comments

transport/internet/dialer.go

@@ -20,6 +20,7 @@ func RegisterTransportDialer(protocol TransportProtocol, dialer Dialer) error {
 	return nil
 }
 
+// Dial dials a internet connection towards the given destination.
 func Dial(ctx context.Context, dest net.Destination) (Connection, error) {
 	if dest.Network == net.Network_TCP {
 		streamSettings := StreamSettingsFromContext(ctx)

transport/internet/tls/config.go

@@ -23,6 +23,7 @@ func ParseCertificate(c *cert.Certificate) *Certificate {
 	}
 }
 
+// BuildCertificates builds a list of TLS certificates from proto definition.
 func (c *Config) BuildCertificates() []tls.Certificate {
 	certs := make([]tls.Certificate, 0, len(c.Certificate))
 	for _, entry := range c.Certificate {
@@ -118,10 +119,11 @@ func getGetCertificateFunc(c *tls.Config, ca []*Certificate) func(hello *tls.Cli
 	}
 }
 
+// GetTLSConfig converts this Config into tls.Config.
 func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
 	config := &tls.Config{
 		ClientSessionCache: globalSessionCache,
-		RootCAs:            c.GetCertPool(),
+		RootCAs:            c.getCertPool(),
 	}
 	if c == nil {
 		return config
@@ -153,8 +155,10 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
 	return config
 }
 
+// Option for building TLS config.
 type Option func(*tls.Config)
 
+// WithDestination sets the server name in TLS config.
 func WithDestination(dest net.Destination) Option {
 	return func(config *tls.Config) {
 		if dest.Address.Family().IsDomain() && len(config.ServerName) == 0 {
@@ -163,6 +167,7 @@ func WithDestination(dest net.Destination) Option {
 	}
 }
 
+// WithNextProto sets the ALPN values in TLS config.
 func WithNextProto(protocol ...string) Option {
 	return func(config *tls.Config) {
 		if len(config.NextProtos) == 0 {
@@ -171,6 +176,7 @@ func WithNextProto(protocol ...string) Option {
 	}
 }
 
+// ConfigFromContext fetches Config from context. Nil if not found.
 func ConfigFromContext(ctx context.Context) *Config {
 	securitySettings := internet.SecuritySettingsFromContext(ctx)
 	if securitySettings == nil {

transport/internet/tls/config_other.go

@@ -4,7 +4,7 @@ package tls
 
 import "crypto/x509"
 
-func (c *Config) GetCertPool() *x509.CertPool {
+func (c *Config) getCertPool() *x509.CertPool {
 	pool, err := x509.SystemCertPool()
 	if err != nil {
 		newError("failed to get system cert pool.").Base(err).WriteToLog()

transport/internet/tls/config_windows.go

@@ -4,6 +4,6 @@ package tls
 
 import "crypto/x509"
 
-func (c *Config) GetCertPool() *x509.CertPool {
+func (c *Config) getCertPool() *x509.CertPool {
 	return nil
 }

transport/internet/tls/tls.go

@@ -29,11 +29,13 @@ func (c *conn) WriteMultiBuffer(mb buf.MultiBuffer) error {
 	return c.mergingWriter.Flush()
 }
 
+// Client initiates a TLS client handshake on the given connection.
 func Client(c net.Conn, config *tls.Config) net.Conn {
 	tlsConn := tls.Client(c, config)
 	return &conn{Conn: tlsConn}
 }
 
+// Server initiates a TLS server handshake on the given connection.
 func Server(c net.Conn, config *tls.Config) net.Conn {
 	tlsConn := tls.Server(c, config)
 	return &conn{Conn: tlsConn}