2024-11-08 16:26:22 +03:00
|
|
|
package tlsconfig
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"crypto/tls"
|
|
|
|
|
"time"
|
|
|
|
|
)
|
|
|
|
|
|
2024-12-05 14:19:25 +03:00
|
|
|
// Metrics is an interface that is used for the collection of the TLS-related
|
2024-11-08 16:26:22 +03:00
|
|
|
// statistics.
|
|
|
|
|
type Metrics interface {
|
|
|
|
|
// BeforeHandshake returns a function that needs to be passed to
|
|
|
|
|
// [tls.Config.GetConfigForClient]. f must not be nil.
|
|
|
|
|
BeforeHandshake(proto string) (f func(*tls.ClientHelloInfo) (c *tls.Config, err error))
|
|
|
|
|
|
|
|
|
|
// AfterHandshake returns a function that needs to be passed to
|
|
|
|
|
// [tls.Config.VerifyConnection]. f must not be nil.
|
|
|
|
|
AfterHandshake(
|
|
|
|
|
proto string,
|
|
|
|
|
srvName string,
|
|
|
|
|
devDomains []string,
|
2024-12-05 14:19:25 +03:00
|
|
|
srvCerts []*tls.Certificate,
|
2024-11-08 16:26:22 +03:00
|
|
|
) (f func(s tls.ConnectionState) (err error))
|
|
|
|
|
|
|
|
|
|
// SetCertificateInfo sets the TLS certificate information.
|
|
|
|
|
SetCertificateInfo(ctx context.Context, algo, subj string, notAfter time.Time)
|
|
|
|
|
|
|
|
|
|
// SetSessionTicketRotationStatus sets the TLS session ticket rotation
|
|
|
|
|
// status.
|
|
|
|
|
SetSessionTicketRotationStatus(ctx context.Context, enabled bool)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// EmptyMetrics is the implementation of the [Metrics] interface that does
|
|
|
|
|
// nothing.
|
|
|
|
|
type EmptyMetrics struct{}
|
|
|
|
|
|
|
|
|
|
// type check
|
|
|
|
|
var _ Metrics = EmptyMetrics{}
|
|
|
|
|
|
|
|
|
|
// BeforeHandshake implements the [Metrics] interface for EmptyMetrics by
|
|
|
|
|
// returning a function that does nothing.
|
|
|
|
|
func (EmptyMetrics) BeforeHandshake(
|
|
|
|
|
_ string,
|
|
|
|
|
) (f func(info *tls.ClientHelloInfo) (c *tls.Config, err error)) {
|
|
|
|
|
return func(info *tls.ClientHelloInfo) (*tls.Config, error) {
|
|
|
|
|
return nil, nil
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// AfterHandshake implements the [Metrics] interface for EmptyMetrics by
|
|
|
|
|
// returning a function that does nothing.
|
|
|
|
|
func (EmptyMetrics) AfterHandshake(
|
|
|
|
|
_ string,
|
|
|
|
|
_ string,
|
|
|
|
|
_ []string,
|
2024-12-05 14:19:25 +03:00
|
|
|
_ []*tls.Certificate,
|
2024-11-08 16:26:22 +03:00
|
|
|
) (f func(s tls.ConnectionState) (err error)) {
|
|
|
|
|
return func(tls.ConnectionState) error {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// SetCertificateInfo implements the [Metrics] interface for EmptyMetrics.
|
|
|
|
|
func (EmptyMetrics) SetCertificateInfo(_ context.Context, _, _ string, _ time.Time) {}
|
|
|
|
|
|
|
|
|
|
// SetSessionTicketRotationStatus implements the [Metrics] interface for
|
|
|
|
|
// EmptyMetrics.
|
|
|
|
|
func (EmptyMetrics) SetSessionTicketRotationStatus(_ context.Context, _ bool) {}
|
