tls_inspectorv3

package
v1.36.11-2026042420273... Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: unknown License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var File_envoy_extensions_filters_listener_tls_inspector_v3_tls_inspector_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type TlsInspector 

type TlsInspector struct {

	// Populate “JA3“ fingerprint hash using data from the TLS Client Hello packet. Default is false.
	EnableJa3Fingerprinting *wrapperspb.BoolValue `` /* 132-byte string literal not displayed */
	// Populate “JA4“ fingerprint hash using data from the TLS Client Hello packet.
	// “JA4“ is an improved version of “JA3“ that includes TLS version, ciphers, extensions,
	// and ALPN information in a hex format. Default is false.
	EnableJa4Fingerprinting *wrapperspb.BoolValue `` /* 132-byte string literal not displayed */
	// The size in bytes of the initial buffer requested by the tls_inspector.
	// If the filter needs to read additional bytes from the socket, the
	// filter will double the buffer up to it's default maximum of 16KiB.
	// If this size is not defined, defaults to maximum 16KiB that the
	// tls inspector will consume.
	InitialReadBufferSize *wrapperspb.UInt32Value `` /* 128-byte string literal not displayed */
	// Close connection when TLS ClientHello message could not be parsed.
	// This flag should be enabled only if it is known that incoming connections are expected to use
	// TLS protocol, as Envoy does not distinguish between a plain text message or a malformed TLS
	// ClientHello message.
	// By default this flag is false and TLS ClientHello parsing errors are interpreted as a
	// plain text connection.
	// Setting this to true will cause connections to be terminated and the “client_hello_too_large“
	// counter to be incremented if the ClientHello message is over implementation defined limit
	// (currently 16Kb).
	CloseConnectionOnClientHelloParsingErrors bool `` /* 195-byte string literal not displayed */
	// The maximum size in bytes of the ClientHello that the tls_inspector will
	// process. If the ClientHello is larger than this size, the tls_inspector
	// will stop processing and indicate failure. If not defined, defaults to
	// 16KiB.
	MaxClientHelloSize *wrapperspb.UInt32Value `protobuf:"bytes,5,opt,name=max_client_hello_size,json=maxClientHelloSize,proto3" json:"max_client_hello_size,omitempty"`
	// contains filtered or unexported fields
}

[#next-free-field: 6]

func (*TlsInspector) ClearEnableJa3Fingerprinting 

func (x *TlsInspector) ClearEnableJa3Fingerprinting()

func (*TlsInspector) ClearEnableJa4Fingerprinting 

func (x *TlsInspector) ClearEnableJa4Fingerprinting()

func (*TlsInspector) ClearInitialReadBufferSize 

func (x *TlsInspector) ClearInitialReadBufferSize()

func (*TlsInspector) ClearMaxClientHelloSize 

func (x *TlsInspector) ClearMaxClientHelloSize()

func (*TlsInspector) GetCloseConnectionOnClientHelloParsingErrors 

func (x *TlsInspector) GetCloseConnectionOnClientHelloParsingErrors() bool

func (*TlsInspector) GetEnableJa3Fingerprinting 

func (x *TlsInspector) GetEnableJa3Fingerprinting() *wrapperspb.BoolValue

func (*TlsInspector) GetEnableJa4Fingerprinting 

func (x *TlsInspector) GetEnableJa4Fingerprinting() *wrapperspb.BoolValue

func (*TlsInspector) GetInitialReadBufferSize 

func (x *TlsInspector) GetInitialReadBufferSize() *wrapperspb.UInt32Value

func (*TlsInspector) GetMaxClientHelloSize 

func (x *TlsInspector) GetMaxClientHelloSize() *wrapperspb.UInt32Value

func (*TlsInspector) HasEnableJa3Fingerprinting 

func (x *TlsInspector) HasEnableJa3Fingerprinting() bool

func (*TlsInspector) HasEnableJa4Fingerprinting 

func (x *TlsInspector) HasEnableJa4Fingerprinting() bool

func (*TlsInspector) HasInitialReadBufferSize 

func (x *TlsInspector) HasInitialReadBufferSize() bool

func (*TlsInspector) HasMaxClientHelloSize 

func (x *TlsInspector) HasMaxClientHelloSize() bool

func (*TlsInspector) ProtoMessage 

func (*TlsInspector) ProtoMessage()

func (*TlsInspector) ProtoReflect 

func (x *TlsInspector) ProtoReflect() protoreflect.Message

func (*TlsInspector) Reset 

func (x *TlsInspector) Reset()

func (*TlsInspector) SetCloseConnectionOnClientHelloParsingErrors 

func (x *TlsInspector) SetCloseConnectionOnClientHelloParsingErrors(v bool)

func (*TlsInspector) SetEnableJa3Fingerprinting 

func (x *TlsInspector) SetEnableJa3Fingerprinting(v *wrapperspb.BoolValue)

func (*TlsInspector) SetEnableJa4Fingerprinting 

func (x *TlsInspector) SetEnableJa4Fingerprinting(v *wrapperspb.BoolValue)

func (*TlsInspector) SetInitialReadBufferSize 

func (x *TlsInspector) SetInitialReadBufferSize(v *wrapperspb.UInt32Value)

func (*TlsInspector) SetMaxClientHelloSize 

func (x *TlsInspector) SetMaxClientHelloSize(v *wrapperspb.UInt32Value)

func (*TlsInspector) String 

func (x *TlsInspector) String() string

type TlsInspector_builder 

type TlsInspector_builder struct {

	// Populate “JA3“ fingerprint hash using data from the TLS Client Hello packet. Default is false.
	EnableJa3Fingerprinting *wrapperspb.BoolValue
	// Populate “JA4“ fingerprint hash using data from the TLS Client Hello packet.
	// “JA4“ is an improved version of “JA3“ that includes TLS version, ciphers, extensions,
	// and ALPN information in a hex format. Default is false.
	EnableJa4Fingerprinting *wrapperspb.BoolValue
	// The size in bytes of the initial buffer requested by the tls_inspector.
	// If the filter needs to read additional bytes from the socket, the
	// filter will double the buffer up to it's default maximum of 16KiB.
	// If this size is not defined, defaults to maximum 16KiB that the
	// tls inspector will consume.
	InitialReadBufferSize *wrapperspb.UInt32Value
	// Close connection when TLS ClientHello message could not be parsed.
	// This flag should be enabled only if it is known that incoming connections are expected to use
	// TLS protocol, as Envoy does not distinguish between a plain text message or a malformed TLS
	// ClientHello message.
	// By default this flag is false and TLS ClientHello parsing errors are interpreted as a
	// plain text connection.
	// Setting this to true will cause connections to be terminated and the “client_hello_too_large“
	// counter to be incremented if the ClientHello message is over implementation defined limit
	// (currently 16Kb).
	CloseConnectionOnClientHelloParsingErrors bool
	// The maximum size in bytes of the ClientHello that the tls_inspector will
	// process. If the ClientHello is larger than this size, the tls_inspector
	// will stop processing and indicate failure. If not defined, defaults to
	// 16KiB.
	MaxClientHelloSize *wrapperspb.UInt32Value
	// contains filtered or unexported fields
}

func (TlsInspector_builder) Build 

func (b0 TlsInspector_builder) Build() *TlsInspector

Source Files

  • tls_inspector.pb.go

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.