Documentation ¶
Overview ¶
Package transport implements various HTTP transport utilities based on Go net package.
Package transport provides network utility functions, complementing the more common ones in the net package.
Index ¶
- Variables
- func IsClosedConnError(err error) bool
- func LimitListener(l net.Listener, n int) net.Listener
- func NewKeepAliveListener(l net.Listener, scheme string, tlscfg *tls.Config) (net.Listener, error)
- func NewListener(addr, scheme string, tlsinfo *TLSInfo) (l net.Listener, err error)
- func NewTLSListener(l net.Listener, tlsinfo *TLSInfo) (net.Listener, error)
- func NewTimeoutListener(addr string, scheme string, tlsinfo *TLSInfo, ...) (net.Listener, error)
- func NewTimeoutTransport(info TLSInfo, dialtimeoutd, rdtimeoutd, wtimeoutd time.Duration) (*http.Transport, error)
- func NewTransport(info TLSInfo, dialtimeoutd time.Duration) (*http.Transport, error)
- func NewUnixListener(addr string) (net.Listener, error)
- func ValidateSecureEndpoints(tlsInfo TLSInfo, eps []string) ([]string, error)
- type TLSInfo
Constants ¶
This section is empty.
Variables ¶
var (
ErrNotTCP = errors.New("only tcp connections have keepalive")
)
Functions ¶
func IsClosedConnError ¶
IsClosedConnError returns true if the error is from closing listener, cmux. copied from golang.org/x/net/http2/http2.go
func LimitListener ¶
LimitListener returns a Listener that accepts at most n simultaneous connections from the provided Listener.
func NewKeepAliveListener ¶
NewKeepAliveListener returns a listener that listens on the given address. Be careful when wrap around KeepAliveListener with another Listener if TLSInfo is not nil. Some pkgs (like go/http) might expect Listener to return TLSConn type to start TLS handshake. http://tldp.org/HOWTO/TCP-Keepalive-HOWTO/overview.html
func NewListener ¶
NewListener creates a new listner.
func NewTLSListener ¶
NewTLSListener handshakes TLS connections and performs optional CRL checking.
func NewTimeoutListener ¶
func NewTimeoutListener(addr string, scheme string, tlsinfo *TLSInfo, rdtimeoutd, wtimeoutd time.Duration) (net.Listener, error)
NewTimeoutListener returns a listener that listens on the given address. If read/write on the accepted connection blocks longer than its time limit, it will return timeout error.
func NewTimeoutTransport ¶
func NewTimeoutTransport(info TLSInfo, dialtimeoutd, rdtimeoutd, wtimeoutd time.Duration) (*http.Transport, error)
NewTimeoutTransport returns a transport created using the given TLS info. If read/write on the created connection blocks longer than its time limit, it will return timeout error. If read/write timeout is set, transport will not be able to reuse connection.
func NewTransport ¶
Types ¶
type TLSInfo ¶
type TLSInfo struct { CertFile string KeyFile string TrustedCAFile string ClientCertAuth bool CRLFile string InsecureSkipVerify bool // ServerName ensures the cert matches the given host in case of discovery / virtual hosting ServerName string // HandshakeFailure is optionally called when a connection fails to handshake. The // connection will be closed immediately afterwards. HandshakeFailure func(*tls.Conn, error) // CipherSuites is a list of supported cipher suites. // If empty, Go auto-populates it by default. // Note that cipher suites are prioritized in the given order. CipherSuites []uint16 // AllowedCN is a CN which must be provided by a client. AllowedCN string // Logger logs TLS errors. // If nil, all logs are discarded. Logger *zap.Logger // EmptyCN indicates that the cert must have empty CN. // If true, ClientConfig() will return an error for a cert with non empty CN. EmptyCN bool // contains filtered or unexported fields }
func (TLSInfo) ClientConfig ¶
ClientConfig generates a tls.Config object for use by an HTTP client.
func (TLSInfo) ServerConfig ¶
ServerConfig generates a tls.Config object for use by an HTTP server.