zishuo/golib
1
0
Fork 0
mirror of https://github.com/nabbar/golib.git synced 2025-12-24 11:51:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

Package Socket:

Browse Source 
- Update config: add tags to json, yml, ... serialization
- Update config: extract TLS struct as independant struct to simplify
- Update config/test: fix following unify TLS config
- Update server/test: fix following unify TLS config
This commit is contained in:
nabbar
2025-12-22 13:05:28 +01:00
parent 97573c4bac
commit e89b03987d
9 changed files with 97 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
socket/config/basic_test.go
View File

@@ -233,7 +233,7 @@ var _ = Describe("Basic Server Configuration", func() {
Expect(s.Address).To(BeEmpty())
Expect(s.PermFile).To(Equal(libprm.Perm(0)))
Expect(s.GroupPerm).To(Equal(int32(0)))
Expect(s.TLS.Enable).To(BeFalse())
Expect(s.TLS.Enabled).To(BeFalse())
})
It("should create a server with values", func() {

2
socket/config/boundary_test.go
View File

@@ -566,7 +566,7 @@ var _ = Describe("Validation State Boundaries", func() {
_ = s.Validate()
// Modify TLS
s.TLS.Enable = false
s.TLS.Enabled = false
_ = s.Validate()
})
})

12
socket/config/client.go
View File

@@ -92,7 +92,7 @@ type Client struct {
//
// The protocol determines both the transport layer and the addressing scheme.
// See github.com/nabbar/golib/network/protocol for protocol definitions.
Network libptc.NetworkProtocol
Network libptc.NetworkProtocol `json:"network" yaml:"network" toml:"network" mapstructure:"network"`
// Address specifies the destination to connect to.
//
@@ -111,7 +111,7 @@ type Client struct {
// - Maximum path length depends on OS (typically 108 bytes)
//
// Empty address will cause New() to return an error.
Address string
Address string `json:"address" yaml:"address" toml:"address" mapstructure:"address"`
// TLS provides Transport Layer Security configuration for the client.
//
@@ -136,15 +136,11 @@ type Client struct {
//
// The Config must provide valid certificates and the ServerName must match
// the server's certificate for successful validation.
TLS struct {
Enabled bool
Config libtls.Config
ServerName string
}
TLS TLSClient `json:"tls" yaml:"tls" toml:"tls" mapstructure:"tls"`
// defTls holds the default TLS configuration set via DefaultTLS().
// This is merged with TLS.Config when GetTLS() is called.
defTls libtls.TLSConfig
defTls libtls.TLSConfig `json:"-" yaml:"-" toml:"-" mapstructure:"-"`
}
// Validate checks the client configuration for correctness and compatibility.

8
socket/config/implementation_test.go
View File

@@ -313,7 +313,7 @@ var _ = Describe("Server Implementation", func() {
Network: libptc.NetworkTCP,
Address: ":8080",
}
s.TLS.Enable = false
s.TLS.Enabled = false
err := s.Validate()
expectNoValidationError(err)
})
@@ -323,7 +323,7 @@ var _ = Describe("Server Implementation", func() {
Network: libptc.NetworkUDP,
Address: ":9000",
}
s.TLS.Enable = true
s.TLS.Enabled = true
s.TLS.Config = libtls.Config{}
err := s.Validate()
expectValidationError(err, config.ErrInvalidTLSConfig)
@@ -336,7 +336,7 @@ var _ = Describe("Server Implementation", func() {
Network: libptc.NetworkTCP,
Address: ":8080",
}
s.TLS.Enable = true
s.TLS.Enabled = true
s.TLS.Config = libtls.Config{}
// GetTLS should return true when TLS is enabled
@@ -349,7 +349,7 @@ var _ = Describe("Server Implementation", func() {
Network: libptc.NetworkTCP,
Address: ":8080",
}
s.TLS.Enable = false
s.TLS.Enabled = false
enabled, tlsCfg := s.GetTLS()
Expect(enabled).To(BeFalse())

2
socket/config/performance_test.go
View File

@@ -212,7 +212,7 @@ var _ = Describe("Server Performance", func() {
Network: libptc.NetworkTCP,
Address: ":8080",
}
s.TLS.Enable = false
s.TLS.Enabled = false
exp := gmeasure.NewExperiment("GetTLS Call")
AddReportEntry(exp.Name, exp)

21
socket/config/server.go
View File

@@ -85,7 +85,7 @@ type Server struct {
//
// See github.com/nabbar/golib/network/protocol for protocol definitions.
// See github.com/nabbar/golib/socket/server for implementation details.
Network libptc.NetworkProtocol
Network libptc.NetworkProtocol `json:"network" yaml:"network" toml:"network" mapstructure:"network"`
// Address specifies where the server should listen.
//
@@ -107,7 +107,7 @@ type Server struct {
// - Maximum path length depends on OS (typically 108 bytes)
//
// Empty address will cause New() to return an error.
Address string
Address string `json:"address" yaml:"address" toml:"address" mapstructure:"address"`
// PermFile specifies file permissions for Unix domain socket files.
//
@@ -130,7 +130,7 @@ type Server struct {
// PermFile: 0660 // Owner and group members can connect
//
// See os.FileMode for permission representation.
PermFile libprm.Perm
PermFile libprm.Perm `json:"perm-file" yaml:"perm-file" toml:"perm-file" mapstructure:"perm-file"`
// GroupPerm specifies the group ownership for Unix domain socket files.
//
@@ -155,7 +155,7 @@ type Server struct {
// GroupPerm: 1000 // Set to group 1000
//
// Combined with PermFile 0660, this enables group-based access control.
GroupPerm int32
GroupPerm int32 `json:"group-perm" yaml:"group-perm" toml:"group-perm" mapstructure:"group-perm"`
// ConIdleTimeout specifies the maximum duration a connection can remain idle.
//
@@ -177,7 +177,7 @@ type Server struct {
//
// Note: This timeout is independent of read/write deadlines that may be
// set on individual operations.
ConIdleTimeout time.Duration
ConIdleTimeout time.Duration `json:"con-idle-timeout" yaml:"con-idle-timeout" toml:"con-idle-timeout" mapstructure:"con-idle-timeout"`
// TLS provides Transport Layer Security configuration for the server.
//
@@ -205,14 +205,11 @@ type Server struct {
//
// Use DefaultTLS() to set a fallback TLS configuration that will be used
// if Config doesn't provide all necessary settings.
TLS struct {
Enable bool
Config libtls.Config
}
TLS TLSServer `json:"tls" yaml:"tls" toml:"tls" mapstructure:"tls"`
// defTls holds the default TLS configuration set via DefaultTLS().
// This is merged with TLS.Config when GetTLS() is called.
defTls libtls.TLSConfig
defTls libtls.TLSConfig `json:"-" yaml:"-" toml:"-" mapstructure:"-"`
}
// Validate checks the server configuration for correctness and compatibility.
@@ -268,7 +265,7 @@ func (o *Server) Validate() error {
return ErrInvalidProtocol
}
if !o.TLS.Enable {
if !o.TLS.Enabled {
return nil
}
@@ -327,7 +324,7 @@ func (o *Server) DefaultTLS(t libtls.TLSConfig) {
//
// See DefaultTLS() for setting the default configuration.
func (o *Server) GetTLS() (bool, libtls.TLSConfig) {
if !o.TLS.Enable {
if !o.TLS.Enabled {
return false, nil
}
return true, o.TLS.Config.NewFrom(o.defTls)

65
socket/config/tls.go Normal file
View File

@@ -0,0 +1,65 @@
/*
* MIT License
*
* Copyright (c) 2025 Nicolas JUHEL
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*
*
*/
package config
import libtls "github.com/nabbar/golib/certificates"
// TLSClient holds TLS configuration for client connections.
//
// This structure is embedded in the Client configuration to enable TLS/SSL
// encryption for TCP-based client connections.
//
// Fields:
// - Enabled: Set to true to enable TLS encryption
// - Config: Certificate configuration from github.com/nabbar/golib/certificates
// - ServerName: Server hostname for certificate validation (required when Enabled is true)
//
// The ServerName field is used for SNI (Server Name Indication) and certificate
// hostname verification. It must match the server's certificate common name or
// one of its Subject Alternative Names.
type TLSClient struct {
Enabled bool `json:"enabled" yaml:"enabled" toml:"enabled" mapstructure:"enabled"`
Config libtls.Config `json:"config" yaml:"config" toml:"config" mapstructure:"config"`
ServerName string `json:"server-name" yaml:"server-name" toml:"server-name" mapstructure:"server-name"`
}
// TLSServer holds TLS configuration for server connections.
//
// This structure is embedded in the Server configuration to enable TLS/SSL
// encryption for TCP-based server connections.
//
// Fields:
// - Enabled: Set to true to enable TLS encryption
// - Config: Certificate configuration from github.com/nabbar/golib/certificates
//
// When TLS is enabled, the Config must provide at least one valid certificate
// pair (certificate and private key). All client connections will be required
// to use TLS encryption.
type TLSServer struct {
Enabled bool `json:"enabled" yaml:"enabled" toml:"enabled" mapstructure:"enabled"`
Config libtls.Config `json:"config" yaml:"config" toml:"config" mapstructure:"config"`
}

22
socket/config/tls_test.go
View File

@@ -61,7 +61,7 @@ var _ = Describe("TLS Configuration", func() {
Address: ":8443",
}
srv.TLS.Enable = true
srv.TLS.Enabled = true
srv.TLS.Config = cfgTLSSrv
err := srv.Validate()
@@ -74,7 +74,7 @@ var _ = Describe("TLS Configuration", func() {
Address: "127.0.0.1:8443",
}
srv.TLS.Enable = true
srv.TLS.Enabled = true
srv.TLS.Config = cfgTLSSrv
err := srv.Validate()
@@ -87,7 +87,7 @@ var _ = Describe("TLS Configuration", func() {
Address: "[::1]:8443",
}
srv.TLS.Enable = true
srv.TLS.Enabled = true
srv.TLS.Config = cfgTLSSrv
err := srv.Validate()
@@ -100,7 +100,7 @@ var _ = Describe("TLS Configuration", func() {
Address: ":9000",
}
srv.TLS.Enable = true
srv.TLS.Enabled = true
srv.TLS.Config = cfgTLSSrv
err := srv.Validate()
@@ -115,7 +115,7 @@ var _ = Describe("TLS Configuration", func() {
Address: "/tmp/test.sock",
}
srv.TLS.Enable = true
srv.TLS.Enabled = true
srv.TLS.Config = cfgTLSSrv
err := srv.Validate()
@@ -128,7 +128,7 @@ var _ = Describe("TLS Configuration", func() {
Address: ":8443",
}
srv.TLS.Enable = true
srv.TLS.Enabled = true
srv.TLS.Config = libtls.Config{}
err := srv.Validate()
@@ -141,7 +141,7 @@ var _ = Describe("TLS Configuration", func() {
Address: ":8080",
}
srv.TLS.Enable = false
srv.TLS.Enabled = false
err := srv.Validate()
expectNoValidationError(err)
@@ -254,7 +254,7 @@ var _ = Describe("TLS Configuration", func() {
Address: ":8443",
}
srv.TLS.Enable = true
srv.TLS.Enabled = true
srv.TLS.Config = cfgTLSSrv
// Set default TLS configuration
@@ -275,7 +275,7 @@ var _ = Describe("TLS Configuration", func() {
Network: libptc.NetworkTCP,
Address: ":8080",
}
srv.TLS.Enable = false
srv.TLS.Enabled = false
enabled, tlsCfg := srv.GetTLS()
Expect(enabled).To(BeFalse())
@@ -287,7 +287,7 @@ var _ = Describe("TLS Configuration", func() {
Network: libptc.NetworkTCP,
Address: ":8443",
}
srv.TLS.Enable = true
srv.TLS.Enabled = true
srv.TLS.Config = cfgTLSSrv
// Should not panic with nil
@@ -353,7 +353,7 @@ var _ = Describe("TLS Configuration", func() {
Network: libptc.NetworkTCP,
Address: ":8443",
}
srv.TLS.Enable = true
srv.TLS.Enabled = true
srv.TLS.Config = cfgTLSSrv
done := make(chan bool)

2
socket/server/tcp/helper_test.go
View File

@@ -281,7 +281,7 @@ func createDefaultConfig(addr string) sckcfg.Server {
// createTLSConfig creates a TLS-enabled server configuration
func createTLSConfig(addr string) sckcfg.Server {
cfg := createDefaultConfig(addr)
cfg.TLS.Enable = true
cfg.TLS.Enabled = true
cfg.TLS.Config = srvTLSCfg
return cfg
}