// Server returns a new TLS server side connection // using conn as the underlying transport. // The configuration config must be non-nil and must include // at least one certificate or else set GetCertificate. func Server(conn net.Conn, config *Config) *Conn { … } // Client returns a new TLS client side connection // using conn as the underlying transport. // The config cannot be nil: users must set either ServerName or // InsecureSkipVerify in the config. func Client(conn net.Conn, config *Config) *Conn { … } type listener … // Accept waits for and returns the next incoming TLS connection. // The returned connection is of type *Conn. func (l *listener) Accept() (net.Conn, error) { … } // NewListener creates a Listener which accepts connections from an inner // Listener and wraps each connection with [Server]. // The configuration config must be non-nil and must include // at least one certificate or else set GetCertificate. func NewListener(inner net.Listener, config *Config) net.Listener { … } // Listen creates a TLS listener accepting connections on the // given network address using net.Listen. // The configuration config must be non-nil and must include // at least one certificate or else set GetCertificate. func Listen(network, laddr string, config *Config) (net.Listener, error) { … } type timeoutError … func (timeoutError) Error() string { … } func (timeoutError) Timeout() bool { … } func (timeoutError) Temporary() bool { … } // DialWithDialer connects to the given network address using dialer.Dial and // then initiates a TLS handshake, returning the resulting TLS connection. Any // timeout or deadline given in the dialer apply to connection and TLS // handshake as a whole. // // DialWithDialer interprets a nil configuration as equivalent to the zero // configuration; see the documentation of [Config] for the defaults. // // DialWithDialer uses context.Background internally; to specify the context, // use [Dialer.DialContext] with NetDialer set to the desired dialer. func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config) (*Conn, error) { … } func dial(ctx context.Context, netDialer *net.Dialer, network, addr string, config *Config) (*Conn, error) { … } // Dial connects to the given network address using net.Dial // and then initiates a TLS handshake, returning the resulting // TLS connection. // Dial interprets a nil configuration as equivalent to // the zero configuration; see the documentation of Config // for the defaults. func Dial(network, addr string, config *Config) (*Conn, error) { … } type Dialer … // Dial connects to the given network address and initiates a TLS // handshake, returning the resulting TLS connection. // // The returned [Conn], if any, will always be of type *[Conn]. // // Dial uses context.Background internally; to specify the context, // use [Dialer.DialContext]. func (d *Dialer) Dial(network, addr string) (net.Conn, error) { … } func (d *Dialer) netDialer() *net.Dialer { … } // DialContext connects to the given network address and initiates a TLS // handshake, returning the resulting TLS connection. // // The provided Context must be non-nil. If the context expires before // the connection is complete, an error is returned. Once successfully // connected, any expiration of the context will not affect the // connection. // // The returned [Conn], if any, will always be of type *[Conn]. func (d *Dialer) DialContext(ctx context.Context, network, addr string) (net.Conn, error) { … } // LoadX509KeyPair reads and parses a public/private key pair from a pair of // files. The files must contain PEM encoded data. The certificate file may // contain intermediate certificates following the leaf certificate to form a // certificate chain. On successful return, Certificate.Leaf will be populated. // // Before Go 1.23 Certificate.Leaf was left nil, and the parsed certificate was // discarded. This behavior can be re-enabled by setting "x509keypairleaf=0" // in the GODEBUG environment variable. func LoadX509KeyPair(certFile, keyFile string) (Certificate, error) { … } var x509keypairleaf … // X509KeyPair parses a public/private key pair from a pair of // PEM encoded data. On successful return, Certificate.Leaf will be populated. // // Before Go 1.23 Certificate.Leaf was left nil, and the parsed certificate was // discarded. This behavior can be re-enabled by setting "x509keypairleaf=0" // in the GODEBUG environment variable. func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error) { … } // Attempt to parse the given private key DER block. OpenSSL 0.9.8 generates // PKCS #1 private keys by default, while OpenSSL 1.0.0 generates PKCS #8 keys. // OpenSSL ecparam generates SEC1 EC private keys for ECDSA. We try all three. func parsePrivateKey(der []byte) (crypto.PrivateKey, error) { … }
Codebase Browser
go