package transport

import "github.com/etcd-io/etcd/pkg/transport"

Package transport implements various HTTP transport utilities based on Go net package.

Package transport provides network utility functions, complementing the more common ones in the net package.

Index ¶

• Variables
• func IsClosedConnError(err error) bool
• func LimitListener(l net.Listener, n int) net.Listener
• func NewKeepAliveListener(l net.Listener, scheme string, tlscfg *tls.Config) (net.Listener, error)
• func NewListener(addr, scheme string, tlsinfo *TLSInfo) (l net.Listener, err error)
• func NewTLSListener(l net.Listener, tlsinfo *TLSInfo) (net.Listener, error)
• func NewTimeoutListener(addr string, scheme string, tlsinfo *TLSInfo, rdtimeoutd, wtimeoutd time.Duration) (net.Listener, error)
• func NewTimeoutTransport(info TLSInfo, dialtimeoutd, rdtimeoutd, wtimeoutd time.Duration) (*http.Transport, error)
• func NewTransport(info TLSInfo, dialtimeoutd time.Duration) (*http.Transport, error)
• func NewUnixListener(addr string) (net.Listener, error)
• func ValidateSecureEndpoints(tlsInfo TLSInfo, eps []string) ([]string, error)
• type TLSInfo
• func SelfCert(lg *zap.Logger, dirpath string, hosts []string, additionalUsages ...x509.ExtKeyUsage) (info TLSInfo, err error)
• func (info TLSInfo) ClientConfig() (*tls.Config, error)
• func (info TLSInfo) Empty() bool
• func (info TLSInfo) ServerConfig() (*tls.Config, error)
• func (info TLSInfo) String() string

Package Files ¶

doc.go keepalive_listener.go limit_listen.go listener.go listener_tls.go timeout_conn.go timeout_dialer.go timeout_listener.go timeout_transport.go tls.go transport.go unix_listener.go

Variables ¶

var (
    ErrNotTCP = errors.New("only tcp connections have keepalive")
)

func IsClosedConnError ¶ Uses

func IsClosedConnError(err error) bool

IsClosedConnError returns true if the error is from closing listener, cmux. copied from golang.org/x/net/http2/http2.go

func LimitListener ¶ Uses

func LimitListener(l net.Listener, n int) net.Listener

LimitListener returns a Listener that accepts at most n simultaneous connections from the provided Listener.

func NewKeepAliveListener ¶ Uses

func NewKeepAliveListener(l net.Listener, scheme string, tlscfg *tls.Config) (net.Listener, error)

NewKeepAliveListener returns a listener that listens on the given address. Be careful when wrap around KeepAliveListener with another Listener if TLSInfo is not nil. Some pkgs (like go/http) might expect Listener to return TLSConn type to start TLS handshake. http://tldp.org/HOWTO/TCP-Keepalive-HOWTO/overview.html

func NewListener ¶ Uses

func NewListener(addr, scheme string, tlsinfo *TLSInfo) (l net.Listener, err error)

NewListener creates a new listner.

func NewTLSListener ¶ Uses

func NewTLSListener(l net.Listener, tlsinfo *TLSInfo) (net.Listener, error)

NewTLSListener handshakes TLS connections and performs optional CRL checking.

func NewTimeoutListener ¶ Uses

func NewTimeoutListener(addr string, scheme string, tlsinfo *TLSInfo, rdtimeoutd, wtimeoutd time.Duration) (net.Listener, error)

NewTimeoutListener returns a listener that listens on the given address. If read/write on the accepted connection blocks longer than its time limit, it will return timeout error.

func NewTimeoutTransport ¶ Uses

func NewTimeoutTransport(info TLSInfo, dialtimeoutd, rdtimeoutd, wtimeoutd time.Duration) (*http.Transport, error)

NewTimeoutTransport returns a transport created using the given TLS info. If read/write on the created connection blocks longer than its time limit, it will return timeout error. If read/write timeout is set, transport will not be able to reuse connection.

func NewTransport ¶ Uses

func NewTransport(info TLSInfo, dialtimeoutd time.Duration) (*http.Transport, error)

func NewUnixListener ¶ Uses

func NewUnixListener(addr string) (net.Listener, error)

func ValidateSecureEndpoints ¶ Uses

func ValidateSecureEndpoints(tlsInfo TLSInfo, eps []string) ([]string, error)

ValidateSecureEndpoints scans the given endpoints against tls info, returning only those endpoints that could be validated as secure.

type TLSInfo ¶ Uses

type TLSInfo struct {
    CertFile            string
    KeyFile             string
    TrustedCAFile       string
    ClientCertAuth      bool
    CRLFile             string
    InsecureSkipVerify  bool
    SkipClientSANVerify bool

    // ServerName ensures the cert matches the given host in case of discovery / virtual hosting
    ServerName string

    // HandshakeFailure is optionally called when a connection fails to handshake. The
    // connection will be closed immediately afterwards.
    HandshakeFailure func(*tls.Conn, error)

    // CipherSuites is a list of supported cipher suites.
    // If empty, Go auto-populates it by default.
    // Note that cipher suites are prioritized in the given order.
    CipherSuites []uint16

    // AllowedCN is a CN which must be provided by a client.
    AllowedCN string

    // AllowedHostname is an IP address or hostname that must match the TLS
    // certificate provided by a client.
    AllowedHostname string

    // Logger logs TLS errors.
    // If nil, all logs are discarded.
    Logger *zap.Logger

    // EmptyCN indicates that the cert must have empty CN.
    // If true, ClientConfig() will return an error for a cert with non empty CN.
    EmptyCN bool
    // contains filtered or unexported fields
}

func SelfCert ¶ Uses

func SelfCert(lg *zap.Logger, dirpath string, hosts []string, additionalUsages ...x509.ExtKeyUsage) (info TLSInfo, err error)

func (TLSInfo) ClientConfig ¶ Uses

func (info TLSInfo) ClientConfig() (*tls.Config, error)

ClientConfig generates a tls.Config object for use by an HTTP client.

func (TLSInfo) Empty ¶ Uses

func (info TLSInfo) Empty() bool

func (TLSInfo) ServerConfig ¶ Uses

func (info TLSInfo) ServerConfig() (*tls.Config, error)

ServerConfig generates a tls.Config object for use by an HTTP server.

func (TLSInfo) String ¶ Uses

func (info TLSInfo) String() string