Package credentials defines APIs for parsing SPIFFE ID.

All APIs in this package are experimental.



This section is empty.


This section is empty.


func AppendH2ToNextProtos

func AppendH2ToNextProtos(ps []string) []string

AppendH2ToNextProtos appends h2 to next protos.

func CloneTLSConfig

func CloneTLSConfig(cfg *tls.Config) *tls.Config

CloneTLSConfig returns a shallow clone of the exported fields of cfg, ignoring the unexported sync.Once, which contains a mutex and must not be copied.

If cfg is nil, a new zero tls.Config is returned.

TODO: inline this function if possible.

func SPIFFEIDFromCert

func SPIFFEIDFromCert(cert *x509.Certificate) *url.URL

SPIFFEIDFromCert parses the SPIFFE ID from x509.Certificate. If the SPIFFE ID format is invalid, return nil with warning.

func SPIFFEIDFromState

func SPIFFEIDFromState(state tls.ConnectionState) *url.URL

SPIFFEIDFromState parses the SPIFFE ID from State. If the SPIFFE ID format is invalid, return nil with warning.

func WrapSyscallConn

func WrapSyscallConn(rawConn, newConn net.Conn) net.Conn

WrapSyscallConn tries to wrap rawConn and newConn into a net.Conn that implements syscall.Conn. rawConn will be used to support syscall, and newConn will be used for read/write.

This function returns newConn if rawConn doesn't implement syscall.Conn.


This section is empty.


Path Synopsis
xds Package xds contains non-user facing functionality of the xds credentials.