Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetConnectionStates ¶
func GetConnectionStates(cx *layer4.Connection) []*tls.ConnectionState
GetConnectionStates gets the tls.ConnectionState for all the terminated TLS connections.
Types ¶
type ClientHelloInfo ¶
type ClientHelloInfo struct { tls.ClientHelloInfo Version uint16 Random []byte SessionID []byte SecureRenegotiationSupported bool SecureRenegotiation []byte CompressionMethods []byte Extensions []uint16 OCSPStapling bool TicketSupported bool SessionTicket []uint8 SupportedSchemesCert []tls.SignatureScheme SCTs bool Cookie []byte EarlyData bool PSKModes []uint8 PSKIdentities []PSKIdentity PSKBinders [][]byte }
ClientHelloInfo holds information about a TLS ClientHello. Our own parser collects a little more information than the standard library's struct holds.
func GetClientHelloInfos ¶
func GetClientHelloInfos(cx *layer4.Connection) []ClientHelloInfo
GetClientHelloInfos gets ClientHello information for all the terminated TLS connections.
func (ClientHelloInfo) FillTLSClientConfig ¶
func (chi ClientHelloInfo) FillTLSClientConfig(cfg *tls.Config)
FillTLSClientConfig fills cfg (a client-side TLS config) with information from chi. It does not overwrite any fields in cfg that are already non-zero.
type Handler ¶
type Handler struct { ConnectionPolicies caddytls.ConnectionPolicies `json:"connection_policies,omitempty"` // contains filtered or unexported fields }
Handler is a connection handler that terminates TLS.
func (Handler) CaddyModule ¶
func (Handler) CaddyModule() caddy.ModuleInfo
CaddyModule returns the Caddy module information.
type KeyShare ¶
type KeyShare struct {}
KeyShare is a TLS 1.3 Key Share. See RFC 8446, Section 4.2.8.
type MatchALPN ¶
type MatchALPN []string
func (MatchALPN) CaddyModule ¶
func (MatchALPN) CaddyModule() caddy.ModuleInfo
CaddyModule returns the Caddy module information.
type MatchTLS ¶
type MatchTLS struct { MatchersRaw caddy.ModuleMap `json:"-" caddy:"namespace=tls.handshake_match"` // contains filtered or unexported fields }
MatchTLS is able to match TLS connections. Its structure is different from the auto-generated documentation. This value should be a map of matcher names to their values.
func (MatchTLS) CaddyModule ¶
func (MatchTLS) CaddyModule() caddy.ModuleInfo
CaddyModule returns the Caddy module information.
func (MatchTLS) MarshalJSON ¶
MarshalJSON satisfies the json.Marshaler interface.
func (MatchTLS) Match ¶
func (m MatchTLS) Match(cx *layer4.Connection) (bool, error)
Match returns true if the connection is a TLS handshake.
func (*MatchTLS) UnmarshalJSON ¶
UnmarshalJSON satisfies the json.Unmarshaler interface.
type PSKIdentity ¶
type PSKIdentity struct {
// contains filtered or unexported fields
}
PSKIdentity is a TLS 1.3 PSK Identity. Can be a Session Ticket, or a reference to a saved session. See RFC 8446, Section 4.2.11.