- TLS通信
TLS通信
gtcp
模块支持TLS
加密通信服务端及客户端,在对安全要求比较高的场景中非常必要。TLS
服务端创建可以通过NewServerTLS
或者NewServerKeyCrt
方法实现。TLS
客户端创建可以通过NewConnKeyCrt
或者NewConnTLS
方法实现。
使用示例:
https://github.com/gogf/gf/tree/master/geg/net/gtcp/tls
package main
import (
"fmt"
"github.com/gogf/gf/g/net/gtcp"
"github.com/gogf/gf/g/os/glog"
"github.com/gogf/gf/g/util/gconv"
"time"
)
func main() {
address := "127.0.0.1:8999"
crtFile := "server.crt"
keyFile := "server.key"
// TLS Server
go gtcp.NewServerKeyCrt(address, crtFile, keyFile, func(conn *gtcp.Conn) {
defer conn.Close()
for {
data, err := conn.Recv(-1)
if len(data) > 0 {
fmt.Println(string(data))
}
if err != nil {
// if client closes, err will be: EOF
glog.Error(err)
break
}
}
}).Run()
time.Sleep(time.Second)
// Client
conn, err := gtcp.NewConnKeyCrt(address, crtFile, keyFile)
if err != nil {
panic(err)
}
defer conn.Close()
for i := 0; i < 10; i++ {
if err := conn.Send([]byte(gconv.String(i))); err != nil {
glog.Error(err)
}
time.Sleep(time.Second)
if i == 5 {
conn.Close()
break
}
}
// exit after 5 seconds
time.Sleep(5 * time.Second)
}
执行后,可以看到客户端执行时报错:
panic: x509: certificate has expired or is not yet valid
那是因为我们的证书是手动创建的,并且已经过期了,为了演示方便,我们在客户端代码中去掉客户端对证书的校验。
package main
import (
"fmt"
"github.com/gogf/gf/g/net/gtcp"
"github.com/gogf/gf/g/os/glog"
"github.com/gogf/gf/g/util/gconv"
"time"
)
func main() {
address := "127.0.0.1:8999"
crtFile := "server.crt"
keyFile := "server.key"
// TLS Server
go gtcp.NewServerKeyCrt(address, crtFile, keyFile, func(conn *gtcp.Conn) {
defer conn.Close()
for {
data, err := conn.Recv(-1)
if len(data) > 0 {
fmt.Println(string(data))
}
if err != nil {
// if client closes, err will be: EOF
glog.Error(err)
break
}
}
}).Run()
time.Sleep(time.Second)
// Client
tlsConfig, err := gtcp.LoadKeyCrt(crtFile, keyFile)
if err != nil {
panic(err)
}
tlsConfig.InsecureSkipVerify = true
conn, err := gtcp.NewConnTLS(address, tlsConfig)
if err != nil {
panic(err)
}
defer conn.Close()
for i := 0; i < 10; i++ {
if err := conn.Send([]byte(gconv.String(i))); err != nil {
glog.Error(err)
}
time.Sleep(time.Second)
if i == 5 {
conn.Close()
break
}
}
// exit after 5 seconds
time.Sleep(5 * time.Second)
}
执行后,终端输出结果为:
0
1
2
3
4
5
2019-06-05 00:13:12.488 [ERRO] EOF
Stack:
1. /Users/john/Workspace/Go/GOPATH/src/github.com/gogf/gf/geg/net/gtcp/tls/gtcp_server_client.go:25
其中客户端在5
秒后关闭了连接,因此服务端在接收数据时获取到了一个EOF
错误,这种错误在正式使用中我们直接忽略,报错时服务端直接关闭客户端连接即可。