长安链源码分析之网络模块 net-liquid(1)

	// create host1	host1, err := CreateHost(0, map[peer.ID]ma.Multiaddr{pidList[1]: ma.Join(addr2Target, ma.StringCast("/p2p/"+pidList[1].ToString()))})	require.Nil(t, err)
	// create host2	host2, err := CreateHost(1, map[peer.ID]ma.Multiaddr{pidList[0]: ma.Join(addrs[0], ma.StringCast("/p2p/"+pidList[0].ToString()))})	require.Nil(t, err)

//idx id序号//seeds  一个map  维护了一个节点的id  和对应的地址func CreateHost(idx int, seeds map[peer.ID]ma.Multiaddr) (host.Host, error) {  //cmx509  看着像创建了一个证书池	certPool := cmx509.NewCertPool()  //遍历证书     pem ？	for i := range certPEMs {		certPool.AppendCertsFromPEM(certPEMs[i])	}  //好像是从pme证书里获得私钥	sk, err := asym.PrivateKeyFromPEM(keyPEMs[idx], nil)	if err != nil {		return nil, err	}  //cmTls 创建了一个x509key键值对	tlsCert, err := cmTls.X509KeyPair(certPEMs[idx], keyPEMs[idx])	if err != nil {		return nil, err	}  //创建了一个配置	hostCfg := &HostConfig{		TlsCfg: &cmTls.Config{			Certificates:       []cmTls.Certificate{tlsCert},			InsecureSkipVerify: true,			ClientAuth:         cmTls.RequireAnyClientCert,			VerifyPeerCertificate: func(rawCerts [][]byte, _ [][]*cmx509.Certificate) error {				tlsCertBytes := rawCerts[0]				cert, err := cmx509.ParseCertificate(tlsCertBytes)				if err != nil {					return err				}				_, err = cert.Verify(cmx509.VerifyOptions{Roots: certPool})				if err != nil {					return err				}				return nil			},		},		LoadPidFunc: func(certificates []*cmx509.Certificate) (peer.ID, error) {			pid, err := helper.GetLibp2pPeerIdFromCertDer(certificates[0].Raw)			if err != nil {				return "", err			}			return peer.ID(pid), err		},		SendStreamPoolInitSize:    10,		SendStreamPoolCap:         50,		PeerReceiveStreamMaxCount: 100,		ListenAddresses:           []ma.Multiaddr{addrs[idx]},		DirectPeers:               seeds,		MsgCompress:               false,		PrivateKey:                sk,	}  //基于host配置创建Host	return hostCfg.NewHost(TcpNetwork, context.Background(), logger.NewLogPrinter("HOST"+strconv.Itoa(idx)))}