func sayHello(addr, hostname string, ciphers []uint16, curves []tls.CurveID, vers uint16, sigAlgs []tls.SignatureAndHash) (cipherIndex, curveIndex int, certs [][]byte, err error) {
tcpConn, err := net.Dial(Network, addr)
if err != nil {
return
}
config := defaultTLSConfig(hostname)
config.MinVersion = vers
config.MaxVersion = vers
if ciphers == nil {
ciphers = allCiphersIDs()
}
config.CipherSuites = ciphers
if curves == nil {
curves = allCurvesIDs()
}
config.CurvePreferences = curves
if sigAlgs == nil {
sigAlgs = tls.AllSignatureAndHashAlgorithms
}
tls.SetSupportedSKXSignatureAlgorithms(sigAlgs)
defer tls.ResetSupportedSKXSignatureAlgorithms()
conn := tls.Client(tcpConn, config)
serverCipher, serverCurveType, serverCurve, serverVersion, certificates, err := conn.SayHello()
certs = certificates
conn.Close()
if err != nil {
err = errHelloFailed
return
}
if serverVersion != vers {
err = fmt.Errorf("server negotiated protocol version we didn't send: %s", tls.Versions[serverVersion])
return
}
cipherIndex, err = getCipherIndex(ciphers, serverCipher)
if tls.CipherSuites[serverCipher].EllipticCurve {
if curves == nil {
curves = allCurvesIDs()
}
if serverCurveType != 3 {
err = fmt.Errorf("server negotiated non-named ECDH parameters; we didn't analyze them. Server curve type: %d", serverCurveType)
}
curveIndex, err = getCurveIndex(curves, serverCurve)
}
return
}
func sayHello(host string, ciphers []uint16, curves []tls.CurveID, vers uint16) (cipherIndex, curveIndex int, err error) {
tcpConn, err := net.Dial(Network, host)
if err != nil {
return
}
config := defaultTLSConfig(host)
config.MinVersion = vers
config.MaxVersion = vers
config.CipherSuites = ciphers
config.CurvePreferences = curves
conn := tls.Client(tcpConn, config)
serverCipher, serverCurveType, serverCurve, serverVersion, err := conn.SayHello()
conn.Close()
if err != nil {
err = errHelloFailed
return
}
if serverVersion != vers {
err = fmt.Errorf("server negotiated protocol version we didn't send: %s", tls.Versions[serverVersion])
return
}
cipherIndex, err = getCipherIndex(ciphers, serverCipher)
if tls.CipherSuites[serverCipher].EllipticCurve {
if curves == nil {
curves = allCurvesIDs()
}
if serverCurveType != 3 {
err = fmt.Errorf("server negotiated non-named ECDH parameters; we didn't analyze them. Server curve type: %d", serverCurveType)
}
curveIndex, err = getCurveIndex(curves, serverCurve)
}
return
}