c/quicproquo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
65ce5aec18b82792e97665957ffa93f5bc8296c4
quicproquo/sdks/go/transport/transport.go
Christian Nennemann 2e081ead8e chore: rename quicproquo → quicprochat in docs, Docker, CI, and packaging 
Rename all project references from quicproquo/qpq to quicprochat/qpc
across documentation, Docker configuration, CI workflows, packaging
scripts, operational configs, and build tooling.

- Docker: crate paths, binary names, user/group, data dirs, env vars
- CI: workflow crate references, binary names, artifact names
- Docs: all markdown files under docs/, SDK READMEs, book.toml
- Packaging: OpenWrt Makefile, init script, UCI config (file renames)
- Scripts: justfile, dev-shell, screenshot, cross-compile, ai_team
- Operations: Prometheus config, alert rules, Grafana dashboard
- Config: .env.example (QPQ_* → QPC_*), CODEOWNERS paths
- Top-level: README, CONTRIBUTING, ROADMAP, CLAUDE.md
2026-03-21 19:14:06 +01:00

127 lines
3.3 KiB
Go
Raw Blame History

// Package transport provides the low-level QUIC+TLS connection to a quicprochat server
// and bootstraps the Cap'n Proto RPC client over a single bidirectional QUIC stream.
package transport
import (
"context"
"crypto/tls"
"crypto/x509"
"fmt"
"os"
"time"
capnp "capnproto.org/go/capnp/v3"
"capnproto.org/go/capnp/v3/rpc"
"github.com/quic-go/quic-go"
"quicprochat.dev/sdk/go/proto/node"
)
// ConnectOptions configures the connection to a quicprochat server.
type ConnectOptions struct {
// Addr is the host:port of the server (e.g. "127.0.0.1:5001").
Addr string
// InsecureSkipVerify disables TLS certificate verification (dev mode only).
InsecureSkipVerify bool
// CACertPath is the path to a PEM-encoded CA certificate for production use.
// When set, the server's certificate is verified against this CA.
CACertPath string
// ConnectTimeout is the maximum time to wait for the QUIC handshake.
// Defaults to 10 seconds if zero.
ConnectTimeout time.Duration
}
// Connection holds the QUIC connection, Cap'n Proto RPC state, and the
// bootstrapped NodeService client.
type Connection struct {
quicConn *quic.Conn
stream *quic.Stream
rpcConn *rpc.Conn
client node.NodeService
}
// Connect establishes a QUIC+TLS 1.3 connection to the server, opens a single
// bidirectional stream, and bootstraps the Cap'n Proto RPC NodeService client.
func Connect(ctx context.Context, opts ConnectOptions) (*Connection, error) {
tlsCfg, err := buildTLSConfig(opts)
if err != nil {
return nil, fmt.Errorf("transport: build TLS config: %w", err)
}
quicCfg := &quic.Config{
MaxIdleTimeout: 300 * time.Second,
KeepAlivePeriod: 30 * time.Second,
}
timeout := opts.ConnectTimeout
if timeout == 0 {
timeout = 10 * time.Second
}
dialCtx, cancel := context.WithTimeout(ctx, timeout)
defer cancel()
qConn, err := quic.DialAddr(dialCtx, opts.Addr, tlsCfg, quicCfg)
if err != nil {
return nil, fmt.Errorf("transport: QUIC dial %s: %w", opts.Addr, err)
}
stream, err := qConn.OpenStream()
if err != nil {
qConn.CloseWithError(1, "failed to open stream")
return nil, fmt.Errorf("transport: open bidi stream: %w", err)
}
capnpTransport := rpc.NewStreamTransport(stream)
rpcConn := rpc.NewConn(capnpTransport, nil)
client := node.NodeService(rpcConn.Bootstrap(ctx))
return &Connection{
quicConn: qConn,
stream: stream,
rpcConn: rpcConn,
client: client,
}, nil
}
// Client returns the bootstrapped NodeService RPC client.
func (c *Connection) Client() node.NodeService {
return c.client
}
// Close gracefully shuts down the RPC connection and underlying QUIC transport.
func (c *Connection) Close() error {
capnp.Client(c.client).Release()
c.rpcConn.Close()
return c.quicConn.CloseWithError(0, "client closed")
}
func buildTLSConfig(opts ConnectOptions) (*tls.Config, error) {
cfg := &tls.Config{
NextProtos: []string{"capnp"},
MinVersion: tls.VersionTLS13,
}
if opts.InsecureSkipVerify {
cfg.InsecureSkipVerify = true
return cfg, nil
}
if opts.CACertPath != "" {
caPEM, err := os.ReadFile(opts.CACertPath)
if err != nil {
return nil, fmt.Errorf("read CA cert %s: %w", opts.CACertPath, err)
}
pool := x509.NewCertPool()
if !pool.AppendCertsFromPEM(caPEM) {
return nil, fmt.Errorf("CA cert %s: no valid PEM certificates found", opts.CACertPath)
}
cfg.RootCAs = pool
}
return cfg, nil
}
Reference in New Issue View Git Blame Copy Permalink