.

go/neo/client.go

@@ -38,7 +38,6 @@ import (
 
 	"lab.nexedi.com/kirr/neo/go/internal/xzlib"
 	"lab.nexedi.com/kirr/neo/go/neo/internal/xsha1"
-	"lab.nexedi.com/kirr/neo/go/neo/internal/xtls"
 	"lab.nexedi.com/kirr/neo/go/neo/neonet"
 	"lab.nexedi.com/kirr/neo/go/neo/proto"
 	"lab.nexedi.com/kirr/neo/go/zodb"
@@ -83,6 +82,8 @@ type Client struct {
 	eventq0        []*zodb.EventCommit // buffer for initial messages, until .at0 is initialized
 	at0Initialized bool                // true after .at0 is initialized
 	at0Ready       chan(struct{})      // ready after .at0 is initialized
+
+	ownNet bool // true if Client "owns" networker and should release it on Close
 }
 
 var _ zodb.IStorageDriver = (*Client)(nil)
@@ -111,11 +112,16 @@ func (cli *Client) Run(ctx context.Context) error {
 	return cli.talkMaster(ctx)
 }
 
-func (c *Client) Close() error {
+func (c *Client) Close() (err error) {
 	c.talkMasterCancel()
 	// XXX wait talkMaster finishes -> XXX return err from that?
 	// XXX what else?
-	return nil
+
+	// close networker if configured to do so
+	if c.ownNet {
+		err = c.node.Net.Close()
+	}
+	return err
 }
 
 // --- connection with master ---
@@ -613,7 +619,6 @@ func openClientByURL(ctx context.Context, u *url.URL, opt *zodb.DriverOptions) (
 	defer xerr.Contextf(&err, "neo: open %s", u)
 
 	var ssl bool
-	var ca, cert, key string
 	switch u.Scheme {
 	case "neo":  ssl = false
 	case "neos": ssl = true
@@ -635,24 +640,21 @@ func openClientByURL(ctx context.Context, u *url.URL, opt *zodb.DriverOptions) (
 		return v
 	}
 
-	lonode := xpop("lonode", false)
+	netcfg := neonet.Config{}
+	netcfg.LoNode = xpop("lonode", false)
 
 	if !ssl {
 		if len(x) != 0 {
 			return nil, zodb.InvalidTid, fmt.Errorf("credentials can be specified only with neos:// scheme")
 		}
 	} else {
-		ca   = xpop("ca",   true)
-		cert = xpop("cert", true)
-		key  = xpop("key",  true)
+		netcfg.CA   = xpop("ca",   true)
+		netcfg.Cert = xpop("cert", true)
+		netcfg.Key  = xpop("key",  true)
 
 		if len(x) != 0 {
 			return nil, zodb.InvalidTid, fmt.Errorf("invalid credentials: %v", x)
 		}
-
-		if !(ca != "" && cert != "" && key != "") {
-			return nil, zodb.InvalidTid, fmt.Errorf("incomplete ca/cert/key provided")
-		}
 	}
 
 	name := u.Path
@@ -677,13 +679,9 @@ func openClientByURL(ctx context.Context, u *url.URL, opt *zodb.DriverOptions) (
 		return nil, zodb.InvalidTid, fmt.Errorf("TODO write mode not implemented")
 	}
 
-	net := xnet.NetPlain("tcp")	// TODO not only "tcp" ?
-	if ssl {
-		tlsCfg, err := xtls.ConfigForP2P(ca, cert, key)
-		if err != nil {
-			return nil, zodb.InvalidTid, err
-		}
-		net = xnet.NetTLS(net, tlsCfg)
+	net, err := neonet.Join(ctx, netcfg)
+	if err != nil {
+		return nil, zodb.InvalidTid, err
 	}
 
 	c := NewClient(name, u.Host, net)

go/neo/neonet/net.go

@@ -87,7 +87,7 @@ func Join(ctx context.Context, cfg Config) (net xnet.Networker, err error) {
 			network.Close() // ignore err
 			return nil, err
 		}
-		network.AutoClose()
+		network.AutoClose() // host.Close will close network
 
 		net = host
 	}