tls

package
v1.6.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 20, 2018 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// MinVersion Map of allowed TLS minimum versions
	MinVersion = map[string]uint16{
		`VersionTLS10`: tls.VersionTLS10,
		`VersionTLS11`: tls.VersionTLS11,
		`VersionTLS12`: tls.VersionTLS12,
	}

	// CipherSuites Map of TLS CipherSuites from crypto/tls
	// Available CipherSuites defined at https://golang.org/pkg/crypto/tls/#pkg-constants
	CipherSuites = map[string]uint16{
		`TLS_RSA_WITH_RC4_128_SHA`:                tls.TLS_RSA_WITH_RC4_128_SHA,
		`TLS_RSA_WITH_3DES_EDE_CBC_SHA`:           tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
		`TLS_RSA_WITH_AES_128_CBC_SHA`:            tls.TLS_RSA_WITH_AES_128_CBC_SHA,
		`TLS_RSA_WITH_AES_256_CBC_SHA`:            tls.TLS_RSA_WITH_AES_256_CBC_SHA,
		`TLS_RSA_WITH_AES_128_CBC_SHA256`:         tls.TLS_RSA_WITH_AES_128_CBC_SHA256,
		`TLS_RSA_WITH_AES_128_GCM_SHA256`:         tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
		`TLS_RSA_WITH_AES_256_GCM_SHA384`:         tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
		`TLS_ECDHE_ECDSA_WITH_RC4_128_SHA`:        tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
		`TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA`:    tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
		`TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA`:    tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
		`TLS_ECDHE_RSA_WITH_RC4_128_SHA`:          tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
		`TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA`:     tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
		`TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA`:      tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
		`TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA`:      tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
		`TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256`: tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
		`TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256`:   tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
		`TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`:   tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
		`TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256`: tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
		`TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384`:   tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
		`TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384`: tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
		`TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305`:    tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
		`TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305`:  tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
	}
)

Functions

func SortTLSPerEntryPoints

func SortTLSPerEntryPoints(configurations []*Configuration, epConfiguration map[string]map[string]*tls.Certificate, defaultEntryPoints []string) error

SortTLSPerEntryPoints converts TLS configuration sorted by Certificates into TLS configuration sorted by EntryPoints

Types

type Certificate

type Certificate struct {
	CertFile FileOrContent
	KeyFile  FileOrContent
}

Certificate holds a SSL cert/key pair Certs and Key could be either a file path, or the file content itself

func (*Certificate) AppendCertificates

func (c *Certificate) AppendCertificates(certs map[string]map[string]*tls.Certificate, ep string) error

AppendCertificates appends a Certificate to a certificates map sorted by entrypoints

type Certificates

type Certificates []Certificate

Certificates defines traefik certificates type Certs and Keys could be either a file path, or the file content itself

func (*Certificates) CreateTLSConfig

func (c *Certificates) CreateTLSConfig(entryPointName string) (*tls.Config, error)

CreateTLSConfig creates a TLS config from Certificate structures

func (*Certificates) Set

func (c *Certificates) Set(value string) error

Set is the method to set the flag value, part of the flag.Value interface. Set's argument is a string to be parsed to set the flag. It's a comma-separated list, so we split it.

func (*Certificates) String

func (c *Certificates) String() string

String is the method to format the flag's value, part of the flag.Value interface. The String method's output will be used in diagnostics.

func (*Certificates) Type

func (c *Certificates) Type() string

Type is type of the struct

type ClientCA

type ClientCA struct {
	Files    []string
	Optional bool
}

ClientCA defines traefik CA files for a entryPoint and it indicates if they are mandatory or have just to be analyzed if provided

type Configuration

type Configuration struct {
	EntryPoints []string
	Certificate *Certificate
}

Configuration allows mapping a TLS certificate to a list of entrypoints

type FileOrContent

type FileOrContent string

FileOrContent hold a file path or content

func (FileOrContent) IsPath added in v1.6.0

func (f FileOrContent) IsPath() bool

IsPath returns true if the FileOrContent is a file path, otherwise returns false

func (FileOrContent) Read

func (f FileOrContent) Read() ([]byte, error)

func (FileOrContent) String

func (f FileOrContent) String() string

type RootCAs

type RootCAs []FileOrContent

RootCAs hold the CA we want to have in root

func (*RootCAs) Get

func (r *RootCAs) Get() interface{}

Get return the RootCAs list

func (*RootCAs) Set

func (r *RootCAs) Set(value string) error

Set is the method to set the flag value, part of the flag.Value interface. Set's argument is a string to be parsed to set the flag. It's a comma-separated list, so we split it.

func (*RootCAs) SetValue

func (r *RootCAs) SetValue(val interface{})

SetValue sets the RootCAs with val

func (*RootCAs) String

func (r *RootCAs) String() string

String is the method to format the flag's value, part of the flag.Value interface. The String method's output will be used in diagnostics.

func (*RootCAs) Type

func (r *RootCAs) Type() string

Type is type of the struct

type TLS

type TLS struct {
	MinVersion    string `export:"true"`
	CipherSuites  []string
	Certificates  Certificates
	ClientCAFiles []string // Deprecated
	ClientCA      ClientCA
}

TLS configures TLS for an entry point

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL