tlsconfig

package

v0.0.0-...-87137bd Latest Latest Go to latest Published: Nov 8, 2024 License: AGPL-3.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/AdguardTeam/AdGuardDNS

Documentation ¶

Overview ¶

Package tlsconfig contains TLS related interfaces, helpers, and implementations.

Index ¶

type DefaultManager
- func NewDefaultManager(conf *DefaultManagerConfig) (m *DefaultManager, err error)
type DefaultManagerConfig
type EmptyMetrics
type EmptyRefreshMetrics
- func (EmptyRefreshMetrics) SetCertificateInfo(_ context.Context, _, _ string, _ time.Time)
- func (EmptyRefreshMetrics) SetSessionTicketRotationStatus(_ context.Context, _ bool)
type Manager
type Metrics
type RefreshMetrics

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type DefaultManager ¶

type DefaultManager struct {
	// contains filtered or unexported fields
}

DefaultManager is the default implementation of Manager.

func NewDefaultManager ¶

func NewDefaultManager(conf *DefaultManagerConfig) (m *DefaultManager, err error)

NewDefaultManager returns a new initialized *DefaultManager.

func (*DefaultManager) Add ¶

func (m *DefaultManager) Add(
	ctx context.Context,
	certPath string,
	keyPath string,
) (conf *tls.Config, err error)

Add implements the Manager interface for *DefaultManager.

func (*DefaultManager) Refresh ¶

func (m *DefaultManager) Refresh(ctx context.Context) (err error)

Refresh implements the agdservice.Refresher interface for *DefaultManager.

func (*DefaultManager) RotateTickets ¶

func (m *DefaultManager) RotateTickets(ctx context.Context) (err error)

RotateTickets rereads and resets TLS session tickets.

type DefaultManagerConfig ¶

type DefaultManagerConfig struct {
	// Logger is used for logging the operation of the TLS manager.
	Logger *slog.Logger

	// ErrColl is used to collect TLS related errors.
	ErrColl errcoll.Interface

	// Metrics is used to collect TLS related statistics.
	Metrics RefreshMetrics

	// KeyLogFilename, if not empty, is the name of the TLS key log file.
	KeyLogFilename string

	// SessionTicketPaths are paths to files containing the TLS session tickets.
	SessionTicketPaths []string
}

DefaultManagerConfig is the configuration structure for DefaultManager.

TODO(s.chzhen): Use it.

type EmptyMetrics ¶

type EmptyMetrics struct{}

EmptyMetrics is the implementation of the Metrics interface that does nothing.

func (EmptyMetrics) AfterHandshake ¶

func (EmptyMetrics) AfterHandshake(
	_ string,
	_ string,
	_ []string,
	_ []tls.Certificate,
) (f func(s tls.ConnectionState) (err error))

AfterHandshake implements the Metrics interface for EmptyMetrics by returning a function that does nothing.

func (EmptyMetrics) BeforeHandshake ¶

func (EmptyMetrics) BeforeHandshake(
	_ string,
) (f func(info *tls.ClientHelloInfo) (c *tls.Config, err error))

BeforeHandshake implements the Metrics interface for EmptyMetrics by returning a function that does nothing.

func (EmptyMetrics) SetCertificateInfo ¶

func (EmptyMetrics) SetCertificateInfo(_ context.Context, _, _ string, _ time.Time)

SetCertificateInfo implements the Metrics interface for EmptyMetrics.

func (EmptyMetrics) SetSessionTicketRotationStatus ¶

func (EmptyMetrics) SetSessionTicketRotationStatus(_ context.Context, _ bool)

SetSessionTicketRotationStatus implements the Metrics interface for EmptyMetrics.

type EmptyRefreshMetrics ¶

type EmptyRefreshMetrics struct{}

EmptyRefreshMetrics is the implementation of the RefreshMetrics interface that does nothing.

func (EmptyRefreshMetrics) SetCertificateInfo ¶

func (EmptyRefreshMetrics) SetCertificateInfo(_ context.Context, _, _ string, _ time.Time)

SetCertificateInfo implements the RefreshMetrics interface for EmptyRefreshMetrics.

func (EmptyRefreshMetrics) SetSessionTicketRotationStatus ¶

func (EmptyRefreshMetrics) SetSessionTicketRotationStatus(_ context.Context, _ bool)

SetSessionTicketRotationStatus implements the RefreshMetrics interface for EmptyRefreshMetrics.

type Manager ¶

type Manager interface {
	// Add returns an initialized TLS configuration using the provided paths to
	// a certificate and a key.  certPath and keyPath must not be empty.
	Add(ctx context.Context, certPath, keyPath string) (c *tls.Config, err error)
}

Manager stores and updates TLS configurations.

type Metrics ¶

type Metrics interface {
	// BeforeHandshake returns a function that needs to be passed to
	// [tls.Config.GetConfigForClient].  f must not be nil.
	BeforeHandshake(proto string) (f func(*tls.ClientHelloInfo) (c *tls.Config, err error))

	// AfterHandshake returns a function that needs to be passed to
	// [tls.Config.VerifyConnection].  f must not be nil.
	AfterHandshake(
		proto string,
		srvName string,
		devDomains []string,
		srvCerts []tls.Certificate,
	) (f func(s tls.ConnectionState) (err error))

	// RefreshMetrics gathers statistics during updates.
	//
	// TODO(s.chzhen):  Separate it.
	RefreshMetrics
}

Metrics is an interface that is used for the collection of the TLS related statistics.

type RefreshMetrics ¶

type RefreshMetrics interface {
	// SetCertificateInfo sets the TLS certificate information.
	SetCertificateInfo(ctx context.Context, algo, subj string, notAfter time.Time)

	// SetSessionTicketRotationStatus sets the TLS session ticket rotation
	// status.
	SetSessionTicketRotationStatus(ctx context.Context, enabled bool)
}

RefreshMetrics is an interface that is used to collect statistics during TLS certificate and TLS session ticket updates.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL