本文整理汇总了Golang中crypto/tls.NewListener函数的典型用法代码示例。如果您正苦于以下问题:Golang NewListener函数的具体用法?Golang NewListener怎么用?Golang NewListener使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了NewListener函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: main
func main() {
flag.Parse()
var (
cert tls.Certificate
err error
config *tls.Config
)
if *doSSL {
cert, err = tls.LoadX509KeyPair("ssl.crt", "ssl.key")
check(err)
config = &tls.Config{
Certificates: []tls.Certificate{cert},
ServerName: "eight22er.danga.com",
}
ln, err := webSSLPort.Listen()
check(err)
tln := tls.NewListener(ln, config)
go runWebServer(tln)
}
log.Printf("server.")
wln, err := webPort.Listen()
check(err)
if *dev {
go runWebServer(wln)
} else {
go runSSLRedirector(wln)
}
// POP Listener
pln, err := popPort.Listen()
check(err)
if *doSSL {
pln = tls.NewListener(pln, config)
}
pop := NewPOPServer(pln)
go pop.run()
// SMTP Listener
sln, err := smtpPort.Listen()
check(err)
if *doSSL {
sln = tls.NewListener(sln, config)
}
ss := &smtpd.Server{
Hostname: "eight22er.danga.com",
PlainAuth: true,
OnNewMail: func(c smtpd.Connection, from smtpd.MailAddress) (smtpd.Envelope, error) {
return nil, errors.New("TODO: we haven't finished sending direct messasges via SMTP yet")
},
}
go ss.Serve(sln)
select {}
}
示例2: Listen
// Listen starts listening on the given host:port addr.
func (s *Server) Listen(addr string) error {
if s.listener != nil {
return nil
}
doLog := os.Getenv("TESTING_PORT_WRITE_FD") == "" // Don't make noise during unit tests
if addr == "" {
return fmt.Errorf("<host>:<port> needs to be provided to start listening")
}
var err error
s.listener, err = listen.Listen(addr)
if err != nil {
return fmt.Errorf("Failed to listen on %s: %v", addr, err)
}
base := s.ListenURL()
if doLog {
s.printf("Starting to listen on %s\n", base)
}
doEnableTLS := func() error {
config := &tls.Config{
Rand: rand.Reader,
Time: time.Now,
NextProtos: []string{http2.NextProtoTLS, "http/1.1"},
MinVersion: tls.VersionTLS12,
}
if s.tlsCertFile == "" && s.certManager != nil {
config.GetCertificate = s.certManager
s.listener = tls.NewListener(s.listener, config)
return nil
}
config.Certificates = make([]tls.Certificate, 1)
config.Certificates[0], err = loadX509KeyPair(s.tlsCertFile, s.tlsKeyFile)
if err != nil {
return fmt.Errorf("Failed to load TLS cert: %v", err)
}
s.listener = tls.NewListener(s.listener, config)
return nil
}
if s.enableTLS {
if err := doEnableTLS(); err != nil {
return err
}
}
if doLog && strings.HasSuffix(base, ":0") {
s.printf("Now listening on %s\n", s.ListenURL())
}
return nil
}
示例3: listen
func (s *Server) listen(opt *ServerOption) net.Listener {
ln, err := net.Listen("tcp", opt.ListenAddr)
if err != nil {
log.Panicln(err)
}
ln = &tcpKeepAliveListener{
TCPListener: ln.(*net.TCPListener),
AlivePeriod: opt.KeepAlivePeriod,
}
if opt.TLSConfig != nil {
return tls.NewListener(ln, opt.TLSConfig)
}
if opt.CertFile == "" {
return ln
}
// from net/http/server.go.ListenAndServeTLS
tc := &tls.Config{
NextProtos: []string{"http/1.1"},
Certificates: make([]tls.Certificate, 1),
}
tc.Certificates[0], err = tls.LoadX509KeyPair(opt.CertFile, opt.KeyFile)
if err == nil {
if opt.CAs != nil {
tc.ClientCAs, err = tls2.CAPool(opt.CAs...)
if err == nil {
tc.ClientAuth = tls.RequireAndVerifyClientCert
}
}
if err == nil {
ln = tls.NewListener(ln, tc)
}
}
if err != nil {
if ln != nil {
if e := ln.Close(); e != nil {
log.Panicln(e)
}
}
log.Panicln(err)
}
return ln
}
示例4: GetTLSListener
// GetTLSListener creates an encrypted listener with the given TLS config and address.
func GetTLSListener(addr string, conf *tls.Config) (net.Listener, error) {
l, err := net.Listen("tcp", addr)
if err != nil {
return nil, err
}
return tls.NewListener(l, conf), nil
}
示例5: ServeTLS
// Like Serve, but enables TLS using the given config.
func ServeTLS(config *tls.Config) {
if !flag.Parsed() {
flag.Parse()
}
ServeListener(tls.NewListener(bind.Default(), config))
}
示例6: ListenAndServeTLS
// ListenAndServeTLS is equivalent to http.Server.ListenAndServeTLS with graceful shutdown enabled.
func (srv *Server) ListenAndServeTLS(certFile, keyFile string) error {
// Create the listener ourselves so we can control its lifetime
addr := srv.Addr
if addr == "" {
addr = ":https"
}
config := &tls.Config{}
if srv.TLSConfig != nil {
*config = *srv.TLSConfig
}
if config.NextProtos == nil {
config.NextProtos = []string{"http/1.1"}
}
var err error
config.Certificates = make([]tls.Certificate, 1)
config.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
return err
}
conn, err := net.Listen("tcp", addr)
if err != nil {
return err
}
tlsListener := tls.NewListener(conn, config)
return srv.Serve(tlsListener)
}
示例7: startWebserver
func startWebserver() (err error) {
server := http.Server{Handler: gateKeeperMux}
if cmdline.tls {
// copied from net.http ListenAndServeTLS()
// so we have a reference to the Listener to close it on /quit/
config := &tls.Config{}
config.NextProtos = []string{"http/1.1"}
config.Certificates = make([]tls.Certificate, 1)
config.Certificates[0], err =
tls.LoadX509KeyPair(cmdline.cert, cmdline.key)
if err != nil {
return
}
wsListener, err = net.Listen("tcp", cmdline.laddr)
if err != nil {
return
}
wsListener = tls.NewListener(wsListener, config)
} else {
wsListener, err = net.Listen("tcp", cmdline.laddr)
if err != nil {
return
}
}
startCookieServer()
err = server.Serve(wsListener)
stopCookieServer()
fmt.Println("Shutting down in", cmdline.quittimeout, "second(s)...")
time.Sleep(time.Duration(cmdline.quittimeout) * time.Second)
return err
}
示例8: listen
func (s *server) listen() error {
defer trace.End(trace.Begin(""))
var err error
s.uss = NewUserSessionStore()
certificate, err := vchConfig.HostCertificate.Certificate()
if err != nil {
log.Errorf("Could not load certificate from config - running without TLS: %s", err)
s.l, err = net.Listen("tcp", s.addr)
return err
}
// FIXME: assignment copies lock value to tlsConfig: crypto/tls.Config contains sync.Once contains sync.Mutex
tlsconfig := func(c *tls.Config) *tls.Config {
// if there are CAs, then TLS is enabled
if len(vchConfig.CertificateAuthorities) != 0 {
if c.ClientCAs == nil {
c.ClientCAs = x509.NewCertPool()
}
if !c.ClientCAs.AppendCertsFromPEM(vchConfig.CertificateAuthorities) {
log.Errorf("Unable to load CAs from config; client auth via certificate will not function")
}
c.ClientAuth = tls.VerifyClientCertIfGiven
} else {
log.Warnf("No certificate authorities found for certificate-based authentication. This may be intentional, however, authentication is disabled")
}
return &tls.Config{
Certificates: c.Certificates,
NameToCertificate: c.NameToCertificate,
GetCertificate: c.GetCertificate,
RootCAs: c.RootCAs,
NextProtos: c.NextProtos,
ServerName: c.ServerName,
ClientAuth: c.ClientAuth,
ClientCAs: c.ClientCAs,
InsecureSkipVerify: c.InsecureSkipVerify,
CipherSuites: c.CipherSuites,
PreferServerCipherSuites: c.PreferServerCipherSuites,
SessionTicketsDisabled: c.SessionTicketsDisabled,
SessionTicketKey: c.SessionTicketKey,
ClientSessionCache: c.ClientSessionCache,
MinVersion: tls.VersionTLS12,
MaxVersion: c.MaxVersion,
CurvePreferences: c.CurvePreferences,
}
}(&tlsconfig.ServerDefault)
tlsconfig.Certificates = []tls.Certificate{*certificate}
innerListener, err := net.Listen("tcp", s.addr)
if err != nil {
log.Fatal(err)
return err
}
s.l = tls.NewListener(innerListener, tlsconfig)
return nil
}
示例9: listenAndServeTLS
func (s *HTTPListener) listenAndServeTLS() error {
certForHandshake := func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
r := s.findRoute(hello.ServerName, "/")
if r == nil {
return nil, errMissingTLS
}
return r.keypair, nil
}
tlsConfig := tlsconfig.SecureCiphers(&tls.Config{
GetCertificate: certForHandshake,
Certificates: []tls.Certificate{s.keypair},
})
l, err := listenFunc("tcp4", s.TLSAddr)
if err != nil {
return listenErr{s.Addr, err}
}
s.tlsListener = tls.NewListener(l, tlsConfig)
server := &http.Server{
Addr: s.tlsListener.Addr().String(),
Handler: fwdProtoHandler{
Handler: s,
Proto: "https",
Port: mustPortFromAddr(s.tlsListener.Addr().String()),
},
}
// TODO: log error
go server.Serve(s.tlsListener)
return nil
}
示例10: NewTCPListener
func NewTCPListener(ircd *Ircd, address string, port int, config *tls.Config) (*TCPListener, os.Error) {
var listener net.Listener
secure := Insecure
// Go is slightly silly here. The IPv6 form, in Go, is "[::1]:6667" whereas
// the IPv4 form is "127.0.0.1:6667". Let's try to satisfy both parties by
// firstly trying with 'a:6667' and if that fails retry with '[a]:6667'.
