servers

package

v0.0.0-...-1fe2c9b Latest Latest Go to latest Published: Jan 9, 2020 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/deciphernow/nautls

Links

Open Source Insights

Documentation ¶

Index ¶

func IntToAuthentication() mapstructure.DecodeHookFunc
type Authentication
type SecurityBuilder
- func NewSecurityBuilder() *SecurityBuilder
type SecurityConfig
- func (c *SecurityConfig) Build() (*tls.Config, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func IntToAuthentication ¶

func IntToAuthentication() mapstructure.DecodeHookFunc

IntToAuthentication returns a mapstructure.DecodeHookFunction that converts an integer to an authentication.

Types ¶

type Authentication ¶

type Authentication tls.ClientAuthType

Authentication subtypes tls.ClientAuthType to provide serialization support.

func (*Authentication) FromString ¶

func (a *Authentication) FromString(value string) error

FromString sets the value of an authentication to the value represented by a string or errors.

func (Authentication) MarshalJSON ¶

func (a Authentication) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface for Authentication instances.

func (Authentication) MarshalYAML ¶

func (a Authentication) MarshalYAML() (interface{}, error)

MarshalYAML implements the yaml.Marshaler interface for Authentication instances.

func (Authentication) ToString ¶

func (a Authentication) ToString() (string, error)

ToString returns the string representation of the authentication or an error.

func (*Authentication) UnmarshalJSON ¶

func (a *Authentication) UnmarshalJSON(bytes []byte) error

UnmarshalJSON implements the json.Unmarshaler interface for Authentication instances.

func (*Authentication) UnmarshalYAML ¶

func (a *Authentication) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML implements the yaml.Unmarshaler interface for Authentication instances.

type SecurityBuilder ¶

type SecurityBuilder struct {
	// contains filtered or unexported fields
}

SecurityBuilder provides an builder for server tls.Config instances.

func NewSecurityBuilder ¶

func NewSecurityBuilder() *SecurityBuilder

NewSecurityBuilder returns a new instance of the SecurityBuilder structure.

func (*SecurityBuilder) Build ¶

func (b *SecurityBuilder) Build() (*tls.Config, error)

Build creates a tls.Config from the SecurityBuilder.

func (*SecurityBuilder) WithAuthentication ¶

func (b *SecurityBuilder) WithAuthentication(authentication Authentication) *SecurityBuilder

WithAuthentication sets the client authentication mode for mTLS connections.

func (*SecurityBuilder) WithAuthorities ¶

func (b *SecurityBuilder) WithAuthorities(authorities []string) *SecurityBuilder

WithAuthorities sets the trusted certificate authorities for verifying mTLS clients. The values must be URLs that point to the locations of PEM encoded certificates.

Note that in addition to those schemes supported by [getter](https://godoc.org/github.com/hashicorp/go-getter) a "base64" scheme is supported for providing the PEM encoded certifiate in the path of the URL directly. This is most applicable when the certificate data must be provided via an environement variable.

func (*SecurityBuilder) WithCertificate ¶

func (b *SecurityBuilder) WithCertificate(certificate string) *SecurityBuilder

WithCertificate sets the server certificate. The value must be a URL that points to the location of a PEM encoded certificate.

Note that in addition to those schemes supported by [getter](https://godoc.org/github.com/hashicorp/go-getter) a "base64" scheme is supported for providing the PEM encoded certifiate in the path of the URL directly. This is most applicable when the certificate data must be provided via an environement variable.

func (*SecurityBuilder) WithKey ¶

func (b *SecurityBuilder) WithKey(key string) *SecurityBuilder

WithKey sets the server key. The value must be a URL that points to the location of a PEM encoded key.

Note that in addition to those schemes supported by [getter](https://godoc.org/github.com/hashicorp/go-getter) a "base64" scheme is supported for providing the PEM encoded certifiate in the path of the URL directly. This is most applicable when the certificate data must be provided via an environement variable.

type SecurityConfig ¶

type SecurityConfig struct {

	// Authorities defines the trusted certificate authorities for verifying mTLS clients. The values must be URLs that
	// point to the location of PEM encoded certificates.
	//
	// Note that in addition to those schemes supported by [getter](https://godoc.org/github.com/hashicorp/go-getter) a
	// "base64" scheme is supported for providing the PEM encoded certifiate in the path of the URL directly. This is most
	// applicable when the certificate data must be provided via an environement variable.
	Authorities []string `json:"authorities" mapstructure:"authorities" yaml:"authorities"`

	// Certificate defines the server certificate. The value must be a URL that points to the location of a PEM encoded
	// certificate.
	//
	// Note that in addition to those schemes supported by [getter](https://godoc.org/github.com/hashicorp/go-getter) a
	// "base64" scheme is supported for providing the PEM encoded certifiate in the path of the URL directly. This is most
	// applicable when the certificate data must be provided via an environement variable.
	Certificate string `json:"certificate" mapstructure:"certificate" yaml:"certificate"`

	// Key defines the server key. The value must be a URL that points to the location of a PEM encoded key.
	//
	// Note that in addition to those schemes supported by [getter](https://godoc.org/github.com/hashicorp/go-getter) a
	// "base64" scheme is supported for providing the PEM encoded certifiate in the path of the URL directly. This is most
	// applicable when the certificate data must be provided via an environement variable.
	Key string `json:"key" mapstructure:"key" yaml:"key"`

	// Authentication defines the client authentication mode for mTLS connections.
	//
	// For serialization puposes (i.e., JSON and YAML) the value must be the string representation of a tls.ClientAuthType
	// constant (e.g., "RequireAnyClientCert"). See https://golang.org/pkg/crypto/tls/#ClientAuthType.
	Authentication Authentication `json:"authentication" mapstructure:"authentication" yaml:"authentication"`
}

SecurityConfig provides a serializable representation of a tls.Config structure for servers.

func (*SecurityConfig) Build ¶

func (c *SecurityConfig) Build() (*tls.Config, error)

Build creates a tls.Config from the SecurityConfig instance.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL