func listener(addr, cafile, certfile, keyfile string) (net.Listener, error) { rex := regexp.MustCompile("(?:([a-z]+)://)?(.*)") groups := rex.FindStringSubmatch(addr) var l net.Listener var err error switch { case groups == nil: return nil, fmt.Errorf("bad listener address") case groups[1] == "", groups[1] == "tcp": if l, err = net.Listen("tcp", groups[2]); err != nil { return nil, err } case groups[1] == "fd": if l, err = fdListener(groups[2]); err != nil { return nil, err } default: return nil, fmt.Errorf("bad listener scheme") } tlsinfo := transport.TLSInfo{ CAFile: cafile, CertFile: certfile, KeyFile: keyfile, } if !tlsinfo.Empty() { cfg, err := tlsinfo.ServerConfig() if err != nil { return nil, err } l = tls.NewListener(l, cfg) } return l, nil }