服务端示例

说明:

需要自行准备证书文件。

import std.io.*
import std.fs.{File, OpenOption}
import std.net.{TcpServerSocket, TcpSocket}
import crypto.x509.{X509Certificate, PrivateKey}
import net.tls.*

//证书及私钥路径,用户需自备
let certificatePath = "./files/apiserver.crt"
let certificateKeyPath = "./files/apiserver.key"

main() {
    // 对证书以及私钥进行解析
    let pem = readTextFromFile(certificatePath)
    let keyText = readTextFromFile(certificateKeyPath)

    let certificate = X509Certificate.decodeFromPem(pem)
    let privateKey = PrivateKey.decodeFromPem(keyText)

    let config = TlsServerConfig(certificate, privateKey)

    //可选:允许恢复TLS会话
    let sessions= TlsSessionContext.fromName("my-server")

    try (server = TcpServerSocket(bindAt:8443)) {
        server.bind()

        server.acceptLoop { clientSocket =>
            try (tls = TlsSocket.server(clientSocket, serverConfig: config, sessionContext: sessions)) {
                tls.handshake()
                let buffer = Array<Byte>(100, repeat: 0)
                tls.read(buffer)
                println(buffer) // operate received data.
            }
        }
    }
}

// 简化示例代码的辅助函数
extend TcpServerSocket {
    func acceptLoop(handler: (TcpSocket) -> Unit) {
        while (true) {
            let client = accept()
            spawn {
                try {
                    handler(client)
                } finally {
                    client.close()
                }
            }
        }
    }
}

func readTextFromFile(path: String): String {
    var str = ""
    try (file = File(path, OpenOption.Open(true, false))) {
        str = String.fromUtf8(readToEnd(file))
    }
    str
}