A Conn represents a secured connection. It implements the net.Conn interface.
| 25 | // A Conn represents a secured connection. |
| 26 | // It implements the net.Conn interface. |
| 27 | type Conn struct { |
| 28 | AuthKey []byte |
| 29 | ClientVer [3]byte |
| 30 | ClientTime time.Time |
| 31 | ClientShortId [8]byte |
| 32 | MaxUselessRecords int |
| 33 | |
| 34 | // constant |
| 35 | conn net.Conn |
| 36 | isClient bool |
| 37 | handshakeFn func(context.Context) error // (*Conn).clientHandshake or serverHandshake |
| 38 | quic *quicState // nil for non-QUIC connections |
| 39 | |
| 40 | // isHandshakeComplete is true if the connection is currently transferring |
| 41 | // application data (i.e. is not currently processing a handshake). |
| 42 | // isHandshakeComplete is true implies handshakeErr == nil. |
| 43 | isHandshakeComplete atomic.Bool |
| 44 | // constant after handshake; protected by handshakeMutex |
| 45 | handshakeMutex sync.Mutex |
| 46 | handshakeErr error // error resulting from handshake |
| 47 | vers uint16 // TLS version |
| 48 | haveVers bool // version has been negotiated |
| 49 | config *Config // configuration passed to constructor |
| 50 | // handshakes counts the number of handshakes performed on the |
| 51 | // connection so far. If renegotiation is disabled then this is either |
| 52 | // zero or one. |
| 53 | handshakes int |
| 54 | extMasterSecret bool |
| 55 | didResume bool // whether this connection was a session resumption |
| 56 | didHRR bool // whether a HelloRetryRequest was sent/received |
| 57 | cipherSuite uint16 |
| 58 | curveID CurveID |
| 59 | ocspResponse []byte // stapled OCSP response |
| 60 | scts [][]byte // signed certificate timestamps from server |
| 61 | peerCertificates []*x509.Certificate |
| 62 | // verifiedChains contains the certificate chains that we built, as |
| 63 | // opposed to the ones presented by the server. |
| 64 | verifiedChains [][]*x509.Certificate |
| 65 | // serverName contains the server name indicated by the client, if any. |
| 66 | serverName string |
| 67 | // secureRenegotiation is true if the server echoed the secure |
| 68 | // renegotiation extension. (This is meaningless as a server because |
| 69 | // renegotiation is not supported in that case.) |
| 70 | secureRenegotiation bool |
| 71 | // ekm is a closure for exporting keying material. |
| 72 | ekm func(label string, context []byte, length int) ([]byte, error) |
| 73 | // resumptionSecret is the resumption_master_secret for handling |
| 74 | // or sending NewSessionTicket messages. |
| 75 | resumptionSecret []byte |
| 76 | echAccepted bool |
| 77 | |
| 78 | // ticketKeys is the set of active session ticket keys for this |
| 79 | // connection. The first one is used to encrypt new tickets and |
| 80 | // all are tried to decrypt tickets. |
| 81 | ticketKeys []ticketKey |
| 82 | |
| 83 | // clientFinishedIsFirst is true if the client sent the first Finished |
| 84 | // message during the most recent handshake. This is recorded because |
nothing calls this directly
no outgoing calls
no test coverage detected