tls

package
v1.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 15, 2023 License: MIT Imports: 8 Imported by: 0

Documentation

Overview

This file contains CLI and env TLS configurations that can be used by clients or servers

Index

Constants

View Source
const (
	TLSCaCertFlagName = "tls.ca"
	TLSCertFlagName   = "tls.cert"
	TLSKeyFlagName    = "tls.key"
)

Variables

This section is empty.

Functions

func CLIFlags

func CLIFlags(envPrefix string) []cli.Flag

CLIFlags returns flags with env var envPrefix This should be used for server TLS configs, or when client and server tls configs are the same

func CLIFlagsWithFlagPrefix

func CLIFlagsWithFlagPrefix(envPrefix string, flagPrefix string) []cli.Flag

CLIFlagsWithFlagPrefix returns flags with env var and cli flag prefixes Should be used for client TLS configs when different from server on the same process

func NewPeerTLSMiddleware

func NewPeerTLSMiddleware(next http.Handler) http.Handler

NewPeerTLSMiddleware returns an http.Handler that extracts the peer's certificate data into PeerTLSInfo and attaches it to the request-scoped context. PeerTLSInfo will only be populated if the http.Server is listening with ListenAndServeTLS This is useful for ethereum-go/rpc endpoints because the http.Request object isn't accessible in the registered service.

Types

type CLIConfig

type CLIConfig struct {
	TLSCaCert string
	TLSCert   string
	TLSKey    string
}

func ReadCLIConfig

func ReadCLIConfig(ctx *cli.Context) CLIConfig

ReadCLIConfig reads tls cli configs This should be used for server TLS configs, or when client and server tls configs are the same

func ReadCLIConfigWithPrefix

func ReadCLIConfigWithPrefix(ctx *cli.Context, flagPrefix string) CLIConfig

ReadCLIConfigWithPrefix reads tls cli configs with flag prefix Should be used for client TLS configs when different from server on the same process

func (CLIConfig) Check

func (c CLIConfig) Check() error

func (CLIConfig) TLSEnabled

func (c CLIConfig) TLSEnabled() bool

type PeerTLSInfo

type PeerTLSInfo struct {
	LeafCertificate *x509.Certificate
}

PeerTLSInfo contains request-scoped peer certificate data It can be used by downstream http.Handlers to authorize access for TLS-authenticated clients

func PeerTLSInfoFromContext

func PeerTLSInfoFromContext(ctx context.Context) PeerTLSInfo

PeerTLSInfoFromContext extracts PeerTLSInfo from the context Result will only be populated if NewPeerTLSMiddleware has been added to the handler stack.

Directories

Path Synopsis
Package certman provides live reloading of the certificate and key files used by the standard library http.Server.
Package certman provides live reloading of the certificate and key files used by the standard library http.Server.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL