-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: support TLS server #565
Open
leslie-fei
wants to merge
27
commits into
panjf2000:dev
Choose a base branch
from
leslie-fei:dev
base: dev
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+41,396
−2
Open
Changes from all commits
Commits
Show all changes
27 commits
Select commit
Hold shift + click to select a range
0be1a63
feat: support TLS server
32ec507
chore: remove unused code, update testcase
545325a
Merge branch 'panjf2000:dev' into dev
leslie-fei 86e717e
chore: optimizing error handling in the OnTraffic code.
a31400b
fix: remove tls/internal/boring package, remove the test code section…
2933c91
chore: tlsEventHandler OnTraffic use cached buffer
cb3879b
chore: tlsEventHandler OnTraffic use bbPool Buffer
584e828
Merge branch 'panjf2000:dev' into dev
leslie-fei 4bcf522
fix: tls event handler the conditional statement issue.
ef12c18
Merge remote-tracking branch 'origin/dev' into dev
5025980
feat: support edge-triggered I/O (#576)
panjf2000 d040b2e
doc: update READMEs
panjf2000 e526169
feat: support multiple network addresses binding (#578)
panjf2000 7717171
opt: only enable SO_REUSEPORT on Linux and FreeBSD (#580)
panjf2000 0e982e4
opt: don't disable SO_REUSEPORT on DragonFlyBSD (#583)
panjf2000 cb4650c
opt: disable SO_REUSEPORT on Unix domain sockets (#584)
panjf2000 8ec5de2
opt: enable ET mode on listener event-loop by default (#585)
panjf2000 98d55a3
chore: don't print warning log in eventloop.close
panjf2000 dae569d
opt: refine the code of I/O handlers (#586)
panjf2000 68f2f01
opt: reduce duplicate code of I/O processing (#587)
panjf2000 46521e5
chore: update READMEs
panjf2000 53a05cf
chore: update READMEs
panjf2000 dfd7e00
feat: support TLS server
0cb6673
chore: move the TLS test code from gnet_test to tls_test in order to …
2900b77
Merge remote-tracking branch 'gnet-origin/dev' into dev
79b2a67
fix: TLS1.2 non-block read
c4221b5
chore: remove debug code
File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,109 @@ | ||
| // Copyright 2009 The Go Authors. All rights reserved. | ||
| // Use of this source code is governed by a BSD-style | ||
| // license that can be found in the LICENSE file. | ||
|
|
||
| package tls | ||
|
|
||
| import "strconv" | ||
|
|
||
| // An AlertError is a TLS alert. | ||
| // | ||
| // When using a QUIC transport, QUICConn methods will return an error | ||
| // which wraps AlertError rather than sending a TLS alert. | ||
| type AlertError uint8 | ||
|
|
||
| func (e AlertError) Error() string { | ||
| return alert(e).String() | ||
| } | ||
|
|
||
| type alert uint8 | ||
|
|
||
| const ( | ||
| // alert level | ||
| alertLevelWarning = 1 | ||
| alertLevelError = 2 | ||
| ) | ||
|
|
||
| const ( | ||
| alertCloseNotify alert = 0 | ||
| alertUnexpectedMessage alert = 10 | ||
| alertBadRecordMAC alert = 20 | ||
| alertDecryptionFailed alert = 21 | ||
| alertRecordOverflow alert = 22 | ||
| alertDecompressionFailure alert = 30 | ||
| alertHandshakeFailure alert = 40 | ||
| alertBadCertificate alert = 42 | ||
| alertUnsupportedCertificate alert = 43 | ||
| alertCertificateRevoked alert = 44 | ||
| alertCertificateExpired alert = 45 | ||
| alertCertificateUnknown alert = 46 | ||
| alertIllegalParameter alert = 47 | ||
| alertUnknownCA alert = 48 | ||
| alertAccessDenied alert = 49 | ||
| alertDecodeError alert = 50 | ||
| alertDecryptError alert = 51 | ||
| alertExportRestriction alert = 60 | ||
| alertProtocolVersion alert = 70 | ||
| alertInsufficientSecurity alert = 71 | ||
| alertInternalError alert = 80 | ||
| alertInappropriateFallback alert = 86 | ||
| alertUserCanceled alert = 90 | ||
| alertNoRenegotiation alert = 100 | ||
| alertMissingExtension alert = 109 | ||
| alertUnsupportedExtension alert = 110 | ||
| alertCertificateUnobtainable alert = 111 | ||
| alertUnrecognizedName alert = 112 | ||
| alertBadCertificateStatusResponse alert = 113 | ||
| alertBadCertificateHashValue alert = 114 | ||
| alertUnknownPSKIdentity alert = 115 | ||
| alertCertificateRequired alert = 116 | ||
| alertNoApplicationProtocol alert = 120 | ||
| ) | ||
|
|
||
| var alertText = map[alert]string{ | ||
| alertCloseNotify: "close notify", | ||
| alertUnexpectedMessage: "unexpected message", | ||
| alertBadRecordMAC: "bad record MAC", | ||
| alertDecryptionFailed: "decryption failed", | ||
| alertRecordOverflow: "record overflow", | ||
| alertDecompressionFailure: "decompression failure", | ||
| alertHandshakeFailure: "handshake failure", | ||
| alertBadCertificate: "bad certificate", | ||
| alertUnsupportedCertificate: "unsupported certificate", | ||
| alertCertificateRevoked: "revoked certificate", | ||
| alertCertificateExpired: "expired certificate", | ||
| alertCertificateUnknown: "unknown certificate", | ||
| alertIllegalParameter: "illegal parameter", | ||
| alertUnknownCA: "unknown certificate authority", | ||
| alertAccessDenied: "access denied", | ||
| alertDecodeError: "error decoding message", | ||
| alertDecryptError: "error decrypting message", | ||
| alertExportRestriction: "export restriction", | ||
| alertProtocolVersion: "protocol version not supported", | ||
| alertInsufficientSecurity: "insufficient security level", | ||
| alertInternalError: "internal error", | ||
| alertInappropriateFallback: "inappropriate fallback", | ||
| alertUserCanceled: "user canceled", | ||
| alertNoRenegotiation: "no renegotiation", | ||
| alertMissingExtension: "missing extension", | ||
| alertUnsupportedExtension: "unsupported extension", | ||
| alertCertificateUnobtainable: "certificate unobtainable", | ||
| alertUnrecognizedName: "unrecognized name", | ||
| alertBadCertificateStatusResponse: "bad certificate status response", | ||
| alertBadCertificateHashValue: "bad certificate hash value", | ||
| alertUnknownPSKIdentity: "unknown PSK identity", | ||
| alertCertificateRequired: "certificate required", | ||
| alertNoApplicationProtocol: "no application protocol", | ||
| } | ||
|
|
||
| func (e alert) String() string { | ||
| s, ok := alertText[e] | ||
| if ok { | ||
| return "tls: " + s | ||
| } | ||
| return "tls: alert(" + strconv.Itoa(int(e)) + ")" | ||
| } | ||
|
|
||
| func (e alert) Error() string { | ||
| return e.String() | ||
| } |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Make this an interface instead of a pointer of a specific struct, that way we can implement TLS outside the
gnetand pass the interface to thegnet. Decoupling the TLS fromgnetalso enables the users to use other TLS implementations that implement the interface ofgnetTLS.