Documentation
¶
Index ¶
- Variables
- func TLSClientConfig(settings *TLSSettings) (*tls.Config, error)
- func TLSConfig(settings *TLSSettings) (*tls.Config, error)
- func TLSServerConfig(settings *TLSSettings) (*tls.Config, error)
- type ClientHello
- type Extension
- type ExtensionType
- type ProtocolVersion
- type Random
- type ServerName
- type ServerNameList
- type ServerNameType
- type TLSSettings
Constants ¶
This section is empty.
Variables ¶
View Source
var HostNameRegexp = regexp.MustCompile(`^([a-zA-Z0-9][a-zA-Z0-9-]{0,62}\.)*([a-zA-Z0-9][a-zA-Z0-9-]{0,62})$`)
SNI hostnames do not include the trailing dot.
View Source
var TLSSettingsForm = forms.Form{ Fields: []forms.Field{ { Name: "insecure_skip_verify", Validators: []forms.Validator{ forms.IsOptional{Default: false}, forms.IsBoolean{}, }, }, { Name: "verify_client", Validators: []forms.Validator{ forms.IsOptional{Default: true}, forms.IsBoolean{}, }, }, { Name: "request_client_cert", Validators: []forms.Validator{ forms.IsOptional{Default: false}, forms.IsBoolean{}, }, }, { Name: "ca_certificate_files", Validators: []forms.Validator{ forms.IsList{ Validators: []forms.Validator{ forms.IsString{}, }, }, }, }, { Name: "certificate_file", Validators: []forms.Validator{ forms.IsOptional{}, forms.IsString{}, }, }, { Name: "server_name", Validators: []forms.Validator{ forms.IsOptional{}, forms.IsString{}, }, }, { Name: "key_file", Validators: []forms.Validator{ forms.IsOptional{}, forms.IsString{}, }, }, }, }
Functions ¶
func TLSClientConfig ¶
func TLSClientConfig(settings *TLSSettings) (*tls.Config, error)
func TLSServerConfig ¶
func TLSServerConfig(settings *TLSSettings) (*tls.Config, error)
Types ¶
type ClientHello ¶
type ClientHello struct {
ProtocolVersion ProtocolVersion `json:"protocol_version"`
Random Random `json:"random"`
SessionID []byte `json:"session_id"`
CipherSuites [][2]uint8 `json:"cipher_suites"`
CompressionMethods []uint8 `json:"compression_methods"`
Extensions []Extension `json:"extensions"`
}
func ParseClientHello ¶
func ParseClientHello(data []byte) (*ClientHello, error)
func (*ClientHello) ServerNameList ¶
func (c *ClientHello) ServerNameList() *ServerNameList
type Extension ¶
type Extension struct {
Type ExtensionType `json:"type"`
Data []byte `json:"data"`
Struct interface{} `json:"struct"`
}
type ExtensionType ¶
type ExtensionType uint16
const (
ServerNameExtension ExtensionType = 0 // the only extension type we're interested in...
)
type ProtocolVersion ¶
type ServerName ¶
type ServerName struct {
NameType ServerNameType `json:"name_type"`
HostName string `json:"host_name"`
}
type ServerNameList ¶
type ServerNameList struct {
ServerNames []ServerName `json:"server_names"`
}
func (*ServerNameList) HostName ¶
func (s *ServerNameList) HostName() string
type ServerNameType ¶
type ServerNameType uint8
const (
HostNameType ServerNameType = 0 // the only name type we're interested in....
)
type TLSSettings ¶
type TLSSettings struct {
ServerName string `json:"server_name"`
VerifyClient bool `json:"verify_client"`
RequestClientCert bool `json:"request_client_cert"`
CACertificateFiles []string `json:"ca_certificate_files"`
CertificateFile string `json:"certificate_file"`
KeyFile string `json:"key_file"`
// This switch only exists to accomodate the inability of certain
// certificate authorities to provide TLS certificates with
// the necessary rights. Since key pinning is used to verify certificates
// in addition to the normal TLS verification enabling this will not
// destroy the systems' security, although it will weaken it.
// So please do not set this to true...
InsecureSkipVerify bool `json:"insecure_skip_verify"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.