v3

package
v1.8.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 5, 2022 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package accesslog replicates access log format supported by Envoy.

In order to allow users of Kuma to reuse the same access log format strings both in file logs and TCP logs, we need to have native support for Envoy access log command syntax.

Use ParseFormat() function to parse a format string.

Use HttpLogEntryFormatter interface to format an HTTP log entry.

Use TcpLogEntryFormatter interface to format a TCP log entry.

Use HttpLogConfigurer interface to configure `envoy.access_loggers.http_grpc` filter.

Use TcpLogConfigurer interface to configure `envoy.tcp_grpc_access_log` filter.

The initial implementation is missing the following features: 1. `%START_TIME%` commands ignore the user-defined format string 2. `%DYNAMIC_METADATA(NAMESPACE:KEY*):Z%` commands return a stub value 3. `%FILTER_STATE(KEY):Z%` commands return a stub value

Index

Constants

View Source 
const (
	CMD_REQ              = "REQ"
	CMD_RESP             = "RESP"
	CMD_TRAILER          = "TRAILER"
	CMD_DYNAMIC_METADATA = "DYNAMIC_METADATA"
	CMD_FILTER_STATE     = "FILTER_STATE"
	CMD_START_TIME       = "START_TIME"

	CMD_BYTES_RECEIVED        = "BYTES_RECEIVED"
	CMD_BYTES_SENT            = "BYTES_SENT"
	CMD_PROTOCOL              = "PROTOCOL"
	CMD_RESPONSE_CODE         = "RESPONSE_CODE"
	CMD_RESPONSE_CODE_DETAILS = "RESPONSE_CODE_DETAILS"
	CMD_REQUEST_DURATION      = "REQUEST_DURATION"
	CMD_RESPONSE_DURATION     = "RESPONSE_DURATION"
	CMD_RESPONSE_TX_DURATION  = "RESPONSE_TX_DURATION"
	CMD_GRPC_STATUS           = "GRPC_STATUS"

	CMD_DURATION                                      = "DURATION"
	CMD_RESPONSE_FLAGS                                = "RESPONSE_FLAGS"
	CMD_UPSTREAM_HOST                                 = "UPSTREAM_HOST"
	CMD_UPSTREAM_CLUSTER                              = "UPSTREAM_CLUSTER"
	CMD_UPSTREAM_LOCAL_ADDRESS                        = "UPSTREAM_LOCAL_ADDRESS"
	CMD_DOWNSTREAM_LOCAL_ADDRESS                      = "DOWNSTREAM_LOCAL_ADDRESS"
	CMD_DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT         = "DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT"
	CMD_DOWNSTREAM_REMOTE_ADDRESS                     = "DOWNSTREAM_REMOTE_ADDRESS"
	CMD_DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT        = "DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT"
	CMD_DOWNSTREAM_DIRECT_REMOTE_ADDRESS              = "DOWNSTREAM_DIRECT_REMOTE_ADDRESS"
	CMD_DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT = "DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT"
	CMD_REQUESTED_SERVER_NAME                         = "REQUESTED_SERVER_NAME"
	CMD_ROUTE_NAME                                    = "ROUTE_NAME"
	CMD_DOWNSTREAM_PEER_URI_SAN                       = "DOWNSTREAM_PEER_URI_SAN"
	CMD_DOWNSTREAM_LOCAL_URI_SAN                      = "DOWNSTREAM_LOCAL_URI_SAN"
	CMD_DOWNSTREAM_PEER_SUBJECT                       = "DOWNSTREAM_PEER_SUBJECT"
	CMD_DOWNSTREAM_LOCAL_SUBJECT                      = "DOWNSTREAM_LOCAL_SUBJECT"
	CMD_DOWNSTREAM_TLS_SESSION_ID                     = "DOWNSTREAM_TLS_SESSION_ID"
	CMD_DOWNSTREAM_TLS_CIPHER                         = "DOWNSTREAM_TLS_CIPHER"
	CMD_DOWNSTREAM_TLS_VERSION                        = "DOWNSTREAM_TLS_VERSION"
	CMD_UPSTREAM_TRANSPORT_FAILURE_REASON             = "UPSTREAM_TRANSPORT_FAILURE_REASON"

	CMD_DOWNSTREAM_PEER_FINGERPRINT_256 = "DOWNSTREAM_PEER_FINGERPRINT_256"
	CMD_DOWNSTREAM_PEER_SERIAL          = "DOWNSTREAM_PEER_SERIAL"
	CMD_DOWNSTREAM_PEER_ISSUER          = "DOWNSTREAM_PEER_ISSUER"
	CMD_DOWNSTREAM_PEER_CERT            = "DOWNSTREAM_PEER_CERT"
	CMD_DOWNSTREAM_PEER_CERT_V_START    = "DOWNSTREAM_PEER_CERT_V_START"
	CMD_DOWNSTREAM_PEER_CERT_V_END      = "DOWNSTREAM_PEER_CERT_V_END"
	CMD_HOSTNAME                        = "HOSTNAME"

	CMD_KUMA_SOURCE_ADDRESS              = "KUMA_SOURCE_ADDRESS"
	CMD_KUMA_SOURCE_ADDRESS_WITHOUT_PORT = "KUMA_SOURCE_ADDRESS_WITHOUT_PORT"
	CMD_KUMA_SOURCE_SERVICE              = "KUMA_SOURCE_SERVICE"
	CMD_KUMA_DESTINATION_SERVICE         = "KUMA_DESTINATION_SERVICE"
	CMD_KUMA_MESH                        = "KUMA_MESH"
	CMD_KUMA_TRAFFIC_DIRECTION           = "KUMA_TRAFFIC_DIRECTION"
)

List of supported command operators.

View Source 
const (
	HeaderMethod             = ":method"
	HeaderScheme             = ":scheme"
	HeaderAuthority          = ":authority"
	HeaderPath               = ":path"
	HeaderUserAgent          = "user-agent"
	HeaderReferer            = "referer"
	HeaderXForwardedFor      = "x-forwarded-for"
	HeaderXRequestID         = "x-request-id"
	HeaderXEnvoyOriginalPath = "x-envoy-original-path"
)
View Source 
const (
	ResponseFlagDownstreamConnectionTermination = "DC"
	ResponseFlagFailedLocalHealthCheck          = "LH"
	ResponseFlagNoHealthyUpstream               = "UH"
	ResponseFlagUpstreamRequestTimeout          = "UT"
	ResponseFlagLocalReset                      = "LR"
	ResponseFlagUpstreamRemoteReset             = "UR"
	ResponseFlagUpstreamConnectionFailure       = "UF"
	ResponseFlagUpstreamConnectionTermination   = "UC"
	ResponseFlagUpstreamOverflow                = "UO"
	ResponseFlagUpstreamRetryLimitExceeded      = "URX"
	ResponseFlagNoRouteFound                    = "NR"
	ResponseFlagDelayInjected                   = "DI"
	ResponseFlagFaultInjected                   = "FI"
	ResponseFlagRateLimited                     = "RL"
	ResponseFlagUnauthorizedExternalService     = "UAEX"
	ResponseFlagRatelimitServiceError           = "RLSE"
	ResponseFlagStreamIdleTimeout               = "SI"
	ResponseFlagInvalidEnvoyRequestHeaders      = "IH"
	ResponseFlagDownstreamProtocolError         = "DPE"
)

List of supported response flags.

Variables

This section is empty.

Functions

func ValidateFormat 

func ValidateFormat(format string) error

ValidateFormat validates whether a given format string is valid.

Types

type AccessLogFormat 

type AccessLogFormat struct {
	Fragments []AccessLogFragment
}

AccessLogFormat represents the entire access log format string.

func ParseFormat 

func ParseFormat(format string) (*AccessLogFormat, error)

ParseFormat parses a given format string.

The returned object can be used for multiple purposes, i.e.

  1. To verify that access log format string is valid
  2. To adjust configuration of `envoy.access_loggers.http_grpc` and `envoy.tcp_grpc_access_log` according to the format string, e.g. to capture additional HTTP headers
  3. To format a given HTTP or TCP log entry according to the format string
  4. To bind `%KUMA_*%` placeholders to concrete context-dependent values
  5. To render back into the format string, e.g. after `%KUMA_*%` placeholders have been bound to concrete context-dependent values

func (*AccessLogFormat) ConfigureHttpLog 

func (f *AccessLogFormat) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (*AccessLogFormat) ConfigureTcpLog 

func (f *AccessLogFormat) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (*AccessLogFormat) FormatHttpLogEntry 

func (f *AccessLogFormat) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (*AccessLogFormat) FormatTcpLogEntry 

func (f *AccessLogFormat) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (*AccessLogFormat) Interpolate 

func (f *AccessLogFormat) Interpolate(variables InterpolationVariables) (*AccessLogFormat, error)

func (*AccessLogFormat) String 

func (f *AccessLogFormat) String() string

String returns the canonical representation of this format string.

type AccessLogFragment 

type AccessLogFragment interface {
	HttpLogEntryFormatter
	TcpLogEntryFormatter
	HttpLogConfigurer
	TcpLogConfigurer
	// String returns the canonical representation of this fragment.
	String() string
}

AccessLogFragment represents a fragment of an Envoy access log format string, such as a command operator or a span of plain text.

See https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log#command-operators

type AccessLogFragmentInterpolator 

type AccessLogFragmentInterpolator interface {
	// Interpolate returns an access log fragment with all placeholders resolved.
	Interpolate(variables InterpolationVariables) (AccessLogFragment, error)
}

AccessLogFragmentInterpolator interpolates placeholders added to an access log format string. E.g. %KUMA_SOURCE_SERVICE%, %KUMA_DESTINATION_SERVICE%, %KUMA_SOURCE_ADDRESS% and %KUMA_SOURCE_ADDRESS_WITHOUT_PORT% are examples of such placeholders.

type CommandOperatorDescriptor 

type CommandOperatorDescriptor string

CommandOperatorDescriptor represents a descriptor of an Envoy access log command operator.

See https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log#command-operators

func (CommandOperatorDescriptor) IsPlaceholder 

func (o CommandOperatorDescriptor) IsPlaceholder() bool

IsPlaceholder returns true if this command is a placeholder that must be resolved before configuring Envoy with that format string. E.g., %KUMA_SOURCE_ADDRESS%, %KUMA_SOURCE_ADDRESS_WITHOUT_PORT%, %KUMA_SOURCE_SERVICE% and %KUMA_DESTINATION_SERVICE% are examples of such placeholders.

func (CommandOperatorDescriptor) String 

func (o CommandOperatorDescriptor) String() string

String returns the reference name of an Envoy access log command operator as it appears on https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log#command-operators

type DynamicMetadataOperator 

type DynamicMetadataOperator struct {
	FilterNamespace string
	Path            []string
	MaxLength       int
}

DynamicMetadataOperator represents a `%DYNAMIC_METADATA(NAMESPACE:KEY*):Z%` command operator.

func (*DynamicMetadataOperator) ConfigureHttpLog 

func (f *DynamicMetadataOperator) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (*DynamicMetadataOperator) ConfigureTcpLog 

func (f *DynamicMetadataOperator) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (*DynamicMetadataOperator) FormatHttpLogEntry 

func (f *DynamicMetadataOperator) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (*DynamicMetadataOperator) FormatTcpLogEntry 

func (f *DynamicMetadataOperator) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (*DynamicMetadataOperator) String 

func (f *DynamicMetadataOperator) String() string

String returns the canonical representation of this access log fragment.

type FieldOperator 

type FieldOperator string

FieldOperator represents a simple field command operator, such as `%BYTES_RECEIVED%` or `%PROTOCOL%`.

func (FieldOperator) ConfigureHttpLog 

func (f FieldOperator) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (FieldOperator) ConfigureTcpLog 

func (f FieldOperator) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (FieldOperator) FormatHttpLogEntry 

func (f FieldOperator) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (FieldOperator) FormatTcpLogEntry 

func (f FieldOperator) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (FieldOperator) String 

func (f FieldOperator) String() string

String returns the canonical representation of this access log fragment.

type FilterStateOperator 

type FilterStateOperator struct {
	Key       string
	MaxLength int
}

FilterStateOperator represents a `%FILTER_STATE(KEY):Z%` command operator.

func (*FilterStateOperator) ConfigureHttpLog 

func (f *FilterStateOperator) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (*FilterStateOperator) ConfigureTcpLog 

func (f *FilterStateOperator) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (*FilterStateOperator) FormatHttpLogEntry 

func (f *FilterStateOperator) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (*FilterStateOperator) FormatTcpLogEntry 

func (f *FilterStateOperator) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (*FilterStateOperator) String 

func (f *FilterStateOperator) String() string

String returns the canonical representation of this access log fragment.

type HeaderFormatter 

type HeaderFormatter struct {
	Header    string
	AltHeader string
	MaxLength int
}

HeaderFormatter represents reusable formatting logic that is shared by `%REQ(X?Y):Z%`, `%RESP(X?Y):Z%` and `%TRAILER(X?Y):Z%` command operators.

func (*HeaderFormatter) Format 

func (f *HeaderFormatter) Format(headers Headers) (string, error)

func (*HeaderFormatter) GetOperandHeaders 

func (f *HeaderFormatter) GetOperandHeaders() (headers []string)

func (*HeaderFormatter) String 

func (f *HeaderFormatter) String() string

String returns the canonical representation of a header command operator arguments and max length constraint.

type HeaderMap 

type HeaderMap map[string]string

HeaderMap represents a set of regular headers.

func (HeaderMap) Get 

func (m HeaderMap) Get(name string) (value string, exists bool)

type Headers 

type Headers interface {
	Get(name string) (value string, exists bool)
}

Headers represents a set of headers that might include both regular and pseudo headers.

type HttpLogConfigurer 

type HttpLogConfigurer interface {
	ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error
}

HttpLogConfigurer adjusts configuration of `envoy.access_loggers.http_grpc` according to the format string, e.g. to capture additional HTTP headers.

type HttpLogEntryFormatter 

type HttpLogEntryFormatter interface {
	FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)
}

HttpLogEntryFormatter formats a given HTTP log entry according to the format string.

type InterpolationVariables 

type InterpolationVariables map[string]string

InterpolationVariables represents a context of Interpolate() operation as a map of variables.

func (InterpolationVariables) Get 

func (m InterpolationVariables) Get(variable string) string

type Placeholder 

type Placeholder string

Placeholder represents a placeholder added to an access log format string that must be resolved before configuring Envoy with that format string.

E.g. %KUMA_SOURCE_SERVICE%, %KUMA_DESTINATION_SERVICE%, %KUMA_SOURCE_ADDRESS% and %KUMA_SOURCE_ADDRESS_WITHOUT_PORT% are examples of such placeholders.

func (Placeholder) ConfigureHttpLog 

func (f Placeholder) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (Placeholder) ConfigureTcpLog 

func (f Placeholder) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (Placeholder) FormatHttpLogEntry 

func (f Placeholder) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (Placeholder) FormatTcpLogEntry 

func (f Placeholder) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (Placeholder) Interpolate 

func (f Placeholder) Interpolate(variables InterpolationVariables) (AccessLogFragment, error)

Interpolate returns an access log fragment with all placeholders resolved.

func (Placeholder) String 

func (f Placeholder) String() string

String returns the canonical representation of this command operator.

type RequestHeaderOperator 

type RequestHeaderOperator struct {
	HeaderFormatter
}

RequestHeaderOperator represents a `%REQ(X?Y):Z%` command operator.

func (*RequestHeaderOperator) ConfigureHttpLog 

func (f *RequestHeaderOperator) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (*RequestHeaderOperator) ConfigureTcpLog 

func (f *RequestHeaderOperator) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (*RequestHeaderOperator) FormatHttpLogEntry 

func (f *RequestHeaderOperator) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (*RequestHeaderOperator) FormatTcpLogEntry 

func (f *RequestHeaderOperator) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (*RequestHeaderOperator) String 

func (f *RequestHeaderOperator) String() string

String returns the canonical representation of this access log fragment.

type RequestHeaders 

type RequestHeaders struct {
	*accesslog_data.HTTPRequestProperties
}

RequestHeaders represents a set of HTTP request headers that includes both regular headers, such as `referer` and `user-agent`, and pseudo headers, such as `:method`, `:authority` and `:path`.

func (*RequestHeaders) Get 

func (h *RequestHeaders) Get(name string) (string, bool)

type ResponseHeaderOperator 

type ResponseHeaderOperator struct {
	HeaderFormatter
}

ResponseHeaderOperator represents a `%RESP(X?Y):Z%` command operator.

func (*ResponseHeaderOperator) ConfigureHttpLog 

func (f *ResponseHeaderOperator) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (*ResponseHeaderOperator) ConfigureTcpLog 

func (f *ResponseHeaderOperator) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (*ResponseHeaderOperator) FormatHttpLogEntry 

func (f *ResponseHeaderOperator) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (*ResponseHeaderOperator) FormatTcpLogEntry 

func (f *ResponseHeaderOperator) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (*ResponseHeaderOperator) String 

func (f *ResponseHeaderOperator) String() string

String returns the canonical representation of this access log fragment.

type ResponseTrailerOperator 

type ResponseTrailerOperator struct {
	HeaderFormatter
}

ResponseTrailerOperator represents a `%TRAILER(X?Y):Z%` command operator.

func (*ResponseTrailerOperator) ConfigureHttpLog 

func (f *ResponseTrailerOperator) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (*ResponseTrailerOperator) ConfigureTcpLog 

func (f *ResponseTrailerOperator) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (*ResponseTrailerOperator) FormatHttpLogEntry 

func (f *ResponseTrailerOperator) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (*ResponseTrailerOperator) FormatTcpLogEntry 

func (f *ResponseTrailerOperator) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (*ResponseTrailerOperator) String 

func (f *ResponseTrailerOperator) String() string

String returns the canonical representation of this access log fragment.

type StartTimeOperator 

type StartTimeOperator string

StartTimeOperator represents a `%START_TIME%` command operator.

func (StartTimeOperator) ConfigureHttpLog 

func (f StartTimeOperator) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (StartTimeOperator) ConfigureTcpLog 

func (f StartTimeOperator) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (StartTimeOperator) FormatHttpLogEntry 

func (f StartTimeOperator) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (StartTimeOperator) FormatTcpLogEntry 

func (f StartTimeOperator) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (StartTimeOperator) String 

func (f StartTimeOperator) String() string

String returns the canonical representation of this access log fragment.

type TcpLogConfigurer 

type TcpLogConfigurer interface {
	ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error
}

TcpLogConfigurer adjusts configuration of `envoy.tcp_grpc_access_log` according to the format string, e.g. to capture filter state objects.

type TcpLogEntryFormatter 

type TcpLogEntryFormatter interface {
	FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)
}

TcpLogEntryFormatter formats a given TCP log entry according to the format string.

type TextSpan 

type TextSpan string

TextSpan represents a span of plain text.

func (TextSpan) ConfigureHttpLog 

func (f TextSpan) ConfigureHttpLog(config *accesslog_config.HttpGrpcAccessLogConfig) error

func (TextSpan) ConfigureTcpLog 

func (f TextSpan) ConfigureTcpLog(config *accesslog_config.TcpGrpcAccessLogConfig) error

func (TextSpan) FormatHttpLogEntry 

func (f TextSpan) FormatHttpLogEntry(entry *accesslog_data.HTTPAccessLogEntry) (string, error)

func (TextSpan) FormatTcpLogEntry 

func (f TextSpan) FormatTcpLogEntry(entry *accesslog_data.TCPAccessLogEntry) (string, error)

func (TextSpan) String 

func (f TextSpan) String() string

String returns the canonical representation of this access log fragment.

type TlsCipherSuite 

type TlsCipherSuite uint16

TlsCipherSuite represents a registered TLS cipher suite. 

const (
	// TLS 1.0 - 1.2 cipher suites.
	TLS_RSA_WITH_RC4_128_SHA                TlsCipherSuite = 0x0005
	TLS_RSA_WITH_3DES_EDE_CBC_SHA           TlsCipherSuite = 0x000a
	TLS_RSA_WITH_AES_128_CBC_SHA            TlsCipherSuite = 0x002f
	TLS_RSA_WITH_AES_256_CBC_SHA            TlsCipherSuite = 0x0035
	TLS_RSA_WITH_AES_128_CBC_SHA256         TlsCipherSuite = 0x003c
	TLS_RSA_WITH_AES_128_GCM_SHA256         TlsCipherSuite = 0x009c
	TLS_RSA_WITH_AES_256_GCM_SHA384         TlsCipherSuite = 0x009d
	TLS_ECDHE_ECDSA_WITH_RC4_128_SHA        TlsCipherSuite = 0xc007
	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA    TlsCipherSuite = 0xc009
	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA    TlsCipherSuite = 0xc00a
	TLS_ECDHE_RSA_WITH_RC4_128_SHA          TlsCipherSuite = 0xc011
	TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA     TlsCipherSuite = 0xc012
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA      TlsCipherSuite = 0xc013
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA      TlsCipherSuite = 0xc014
	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TlsCipherSuite = 0xc023
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   TlsCipherSuite = 0xc027
	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   TlsCipherSuite = 0xc02f
	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TlsCipherSuite = 0xc02b
	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   TlsCipherSuite = 0xc030
	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TlsCipherSuite = 0xc02c
	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305    TlsCipherSuite = 0xcca8
	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305  TlsCipherSuite = 0xcca9

	// TLS 1.3 cipher suites.
	TLS_AES_128_GCM_SHA256       TlsCipherSuite = 0x1301
	TLS_AES_256_GCM_SHA384       TlsCipherSuite = 0x1302
	TLS_CHACHA20_POLY1305_SHA256 TlsCipherSuite = 0x1303

	// TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator
	// that the client is doing version fallback. See RFC 7507.
	TLS_FALLBACK_SCSV TlsCipherSuite = 0x5600
)

List of the most commonly used TLS cipher suites.

See https://www.iana.org/assignments/tls-parameters/tls-parameters.xml

func (TlsCipherSuite) String 

func (s TlsCipherSuite) String() string

String returns an Envoy-compatible name of a TLS cipher suite.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.