tlsdial

package
v1.20.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 26, 2022 License: BSD-3-Clause Imports: 9 Imported by: 18

Documentation

Overview

Package tlsdial originally existed to set up a tls.Config for x509 validation, using a memory-optimized path for iOS, but then we moved that to the tailscale/go tree instead, so now this package does very little. But for now we keep it as a unified point where we might want to add shared policy on outgoing TLS connections from the 3 places in the client that connect to Tailscale (logs, control, DERP).

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Config 

func Config(host string, base *tls.Config) *tls.Config

Config returns a tls.Config for connecting to a server. If base is non-nil, it's cloned as the base config before being configured and returned.

func SetConfigExpectedCert 

func SetConfigExpectedCert(c *tls.Config, certDNSName string)

SetConfigExpectedCert modifies c to expect and verify that the server returns a certificate for the provided certDNSName.

This is for user-configurable client-side domain fronting support, where we send one SNI value but validate a different cert.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.