Hi Garrett, looks nice, thanks a lot. I think that I will try mangos on one of my projects when I have time… Cheers, Ondrej Kupka On Apr 27, 2014, at 4:46 AM, Garrett D'Amore wrote: > I’ve done some more updates. > > Transports are now in separate packages as I proposed. TLS is in a package > called “bitbucket.org/gdamore/mangos/transport/tlstcp” > > The reason its called “tlstcp” instead of just “tls” is two fold. > > 1. Its darned inconvenient when this package collides with crypto/tls. (You > can use renames on the import line, but … that’s kind of ugly.) > > 2. There may be other transports that use TLS on top of … (notably probably > *not* DTLS, but one could imagine TLS on top of IPC, etc. Not sure what > value that would have, but I *can* think of actual use cases.) > > To load a transport, you can import it (e.g. import > “bitbucket.org/gdamore/mangos/transport/tcp”) then pass that package’s > “NewTransport()” result to the new AddTransport() method for Socket. So it > looks like: > > sock.AddTransport(tcp.NewTransport()) > > Also, there is an “all” package underneath transport/ that will load all > transports on a socket. It goes like this: > > all.AddTransports(sock) > > macat and the test suite use this all package. > > The macat program now properly has lots of options relating to TLS. You can > specify certs, CAs, even the TLS protocol version. (I’ve not added > ciphersuite selection yet, but I will.) Note that macat assumes you want > *mutual* authentication unless you go out of your way to say otherwise. This > is very intentional, since the uses cases here are probably specifically > unlike traditional HTTPS where you have random unknown clients. You can > disable this by providing —insecure (or -k). Note also that a server *must* > have its own certificate presented. Again, very intentional. I tried to use > curl’s switches since I figure they are the most likely to be familiar to > folks using SSL. > > Here’s the man page for macat.1: > > macat(1) mangos macat(1) > > > > NAME > macat − command line interface to the mangos messaging > > SYNOPSIS > macat [−v|−−verbose] [−q|−−silent] [−−push] [−−pull] [−−pub] [−−sub] > [−−req] [−−rep] [−−surveyor] [−−respondent] [−−bus] [−−pair] [−−star] > [−−bind ADDR] [−−connect ADDR] [−X|−−bind‐ipc PATH] [−x|−−connect‐ipc > PATH] [−L|−−bind‐local PORT] [−l|−−connect‐local PORT] [−−subscribe > PREFIX] [−−recv‐timeout SEC] [−−send‐timeout SEC] [−d|−−send‐delay SEC] > [−−raw] [−A|−−ascii] [−Q|−−quoted] [−−msgpack] [−i|−−interval SEC] > [−D|−−data DATA] [−F|−−file FILE] [−−sslv3] [−−tlsv1] [−−tlsv1.1] > [−−tlsv1.1] [−−tlsv1.2] [−E|−−cert FILE] [−−key FILE] [−−cacert FILE] > [−k|−−insecure] [−−help] > > DESCRIPTION > macat is a command‐line interface to send and receive data via the man‐ > gos implementation of the SP (nanomsg) protocols. It is designed to be > suitable for use as a drop‐in replacement for nanocat(1). > > > OPTIONS > −v,−−verbose > Increase verbosity > > −q,−−silent > Decrease verbosity > > −−push Use PUSH socket type > > −−pull Use PULL socket type > > −−pub Use PUB socket type > > −−sub Use SUB socket type > > −−req Use REQ socket type > > −−rep Use REP socket type > > −−surveyor > Use SURVEYOR socket type > > −−respondent > Use RESPONDENT socket type > > −−bus Use BUS socket type > > −−pair Use PAIR socket type > > −−star Use STAR socket type > > −−bind ADDR > Bind socket to ADDR > > −−connect ADDR > Connect socket to ADDR > > −X,−−bind‐ipc PATH > Bind socket to IPC PATH > > −x,−−connect‐ipc PATH > Connect socket to IPC PATH > > −L,−−bind‐local PORT > Bind socket to TCP localhost PORT > > −l,−−connect‐local PORT > Connect socket to TCP localhost PORT > > −−subscribe PREFIX > Subcribe to PREFIX (default is wildcard) > > −−recv‐timeout SEC > Set receive timeout > > −−send‐timeout SEC > Set send timeout > > −d,−−send‐delay SEC > Set initial send delay > > −−raw Raw output, no delimiters > > −A,−−ascii > ASCII output, one per line > > −Q,−−quoted > Quoted output, one per line > > −−msgpack > Msgpacked binay output (see msgpack.org) > > −i,−−interval SEC > Send DATA every SEC seconds > > −D,−−data DATA > Data to send > > −F,−−file FILE > Send contents of FILE > > −−sslv3 > Force SSLv3 when using SSL/TLS > > −−tlsv1 > Force TLSv1.x when using SSL/TLS > > −−tlsv1.1 > Force TLSv1.0 when using SSL/TLS > > −−tlsv1.1 > Force TLSv1.1 when using SSL/TLS > > −−tlsv1.2 > Force TLSv1.2 when using SSL/TLS > > −E,−−cert FILE > Use certificate in FILE for SSL/TLS > > −−key FILE > Use private key in FILE for SSL/TLS > > −−cacert FILE > Use CA certicate(s) in FILE for SSL/TLS > > −k,−−insecure > Do not validate TLS/SSL peer certificate > > −−help show usage message > > AUTHOR > Garrett D’Amore > > > > mangos April 26, 2014 macat(1) > > > -- > Garrett D'Amore > Sent with Airmail