|
|
@@ -34,27 +34,30 @@ import (
|
|
|
"github.com/coreos/etcd/pkg/tlsutil"
|
|
|
)
|
|
|
|
|
|
-func NewListener(addr string, scheme string, tlscfg *tls.Config) (l net.Listener, err error) {
|
|
|
+func NewListener(addr, scheme string, tlscfg *tls.Config) (l net.Listener, err error) {
|
|
|
+ if l, err = newListener(addr, scheme); err != nil {
|
|
|
+ return nil, err
|
|
|
+ }
|
|
|
+ return wrapTLS(addr, scheme, tlscfg, l)
|
|
|
+}
|
|
|
+
|
|
|
+func newListener(addr string, scheme string) (net.Listener, error) {
|
|
|
if scheme == "unix" || scheme == "unixs" {
|
|
|
// unix sockets via unix://laddr
|
|
|
- l, err = NewUnixListener(addr)
|
|
|
- } else {
|
|
|
- l, err = net.Listen("tcp", addr)
|
|
|
+ return NewUnixListener(addr)
|
|
|
}
|
|
|
+ return net.Listen("tcp", addr)
|
|
|
+}
|
|
|
|
|
|
- if err != nil {
|
|
|
- return nil, err
|
|
|
+func wrapTLS(addr, scheme string, tlscfg *tls.Config, l net.Listener) (net.Listener, error) {
|
|
|
+ if scheme != "https" && scheme != "unixs" {
|
|
|
+ return l, nil
|
|
|
}
|
|
|
-
|
|
|
- if scheme == "https" || scheme == "unixs" {
|
|
|
- if tlscfg == nil {
|
|
|
- return nil, fmt.Errorf("cannot listen on TLS for %s: KeyFile and CertFile are not presented", scheme+"://"+addr)
|
|
|
- }
|
|
|
-
|
|
|
- l = tls.NewListener(l, tlscfg)
|
|
|
+ if tlscfg == nil {
|
|
|
+ l.Close()
|
|
|
+ return nil, fmt.Errorf("cannot listen on TLS for %s: KeyFile and CertFile are not presented", scheme+"://"+addr)
|
|
|
}
|
|
|
-
|
|
|
- return l, nil
|
|
|
+ return tls.NewListener(l, tlscfg), nil
|
|
|
}
|
|
|
|
|
|
type TLSInfo struct {
|
Anthony Romano