Documentation
¶
Overview ¶
Package probe provides TLS handshake probing for certificate inspection.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EvaluatePosture ¶ added in v0.3.0
EvaluatePosture checks TLS handshake parameters for weak configurations. Returns a list of human-readable issues found, or nil if posture is acceptable.
func FormatTarget ¶
FormatTarget builds a probe URL from host:port and optional SNI.
Types ¶
type DialContextFunc ¶ added in v0.1.1
DialContextFunc is the signature used by ProbeWithDialer to establish TCP connections.
type Result ¶
type Result struct {
Cert *x509.Certificate
ProbeErr string
Chain []*x509.Certificate
OCSPResponse []byte
RetryCount int
TLSVersion uint16
CipherSuite uint16
ProbeOK bool
}
Result holds the outcome of a TLS probe.
func Probe ¶
Probe connects to a TLS endpoint and returns the presented certificate. Accepts urls like https://host:port or tcp://host:port?sni=name.
func ProbeWithDialer ¶ added in v0.1.1
func ProbeWithDialer(raw string, dialFn DialContextFunc) Result
ProbeWithDialer is like Probe but uses the provided dial function for the underlying TCP connection. This allows routing through a SOCKS5 proxy or ProbeWithDialer performs a TLS handshake using a custom dial function. This enables routing probes through a SOCKS5 tunnel or any other custom transport.
Source Files