tlsdial

package

v1.18.1 Latest Latest Go to latest Published: Nov 22, 2021 License: BSD-3-Clause Imports: 9 Imported by: 18

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/tailscale/tailscale

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tlsdial originally existed to set up a tls.Config for x509 validation, using a memory-optimized path for iOS, but then we moved that to the tailscale/go tree instead, so now this package does very little. But for now we keep it as a unified point where we might want to add shared policy on outgoing TLS connections from the 3 places in the client that connect to Tailscale (logs, control, DERP).

Index ¶

func Config(host string, base *tls.Config) *tls.Config
func SetConfigExpectedCert(c *tls.Config, certDNSName string)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Config ¶

func Config(host string, base *tls.Config) *tls.Config

Config returns a tls.Config for connecting to a server. If base is non-nil, it's cloned as the base config before being configured and returned.

func SetConfigExpectedCert ¶

func SetConfigExpectedCert(c *tls.Config, certDNSName string)

SetConfigExpectedCert modifies c to expect and verify that the server returns a certificate for the provided certDNSName.

This is for user-configurable client-side domain fronting support, where we send one SNI value but validate a different cert.

Types ¶

This section is empty.

Source Files ¶

View all Source files

tlsdial.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL