Documentation
¶
Index ¶
- func GetConnectionStates(cx *layer4.Connection) []*tls.ConnectionState
- func ParseCaddyfileNestedMatcherSet(d *caddyfile.Dispenser) (caddy.ModuleMap, error)
- type ClientHelloInfo
- type Handler
- type KeyShare
- type MatchALPN
- type MatchTLS
- func (*MatchTLS) CaddyModule() caddy.ModuleInfo
- func (m *MatchTLS) MarshalJSON() ([]byte, error)
- func (m *MatchTLS) Match(cx *layer4.Connection) (bool, error)
- func (m *MatchTLS) Provision(ctx caddy.Context) error
- func (m *MatchTLS) UnmarshalCaddyfile(d *caddyfile.Dispenser) error
- func (m *MatchTLS) UnmarshalJSON(b []byte) error
- type PSKIdentity
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetConnectionStates ¶
func GetConnectionStates(cx *layer4.Connection) []*tls.ConnectionState
GetConnectionStates gets the tls.ConnectionState for all the terminated TLS connections.
Types ¶
type ClientHelloInfo ¶
type ClientHelloInfo struct {
tls.ClientHelloInfo
Version uint16
Random []byte
SessionID []byte
SecureRenegotiationSupported bool
SecureRenegotiation []byte
CompressionMethods []byte
Extensions []uint16
OCSPStapling bool
TicketSupported bool
SessionTicket []uint8
SupportedSchemesCert []tls.SignatureScheme
SCTs bool
Cookie []byte
EarlyData bool
PSKModes []uint8
PSKIdentities []PSKIdentity
PSKBinders [][]byte
}
ClientHelloInfo holds information about a TLS ClientHello. Our own parser collects a little more information than the standard library's struct holds.
func GetClientHelloInfos ¶
func GetClientHelloInfos(cx *layer4.Connection) []ClientHelloInfo
GetClientHelloInfos gets ClientHello information for all the terminated TLS connections.
func (ClientHelloInfo) FillTLSClientConfig ¶
func (chi ClientHelloInfo) FillTLSClientConfig(cfg *tls.Config)
FillTLSClientConfig fills cfg (a client-side TLS config) with information from chi. It does not overwrite any fields in cfg that are already non-zero.
type Handler ¶
type Handler struct {
ConnectionPolicies caddytls.ConnectionPolicies `json:"connection_policies,omitempty"`
// contains filtered or unexported fields
}
Handler is a connection handler that terminates TLS.
func (*Handler) CaddyModule ¶
func (*Handler) CaddyModule() caddy.ModuleInfo
CaddyModule returns the Caddy module information.
type KeyShare ¶
type KeyShare struct {
}
KeyShare is a TLS 1.3 Key Share. See RFC 8446, Section 4.2.8.
type MatchALPN ¶
type MatchALPN []string
func (*MatchALPN) CaddyModule ¶
func (*MatchALPN) CaddyModule() caddy.ModuleInfo
CaddyModule returns the Caddy module information.
type MatchTLS ¶
type MatchTLS struct {
MatchersRaw caddy.ModuleMap `json:"-" caddy:"namespace=tls.handshake_match"`
// contains filtered or unexported fields
}
MatchTLS is able to match TLS connections. Its structure is different from the auto-generated documentation. This value should be a map of matcher names to their values.
func (*MatchTLS) CaddyModule ¶
func (*MatchTLS) CaddyModule() caddy.ModuleInfo
CaddyModule returns the Caddy module information.
func (*MatchTLS) MarshalJSON ¶
MarshalJSON satisfies the json.Marshaler interface.
func (*MatchTLS) Match ¶
func (m *MatchTLS) Match(cx *layer4.Connection) (bool, error)
Match returns true if the connection is a TLS handshake.
func (*MatchTLS) UnmarshalCaddyfile ¶
UnmarshalCaddyfile sets up the MatchTLS from Caddyfile tokens. Syntax:
tls {
matcher [<args...>]
matcher [<args...>]
}
tls matcher [<args...>]
tls
func (*MatchTLS) UnmarshalJSON ¶
UnmarshalJSON satisfies the json.Unmarshaler interface.
type PSKIdentity ¶
type PSKIdentity struct {
// contains filtered or unexported fields
}
PSKIdentity is a TLS 1.3 PSK Identity. Can be a Session Ticket, or a reference to a saved session. See RFC 8446, Section 4.2.11.
Source Files