Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewKeepAliveListener ¶
NewKeepAliveListener returns a listener that listens on the given address. Be careful when wrap around KeepAliveListener with another Listener if TLSInfo is not nil. Some pkgs (like go/http) might expect Listener to return TLSConn type to start TLS handshake. http://tldp.org/HOWTO/TCP-Keepalive-HOWTO/overview.html
Types ¶
type TLSInfo ¶
type TLSInfo struct { CertFile string KeyFile string TrustedCAFile string ClientAuthType tls.ClientAuthType CRLVerifier crlcache.Verifier InsecureSkipVerify bool SkipClientSANVerify bool // ServerName ensures the cert matches the given host in case of discovery / virtual hosting ServerName string // HandshakeFailure is optionally called when a connection fails to handshake. The // connection will be closed immediately afterwards. HandshakeFailure func(*tls.Conn, error) // CipherSuites is a list of supported cipher suites. // If empty, Go auto-populates it by default. // Note that cipher suites are prioritized in the given order. CipherSuites []string // AllowedCN is a CN which must be provided by a client. AllowedCN string // AllowedHostname is an IP address or hostname that must match the TLS // certificate provided by a client. AllowedHostname string // EmptyCN indicates that the cert must have empty CN. // If true, ClientConfig() will return an error for a cert with non empty CN. EmptyCN bool // contains filtered or unexported fields }
TLSInfo provides TLS configuration
func (*TLSInfo) ServerTLSWithReloader ¶
ServerTLSWithReloader returns tls.Config with reloader
Click to show internal directories.
Click to hide internal directories.