1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
// Package transport implements functions for facilitating proper TLS-secured
// communications for clients and servers.
//
// Clients should build an identity (of the core.identity) type, such as
//
// var id = &core.Identity{
// Request: &csr.CertificateRequest{
// CN: "localhost test certificate",
// },
// Profiles: map[string]map[string]string{
// "paths": map[string]string{
// "private_key": "client.key",
// "certificate": "client.pem",
// },
// "cfssl": {
// "label": "",
// "profile": "client-ca",
// "remote": "ca.example.net",
// "auth-type": "standard",
// "auth-key": "000102030405060708090a0b0c0d0e0f",
// },
// },
// }
//
// The New function will return a transport built using the
// NewKeyProvider and NewCA functions. These functions may be changed
// by other packages to provide common key provider and CA
// configurations. Clients can then use RefreshKeys (or launch
// AutoUpdate in a goroutine) to ensure the certificate and key are
// loaded and correct. The Listen and Dial functions then provide the
// necessary connection support.
//
// The AutoUpdate function will handle automatic certificate
// issuance. Servers and clients are not required to take any special
// action when the certificate is updated: the key and certificate are
// only used when establishing a connection, and therefore existing
// connections are not affected---there is no need to reset or restart
// any existing connections. Clients should run AutoUpdate if they
// plan on making multiple connections or will be reconnecting; for a
// one-off connection, it isn't necessary.
package transport
|
