tls

package
v0.0.0-...-57fb5fe Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 22, 2025 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Overview

Package tls contains definitions and methods related to tags parsed from the TLS handshake

Index

Constants

View Source 
const (
	TagTLSVersion       = "tls.version:"
	TagTLSCipherSuiteID = "tls.cipher_suite_id:"
	TagTLSClientVersion = "tls.client_version:"
)

Constants for tag keys

View Source 
const (
	OfferedTLSVersion10 uint8 = 0x01
	OfferedTLSVersion11 uint8 = 0x02
	OfferedTLSVersion12 uint8 = 0x04
	OfferedTLSVersion13 uint8 = 0x08
)

Bitmask constants for Offered_versions matching kernelspace definitions

View Source 
const (
	// ConnTagGnuTLS is the tag for GnuTLS connections
	ConnTagGnuTLS = GnuTLS
	// ConnTagOpenSSL is the tag for OpenSSL connections
	ConnTagOpenSSL = OpenSSL
	// ConnTagGo is the tag for GO TLS connections
	ConnTagGo = Go
	// ConnTagTLS is the tag for TLS connections in general
	ConnTagTLS = TLS
	// ConnTagIstio is the tag for Istio TLS connections
	ConnTagIstio = Istio
	// ConnTagNodeJS is the tag for NodeJS TLS connections
	ConnTagNodeJS = NodeJS
)

Variables

View Source 
var ClientVersionTags = map[uint16]string{
	tls.VersionTLS10: TagTLSClientVersion + version10,
	tls.VersionTLS11: TagTLSClientVersion + version11,
	tls.VersionTLS12: TagTLSClientVersion + version12,
	tls.VersionTLS13: TagTLSClientVersion + version13,
}

ClientVersionTags maps TLS versions to tag names for client offered versions (exported for testing)

View Source 
var (
	StaticTags = map[ConnTag]string{
		GnuTLS:  "tls.library:gnutls",
		OpenSSL: "tls.library:openssl",
		Go:      "tls.library:go",
		TLS:     "tls.connection:encrypted",
		Istio:   "tls.library:istio",
		NodeJS:  "tls.library:nodejs",
	}
)
View Source 
var VersionTags = map[uint16]string{
	tls.VersionTLS10: TagTLSVersion + version10,
	tls.VersionTLS11: TagTLSVersion + version11,
	tls.VersionTLS12: TagTLSVersion + version12,
	tls.VersionTLS13: TagTLSVersion + version13,
}

VersionTags maps TLS versions to tag names for server chosen version (exported for testing)

Functions

func GetStaticTags 

func GetStaticTags(staticTags uint64) (tags []string)

GetStaticTags return the string list of static tags from network.ConnectionStats.Tags

func IsTLSTag 

func IsTLSTag(staticTags uint64) bool

IsTLSTag return if the tag is a TLS tag

Types

type ConnTag 

type ConnTag = uint64
const (
	GnuTLS  ConnTag = 0x1
	OpenSSL ConnTag = 0x2
	Go      ConnTag = 0x4
	TLS     ConnTag = 0x8
	Istio   ConnTag = 0x10
	NodeJS  ConnTag = 0x20
)

type Tags 

type Tags struct {
	ChosenVersion   uint16
	CipherSuite     uint16
	OfferedVersions uint8
}

Tags holds the TLS tags. It is used to store the TLS version, cipher suite and offered versions. We can't use the struct from eBPF as the definition is shared with windows.

func (*Tags) GetDynamicTags 

func (t *Tags) GetDynamicTags() map[string]struct{}

GetDynamicTags generates dynamic tags based on TLS information

func (*Tags) IsEmpty 

func (t *Tags) IsEmpty() bool

IsEmpty returns true if all fields are zero

func (*Tags) MergeWith 

func (t *Tags) MergeWith(that Tags)

MergeWith merges the tags from another Tags struct into this one

func (*Tags) String 

func (t *Tags) String() string

String returns a string representation of the Tags struct

Source Files

View all Source files

Directories

Path Synopsis
gotls
testutil/gotls_client
Package main is a simple client for the gotls_server.
 Package main is a simple client for the gotls_server.
testutil/gotls_server
Package main is a simple client for the gotls_server.
 Package main is a simple client for the gotls_server.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.