1// Copyright 2015 CoreOS, Inc. 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15package activation 16 17import ( 18 "crypto/tls" 19 "net" 20) 21 22// Listeners returns a slice containing a net.Listener for each matching socket type 23// passed to this process. 24// 25// The order of the file descriptors is preserved in the returned slice. 26// Nil values are used to fill any gaps. For example if systemd were to return file descriptors 27// corresponding with "udp, tcp, tcp", then the slice would contain {nil, net.Listener, net.Listener} 28func Listeners() ([]net.Listener, error) { 29 files := Files(true) 30 listeners := make([]net.Listener, len(files)) 31 32 for i, f := range files { 33 if pc, err := net.FileListener(f); err == nil { 34 listeners[i] = pc 35 f.Close() 36 } 37 } 38 return listeners, nil 39} 40 41// ListenersWithNames maps a listener name to a set of net.Listener instances. 42func ListenersWithNames() (map[string][]net.Listener, error) { 43 files := Files(true) 44 listeners := map[string][]net.Listener{} 45 46 for _, f := range files { 47 if pc, err := net.FileListener(f); err == nil { 48 current, ok := listeners[f.Name()] 49 if !ok { 50 listeners[f.Name()] = []net.Listener{pc} 51 } else { 52 listeners[f.Name()] = append(current, pc) 53 } 54 f.Close() 55 } 56 } 57 return listeners, nil 58} 59 60// TLSListeners returns a slice containing a net.listener for each matching TCP socket type 61// passed to this process. 62// It uses default Listeners func and forces TCP sockets handlers to use TLS based on tlsConfig. 63func TLSListeners(tlsConfig *tls.Config) ([]net.Listener, error) { 64 listeners, err := Listeners() 65 66 if listeners == nil || err != nil { 67 return nil, err 68 } 69 70 if tlsConfig != nil && err == nil { 71 for i, l := range listeners { 72 // Activate TLS only for TCP sockets 73 if l.Addr().Network() == "tcp" { 74 listeners[i] = tls.NewListener(l, tlsConfig) 75 } 76 } 77 } 78 79 return listeners, err 80} 81 82// TLSListenersWithNames maps a listener name to a net.Listener with 83// the associated TLS configuration. 84func TLSListenersWithNames(tlsConfig *tls.Config) (map[string][]net.Listener, error) { 85 listeners, err := ListenersWithNames() 86 87 if listeners == nil || err != nil { 88 return nil, err 89 } 90 91 if tlsConfig != nil && err == nil { 92 for _, ll := range listeners { 93 // Activate TLS only for TCP sockets 94 for i, l := range ll { 95 if l.Addr().Network() == "tcp" { 96 ll[i] = tls.NewListener(l, tlsConfig) 97 } 98 } 99 } 100 } 101 102 return listeners, err 103} 104