dynamiclistener

package module
v0.3.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 13, 2022 License: Apache-2.0 Imports: 17 Imported by: 0

README

dynamiclistener

This README is a work in progress; aimed towards providing information for navigating the contents of this repository.

Changing the Expiration Days for Newly Signed Certificates

By default, a newly signed certificate is set to expire 365 days (1 year) after its creation time and date. You can use the CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS environment variable to change this value.

Please note: the value for the aforementioned variable must be a string representing an unsigned integer corresponding to the number of days until expiration (i.e. X509 "NotAfter" value).

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func HTTPRedirect

func HTTPRedirect(next http.Handler) http.Handler

Approach taken from letsencrypt, except manglePort is specific to us

func NewListener

func NewListener(l net.Listener, storage TLSStorage, caCert *x509.Certificate, caKey crypto.Signer, config Config) (net.Listener, http.Handler, error)

func NewTCPListener

func NewTCPListener(ip string, port int) (net.Listener, error)

func OnlyAllow

func OnlyAllow(str string) func(...string) []string

Types

type Config

type Config struct {
	CN                    string
	Organization          []string
	TLSConfig             *tls.Config
	SANs                  []string
	MaxSANs               int
	ExpirationDaysCheck   int
	CloseConnOnCertChange bool
	RegenerateCerts       func() bool
	FilterCN              func(...string) []string
}

type SetFactory

type SetFactory interface {
	SetFactory(tls TLSFactory)
}

type TLSFactory

type TLSFactory interface {
	Renew(secret *v1.Secret) (*v1.Secret, error)
	AddCN(secret *v1.Secret, cn ...string) (*v1.Secret, bool, error)
	Merge(target *v1.Secret, additional *v1.Secret) (*v1.Secret, bool, error)
	Filter(cn ...string) []string
	Regenerate(secret *v1.Secret) (*v1.Secret, error)
}

type TLSStorage

type TLSStorage interface {
	Get() (*v1.Secret, error)
	Update(secret *v1.Secret) error
}

Directories

Path Synopsis
storage

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL