Back to / pkg / transport

Package transport

Latest Go to latest

The latest major version is .

Published: May 20, 2020 | License: Apache-2.0 | Module:


Package transport implements various HTTP transport utilities based on Go net package.

Package transport provides network utility functions, complementing the more common ones in the net package.



var (
	ErrNotTCP = errors.New("only tcp connections have keepalive")

func IsClosedConnError

func IsClosedConnError(err error) bool

IsClosedConnError returns true if the error is from closing listener, cmux. copied from

func LimitListener

func LimitListener(l net.Listener, n int) net.Listener

LimitListener returns a Listener that accepts at most n simultaneous connections from the provided Listener.

func NewKeepAliveListener

func NewKeepAliveListener(l net.Listener, scheme string, tlscfg *tls.Config) (net.Listener, error)

NewKeepAliveListener returns a listener that listens on the given address. Be careful when wrap around KeepAliveListener with another Listener if TLSInfo is not nil. Some pkgs (like go/http) might expect Listener to return TLSConn type to start TLS handshake.

func NewListener

func NewListener(addr, scheme string, tlsinfo *TLSInfo) (l net.Listener, err error)

func NewTLSListener

func NewTLSListener(l net.Listener, tlsinfo *TLSInfo) (net.Listener, error)

NewTLSListener handshakes TLS connections and performs optional CRL checking.

func NewTimeoutListener

func NewTimeoutListener(addr string, scheme string, tlsinfo *TLSInfo, rdtimeoutd, wtimeoutd time.Duration) (net.Listener, error)

NewTimeoutListener returns a listener that listens on the given address. If read/write on the accepted connection blocks longer than its time limit, it will return timeout error.

func NewTimeoutTransport

func NewTimeoutTransport(info TLSInfo, dialtimeoutd, rdtimeoutd, wtimeoutd time.Duration) (*http.Transport, error)

NewTimeoutTransport returns a transport created using the given TLS info. If read/write on the created connection blocks longer than its time limit, it will return timeout error. If read/write timeout is set, transport will not be able to reuse connection.

func NewTransport

func NewTransport(info TLSInfo, dialtimeoutd time.Duration) (*http.Transport, error)

func NewUnixListener

func NewUnixListener(addr string) (net.Listener, error)

func ValidateSecureEndpoints

func ValidateSecureEndpoints(tlsInfo TLSInfo, eps []string) ([]string, error)

ValidateSecureEndpoints scans the given endpoints against tls info, returning only those endpoints that could be validated as secure.

type TLSInfo

type TLSInfo struct {
	CertFile           string
	KeyFile            string
	CAFile             string // TODO: deprecate this in v4
	TrustedCAFile      string
	ClientCertAuth     bool
	CRLFile            string
	InsecureSkipVerify bool

	SkipClientSANVerify bool

	// ServerName ensures the cert matches the given host in case of discovery / virtual hosting
	ServerName string

	// HandshakeFailure is optionally called when a connection fails to handshake. The
	// connection will be closed immediately afterwards.
	HandshakeFailure func(*tls.Conn, error)

	// CipherSuites is a list of supported cipher suites.
	// If empty, Go auto-populates it by default.
	// Note that cipher suites are prioritized in the given order.
	CipherSuites []uint16

	// AllowedCN is a CN which must be provided by a client.
	AllowedCN string
	// contains filtered or unexported fields

func SelfCert

func SelfCert(dirpath string, hosts []string, additionalUsages ...x509.ExtKeyUsage) (info TLSInfo, err error)

func (TLSInfo) ClientConfig

func (info TLSInfo) ClientConfig() (*tls.Config, error)

ClientConfig generates a tls.Config object for use by an HTTP client.

func (TLSInfo) Empty

func (info TLSInfo) Empty() bool

func (TLSInfo) ServerConfig

func (info TLSInfo) ServerConfig() (*tls.Config, error)

ServerConfig generates a tls.Config object for use by an HTTP server.

func (TLSInfo) String

func (info TLSInfo) String() string

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier