eventingtls

package

v0.37.0 Latest Latest Go to latest Published: Apr 25, 2023 License: Apache-2.0 Imports: 16 Imported by: 8

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/knative/eventing

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetTLSClientConfig(config ClientConfig) (*tls.Config, error)
func GetTLSServerConfig(config ServerConfig) (*tls.Config, error)
func IsHttpsSink(sink string) bool
type ClientConfig
- func NewDefaultClientConfig() ClientConfig
type GetCertificate
- func GetCertificateFromSecret(ctx context.Context, informer coreinformersv1.SecretInformer, ...) GetCertificate
type ServerConfig
- func NewDefaultServerConfig() ServerConfig

Constants ¶

View Source

const (
	// TLSKey is the key in the TLS secret for the private key of TLS servers
	TLSKey = "tls.key"
	// TLSCrt is the key in the TLS secret for the public key of TLS servers
	TLSCrt = "tls.crt"
	// DefaultMinTLSVersion is the default minimum TLS version for servers and clients.
	DefaultMinTLSVersion = tls.VersionTLS12
)

Variables ¶

This section is empty.

Functions ¶

func GetTLSClientConfig ¶

func GetTLSClientConfig(config ClientConfig) (*tls.Config, error)

GetTLSClientConfig returns tls.Config based on the given ClientConfig.

func GetTLSServerConfig ¶

func GetTLSServerConfig(config ServerConfig) (*tls.Config, error)

func IsHttpsSink ¶

func IsHttpsSink(sink string) bool

IsHttpsSink returns true if the sink has scheme equal to https.

Types ¶

type ClientConfig ¶

type ClientConfig struct {
	// CACerts are Certification Authority (CA) certificates in PEM format
	// according to https://www.rfc-editor.org/rfc/rfc7468.
	CACerts *string
}

func NewDefaultClientConfig ¶

func NewDefaultClientConfig() ClientConfig

NewDefaultClientConfig returns a default ClientConfig.

type GetCertificate ¶

type GetCertificate func(*tls.ClientHelloInfo) (*tls.Certificate, error)

GetCertificate returns a Certificate based on the given ClientHelloInfo. It will only be called if the client supplies SNI information or if Certificates is empty.

If GetCertificate is nil or returns nil, then the certificate is retrieved from NameToCertificate. If NameToCertificate is nil, the best element of Certificates will be used.

func GetCertificateFromSecret ¶

func GetCertificateFromSecret(ctx context.Context, informer coreinformersv1.SecretInformer, kube kubernetes.Interface, secret types.NamespacedName) GetCertificate

GetCertificateFromSecret returns a GetCertificate function that will automatically return the latest certificate that is present in the provided secret.

The secret is expected to have at least 2 keys in data: see TLSKey and TLSCrt constants for knowing the key names.

type ServerConfig ¶

type ServerConfig struct {
	// GetCertificate returns a Certificate based on the given
	// ClientHelloInfo. It will only be called if the client supplies SNI
	// information or if Certificates is empty.
	//
	// If GetCertificate is nil or returns nil, then the certificate is
	// retrieved from NameToCertificate. If NameToCertificate is nil, the
	// best element of Certificates will be used.
	GetCertificate func(*tls.ClientHelloInfo) (*tls.Certificate, error)
}

func NewDefaultServerConfig ¶

func NewDefaultServerConfig() ServerConfig

Source Files ¶

View all Source files

eventingtls.go

Directories ¶

Path	Synopsis
eventingtlstesting

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL