tls

package
v1.32.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 7, 2024 License: MIT Imports: 12 Imported by: 26

Documentation

Index

Constants

View Source
const TLSMinVersionDefault = tls.VersionTLS12

Variables

View Source
var ErrCipherUnsupported = errors.New("unsupported cipher")

Functions

func Ciphers added in v1.31.0

func Ciphers() (secure, insecure []string)

Ciphers returns the list of supported ciphers

func InsecureCiphers added in v1.31.0

func InsecureCiphers(ciphers []string) []string

InsecureCiphers returns the list of insecure ciphers among the list of given ciphers

func ParseCiphers

func ParseCiphers(ciphers []string) ([]uint16, error)

ParseCiphers returns a `[]uint16` by received `[]string` key that represents ciphers from crypto/tls. If some of ciphers in received list doesn't exists ParseCiphers returns nil with error

func ParseTLSVersion

func ParseTLSVersion(version string) (uint16, error)

ParseTLSVersion returns a `uint16` by received version string key that represents tls version from crypto/tls. If version isn't supported ParseTLSVersion returns 0 with error

Types

type ClientConfig

type ClientConfig struct {
	TLSCA               string   `toml:"tls_ca"`
	TLSCert             string   `toml:"tls_cert"`
	TLSKey              string   `toml:"tls_key"`
	TLSKeyPwd           string   `toml:"tls_key_pwd"`
	TLSMinVersion       string   `toml:"tls_min_version"`
	TLSCipherSuites     []string `toml:"tls_cipher_suites"`
	InsecureSkipVerify  bool     `toml:"insecure_skip_verify"`
	ServerName          string   `toml:"tls_server_name"`
	RenegotiationMethod string   `toml:"tls_renegotiation_method"`
	Enable              *bool    `toml:"tls_enable"`

	SSLCA   string `toml:"ssl_ca" deprecated:"1.7.0;1.35.0;use 'tls_ca' instead"`
	SSLCert string `toml:"ssl_cert" deprecated:"1.7.0;1.35.0;use 'tls_cert' instead"`
	SSLKey  string `toml:"ssl_key" deprecated:"1.7.0;1.35.0;use 'tls_key' instead"`
}

ClientConfig represents the standard client TLS config.

func (*ClientConfig) TLSConfig

func (c *ClientConfig) TLSConfig() (*tls.Config, error)

TLSConfig returns a tls.Config, may be nil without error if TLS is not configured.

type ServerConfig

type ServerConfig struct {
	TLSCert            string   `toml:"tls_cert"`
	TLSKey             string   `toml:"tls_key"`
	TLSKeyPwd          string   `toml:"tls_key_pwd"`
	TLSAllowedCACerts  []string `toml:"tls_allowed_cacerts"`
	TLSCipherSuites    []string `toml:"tls_cipher_suites"`
	TLSMinVersion      string   `toml:"tls_min_version"`
	TLSMaxVersion      string   `toml:"tls_max_version"`
	TLSAllowedDNSNames []string `toml:"tls_allowed_dns_names"`
}

ServerConfig represents the standard server TLS config.

func (*ServerConfig) TLSConfig

func (c *ServerConfig) TLSConfig() (*tls.Config, error)

TLSConfig returns a tls.Config, may be nil without error if TLS is not configured.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL