本文整理汇总了Golang中crypto/tls.Config.NextProtos方法的典型用法代码示例。如果您正苦于以下问题:Golang Config.NextProtos方法的具体用法?Golang Config.NextProtos怎么用?Golang Config.NextProtos使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类crypto/tls.Config的用法示例。
在下文中一共展示了Config.NextProtos方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: ListenAndServe
func ListenAndServe(c *cluster.Cluster, s *scheduler.Scheduler, addr, version string, enableCors bool, tlsConfig *tls.Config) error {
context := &context{
cluster: c,
scheduler: s,
version: version,
eventsHandler: NewEventsHandler(),
}
c.Events(context.eventsHandler)
r, err := createRouter(context, enableCors)
if err != nil {
return err
}
server := &http.Server{
Addr: addr,
Handler: r,
}
l, err := net.Listen("tcp", addr)
if err != nil {
return err
}
if tlsConfig != nil {
tlsConfig.NextProtos = []string{"http/1.1"}
l = tls.NewListener(l, tlsConfig)
}
return server.Serve(l)
}示例2: ListenAndServeHTTP
// This is like a combination of http.ListenAndServe and http.ListenAndServeTLS, which also
// uses ThrottledListen to limit the number of open HTTP connections.
func ListenAndServeHTTP(addr string, connLimit int, certFile *string, keyFile *string, handler http.Handler, readTimeout *int, writeTimeout *int) error {
var config *tls.Config
if certFile != nil {
config = &tls.Config{}
config.MinVersion = tls.VersionTLS10 // Disable SSLv3 due to POODLE vulnerability
config.NextProtos = []string{"http/1.1"}
config.Certificates = make([]tls.Certificate, 1)
var err error
config.Certificates[0], err = tls.LoadX509KeyPair(*certFile, *keyFile)
if err != nil {
return err
}
}
listener, err := ThrottledListen("tcp", addr, connLimit)
if err != nil {
return err
}
if config != nil {
listener = tls.NewListener(listener, config)
}
defer listener.Close()
server := &http.Server{Addr: addr, Handler: handler}
if readTimeout != nil {
server.ReadTimeout = time.Duration(*readTimeout) * time.Second
}
if writeTimeout != nil {
server.WriteTimeout = time.Duration(*writeTimeout) * time.Second
}
return server.Serve(listener)
}示例3: newListener
func newListener(proto, addr string, tlsConfig *tls.Config) (net.Listener, error) {
var (
l net.Listener
err error
)
switch proto {
case "unix", "unixpacket":
// Unix sockets must be unlink()ed before being reused again
if err := syscall.Unlink(addr); err != nil && !os.IsNotExist(err) {
return nil, err
}
l, err = net.Listen(proto, addr)
case "tcp":
l, err = net.Listen(proto, addr)
default:
return nil, fmt.Errorf("unsupported protocol: %q", proto)
}
if tlsConfig != nil {
tlsConfig.NextProtos = []string{"http/1.1"}
l = tls.NewListener(l, tlsConfig)
}
return l, err
}示例4: startServer
//run starts the webserver
func (v *Vault) startServer() error {
glog.Infof("Starting local server\n")
router := gin.New()
//TODO initialize configurations, correct middlewares, https/http
router.Use(ginglog.Logger(5)) //5 seconds
router.Use(gin.Recovery())
//setting up https by default
var tlsConfig = tls.Config{}
keypair, err := tls.LoadX509KeyPair(v.config["tlsCertfilePath"], v.config["tlsKeyfilePath"])
if err != nil {
fmt.Printf("ERR: Could not load X509 KeyPair, caused by: %s\n", err)
os.Exit(1) //exit explicitely as we choose a fail fast approach
}
tlsConfig.Certificates = []tls.Certificate{keypair}
tlsConfig.NextProtos = []string{"http/1.1"}
tlsConfig.Rand = rand.Reader
router.GET("/secret/:appID", v.getSecret)
serve := &http.Server{
Addr: fmt.Sprintf(":%s", v.config["serverPort"]),
Handler: router,
TLSConfig: &tlsConfig,
}
err = serve.ListenAndServe()
if err != nil {
glog.Errorf("Cannot start server for Cubbyhole tokens distribution\n")
}
return err
}示例5: httpServer
//httpServer 启动http服务器并监听
func (ser *Server) httpServer(l net.Listener) {
var (
addr = l.Addr().String()
err error
)
httpServer := &http.Server{
Addr: addr,
Handler: http.HandlerFunc(ser.httpHandler),
TLSConfig: ser.TLSConfig,
}
httpServer.SetKeepAlivesEnabled(true)
addrs := strings.Split(addr, ":")
if addrs[1] == "443" || addrs[1] == "https" {
tlsConfig := new(tls.Config)
if httpServer.TLSConfig != nil {
*tlsConfig = *httpServer.TLSConfig
}
if tlsConfig.NextProtos == nil {
tlsConfig.NextProtos = []string{"http/1.1"}
}
l = tls.NewListener(l, tlsConfig)
}
err = httpServer.Serve(l)
CheckErr("服务器停止", err)
}示例6: enableHTTP2ForTLSConfig
// Enable HTTP2ForTLSConfig explicitly enables http/2 for a TLS Config. This is due to changes in Go 1.7 where
// http servers are no longer automatically configured to enable http/2 if the server's TLSConfig is set.
// See https://github.com/golang/go/issues/15908
func enableHTTP2ForTLSConfig(t *tls.Config) {
if TLSConfigHasHTTP2Enabled(t) {
return
}
t.NextProtos = append(t.NextProtos, "h2")
}示例7: newTLSConfig
func (t *Transport) newTLSConfig(host string) *tls.Config {
cfg := new(tls.Config)
if t.TLSClientConfig != nil {
*cfg = *t.TLSClientConfig
}
cfg.NextProtos = []string{NextProtoTLS} // TODO: don't override if already in list
cfg.ServerName = host
return cfg
}示例8: NewTCPSocket
// NewTCPSocket creates a TCP socket listener with the specified address and
// and the specified tls configuration. If TLSConfig is set, will encapsulate the
// TCP listener inside a TLS one.
// The channel passed is used to activate the listenbuffer when the caller is ready
// to accept connections.
func NewTCPSocket(addr string, tlsConfig *tls.Config, activate <-chan struct{}) (net.Listener, error) {
l, err := listenbuffer.NewListenBuffer("tcp", addr, activate)
if err != nil {
return nil, err
}
if tlsConfig != nil {
tlsConfig.NextProtos = []string{"http/1.1"}
l = tls.NewListener(l, tlsConfig)
}
return l, nil
}示例9: NewTCPSocket
// NewTCPSocket creates a TCP socket listener with the specified address and
// and the specified tls configuration. If TLSConfig is set, will encapsulate the
// TCP listener inside a TLS one.
func NewTCPSocket(addr string, tlsConfig *tls.Config) (net.Listener, error) {
l, err := net.Listen("tcp", addr)
if err != nil {
return nil, err
}
if tlsConfig != nil {
tlsConfig.NextProtos = []string{"http/1.1"}
l = tls.NewListener(l, tlsConfig)
}
return l, nil
}示例10: newTLSConfig
func (t *Transport) newTLSConfig(host string) *tls.Config {
cfg := new(tls.Config)
if t.TLSClientConfig != nil {
*cfg = *t.TLSClientConfig
}
if !strSliceContains(cfg.NextProtos, NextProtoTLS) {
cfg.NextProtos = append([]string{NextProtoTLS}, cfg.NextProtos...)
}
if cfg.ServerName == "" {
cfg.ServerName = host
}
return cfg
}示例11: Run
func (this *Server) Run(mode string, addr string, port int) error {
var tlsConfig *tls.Config
var err error
if mode == "https" {
tlsConfig = &tls.Config{}
if tlsConfig.NextProtos == nil {
tlsConfig.NextProtos = []string{"http/1.1"}
}
tlsConfig.Certificates = make([]tls.Certificate, 1)
tlsConfig.Certificates[0], err = tls.LoadX509KeyPair(SslCertificate, SslCertificateKey)
if err != nil {
return err
}
}
listenUnix := false
if strings.HasPrefix(addr, "unix:") {
listenUnix = true
addr = addr[5:]
}
if listenUnix {
os.Remove(addr)
this.listener, err = net.Listen("unix", addr)
if err == nil {
os.Chmod(addr, os.FileMode(0666))
defer os.Remove(addr)
}
} else {
listenAddr := net.JoinHostPort(addr, fmt.Sprintf("%d", port))
this.listener, err = net.Listen("tcp", listenAddr)
}
if err != nil {
return err
}
// defer this.listener.Close()
this.RunMode = mode
switch mode {
case "http":
http.Serve(this.listener, this.router)
case "fcgi":
fcgi.Serve(this.listener, this.router)
case "https":
http.Serve(tls.NewListener(this.listener, tlsConfig), this.router)
default:
http.Serve(this.listener, this.router)
}
return nil
}示例12: newListener
func newListener(proto, addr string, tlsConfig *tls.Config) (net.Listener, error) {
l, err := net.Listen(proto, addr)
if err != nil {
if strings.Contains(err.Error(), "address already in use") && strings.Contains(addr, DefaultDockerPort) {
return nil, fmt.Errorf("%s: is Docker already running on this machine? Try using a different port", err)
}
return nil, err
}
if tlsConfig != nil {
tlsConfig.NextProtos = []string{"http/1.1"}
l = tls.NewListener(l, tlsConfig)
}
return l, nil
}示例13: ListenTLS
// Listen listens for incoming TLS connections and
// returns a Listener that accepts SPDY sessions.
func ListenTLS(addr, certFile, keyFile string) (*Listener, error) {
var config tls.Config
config.NextProtos = []string{"rspdy/3"}
var err error
config.Certificates = make([]tls.Certificate, 1)
config.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
return nil, err
}
l, err := tls.Listen("tcp", addr, &config)
if err != nil {
return nil, err
}
return &Listener{l}, nil
}示例14: ConfigTLS
// make tls.Config with spdy/3 npn
func ConfigTLS(addr, certFile, keyFile string) (*tls.Config, error) {
if addr == "" {
addr = ":https"
}
var config *tls.Config = &tls.Config{}
config.NextProtos = []string{"spdy/3"}
var err error
config.Certificates = make([]tls.Certificate, 1)
config.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
return nil, err
}
return config, nil
}示例15: ListenAndServeTLSWithSNI
// ListenAndServeTLSWithSNI serves TLS with Server Name Indication (SNI) support, which allows
// multiple sites (different hostnames) to be served from the same address. This method is
// adapted directly from the std lib's net/http ListenAndServeTLS function, which was
// written by the Go Authors. It has been modified to support multiple certificate/key pairs.
func ListenAndServeTLSWithSNI(srv *http.Server, tlsConfigs []TLSConfig) error {
addr := srv.Addr
if addr == "" {
addr = ":https"
}
config := new(tls.Config)
if srv.TLSConfig != nil {
*config = *srv.TLSConfig
}
if config.NextProtos == nil {
config.NextProtos = []string{"http/1.1"}
}
// Here we diverge from the stdlib a bit by loading multiple certs/key pairs
// then we map the server names to their certs
var err error
config.Certificates = make([]tls.Certificate, len(tlsConfigs))
for i, tlsConfig := range tlsConfigs {
config.Certificates[i], err = tls.LoadX509KeyPair(tlsConfig.Certificate, tlsConfig.Key)
if err != nil {
return err
}
}
config.BuildNameToCertificate()
// Customize our TLS configuration
config.MinVersion = tlsConfigs[0].ProtocolMinVersion
config.MaxVersion = tlsConfigs[0].ProtocolMaxVersion
config.CipherSuites = tlsConfigs[0].Ciphers
config.PreferServerCipherSuites = tlsConfigs[0].PreferServerCipherSuites
// TLS client authentication, if user enabled it
err = setupClientAuth(tlsConfigs, config)
if err != nil {
return err
}
// Create listener and we're on our way
conn, err := net.Listen("tcp", addr)
if err != nil {
return err
}
tlsListener := tls.NewListener(conn, config)
return srv.Serve(tlsListener)
}