Documentation

Overview

    Package transport implements various HTTP transport utilities based on Go net package.

    Package transport provides network utility functions, complementing the more common ones in the net package.

    Index

    Constants

    This section is empty.

    Variables

    View Source
    var (
    	ErrNotTCP = errors.New("only tcp connections have keepalive")
    )

    Functions

    func IsClosedConnError

    func IsClosedConnError(err error) bool

      IsClosedConnError returns true if the error is from closing listener, cmux. copied from golang.org/x/net/http2/http2.go

      func LimitListener

      func LimitListener(l net.Listener, n int) net.Listener

        LimitListener returns a Listener that accepts at most n simultaneous connections from the provided Listener.

        func NewKeepAliveListener

        func NewKeepAliveListener(l net.Listener, scheme string, tlscfg *tls.Config) (net.Listener, error)

          NewKeepAliveListener returns a listener that listens on the given address. Be careful when wrap around KeepAliveListener with another Listener if TLSInfo is not nil. Some pkgs (like go/http) might expect Listener to return TLSConn type to start TLS handshake. http://tldp.org/HOWTO/TCP-Keepalive-HOWTO/overview.html

          func NewListener

          func NewListener(addr, scheme string, tlsinfo *TLSInfo) (l net.Listener, err error)

          func NewTLSListener

          func NewTLSListener(l net.Listener, tlsinfo *TLSInfo) (net.Listener, error)

            NewTLSListener handshakes TLS connections and performs optional CRL checking.

            func NewTimeoutListener

            func NewTimeoutListener(addr string, scheme string, tlsinfo *TLSInfo, rdtimeoutd, wtimeoutd time.Duration) (net.Listener, error)

              NewTimeoutListener returns a listener that listens on the given address. If read/write on the accepted connection blocks longer than its time limit, it will return timeout error.

              func NewTimeoutTransport

              func NewTimeoutTransport(info TLSInfo, dialtimeoutd, rdtimeoutd, wtimeoutd time.Duration) (*http.Transport, error)

                NewTimeoutTransport returns a transport created using the given TLS info. If read/write on the created connection blocks longer than its time limit, it will return timeout error. If read/write timeout is set, transport will not be able to reuse connection.

                func NewTransport

                func NewTransport(info TLSInfo, dialtimeoutd time.Duration) (*http.Transport, error)

                func NewUnixListener

                func NewUnixListener(addr string) (net.Listener, error)

                func ValidateSecureEndpoints

                func ValidateSecureEndpoints(tlsInfo TLSInfo, eps []string) ([]string, error)

                  ValidateSecureEndpoints scans the given endpoints against tls info, returning only those endpoints that could be validated as secure.

                  Types

                  type TLSInfo

                  type TLSInfo struct {
                  	CertFile           string
                  	KeyFile            string
                  	CAFile             string // TODO: deprecate this in v4
                  	TrustedCAFile      string
                  	ClientCertAuth     bool
                  	CRLFile            string
                  	InsecureSkipVerify bool
                  
                  	SkipClientSANVerify bool
                  
                  	// ServerName ensures the cert matches the given host in case of discovery / virtual hosting
                  	ServerName string
                  
                  	// HandshakeFailure is optionally called when a connection fails to handshake. The
                  	// connection will be closed immediately afterwards.
                  	HandshakeFailure func(*tls.Conn, error)
                  
                  	// CipherSuites is a list of supported cipher suites.
                  	// If empty, Go auto-populates it by default.
                  	// Note that cipher suites are prioritized in the given order.
                  	CipherSuites []uint16
                  
                  	// AllowedCN is a CN which must be provided by a client.
                  	AllowedCN string
                  	// contains filtered or unexported fields
                  }

                  func SelfCert

                  func SelfCert(dirpath string, hosts []string, additionalUsages ...x509.ExtKeyUsage) (info TLSInfo, err error)

                  func (TLSInfo) ClientConfig

                  func (info TLSInfo) ClientConfig() (*tls.Config, error)

                    ClientConfig generates a tls.Config object for use by an HTTP client.

                    func (TLSInfo) Empty

                    func (info TLSInfo) Empty() bool

                    func (TLSInfo) ServerConfig

                    func (info TLSInfo) ServerConfig() (*tls.Config, error)

                      ServerConfig generates a tls.Config object for use by an HTTP server.

                      func (TLSInfo) String

                      func (info TLSInfo) String() string