secureconn

package
v0.0.0-...-0713b25 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 23, 2024 License: Apache-2.0 Imports: 11 Imported by: 49

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultCipherSuites

func DefaultCipherSuites() []uint16

func HasAESNI

func HasAESNI() bool

HasAESNI returns whether AES-NI is supported by the CPU. This function gets defined by the assembly in aes_amd64.s

Types

type Factory

type Factory struct {
	ServiceKeyPair tls.Certificate
	CertPool       *x509.CertPool

	DisableDebugServer bool
	DebugServerOpts    []debug.ServerOpt
}

Factory is used to create secure service to service connections

func NewFactory

func NewFactory(serviceCerts certs.ServiceCerts, opts ...FactoryOpt) *Factory

NewFactory creates a new secureconn.Factory that is capable of creating grpc.Servers and and grpc.ClientConns that use mutual tls for service to service encryption and authorization

func (*Factory) Dial

func (f *Factory) Dial(serviceName string, target string, opts ...grpc.DialOption) (*grpc.ClientConn, error)

Dial is a DialContext with context.Background. See (*Factory).DialContext.

func (*Factory) DialContext

func (f *Factory) DialContext(
	ctx context.Context,
	serviceName string,
	target string,
	opts ...grpc.DialOption,
) (conn *grpc.ClientConn, err error)

DialContext is a wrapper for grpc.DialContext that adds options to use the current services key pair to authenticate with the server being dialed into. You must also provide the service name pointed to by target as the client will check the service's certificate's CN to make sure it matches.

Our convention is that service name, the component's directory name in components/ and the component's certificate filename in dev/certs/ should all match.

func (*Factory) DialOptions

func (f *Factory) DialOptions(serviceName string) []grpc.DialOption

DialOptions returns a list of DialOptions this factory uses to connect to clients.

func (*Factory) NewServer

func (f *Factory) NewServer(opt ...grpc.ServerOption) *grpc.Server

NewServer is a wrapper for grpc.NewServer that adds server options to verify clients using the factory's root CA

func (*Factory) ServerOptions

func (f *Factory) ServerOptions() []grpc.ServerOption

ServerOptions returns a list of ServerOptions this factory uses to create a server

type FactoryOpt

type FactoryOpt func(*Factory)

FactoryOpt are options on the factory

func DisableDebugServer

func DisableDebugServer() FactoryOpt

DisableDebugServer prevents the factory from automatically registering the debug server

func WithVersionInfo

func WithVersionInfo(version, gitRef string) FactoryOpt

WithVersionInfo sets the version information that the debug version endpoint returns.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL