dynamiclistener

package module
v0.3.6-deadlockrevert Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 11, 2023 License: Apache-2.0 Imports: 16 Imported by: 28

README

dynamiclistener

This README is a work in progress; aimed towards providing information for navigating the contents of this repository.

Changing the Expiration Days for Newly Signed Certificates

By default, a newly signed certificate is set to expire 365 days (1 year) after its creation time and date. You can use the CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS environment variable to change this value.

Please note: the value for the aforementioned variable must be a string representing an unsigned integer corresponding to the number of days until expiration (i.e. X509 "NotAfter" value).

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func HTTPRedirect added in v0.2.0

func HTTPRedirect(next http.Handler) http.Handler

Approach taken from letsencrypt, except manglePort is specific to us

func NewListener deprecated added in v0.2.0

func NewListener(l net.Listener, storage TLSStorage, caCert *x509.Certificate, caKey crypto.Signer, config Config) (net.Listener, http.Handler, error)

Deprecated: Use NewListenerWithChain instead as it supports intermediate CAs

func NewListenerWithChain added in v0.3.6

func NewListenerWithChain(l net.Listener, storage TLSStorage, caCert []*x509.Certificate, caKey crypto.Signer, config Config) (net.Listener, http.Handler, error)

func NewTCPListener added in v0.2.0

func NewTCPListener(ip string, port int) (net.Listener, error)

func OnlyAllow added in v0.3.0

func OnlyAllow(str string) func(...string) []string

Types

type Config added in v0.2.0

type Config struct {
	CN                    string
	Organization          []string
	TLSConfig             *tls.Config
	SANs                  []string
	MaxSANs               int
	ExpirationDaysCheck   int
	CloseConnOnCertChange bool
	RegenerateCerts       func() bool
	FilterCN              func(...string) []string
}

type SetFactory added in v0.2.0

type SetFactory interface {
	SetFactory(tls TLSFactory)
}

type TLSFactory added in v0.2.1

type TLSFactory interface {
	Renew(secret *v1.Secret) (*v1.Secret, error)
	AddCN(secret *v1.Secret, cn ...string) (*v1.Secret, bool, error)
	Merge(target *v1.Secret, additional *v1.Secret) (*v1.Secret, bool, error)
	Filter(cn ...string) []string
	Regenerate(secret *v1.Secret) (*v1.Secret, error)
}

type TLSStorage added in v0.2.0

type TLSStorage interface {
	Get() (*v1.Secret, error)
	Update(secret *v1.Secret) error
}

Directories

Path Synopsis
storage

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL