comments

7 years ago · a657ec49a0
5 changed files with 12 additions and 3 deletions
--- a/transport/internet/dialer.go
+++ b/transport/internet/dialer.go
@ -20,6 +20,7 @@ func RegisterTransportDialer(protocol TransportProtocol, dialer Dialer) error {
 	return nil
 }

+// Dial dials a internet connection towards the given destination.
 func Dial(ctx context.Context, dest net.Destination) (Connection, error) {
 	if dest.Network == net.Network_TCP {
 		streamSettings := StreamSettingsFromContext(ctx)
--- a/transport/internet/tls/config.go
+++ b/transport/internet/tls/config.go
@ -23,6 +23,7 @@ func ParseCertificate(c *cert.Certificate) *Certificate {
 	}
 }

+// BuildCertificates builds a list of TLS certificates from proto definition.
 func (c *Config) BuildCertificates() []tls.Certificate {
 	certs := make([]tls.Certificate, 0, len(c.Certificate))
 	for _, entry := range c.Certificate {
@ -118,10 +119,11 @@ func getGetCertificateFunc(c *tls.Config, ca []*Certificate) func(hello *tls.Cli
 	}
 }

+// GetTLSConfig converts this Config into tls.Config.
 func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
 	config := &tls.Config{
 		ClientSessionCache: globalSessionCache,
-		RootCAs:            c.GetCertPool(),
+		RootCAs:            c.getCertPool(),
 	}
 	if c == nil {
 		return config
@ -153,8 +155,10 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
 	return config
 }

+// Option for building TLS config.
 type Option func(*tls.Config)

+// WithDestination sets the server name in TLS config.
 func WithDestination(dest net.Destination) Option {
 	return func(config *tls.Config) {
 		if dest.Address.Family().IsDomain() && len(config.ServerName) == 0 {
@ -163,6 +167,7 @@ func WithDestination(dest net.Destination) Option {
 	}
 }

+// WithNextProto sets the ALPN values in TLS config.
 func WithNextProto(protocol ...string) Option {
 	return func(config *tls.Config) {
 		if len(config.NextProtos) == 0 {
@ -171,6 +176,7 @@ func WithNextProto(protocol ...string) Option {
 	}
 }

+// ConfigFromContext fetches Config from context. Nil if not found.
 func ConfigFromContext(ctx context.Context) *Config {
 	securitySettings := internet.SecuritySettingsFromContext(ctx)
 	if securitySettings == nil {
--- a/transport/internet/tls/config_other.go
+++ b/transport/internet/tls/config_other.go
@ -4,7 +4,7 @@ package tls

 import "crypto/x509"

-func (c *Config) GetCertPool() *x509.CertPool {
+func (c *Config) getCertPool() *x509.CertPool {
 	pool, err := x509.SystemCertPool()
 	if err != nil {
 		newError("failed to get system cert pool.").Base(err).WriteToLog()
--- a/transport/internet/tls/config_windows.go
+++ b/transport/internet/tls/config_windows.go
@ -4,6 +4,6 @@ package tls

 import "crypto/x509"

-func (c *Config) GetCertPool() *x509.CertPool {
+func (c *Config) getCertPool() *x509.CertPool {
 	return nil
 }
--- a/transport/internet/tls/tls.go
+++ b/transport/internet/tls/tls.go
@ -29,11 +29,13 @@ func (c *conn) WriteMultiBuffer(mb buf.MultiBuffer) error {
 	return c.mergingWriter.Flush()
 }

+// Client initiates a TLS client handshake on the given connection.
 func Client(c net.Conn, config *tls.Config) net.Conn {
 	tlsConn := tls.Client(c, config)
 	return &conn{Conn: tlsConn}
 }

+// Server initiates a TLS server handshake on the given connection.
 func Server(c net.Conn, config *tls.Config) net.Conn {
 	tlsConn := tls.Server(c, config)
 	return &conn{Conn: tlsConn}