From b77524eadc6a100e6b252dacf7692cf0c5cf18c1 Mon Sep 17 00:00:00 2001
From: baalajimaestro <me@baalajimaestro.me>
Date: Sun, 23 Oct 2022 12:55:43 +0530
Subject: [PATCH] Refactor getDefaultCertificate to use CertificateData

Signed-off-by: baalajimaestro <me@baalajimaestro.me>
---
 pkg/tls/certificate_store.go |  8 ++++----
 pkg/tls/tlsmanager.go        | 14 ++++++++------
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/pkg/tls/certificate_store.go b/pkg/tls/certificate_store.go
index d511b6f5c..f87c83a26 100644
--- a/pkg/tls/certificate_store.go
+++ b/pkg/tls/certificate_store.go
@@ -23,7 +23,7 @@ type CertificateStore struct {
 // NewCertificateStore create a store for dynamic certificates.
 func NewCertificateStore() *CertificateStore {
 	s := &safe.Safe{}
-	s.Set(make(map[string]*tls.Certificate))
+	s.Set(make(map[string]*CertificateData))
 
 	return &CertificateStore{
 		DynamicCerts: s,
@@ -118,7 +118,7 @@ func (c *CertificateStore) GetBestCertificate(clientHello *tls.ClientHelloInfo)
 }
 
 // GetCertificate returns the first certificate matching all the given domains.
-func (c *CertificateStore) GetCertificate(domains []string) *tls.Certificate {
+func (c *CertificateStore) GetCertificate(domains []string) *CertificateData {
 	if c == nil {
 		return nil
 	}
@@ -127,11 +127,11 @@ func (c *CertificateStore) GetCertificate(domains []string) *tls.Certificate {
 	domainsKey := strings.Join(domains, ",")
 
 	if cert, ok := c.CertCache.Get(domainsKey); ok {
-		return cert.(*tls.Certificate)
+		return cert.(*CertificateData)
 	}
 
 	if c.DynamicCerts != nil && c.DynamicCerts.Get() != nil {
-		for certDomains, cert := range c.DynamicCerts.Get().(map[string]*tls.Certificate) {
+		for certDomains, cert := range c.DynamicCerts.Get().(map[string]*CertificateData) {
 			if domainsKey == certDomains {
 				c.CertCache.SetDefault(domainsKey, cert)
 				return cert
diff --git a/pkg/tls/tlsmanager.go b/pkg/tls/tlsmanager.go
index 11695bf2d..9c106144b 100644
--- a/pkg/tls/tlsmanager.go
+++ b/pkg/tls/tlsmanager.go
@@ -130,7 +130,7 @@ func (m *Manager) UpdateConfigs(ctx context.Context, stores map[string]Store, co
 			log.FromContext(ctxStore).Errorf("Error while creating certificate store: %v", err)
 		}
 
-		st.DefaultCertificate = certificate
+		st.DefaultCertificate = certificate.Certificate
 	}
 }
 
@@ -273,17 +273,19 @@ func (m *Manager) GetStore(storeName string) *CertificateStore {
 	return m.getStore(storeName)
 }
 
-func getDefaultCertificate(ctx context.Context, tlsStore Store, st *CertificateStore) (*tls.Certificate, error) {
+func getDefaultCertificate(ctx context.Context, tlsStore Store, st *CertificateStore) (*CertificateData, error) {
 	if tlsStore.DefaultCertificate != nil {
 		cert, err := buildDefaultCertificate(tlsStore.DefaultCertificate)
+		certificate := CertificateData{Certificate: cert}
 		if err != nil {
 			return nil, err
 		}
 
-		return cert, nil
+		return &certificate, nil
 	}
 
 	defaultCert, err := generate.DefaultCertificate()
+	defaultCertificate := CertificateData{Certificate: defaultCert}
 	if err != nil {
 		return nil, err
 	}
@@ -291,19 +293,19 @@ func getDefaultCertificate(ctx context.Context, tlsStore Store, st *CertificateS
 	if tlsStore.DefaultGeneratedCert != nil && tlsStore.DefaultGeneratedCert.Domain != nil && tlsStore.DefaultGeneratedCert.Resolver != "" {
 		domains, err := sanitizeDomains(*tlsStore.DefaultGeneratedCert.Domain)
 		if err != nil {
-			return defaultCert, fmt.Errorf("falling back to the internal generated certificate because invalid domains: %w", err)
+			return &defaultCertificate, fmt.Errorf("falling back to the internal generated certificate because invalid domains: %w", err)
 		}
 
 		defaultACMECert := st.GetCertificate(domains)
 		if defaultACMECert == nil {
-			return defaultCert, fmt.Errorf("unable to find certificate for domains %q: falling back to the internal generated certificate", strings.Join(domains, ","))
+			return &defaultCertificate, fmt.Errorf("unable to find certificate for domains %q: falling back to the internal generated certificate", strings.Join(domains, ","))
 		}
 
 		return defaultACMECert, nil
 	}
 
 	log.FromContext(ctx).Debug("No default certificate, fallback to the internal generated certificate")
-	return defaultCert, nil
+	return &defaultCertificate, nil
 }
 
 // creates a TLS config that allows terminating HTTPS for multiple domains using SNI.