finalAddress, error := net.ResolveTCPAddr("TCP", address)
if error != nil {
finalAddress, error = net.ResolveTCPAddr("TCP", fmt.Sprintf("[%s]:%d", address, port))
if error != nil {
return nil, error
}
}
listener, error = net.ListenTCP(finalAddress.Network(), finalAddress)
if error != nil {
return nil, error
}
if config != nil {
listener = tls.NewListener(listener, config)
secure = Secure
}
bl := NewBasicListener(ircd)
bl.listener = listener
bl.secure = secure
return &TCPListener{bl}, nil
}
示例11: ListenTLS
// ListenTLS is a convenience method that creates an https listener using the
// provided cert and key files. Use this method if you need access to the
// listener object directly. When ready, pass it to the Serve method.
func (srv *Server) ListenTLS(certFile, keyFile string) (net.Listener, error) {
// Create the listener ourselves so we can control its lifetime
addr := srv.Addr
if addr == "" {
addr = ":https"
}
config := &tls.Config{}
if srv.TLSConfig != nil {
*config = *srv.TLSConfig
}
var err error
config.Certificates = make([]tls.Certificate, 1)
config.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
return nil, err
}
conn, err := srv.newTCPListener(addr)
if err != nil {
return nil, err
}
srv.TLSConfig = config
tlsListener := tls.NewListener(conn, config)
return tlsListener, nil
}
示例12: Start
func (lj *LJServer) Start() error {
cert, err := tls.LoadX509KeyPair(lj.Config.SSLCrt, lj.Config.SSLKey)
if err != nil {
return fmt.Errorf("Error loading keys: %v", err)
}
conn, err := net.Listen("tcp", lj.Config.Host)
if err != nil {
return fmt.Errorf("Listener failed: %v", err)
}
config := tls.Config{Certificates: []tls.Certificate{cert}}
ln := tls.NewListener(conn, &config)
log.Printf("[%s] Started Lumberjack Instance", lj.name)
for {
select {
case <-lj.term:
log.Println("Lumberjack server received term signal")
return nil
default:
conn, err := ln.Accept()
if err != nil {
log.Printf("Error accepting connection: %v", err)
continue
}
go lumberConn(conn, lj.r)
}
}
return nil
}
示例13: ListenTLS
func (this *HttpEndpoint) ListenTLS() error {
// create tls configuration
tlsCert, err := tls.LoadX509KeyPair(this.certFile, this.keyFile)
if err != nil {
return err
}
ln, err := net.Listen("tcp", this.httpsAddr)
if err == nil {
cfg := &tls.Config{
Certificates: []tls.Certificate{tlsCert},
ClientAuth: tls.NoClientCert,
MinVersion: tls.VersionTLS10,
CipherSuites: []uint16{tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
}
tls_ln := tls.NewListener(ln, cfg)
this.listenerTLS = tls_ln
go http.Serve(tls_ln, this.mux)
logging.Infop("HttpEndpoint: ListenTLS", logging.Pair{"Address", ln.Addr()})
}
return err
}
示例14: setupTls
func setupTls(l net.Listener, config *tlsConfig) (net.Listener, error) {
tlsCert, err := tls.LoadX509KeyPair(config.Certificate, config.Key)
if err != nil {
if os.IsNotExist(err) {
return nil, fmt.Errorf("Could not load X509 key pair (%s, %s): %v", config.Certificate, config.Key, err)
}
return nil, fmt.Errorf("Error reading X509 key pair (%s, %s): %q. Make sure the key is encrypted.",
config.Certificate, config.Key, err)
}
tlsConfig := &tls.Config{
NextProtos: []string{"http/1.1"},
Certificates: []tls.Certificate{tlsCert},
// Avoid fallback on insecure SSL protocols
MinVersion: tls.VersionTLS10,
}
if config.CA != "" {
certPool := x509.NewCertPool()
file, err := ioutil.ReadFile(config.CA)
if err != nil {
return nil, fmt.Errorf("Could not read CA certificate: %v", err)
}
certPool.AppendCertsFromPEM(file)
tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert
tlsConfig.ClientCAs = certPool
}
return tls.NewListener(l, tlsConfig), nil
}
示例15: ListenAndServeTLS
func (this *Server) ListenAndServeTLS(certFile, keyFile string) error {
addr := this.httpServer.Addr
if addr == "" {
addr = ":https"
}
config := &tls.Config{}
if this.httpServer.TLSConfig != nil {
*config = *this.httpServer.TLSConfig
}
if config.NextProtos == nil {
config.NextProtos = []string{"http/1.1"}
}
var err error
config.Certificates = make([]tls.Certificate, 1)
config.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
return err
}
ln, err := this.getNetListener(addr)
if err != nil {
return err
}
this.listener = tls.NewListener(newListener(ln.(*net.TCPListener)), config)
return this.Serve()
}