distributedstek

package
v2.0.0-beta6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 14, 2019 License: Apache-2.0 Imports: 9 Imported by: 1

Documentation

Overview

Package distributedstek provides TLS session ticket ephemeral keys (STEKs) in a distributed fashion by utilizing configured storage for locking and key sharing. This allows a cluster of machines to optimally resume TLS sessions in a load-balanced environment without any hassle. This is similar to what Twitter does, but without needing to rely on SSH, as it is built into the web server this way: https://blog.twitter.com/engineering/en_us/a/2013/forward-secrecy-at-twitter.html

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Provider

type Provider struct {
	Storage json.RawMessage `json:"storage,omitempty"`
	// contains filtered or unexported fields
}

Provider implements a distributed STEK provider.

func (Provider) CaddyModule

func (Provider) CaddyModule() caddy.ModuleInfo

CaddyModule returns the Caddy module information.

func (*Provider) Initialize

func (s *Provider) Initialize(config *caddytls.SessionTicketService) ([][32]byte, error)

Initialize sets the configuration for s and returns the starting keys.

func (*Provider) Next

func (s *Provider) Next(doneChan <-chan struct{}) <-chan [][32]byte

Next returns a channel which transmits the latest session ticket keys.

func (*Provider) Provision

func (s *Provider) Provision(ctx caddy.Context) error

Provision provisions s.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL