xtls

package

v1.6.6 Latest Latest Go to latest Published: Nov 16, 2022 License: MPL-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Github-Aiko/Aiko-Core

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Variables
func Client(c net.Conn, config *xtls.Config) net.Conn
func Server(c net.Conn, config *xtls.Config) net.Conn
type Certificate
- func ParseCertificate(c *cert.Certificate) *Certificate
type Certificate_Usage
type Config
- func ConfigFromStreamSettings(settings *internet.MemoryStreamConfig) *Config
type Conn
- func (c *Conn) HandshakeAddress() net.Address
type Option
- func WithDestination(dest net.Destination) Option
- func WithNextProto(protocol ...string) Option

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	Certificate_Usage_name = map[int32]string{
		0: "ENCIPHERMENT",
		1: "AUTHORITY_VERIFY",
		2: "AUTHORITY_ISSUE",
	}
	Certificate_Usage_value = map[string]int32{
		"ENCIPHERMENT":     0,
		"AUTHORITY_VERIFY": 1,
		"AUTHORITY_ISSUE":  2,
	}
)

Enum value maps for Certificate_Usage.

View Source

var File_transport_internet_xtls_config_proto protoreflect.FileDescriptor

Functions ¶

func Client ¶

func Client(c net.Conn, config *xtls.Config) net.Conn

Client initiates a XTLS client handshake on the given connection.

func Server ¶

func Server(c net.Conn, config *xtls.Config) net.Conn

Server initiates a XTLS server handshake on the given connection.

Types ¶

type Certificate ¶

type Certificate struct {

	// TLS certificate in x509 format.
	Certificate []byte `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`
	// TLS key in x509 format.
	Key          []byte            `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"`
	Usage        Certificate_Usage `protobuf:"varint,3,opt,name=usage,proto3,enum=Aiko.transport.internet.xtls.Certificate_Usage" json:"usage,omitempty"`
	OcspStapling uint64            `protobuf:"varint,4,opt,name=ocsp_stapling,json=ocspStapling,proto3" json:"ocsp_stapling,omitempty"`
	// TLS certificate path
	CertificatePath string `protobuf:"bytes,5,opt,name=certificate_path,json=certificatePath,proto3" json:"certificate_path,omitempty"`
	// TLS Key path
	KeyPath string `protobuf:"bytes,6,opt,name=key_path,json=keyPath,proto3" json:"key_path,omitempty"`
	// If true, one-Time Loading
	OneTimeLoading bool `protobuf:"varint,7,opt,name=One_time_loading,json=OneTimeLoading,proto3" json:"One_time_loading,omitempty"`
	// contains filtered or unexported fields
}

func ParseCertificate ¶

func ParseCertificate(c *cert.Certificate) *Certificate

ParseCertificate converts a cert.Certificate to Certificate.

func (*Certificate) Descriptor deprecated

func (*Certificate) Descriptor() ([]byte, []int)

Deprecated: Use Certificate.ProtoReflect.Descriptor instead.

func (*Certificate) GetCertificate ¶

func (x *Certificate) GetCertificate() []byte

func (*Certificate) GetCertificatePath ¶

func (x *Certificate) GetCertificatePath() string

func (*Certificate) GetKey ¶

func (x *Certificate) GetKey() []byte

func (*Certificate) GetKeyPath ¶

func (x *Certificate) GetKeyPath() string

func (*Certificate) GetOcspStapling ¶

func (x *Certificate) GetOcspStapling() uint64

func (*Certificate) GetOneTimeLoading ¶

func (x *Certificate) GetOneTimeLoading() bool

func (*Certificate) GetUsage ¶

func (x *Certificate) GetUsage() Certificate_Usage

func (*Certificate) ProtoMessage ¶

func (*Certificate) ProtoMessage()

func (*Certificate) ProtoReflect ¶

func (x *Certificate) ProtoReflect() protoreflect.Message

func (*Certificate) Reset ¶

func (x *Certificate) Reset()

func (*Certificate) String ¶

func (x *Certificate) String() string

type Certificate_Usage ¶

type Certificate_Usage int32

const (
	Certificate_ENCIPHERMENT     Certificate_Usage = 0
	Certificate_AUTHORITY_VERIFY Certificate_Usage = 1
	Certificate_AUTHORITY_ISSUE  Certificate_Usage = 2
)

func (Certificate_Usage) Descriptor ¶

func (Certificate_Usage) Descriptor() protoreflect.EnumDescriptor

func (Certificate_Usage) Enum ¶

func (x Certificate_Usage) Enum() *Certificate_Usage

func (Certificate_Usage) EnumDescriptor deprecated

func (Certificate_Usage) EnumDescriptor() ([]byte, []int)

Deprecated: Use Certificate_Usage.Descriptor instead.

func (Certificate_Usage) Number ¶

func (x Certificate_Usage) Number() protoreflect.EnumNumber

func (Certificate_Usage) String ¶

func (x Certificate_Usage) String() string

func (Certificate_Usage) Type ¶

func (Certificate_Usage) Type() protoreflect.EnumType

type Config ¶

type Config struct {

	// Whether or not to allow self-signed certificates.
	AllowInsecure bool `protobuf:"varint,1,opt,name=allow_insecure,json=allowInsecure,proto3" json:"allow_insecure,omitempty"`
	// List of certificates to be served on server.
	Certificate []*Certificate `protobuf:"bytes,2,rep,name=certificate,proto3" json:"certificate,omitempty"`
	// Override server name.
	ServerName string `protobuf:"bytes,3,opt,name=server_name,json=serverName,proto3" json:"server_name,omitempty"`
	// Lists of string as ALPN values.
	NextProtocol []string `protobuf:"bytes,4,rep,name=next_protocol,json=nextProtocol,proto3" json:"next_protocol,omitempty"`
	// Whether or not to enable session (ticket) resumption.
	EnableSessionResumption bool `` /* 133-byte string literal not displayed */
	// If true, root certificates on the system will not be loaded for
	// verification.
	DisableSystemRoot bool `protobuf:"varint,6,opt,name=disable_system_root,json=disableSystemRoot,proto3" json:"disable_system_root,omitempty"`
	// The minimum TLS version.
	MinVersion string `protobuf:"bytes,7,opt,name=min_version,json=minVersion,proto3" json:"min_version,omitempty"`
	// The maximum TLS version.
	MaxVersion string `protobuf:"bytes,8,opt,name=max_version,json=maxVersion,proto3" json:"max_version,omitempty"`
	// Specify cipher suites, except for TLS 1.3.
	CipherSuites string `protobuf:"bytes,9,opt,name=cipher_suites,json=cipherSuites,proto3" json:"cipher_suites,omitempty"`
	// Whether the server selects its most preferred ciphersuite.
	PreferServerCipherSuites bool `` /* 139-byte string literal not displayed */
	RejectUnknownSni         bool `protobuf:"varint,12,opt,name=reject_unknown_sni,json=rejectUnknownSni,proto3" json:"reject_unknown_sni,omitempty"`
	// @Document A pinned certificate chain sha256 hash.
	// @Document If the server's hash does not match this value, the connection will be aborted.
	// @Document This value replace allow_insecure.
	// @Critical
	PinnedPeerCertificateChainSha256 [][]byte `` /* 164-byte string literal not displayed */
	// contains filtered or unexported fields
}

func ConfigFromStreamSettings ¶

func ConfigFromStreamSettings(settings *internet.MemoryStreamConfig) *Config

ConfigFromStreamSettings fetches Config from stream settings. Nil if not found.

func (*Config) BuildCertificates ¶

func (c *Config) BuildCertificates() []*xtls.Certificate

BuildCertificates builds a list of TLS certificates from proto definition.

func (*Config) Descriptor deprecated

func (*Config) Descriptor() ([]byte, []int)

Deprecated: Use Config.ProtoReflect.Descriptor instead.

func (*Config) GetAllowInsecure ¶

func (x *Config) GetAllowInsecure() bool

func (*Config) GetCertificate ¶

func (x *Config) GetCertificate() []*Certificate

func (*Config) GetCipherSuites ¶

func (x *Config) GetCipherSuites() string

func (*Config) GetDisableSystemRoot ¶

func (x *Config) GetDisableSystemRoot() bool

func (*Config) GetEnableSessionResumption ¶

func (x *Config) GetEnableSessionResumption() bool

func (*Config) GetMaxVersion ¶

func (x *Config) GetMaxVersion() string

func (*Config) GetMinVersion ¶

func (x *Config) GetMinVersion() string

func (*Config) GetNextProtocol ¶

func (x *Config) GetNextProtocol() []string

func (*Config) GetPinnedPeerCertificateChainSha256 ¶

func (x *Config) GetPinnedPeerCertificateChainSha256() [][]byte

func (*Config) GetPreferServerCipherSuites ¶

func (x *Config) GetPreferServerCipherSuites() bool

func (*Config) GetRejectUnknownSni ¶

func (x *Config) GetRejectUnknownSni() bool

func (*Config) GetServerName ¶

func (x *Config) GetServerName() string

func (*Config) GetXTLSConfig ¶

func (c *Config) GetXTLSConfig(opts ...Option) *xtls.Config

GetXTLSConfig converts this Config into xtls.Config.

func (*Config) ProtoMessage ¶

func (*Config) ProtoMessage()

func (*Config) ProtoReflect ¶

func (x *Config) ProtoReflect() protoreflect.Message

func (*Config) Reset ¶

func (x *Config) Reset()

func (*Config) String ¶

func (x *Config) String() string

type Conn ¶

type Conn struct {
	*xtls.Conn
}

func (*Conn) HandshakeAddress ¶

func (c *Conn) HandshakeAddress() net.Address

type Option ¶

type Option func(*xtls.Config)

Option for building XTLS config.

func WithDestination ¶

func WithDestination(dest net.Destination) Option

WithDestination sets the server name in XTLS config.

func WithNextProto ¶

func WithNextProto(protocol ...string) Option

WithNextProto sets the ALPN values in XTLS config.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL