Documentation
¶
Index ¶
- Variables
- func DeriveTLS12Keys(masterSecret, clientRandom, serverRandom []byte, suite uint16) (tls12Keys, error)
- func DeriveTLS13Keys(clientSecret, serverSecret []byte, suite uint16) (tls13Keys, error)
- func DrainClientTickets(tc *tls.Conn, conn net.Conn) []byte
- func EnableKTLS(fd int, isClient bool, suite uint16, keys tls12Keys, inSeq, outSeq uint64) error
- func EnableKTLS13(fd int, isClient bool, suite uint16, keys tls13Keys, inSeq, outSeq [8]byte) error
- func IsKTLSCipher(suite uint16) bool
- func NewKeyLogWriter(dst io.Writer) *keyLogWriter
- func NewRecordConn(conn net.Conn) *recordConn
- func PrepareKTLSConfig(cfg *tls.Config, klw *keyLogWriter) *tls.Config
- func TLSConnRecSeq(tc *tls.Conn) (inSeq, outSeq [8]byte, ok bool)
- type KeyLogWriter
- type RecordConn
- type TLS12Keys
- type TLS13Keys
Constants ¶
This section is empty.
Variables ¶
View Source
var KTLSClientPostHandshakeReadMaxBytes = 64 * 1024
KTLSClientPostHandshakeReadMaxBytes caps buffered app data during ticket drain.
View Source
var KTLSClientPostHandshakeTimeout = 10 * time.Millisecond
KTLSClientPostHandshakeTimeout is the max time to wait for TLS1.3 tickets.
View Source
var KTLSDisableSessionTickets = false
KTLSDisableSessionTickets disables TLS session tickets when kTLS is enabled.
View Source
var KTLSEnableRX = false
KTLSEnableRX controls whether kTLS RX is enabled.
View Source
var KTLSForceTLS13AESGCM = true
KTLSForceTLS13AESGCM restricts TLS1.3 cipher suites to AES-GCM.
View Source
var KTLSPreferTLS12IfNoAESGCM = true
KTLSPreferTLS12IfNoAESGCM forces TLS1.2 when client doesn't advertise TLS1.3 AES-GCM.
Functions ¶
func DeriveTLS12Keys ¶
func DeriveTLS13Keys ¶
func EnableKTLS ¶
func EnableKTLS13 ¶
func IsKTLSCipher ¶
func NewKeyLogWriter ¶
func NewRecordConn ¶
Types ¶
type KeyLogWriter ¶
type KeyLogWriter = keyLogWriter
type RecordConn ¶
type RecordConn = recordConn
Source Files
Click to show internal directories.
Click to hide internal directories.