security

Documentation

Index

• Variables
• type Credential
  • func NewCredential4Test(cn string) (Credential, error)
  • func (s *Credential) AddSelfCommonName() error
  • func (s *Credential) IsTLSEnabled() bool
  • func (s *Credential) PDSecurityOption() pd.SecurityOption
  • func (s *Credential) ToGRPCDialOption() (grpc.DialOption, error)
  • func (s *Credential) ToTLSConfig() (*tls.Config, error)
  • func (s *Credential) ToTLSConfigWithVerify() (*tls.Config, error)
• type SaslScram
  • func (s *SaslScram) IsSaslScramEnabled() bool
• type XDGSCRAMClient
  • func (x *XDGSCRAMClient) Begin(userName, password, authzID string) (err error)
  • func (x *XDGSCRAMClient) Done() bool
  • func (x *XDGSCRAMClient) Step(challenge string) (response string, err error)

Variables

var (
	// SHA256 func
	SHA256 scram.HashGeneratorFcn = func() hash.Hash { return sha256.New() }
	// SHA512 func
	SHA512 scram.HashGeneratorFcn = func() hash.Hash { return sha512.New() }
)

Types

type Credential

type Credential struct {
	CAPath        string   `toml:"ca-path" json:"ca-path"`
	CertPath      string   `toml:"cert-path" json:"cert-path"`
	KeyPath       string   `toml:"key-path" json:"key-path"`
	CertAllowedCN []string `toml:"cert-allowed-cn" json:"cert-allowed-cn"`
}

Credential holds necessary path parameter to build a tls.Config

func NewCredential4Test

func NewCredential4Test(cn string) (Credential, error)

NewCredential4Test return a Credential for testing

func (*Credential) AddSelfCommonName

func (s *Credential) AddSelfCommonName() error

AddSelfCommonName add Common Name in certificate that specified by s.CertPath to s.CertAllowedCN

func (*Credential) IsTLSEnabled

func (s *Credential) IsTLSEnabled() bool

IsTLSEnabled checks whether TLS is enabled or not.

func (*Credential) PDSecurityOption

func (s *Credential) PDSecurityOption() pd.SecurityOption

PDSecurityOption creates a new pd SecurityOption from Security

func (*Credential) ToGRPCDialOption

func (s *Credential) ToGRPCDialOption() (grpc.DialOption, error)

ToGRPCDialOption constructs a gRPC dial option.

func (*Credential) ToTLSConfig

func (s *Credential) ToTLSConfig() (*tls.Config, error)

ToTLSConfig generates tls's config from *Security

func (*Credential) ToTLSConfigWithVerify

func (s *Credential) ToTLSConfigWithVerify() (*tls.Config, error)

ToTLSConfigWithVerify generates tls's config from *Security and requires the remote common name to be verified.

type SaslScram

type SaslScram struct {
	SaslUser      string `toml:"sasl-user" json:"sasl-user"`
	SaslPassword  string `toml:"sasl-password" json:"sasl-password"`
	SaslMechanism string `toml:"sasl-mechanism" json:"sasl-mechanism"`
}

SaslScram holds necessary path parameter to support sasl-scram

func (*SaslScram) IsSaslScramEnabled

func (s *SaslScram) IsSaslScramEnabled() bool

IsSaslScramEnabled checks whether SASL SCRAM is enabled or not.

type XDGSCRAMClient

type XDGSCRAMClient struct {
	*scram.Client
	*scram.ClientConversation
	scram.HashGeneratorFcn
}

XDGSCRAMClient xdg scram client

func (*XDGSCRAMClient) Begin

func (x *XDGSCRAMClient) Begin(userName, password, authzID string) (err error)

Begin xdg scram client Begin

func (*XDGSCRAMClient) Done

func (x *XDGSCRAMClient) Done() bool

Done xdg scram client Done

func (*XDGSCRAMClient) Step

func (x *XDGSCRAMClient) Step(challenge string) (response string, err error)

Step xdg scram client Step