12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- package http
- import (
- "crypto/tls"
- "fmt"
- "net/http"
- "path/filepath"
- "time"
- "github.com/tv42/httpunix"
- )
- func unixTransport(cfg Config) *httpunix.Transport {
- // Note that clientTimeout doesn't work when using httpunix.Transport, so we set ResponseHeaderTimeout instead
- t := &httpunix.Transport{
- DialTimeout: time.Duration(cfg.DialTimeout) * time.Second,
- RequestTimeout: 5 * time.Second,
- ResponseHeaderTimeout: time.Duration(cfg.Timeout) * time.Second,
- }
- t.RegisterLocation("c", filepath.Join(cfg.WorkDir, cfg.Socket))
- return t
- }
- func httpTransport(cfg Config) *http.Transport {
- t := &http.Transport{
- IdleConnTimeout: time.Duration(cfg.HttpIdleConnTimeout) * time.Second,
- WriteBufferSize: cfg.HttpWriteBufferSize,
- ReadBufferSize: cfg.HttpReadBufferSize,
- }
- return t
- }
- func newTLSConfig(cfg Config) (*tls.Config, error) {
- rootCAPool, err := loadRootCaCerts(cfg.TlsRootCA)
- if err != nil {
- return nil, err
- }
- var getClientCertFunc func(*tls.CertificateRequestInfo) (*tls.Certificate, error) = nil
- if len(cfg.TlsClientCert) != 0 && len(cfg.TlsClientKey) != 0 {
- getClientCertFunc = func(info *tls.CertificateRequestInfo) (certificate *tls.Certificate, e error) {
- c, err := tls.LoadX509KeyPair(cfg.TlsClientCert, cfg.TlsClientKey)
- if err != nil {
- return nil, fmt.Errorf("failed to load client key pair from '%v', '%v': %v", cfg.TlsClientCert, cfg.TlsClientKey, err)
- }
- return &c, nil
- }
- }
- return &tls.Config{
- RootCAs: rootCAPool,
- InsecureSkipVerify: cfg.TlsInsecureSkipVerify,
- GetClientCertificate: getClientCertFunc,
- }, nil
- }
|