core

Documentation

Overview

Package core contains core definitions for the transport package, the most salient of which is likely the Identity type. This type is used to build a Transport instance.

The TLS configurations provided here are designed for three scenarios: mutual authentication for a clients, mutual authentication for servers, and a general-purpose server configuration applicable where mutual authentication is not appropriate.

Index

• Variables
• type Backoff
  • func New(max time.Duration, interval time.Duration) *Backoff
  • func NewWithoutJitter(max time.Duration, interval time.Duration) *Backoff
  • func (b *Backoff) Duration() time.Duration
  • func (b *Backoff) Reset()
  • func (b *Backoff) SetDecay(decay time.Duration)
• type Identity
• type Root

Examples

• Backoff.SetDecay

Variables

var CipherSuites = []uint16{

	0xc030,
	0xc02c,
	0xc02f,
	0xc02b,
}

CipherSuites are the TLS cipher suites that should be used by CloudFlare programs.

var DefaultBefore = 24 * time.Hour

DefaultBefore is a sensible default; attempt to regenerate certificates the day before they expire.

var DefaultInterval = 5 * time.Minute

DefaultInterval is used when a Backoff is initialised with a zero-value Interval.

var DefaultMaxDuration = 6 * time.Hour

DefaultMaxDuration is maximum amount of time that the backoff will delay for.

Types

type Backoff

type Backoff struct {
	// contains filtered or unexported fields
}

A Backoff contains the information needed to intelligently backoff and retry operations using an exponential backoff algorithm. It should be initialised with a call to `New`.

Only use a Backoff from a single goroutine, it is not safe for concurrent access.

func New

func New(max time.Duration, interval time.Duration) *Backoff

New creates a new backoff with the specified max duration and interval. Zero values may be used to use the default values.

Panics if either max or interval is negative.

func NewWithoutJitter

func NewWithoutJitter(max time.Duration, interval time.Duration) *Backoff

NewWithoutJitter works similarly to New, except that the created Backoff will not use jitter.

func (*Backoff) Duration

func (b *Backoff) Duration() time.Duration

Duration returns a time.Duration appropriate for the backoff, incrementing the attempt counter.

func (*Backoff) Reset

func (b *Backoff) Reset()

Reset resets the attempt counter of a backoff.

It should be called when the rate-limited action succeeds.

func (*Backoff) SetDecay

func (b *Backoff) SetDecay(decay time.Duration)

SetDecay sets the duration after which the try counter will be reset. Panics if decay is smaller than 0.

The decay only kicks in if at least the last backoff + decay has elapsed since the last try.

Example

b := NewWithoutJitter(max, interval)
b.SetDecay(decay)

// try 0
fmt.Println(b.Duration())

// try 1
fmt.Println(b.Duration())

// try 2
duration := b.Duration()
fmt.Println(duration)

// try 3, below decay
time.Sleep(duration)
duration = b.Duration()
fmt.Println(duration)

// try 4, resets
time.Sleep(duration + decay)
fmt.Println(b.Duration())

Output:

1ms
2ms
4ms
8ms
1ms

type Identity

type Identity struct {
	// Request contains metadata for constructing certificate requests.
	Request *csr.CertificateRequest `json:"request"`

	// Roots contains a list of sources for trusted roots.
	Roots []*Root `json:"roots"`

	// ClientRoots contains a list of sources for trusted client
	// certificates.
	ClientRoots []*Root `json:"client_roots"`

	// Profiles contains a dictionary of names to dictionaries;
	// this is intended to allow flexibility in supporting
	// multiple configurations.
	Profiles map[string]map[string]string `json:"profiles"`
}

Identity is used to store information about a particular transport.

type Root

type Root struct {
	// Type should contain a string identifier for the type.
	Type string `json:"type"`

	// Metadata contains the information needed to load the
	// root(s).
	Metadata map[string]string `json:"metadata"`
}

A Root stores information about a trusted root.