pull/1086/head
Darien Raymond 7 years ago
parent b4ff4c7e75
commit a657ec49a0
No known key found for this signature in database
GPG Key ID: 7251FFA14BB18169

@ -20,6 +20,7 @@ func RegisterTransportDialer(protocol TransportProtocol, dialer Dialer) error {
return nil
}
// Dial dials a internet connection towards the given destination.
func Dial(ctx context.Context, dest net.Destination) (Connection, error) {
if dest.Network == net.Network_TCP {
streamSettings := StreamSettingsFromContext(ctx)

@ -23,6 +23,7 @@ func ParseCertificate(c *cert.Certificate) *Certificate {
}
}
// BuildCertificates builds a list of TLS certificates from proto definition.
func (c *Config) BuildCertificates() []tls.Certificate {
certs := make([]tls.Certificate, 0, len(c.Certificate))
for _, entry := range c.Certificate {
@ -118,10 +119,11 @@ func getGetCertificateFunc(c *tls.Config, ca []*Certificate) func(hello *tls.Cli
}
}
// GetTLSConfig converts this Config into tls.Config.
func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
config := &tls.Config{
ClientSessionCache: globalSessionCache,
RootCAs: c.GetCertPool(),
RootCAs: c.getCertPool(),
}
if c == nil {
return config
@ -153,8 +155,10 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
return config
}
// Option for building TLS config.
type Option func(*tls.Config)
// WithDestination sets the server name in TLS config.
func WithDestination(dest net.Destination) Option {
return func(config *tls.Config) {
if dest.Address.Family().IsDomain() && len(config.ServerName) == 0 {
@ -163,6 +167,7 @@ func WithDestination(dest net.Destination) Option {
}
}
// WithNextProto sets the ALPN values in TLS config.
func WithNextProto(protocol ...string) Option {
return func(config *tls.Config) {
if len(config.NextProtos) == 0 {
@ -171,6 +176,7 @@ func WithNextProto(protocol ...string) Option {
}
}
// ConfigFromContext fetches Config from context. Nil if not found.
func ConfigFromContext(ctx context.Context) *Config {
securitySettings := internet.SecuritySettingsFromContext(ctx)
if securitySettings == nil {

@ -4,7 +4,7 @@ package tls
import "crypto/x509"
func (c *Config) GetCertPool() *x509.CertPool {
func (c *Config) getCertPool() *x509.CertPool {
pool, err := x509.SystemCertPool()
if err != nil {
newError("failed to get system cert pool.").Base(err).WriteToLog()

@ -4,6 +4,6 @@ package tls
import "crypto/x509"
func (c *Config) GetCertPool() *x509.CertPool {
func (c *Config) getCertPool() *x509.CertPool {
return nil
}

@ -29,11 +29,13 @@ func (c *conn) WriteMultiBuffer(mb buf.MultiBuffer) error {
return c.mergingWriter.Flush()
}
// Client initiates a TLS client handshake on the given connection.
func Client(c net.Conn, config *tls.Config) net.Conn {
tlsConn := tls.Client(c, config)
return &conn{Conn: tlsConn}
}
// Server initiates a TLS server handshake on the given connection.
func Server(c net.Conn, config *tls.Config) net.Conn {
tlsConn := tls.Server(c, config)
return &conn{Conn: tlsConn}

Loading…
Cancel
Save