func NewTransport(info transport.TLSInfo) (*Transport, error) { cfg, err := info.ClientConfig() if err != nil { return nil, err } t := &Transport{ // timeouts taken from http.DefaultTransport Dial: (&net.Dialer{ Timeout: 30 * time.Second, KeepAlive: 30 * time.Second, }).Dial, TLSHandshakeTimeout: 10 * time.Second, TLSClientConfig: cfg, } return t, nil }
func listener(addr, cafile, certfile, keyfile string) (net.Listener, error) { rex := regexp.MustCompile("(?:([a-z]+)://)?(.*)") groups := rex.FindStringSubmatch(addr) var l net.Listener var err error switch { case groups == nil: return nil, fmt.Errorf("bad listener address") case groups[1] == "", groups[1] == "tcp": if l, err = net.Listen("tcp", groups[2]); err != nil { return nil, err } case groups[1] == "fd": if l, err = fdListener(groups[2]); err != nil { return nil, err } default: return nil, fmt.Errorf("bad listener scheme") } tlsinfo := transport.TLSInfo{ CAFile: cafile, CertFile: certfile, KeyFile: keyfile, } if !tlsinfo.Empty() { cfg, err := tlsinfo.ServerConfig() if err != nil { return nil, err } l = tls.NewListener(l, cfg) } return l, nil }
func NewRemoteManager(listenAddr, cafile, certfile, keyfile string) (subnet.Manager, error) { tls := transport.TLSInfo{ CAFile: cafile, CertFile: certfile, KeyFile: keyfile, } t, err := NewTransport(tls) if err != nil { return nil, err } var scheme string if tls.Empty() && tls.CAFile == "" { scheme = "http://" } else { scheme = "https://" } return &RemoteManager{ base: scheme + listenAddr + "/v1", transport: t, }, nil }