grpc: Index | Files

package xds

import ""

Package xds contains non-user facing functionality of the xds credentials.


Package Files


func SetHandshakeInfo Uses

func SetHandshakeInfo(addr resolver.Address, hInfo *HandshakeInfo) resolver.Address

SetHandshakeInfo returns a copy of addr in which the Attributes field is updated with hInfo.

type HandshakeInfo Uses

type HandshakeInfo struct {
    // contains filtered or unexported fields

HandshakeInfo wraps all the security configuration required by client and server handshake methods in xds credentials. The xDS implementation will be responsible for populating these fields.

Safe for concurrent access.

func GetHandshakeInfo Uses

func GetHandshakeInfo(attr *attributes.Attributes) *HandshakeInfo

GetHandshakeInfo returns a pointer to the HandshakeInfo stored in attr.

func NewHandshakeInfo Uses

func NewHandshakeInfo(root, identity certprovider.Provider, sans ...string) *HandshakeInfo

NewHandshakeInfo returns a new instance of HandshakeInfo with the given root and identity certificate providers.

func (*HandshakeInfo) ClientSideTLSConfig Uses

func (hi *HandshakeInfo) ClientSideTLSConfig(ctx context.Context) (*tls.Config, error)

ClientSideTLSConfig constructs a tls.Config to be used in a client-side handshake based on the contents of the HandshakeInfo.

func (*HandshakeInfo) MatchingSANExists Uses

func (hi *HandshakeInfo) MatchingSANExists(cert *x509.Certificate) bool

MatchingSANExists returns true if the SAN contained in the passed in certificate is present in the list of accepted SANs in the HandshakeInfo.

If the list of accepted SANs in the HandshakeInfo is empty, this function returns true for all input certificates.

func (*HandshakeInfo) ServerSideTLSConfig Uses

func (hi *HandshakeInfo) ServerSideTLSConfig(ctx context.Context) (*tls.Config, error)

ServerSideTLSConfig constructs a tls.Config to be used in a server-side handshake based on the contents of the HandshakeInfo.

func (*HandshakeInfo) SetAcceptedSANs Uses

func (hi *HandshakeInfo) SetAcceptedSANs(sans []string)

SetAcceptedSANs updates the list of accepted SANs.

func (*HandshakeInfo) SetIdentityCertProvider Uses

func (hi *HandshakeInfo) SetIdentityCertProvider(identity certprovider.Provider)

SetIdentityCertProvider updates the identity certificate provider.

func (*HandshakeInfo) SetRequireClientCert Uses

func (hi *HandshakeInfo) SetRequireClientCert(require bool)

SetRequireClientCert updates whether a client cert is required during the ServerHandshake(). A value of true indicates that we are performing mTLS.

func (*HandshakeInfo) SetRootCertProvider Uses

func (hi *HandshakeInfo) SetRootCertProvider(root certprovider.Provider)

SetRootCertProvider updates the root certificate provider.

func (*HandshakeInfo) UseFallbackCreds Uses

func (hi *HandshakeInfo) UseFallbackCreds() bool

UseFallbackCreds returns true when fallback credentials are to be used based on the contents of the HandshakeInfo.

Package xds imports 10 packages (graph) and is imported by 5 packages. Updated 2020-12-17. Refresh now. Tools for package owners.