MCPcopy
hub / github.com/XTLS/REALITY / Conn

Struct Conn

conn.go:27–128  ·  view source on GitHub ↗

A Conn represents a secured connection. It implements the net.Conn interface.

Source from the content-addressed store, hash-verified

25// A Conn represents a secured connection.
26// It implements the net.Conn interface.
27type Conn struct {
28 AuthKey []byte
29 ClientVer [3]byte
30 ClientTime time.Time
31 ClientShortId [8]byte
32 MaxUselessRecords int
33
34 // constant
35 conn net.Conn
36 isClient bool
37 handshakeFn func(context.Context) error // (*Conn).clientHandshake or serverHandshake
38 quic *quicState // nil for non-QUIC connections
39
40 // isHandshakeComplete is true if the connection is currently transferring
41 // application data (i.e. is not currently processing a handshake).
42 // isHandshakeComplete is true implies handshakeErr == nil.
43 isHandshakeComplete atomic.Bool
44 // constant after handshake; protected by handshakeMutex
45 handshakeMutex sync.Mutex
46 handshakeErr error // error resulting from handshake
47 vers uint16 // TLS version
48 haveVers bool // version has been negotiated
49 config *Config // configuration passed to constructor
50 // handshakes counts the number of handshakes performed on the
51 // connection so far. If renegotiation is disabled then this is either
52 // zero or one.
53 handshakes int
54 extMasterSecret bool
55 didResume bool // whether this connection was a session resumption
56 didHRR bool // whether a HelloRetryRequest was sent/received
57 cipherSuite uint16
58 curveID CurveID
59 ocspResponse []byte // stapled OCSP response
60 scts [][]byte // signed certificate timestamps from server
61 peerCertificates []*x509.Certificate
62 // verifiedChains contains the certificate chains that we built, as
63 // opposed to the ones presented by the server.
64 verifiedChains [][]*x509.Certificate
65 // serverName contains the server name indicated by the client, if any.
66 serverName string
67 // secureRenegotiation is true if the server echoed the secure
68 // renegotiation extension. (This is meaningless as a server because
69 // renegotiation is not supported in that case.)
70 secureRenegotiation bool
71 // ekm is a closure for exporting keying material.
72 ekm func(label string, context []byte, length int) ([]byte, error)
73 // resumptionSecret is the resumption_master_secret for handling
74 // or sending NewSessionTicket messages.
75 resumptionSecret []byte
76 echAccepted bool
77
78 // ticketKeys is the set of active session ticket keys for this
79 // connection. The first one is used to encrypt new tickets and
80 // all are tried to decrypt tickets.
81 ticketKeys []ticketKey
82
83 // clientFinishedIsFirst is true if the client sent the first Finished
84 // message during the most recent handshake. This is recorded because

Callers

nothing calls this directly

Calls

no outgoing calls

Tested by

no test coverage detected