use go 1.12

Signed-off-by: hongming <talonwan@yunify.com>

vendor/github.com/lucas-clemente/quic-go/mint_utils.go

@@ -0,0 +1,52 @@
+package quic
+
+import (
+	gocrypto "crypto"
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+
+	"github.com/bifurcation/mint"
+	"github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+func tlsToMintConfig(tlsConf *tls.Config, pers protocol.Perspective) (*mint.Config, error) {
+	mconf := &mint.Config{
+		NonBlocking: true,
+		CipherSuites: []mint.CipherSuite{
+			mint.TLS_AES_128_GCM_SHA256,
+			mint.TLS_AES_256_GCM_SHA384,
+		},
+	}
+	if tlsConf != nil {
+		mconf.ServerName = tlsConf.ServerName
+		mconf.InsecureSkipVerify = tlsConf.InsecureSkipVerify
+		mconf.Certificates = make([]*mint.Certificate, len(tlsConf.Certificates))
+		mconf.RootCAs = tlsConf.RootCAs
+		mconf.VerifyPeerCertificate = tlsConf.VerifyPeerCertificate
+		for i, certChain := range tlsConf.Certificates {
+			mconf.Certificates[i] = &mint.Certificate{
+				Chain:      make([]*x509.Certificate, len(certChain.Certificate)),
+				PrivateKey: certChain.PrivateKey.(gocrypto.Signer),
+			}
+			for j, cert := range certChain.Certificate {
+				c, err := x509.ParseCertificate(cert)
+				if err != nil {
+					return nil, err
+				}
+				mconf.Certificates[i].Chain[j] = c
+			}
+		}
+		switch tlsConf.ClientAuth {
+		case tls.NoClientCert:
+		case tls.RequireAnyClientCert:
+			mconf.RequireClientAuth = true
+		default:
+			return nil, errors.New("mint currently only support ClientAuthType RequireAnyClientCert")
+		}
+	}
+	if err := mconf.Init(pers == protocol.PerspectiveClient); err != nil {
+		return nil, err
+	}
+	return mconf, nil
+}