xds

package

v1.39.0-alpha Latest Latest Go to latest Published: Jan 22, 2021 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/sandertungeaspoy/grpc-go

Documentation ¶

Overview ¶

Package xds contains non-user facing functionality of the xds credentials.

Index ¶

func SetHandshakeInfo(addr resolver.Address, hInfo *HandshakeInfo) resolver.Address
type HandshakeInfo
- func GetHandshakeInfo(attr *attributes.Attributes) *HandshakeInfo
- func NewHandshakeInfo(root, identity certprovider.Provider, sans ...string) *HandshakeInfo

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func SetHandshakeInfo ¶

func SetHandshakeInfo(addr resolver.Address, hInfo *HandshakeInfo) resolver.Address

SetHandshakeInfo returns a copy of addr in which the Attributes field is updated with hInfo.

Types ¶

type HandshakeInfo ¶

type HandshakeInfo struct {
	// contains filtered or unexported fields
}

HandshakeInfo wraps all the security configuration required by client and server handshake methods in xds credentials. The xDS implementation will be responsible for populating these fields.

Safe for concurrent access.

func GetHandshakeInfo ¶

func GetHandshakeInfo(attr *attributes.Attributes) *HandshakeInfo

GetHandshakeInfo returns a pointer to the HandshakeInfo stored in attr.

func NewHandshakeInfo ¶

func NewHandshakeInfo(root, identity certprovider.Provider, sans ...string) *HandshakeInfo

NewHandshakeInfo returns a new instance of HandshakeInfo with the given root and identity certificate providers.

func (*HandshakeInfo) ClientSideTLSConfig ¶

func (hi *HandshakeInfo) ClientSideTLSConfig(ctx context.Context) (*tls.Config, error)

ClientSideTLSConfig constructs a tls.Config to be used in a client-side handshake based on the contents of the HandshakeInfo.

func (*HandshakeInfo) MatchingSANExists ¶

func (hi *HandshakeInfo) MatchingSANExists(cert *x509.Certificate) bool

MatchingSANExists returns true if the SAN contained in the passed in certificate is present in the list of accepted SANs in the HandshakeInfo.

If the list of accepted SANs in the HandshakeInfo is empty, this function returns true for all input certificates.

func (*HandshakeInfo) ServerSideTLSConfig ¶

func (hi *HandshakeInfo) ServerSideTLSConfig(ctx context.Context) (*tls.Config, error)

ServerSideTLSConfig constructs a tls.Config to be used in a server-side handshake based on the contents of the HandshakeInfo.

func (*HandshakeInfo) SetAcceptedSANs ¶

func (hi *HandshakeInfo) SetAcceptedSANs(sans []string)

SetAcceptedSANs updates the list of accepted SANs.

func (*HandshakeInfo) SetIdentityCertProvider ¶

func (hi *HandshakeInfo) SetIdentityCertProvider(identity certprovider.Provider)

SetIdentityCertProvider updates the identity certificate provider.

func (*HandshakeInfo) SetRequireClientCert ¶

func (hi *HandshakeInfo) SetRequireClientCert(require bool)

SetRequireClientCert updates whether a client cert is required during the ServerHandshake(). A value of true indicates that we are performing mTLS.

func (*HandshakeInfo) SetRootCertProvider ¶

func (hi *HandshakeInfo) SetRootCertProvider(root certprovider.Provider)

SetRootCertProvider updates the root certificate provider.

func (*HandshakeInfo) UseFallbackCreds ¶

func (hi *HandshakeInfo) UseFallbackCreds() bool

UseFallbackCreds returns true when fallback credentials are to be used based on the contents of the HandshakeInfo.

Source Files ¶

View all Source files

handshake_info.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL