Documentation
¶
Index ¶
- func NewDeprecatedCertificateRoundTripperWrapperConstructor(missingSAN, sha1 *metrics.Counter) func(rt http.RoundTripper) http.RoundTripper
- func NewSANDeprecatedChecker(counter *metrics.Counter) *missingSANChecker
- func NewSHA1SignatureDeprecatedChecker(counter *metrics.Counter) *sha1SignatureChecker
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewDeprecatedCertificateRoundTripperWrapperConstructor ¶ added in v0.24.0
func NewDeprecatedCertificateRoundTripperWrapperConstructor(missingSAN, sha1 *metrics.Counter) func(rt http.RoundTripper) http.RoundTripper
NewDeprecatedCertificateRoundTripperWrapperConstructor returns a RoundTripper wrapper that's usable within ClientConfig.Wrap.
It increases the `missingSAN` counter whenever:
- we get a x509.HostnameError with string `x509: certificate relies on legacy Common Name field` which indicates an error caused by the deprecation of Common Name field when veryfing remote hostname
- the server certificate in response contains no SAN. This indicates that this binary run with the GODEBUG=x509ignoreCN=0 in env
It increases the `sha1` counter whenever:
- we get a x509.InsecureAlgorithmError with string `SHA1` which indicates an error caused by an insecure SHA1 signature
- the server certificate in response contains a SHA1WithRSA or ECDSAWithSHA1 signature. This indicates that this binary run with the GODEBUG=x509sha1=1 in env
func NewSANDeprecatedChecker ¶ added in v0.24.0
func NewSHA1SignatureDeprecatedChecker ¶ added in v0.24.0
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.