x509.MarshalPKCS8PrivateKey(privateKey)
if err != nil {
logger.Error(ctx, "parse private key failed", "error", err)
initFailedFlag = true
}
pemBlock := &pem.Block{Type: "PRIVATE KEY", Bytes: pemBytes}
certPEM, err := os.ReadFile(rCfg.ClientCertPath) certPEM, err := os.ReadFile(rCfg.ClientCertPath)
if err != nil { if err != nil {
logger.Error(ctx, "parse private key failed", "error", err) return nil, fmt.Errorf("read client cert file failed: %w", err)
initFailedFlag = true
} }
clientCert, err := tls.X509KeyPair(certPEM, pem.EncodeToMemory(pemBlock))
keyData, err := os.ReadFile(rCfg.ClientKeyPath)
if err != nil { if err != nil {
logger.Error(ctx, "load client cert failed", "error", err) return nil, fmt.Errorf("read private key file failed: %w", err)
initFailedFlag = true
} }
certConf.serverName = rCfg.ServerName
block, _ := pem.Decode(keyData)
if block == nil {
return nil, fmt.Errorf("failed to decode PEM block from private key")
}
der, err := pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte(rCfg.ClientKeyPassword))
if err != nil {
return nil, fmt.Errorf("parse password-protected private key failed: %w", err)
}
privBytes, err := x509.MarshalPKCS8PrivateKey(der)
if err != nil {
return nil, fmt.Errorf("marshal private key failed: %w", err)
}
keyPEM := pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: privBytes})
clientCert, err := tls.X509KeyPair(certPEM, keyPEM)
if err != nil {
return nil, fmt.Errorf("create x509 key pair failed: %w", err)
}
certConf.clientCert = clientCert certConf.clientCert = clientCert
if initFailedFlag { return certConf, nil
return nil, fmt.Errorf("rabbitMQ cert files init failed")
}
return &certConf, nil
} }