在Go中升级到TLS的连接 [英] Upgrade a connection to TLS in Go
问题描述
代表{
/ / tx.Text的类型为textproto.Conn
//底层连接存储在tx.Conn
l,err:= tx.Text.Reader.ReadLine()
//做文本行的内容...
}
现在我想升级像这样连接到TLS( TlsConf
包含一个加载了 tls.LoadX509KeyPair
的证书)
tx.Conn = tls.Server(tx.Conn,tx.Server.Conf.TlsConf)
tx.Text = textproto.NewConn(tx .Conn)
当我这样做时,服务器尝试握手时会在客户端上发生分段错误。我正在实施SMTP服务器,并使用<$ c swaks 进行测试。 $ c> -tls 标志。 swak 的终端输出如下
- > STARTTLS
< - 220启动TLS
分段错误:11
由于swak是一个经过测试的工具,并且与之前的nodeJS SMTP实现一起工作,我不怀疑错误发生在客户端。
我做错了什么或缺少什么?
PS:从现有的不安全连接启动TLS连接时,究竟发生了什么?客户端是否在不同的端口上建立了新的连接,或者连接是否被重用?
使用Go自己的smtp.SendMail测试TLS:package main
pre>
import(
fmt
net / smtp
)
func main(){
err:= smtp.SendMail(
127.0.0.1:2525 ,
nil,
src@test.local,
[] string {dst@test.local},
[] byte(Hello!Just testing 。),
)
if err!= nil {
panic(err)
}
}
I have an open TCP connection and read from it with a for loop like so
for { // tx.Text is of type textproto.Conn // the underlying connection is stored in tx.Conn l, err := tx.Text.Reader.ReadLine() // do stuff with the text line ... }
Now I want to upgrade the connection to TLS like this (
TlsConf
contains a certificate loaded withtls.LoadX509KeyPair
)tx.Conn = tls.Server(tx.Conn, tx.Server.Conf.TlsConf) tx.Text = textproto.NewConn(tx.Conn)
When I do this I get a segmentation fault on the client when the server attempts a handshake. I'm implementing a SMTP server and am testing it with swaks using the
-tls
flag. The terminal output of swaks is the following-> STARTTLS <- 220 Start TLS Segmentation fault: 11
Since swaks is a tested tool, and worked with the nodeJS SMTP implementation I had before, I don't suspect the error is on the client side.
What did I do wrong or what is missing?
PS: When a TLS connection is started from an existing insecure connection, what does exactly happen? Does the client establish a new connection on a different port or is the connection reused?
解决方案Ditched swaks, built a small tool to test TLS using Go's own smtp.SendMail:
package main import ( "fmt" "net/smtp" ) func main() { err := smtp.SendMail( "127.0.0.1:2525", nil, "src@test.local", []string{"dst@test.local"}, []byte("Hello! Just testing."), ) if err != nil { panic(err) } }
这篇关于在Go中升级到TLS的连接的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!