本文整理匯總了Golang中crypto/tls.NewLRUClientSessionCache函數的典型用法代碼示例。如果您正苦於以下問題:Golang NewLRUClientSessionCache函數的具體用法?Golang NewLRUClientSessionCache怎麽用?Golang NewLRUClientSessionCache使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了NewLRUClientSessionCache函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。
示例1: NewFilter
func NewFilter(config *Config) (filters.Filter, error) {
ss := &Servers{
servers: make([]Server, 0),
sshClients: lrucache.NewLRUCache(uint(len(config.Servers))),
}
for _, s := range config.Servers {
server := Server{
Address: s.Addr,
ClientConfig: &ssh.ClientConfig{
User: s.Username,
Auth: []ssh.AuthMethod{
ssh.Password(s.Password),
},
},
}
ss.servers = append(ss.servers, server)
}
tr := &http.Transport{
Dial: ss.Dial,
TLSClientConfig: &tls.Config{
InsecureSkipVerify: false,
ClientSessionCache: tls.NewLRUClientSessionCache(1000),
},
TLSHandshakeTimeout: time.Duration(config.Transport.TLSHandshakeTimeout) * time.Second,
MaxIdleConnsPerHost: config.Transport.MaxIdleConnsPerHost,
}
return &Filter{
Config: *config,
Transport: tr,
}, nil
}示例2: NewETCDMetrics
func NewETCDMetrics(logger lager.Logger, etcdOptions *ETCDOptions) (*ETCDMetrics, error) {
var tlsConfig *tls.Config
if etcdOptions.CertFile != "" && etcdOptions.KeyFile != "" {
var err error
tlsConfig, err = cfhttp.NewTLSConfig(etcdOptions.CertFile, etcdOptions.KeyFile, etcdOptions.CAFile)
if err != nil {
return nil, err
}
tlsConfig.ClientSessionCache = tls.NewLRUClientSessionCache(etcdOptions.ClientSessionCacheSize)
}
client := cfhttp.NewClient()
client.CheckRedirect = func(*http.Request, []*http.Request) error {
return errRedirected
}
if tr, ok := client.Transport.(*http.Transport); ok {
tr.TLSClientConfig = tlsConfig
} else {
return nil, errors.New("Invalid transport")
}
return &ETCDMetrics{
logger: logger,
etcdCluster: etcdOptions.ClusterUrls,
client: client,
}, nil
}示例3: newSecureClient
func newSecureClient(url, caFile, certFile, keyFile string, clientSessionCacheSize, maxIdleConnsPerHost int, skipVerify bool) (InternalClient, error) {
client := newClient(url)
tlsConfig, err := cfhttp.NewTLSConfig(certFile, keyFile, caFile)
if err != nil {
return nil, err
}
tlsConfig.ClientSessionCache = tls.NewLRUClientSessionCache(clientSessionCacheSize)
tlsConfig.InsecureSkipVerify = skipVerify
if tr, ok := client.httpClient.Transport.(*http.Transport); ok {
tr.TLSClientConfig = tlsConfig
tr.MaxIdleConnsPerHost = maxIdleConnsPerHost
} else {
return nil, errors.New("Invalid transport")
}
if tr, ok := client.streamingHTTPClient.Transport.(*http.Transport); ok {
tr.TLSClientConfig = tlsConfig
tr.MaxIdleConnsPerHost = maxIdleConnsPerHost
} else {
return nil, errors.New("Invalid transport")
}
return client, nil
}示例4: tlsConfig
// tlsConfig builds a tls.Config for dialing the upstream host. Constructed
// tls.Configs are cached on a per-masquerade basis to enable client session
// caching and reduce the amount of PEM certificate parsing.
func (serverInfo *ServerInfo) tlsConfig(masquerade *Masquerade) *tls.Config {
serverInfo.tlsConfigsMutex.Lock()
defer serverInfo.tlsConfigsMutex.Unlock()
if serverInfo.tlsConfigs == nil {
serverInfo.tlsConfigs = make(map[string]*tls.Config)
}
configKey := ""
serverName := serverInfo.Host
if masquerade != nil {
configKey = masquerade.Domain + "|" + masquerade.RootCA
serverName = masquerade.Domain
}
tlsConfig := serverInfo.tlsConfigs[configKey]
if tlsConfig == nil {
tlsConfig = &tls.Config{
ClientSessionCache: tls.NewLRUClientSessionCache(1000),
InsecureSkipVerify: serverInfo.InsecureSkipVerify,
ServerName: serverName,
}
if masquerade != nil && masquerade.RootCA != "" {
caCert, err := keyman.LoadCertificateFromPEMBytes([]byte(masquerade.RootCA))
if err != nil {
log.Fatalf("Unable to load root ca cert: %s", err)
}
tlsConfig.RootCAs = caCert.PoolContainingCert()
}
serverInfo.tlsConfigs[configKey] = tlsConfig
}
return tlsConfig
}示例5: sessionResumeScan
// SessionResumeScan tests that host is able to resume sessions across all addresses.
func sessionResumeScan(addr, hostname string) (grade Grade, output Output, err error) {
config := defaultTLSConfig(hostname)
config.ClientSessionCache = tls.NewLRUClientSessionCache(1)
conn, err := tls.DialWithDialer(Dialer, Network, addr, config)
if err != nil {
return
}
if err = conn.Close(); err != nil {
return
}
return multiscan(addr, func(addrport string) (g Grade, o Output, e error) {
var conn *tls.Conn
if conn, e = tls.DialWithDialer(Dialer, Network, addrport, config); e != nil {
return
}
conn.Close()
if o = conn.ConnectionState().DidResume; o.(bool) {
g = Good
}
return
})
}示例6: Dialer
// Dialer creates a *balancer.Dialer backed by a chained server.
func (s *ChainedServerInfo) Dialer() (*balancer.Dialer, error) {
netd := &net.Dialer{Timeout: chainedDialTimeout}
var dial func() (net.Conn, error)
if s.Cert == "" {
log.Error("No Cert configured for chained server, will dial with plain tcp")
dial = func() (net.Conn, error) {
return netd.Dial("tcp", s.Addr)
}
} else {
log.Trace("Cert configured for chained server, will dial with tls over tcp")
cert, err := keyman.LoadCertificateFromPEMBytes([]byte(s.Cert))
if err != nil {
return nil, fmt.Errorf("Unable to parse certificate: %s", err)
}
x509cert := cert.X509()
sessionCache := tls.NewLRUClientSessionCache(1000)
dial = func() (net.Conn, error) {
conn, err := tlsdialer.DialWithDialer(netd, "tcp", s.Addr, false, &tls.Config{
ClientSessionCache: sessionCache,
InsecureSkipVerify: true,
})
if err != nil {
return nil, err
}
if !conn.ConnectionState().PeerCertificates[0].Equal(x509cert) {
conn.Close()
return nil, fmt.Errorf("Server's certificate didn't match expected!")
}
return conn, err
}
}
ccfg := chained.Config{
DialServer: dial,
}
if s.AuthToken != "" {
ccfg.OnRequest = func(req *http.Request) {
req.Header.Set("X-LANTERN-AUTH-TOKEN", s.AuthToken)
}
}
d := chained.NewDialer(ccfg)
// Is this a trusted proxy that we could use for HTTP traffic?
var trusted string
if s.Trusted {
trusted = "(trusted) "
}
return &balancer.Dialer{
Label: fmt.Sprintf("%schained proxy at %s", trusted, s.Addr),
Weight: s.Weight,
QOS: s.QOS,
Trusted: s.Trusted,
Dial: func(network, addr string) (net.Conn, error) {
return withStats(d.Dial(network, addr))
},
}, nil
}示例7: initConfig
func (l *TLSLog) initConfig(config *tls.Config) {
l.log = ""
l.logRand = newLogRand(config.Rand)
config.Rand = l.logRand
config.SessionTicketsDisabled = false
if config.ClientSessionCache == nil {
config.ClientSessionCache = tls.NewLRUClientSessionCache(1)
}
}示例8: runHTTPServer
func runHTTPServer() {
cryptoConfig := &CryptoConfig{
PKFile: "proxypk.pem",
CertFile: "proxycert.pem",
ServerTLSConfig: &tls.Config{
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
tls.TLS_RSA_WITH_RC4_128_SHA,
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
},
PreferServerCipherSuites: true,
},
}
rp := &httputil.ReverseProxy{
Director: func(req *http.Request) {
log.Printf("Processing request to: %s", req.URL)
},
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
// Use a TLS session cache to minimize TLS connection establishment
// Requires Go 1.3+
ClientSessionCache: tls.NewLRUClientSessionCache(SESSIONS_TO_CACHE),
},
},
}
handler, err := Wrap(rp, cryptoConfig)
if err != nil {
log.Fatalf("Unable to wrap reverse proxy: %s", err)
}
server := &http.Server{
Addr: HTTP_ADDR,
Handler: handler,
ReadTimeout: 10 * time.Hour,
WriteTimeout: 10 * time.Hour,
}
go func() {
log.Printf("About to start HTTP proxy at %s", HTTP_ADDR)
if err := server.ListenAndServe(); err != nil {
log.Fatalf("Unable to start HTTP proxy: %s", err)
}
exampleWg.Done()
}()
return
}示例9: New
func New() {
flag.Parse()
LoadConfig(*configPath)
server := &Server{
Docs: make(map[string]*Doc, 0),
sortedDocs: make([]*Doc, 0),
DocLock: &sync.RWMutex{},
Tags: make(map[string][]*Doc, 0),
TagLock: &sync.RWMutex{},
StaticFiles: make([]string, 0),
Version: Version,
StopWatch: make(chan bool)}
server.Reset()
if err := server.LoadTempalte(); err != nil {
log.Fatal(err)
}
server.LoadStaticFiles()
server.LoadAllDocs()
if err := server.SaveAllDocs(); err != nil {
log.Fatal(err)
}
server.MakeHome()
log.Print(server.MakeSitemap())
log.Print(Cfg)
server.Watch()
server.ConfigWatch()
admin := map[string]http.HandlerFunc{
".add": server.Add,
".edit": server.Edit,
".quit": server.Quit,
".upload": server.UploadMedia,
}
for k, v := range admin {
http.HandleFunc(path.Join(Cfg.BasePath, k), server.auth(v))
}
http.Handle("/", http.FileServer(http.Dir(Cfg.PublicPath)))
if Cfg.TLSKeyFile != "" && Cfg.TLSCertFile != "" {
tls_server := http.Server{Addr: Cfg.Addr, Handler: nil,
TLSConfig: &tls.Config{ClientSessionCache: tls.NewLRUClientSessionCache(100)}}
log.Fatal(tls_server.ListenAndServeTLS(Cfg.TLSCertFile, Cfg.TLSKeyFile))
} else {
log.Fatal(http.ListenAndServe(Cfg.Addr, nil))
}
}示例10: New
func New(domain string, email string, apiToken string) *Util {
client := dnsimple.NewClient(apiToken, email)
// Set a longish timeout on the HTTP client just in case
client.HttpClient = &http.Client{
Timeout: 5 * time.Minute,
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
ClientSessionCache: tls.NewLRUClientSessionCache(1000),
},
},
}
return &Util{client, domain}
}示例11: NewTLSServer
func NewTLSServer(logger *util.Logger, caPool *CAPool, kvStore *kvstore.KVStore, hostname string) *TLSServer {
inst := &TLSServer{
ServerNode: ch.NewServerNode(hostname),
Logger: logger,
ControlChannel: make(chan (int)),
StatusChannel: make(chan (int)),
Connections: map[[16]byte]*Peer{},
SessionCache: tls.NewLRUClientSessionCache(1024),
KVStore: kvStore,
CAPool: caPool,
}
return inst
}示例12: New
func New(domain string, username string, apiKey string) *Util {
client := cloudflare.NewClient(username, apiKey)
// Set a longish timeout on the HTTP client just in case
client.Http = &http.Client{
Timeout: 5 * time.Minute,
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
ClientSessionCache: tls.NewLRUClientSessionCache(1000),
},
},
}
return &Util{client, domain}
}示例13: New
func New(id string, key string, httpClient *http.Client) *cloudfront.CloudFront {
creds := aws.Creds(id, key, "")
// Set a longish timeout on the HTTP client just in case
if httpClient == nil {
httpClient = &http.Client{
Timeout: 5 * time.Minute,
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
ClientSessionCache: tls.NewLRUClientSessionCache(1000),
},
},
}
}
return cloudfront.New(creds, "", httpClient)
}示例14: post
func post(params map[string]interface{}) error {
buffer := bytes.NewBufferString("")
if err := tmpl.Execute(buffer, params); err != nil {
log.Printf("Airbrake error: %s", err)
return err
}
if Verbose {
log.Printf("Airbrake payload for endpoint %s: %s", Endpoint, buffer)
}
var httpClient = &http.Client{
Transport: &http.Transport{
Proxy: http.ProxyFromEnvironment,
Dial: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
}).Dial,
TLSHandshakeTimeout: 10 * time.Second,
TLSClientConfig: &tls.Config{
ClientSessionCache: tls.NewLRUClientSessionCache(1024),
},
MaxIdleConnsPerHost: 100,
ResponseHeaderTimeout: 10 * time.Second,
},
Timeout: 10 * time.Second,
}
response, err := httpClient.Post(Endpoint, "text/xml", buffer)
if err != nil {
log.Printf("Airbrake error: %s", err)
return err
}
if Verbose {
body, _ := ioutil.ReadAll(response.Body)
log.Printf("response: %s", body)
}
response.Body.Close()
if Verbose {
log.Printf("Airbrake post: %s status code: %d", params["Error"], response.StatusCode)
}
return nil
}示例15: tlsConfig
// tlsConfig builds a tls.Config for dialing the upstream host. Constructed
// tls.Configs are cached on a per-masquerade basis to enable client session
// caching and reduce the amount of PEM certificate parsing.
func (d *direct) tlsConfig(m *Masquerade) *tls.Config {
d.tlsConfigsMutex.Lock()
defer d.tlsConfigsMutex.Unlock()
tlsConfig := d.tlsConfigs[m.Domain]
if tlsConfig == nil {
tlsConfig = &tls.Config{
ClientSessionCache: tls.NewLRUClientSessionCache(1000),
InsecureSkipVerify: false,
ServerName: m.Domain,
RootCAs: d.certPool,
}
d.tlsConfigs[m.Domain] = tlsConfig
}
return tlsConfig
}