tls

package
v1.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 20, 2021 License: MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CaCreate

func CaCreate(cmd *cmdr.Command, args []string) (err error)

CaCreate is a temp entry but never used now

func CertCreate

func CertCreate(cmd *cmdr.Command, args []string) (err error)

CertCreate creates Root CA, Server and Client certificates in a nutshell

Types

type CmdrTLSConfig

type CmdrTLSConfig struct {
	Enabled       bool
	Cacert        string // server-side: optional server's CA;   client-side: client's CA
	ServerCert    string //                                      client-side: the server's cert
	Cert          string // server-side: server's cert bundle;   client-side: client's cert
	Key           string // server-side: server's key;           client-side: client's key
	ClientAuth    bool
	MinTLSVersion uint16
}

CmdrTLSConfig wraps the certificates. For server-side, the `Cert` field must be a bundle of server certificates with all root CAs chain. For server-side, the `Cacert` is optional for extra client CA's.

func NewCmdrTLSConfig

func NewCmdrTLSConfig(appTag, prefixInConfigFile, prefixInCommandline string) *CmdrTLSConfig

NewCmdrTLSConfig builds the *CmdrTLSConfig object from cmdr config file and cmdr command-line arguments

func (*CmdrTLSConfig) Dial

func (s *CmdrTLSConfig) Dial(network, addr string) (conn net.Conn, err error)

Dial connects to the given network address using net.Dial and then initiates a TLS handshake, returning the resulting TLS connection.

Dial interprets a nil configuration as equivalent to the zero configuration; see the documentation of Config for the defaults.

func (*CmdrTLSConfig) InitTLSConfigFromCommandline

func (s *CmdrTLSConfig) InitTLSConfigFromCommandline(prefix string)

InitTLSConfigFromCommandline loads the parsed command-line arguments to *CmdrTLSConfig

func (*CmdrTLSConfig) InitTLSConfigFromConfigFile

func (s *CmdrTLSConfig) InitTLSConfigFromConfigFile(appTag, prefix string)

InitTLSConfigFromConfigFile loads CmdrTLSConfig members from cmdr config file.

The entries in config file looks like:

prefix := "my-service.server.tls"
tls:
  enabled: true
  cacert: root.pem
  cert: cert.pem
  key: cert.key
  locations:
	   - ./ci/certs
	   - $CFG_DIR/certs

func (*CmdrTLSConfig) IsCertValid

func (s *CmdrTLSConfig) IsCertValid() bool

IsCertValid checks the cert and privateKey are present

func (*CmdrTLSConfig) IsClientAuthEnabled

func (s *CmdrTLSConfig) IsClientAuthEnabled() bool

IsClientAuthEnabled checks if the client-side authentication is enabled

func (*CmdrTLSConfig) IsServerCertValid

func (s *CmdrTLSConfig) IsServerCertValid() bool

IsServerCertValid checks the server or CA cert are present.

func (*CmdrTLSConfig) NewTLSListener

func (s *CmdrTLSConfig) NewTLSListener(l net.Listener) (listener net.Listener, err error)

NewTLSListener builds net.Listener for tls mode or not

func (*CmdrTLSConfig) ToServerTLSConfig

func (s *CmdrTLSConfig) ToServerTLSConfig() (config *tls.Config)

ToServerTLSConfig builds an tls.Config object for server.Serve

func (*CmdrTLSConfig) ToTLSConfig

func (s *CmdrTLSConfig) ToTLSConfig() (config *tls.Config)

ToTLSConfig converts to *tls.Config

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL