package client

import "github.com/cloudflare/cfssl/api/client"

Package client implements a Go client for CFSSL API commands.

Index

Constants 

const (
	// StrategyInvalid indicates any strategy that is unsupported
	// or returned when no strategy is applicable.
	StrategyInvalid = iota

	// StrategyOrderedList is a sequential list of servers: if the
	// first server cannot be reached, the next is used. The
	// client will proceed in this manner until the list of
	// servers is exhausted, and then an error is returned.
	StrategyOrderedList
)

Types

type AuthRemote 

type AuthRemote struct {
	Remote
	// contains filtered or unexported fields
}

AuthRemote acts as a Remote with a default Provider for AuthSign.

func NewAuthServer 

func NewAuthServer(addr string, tlsConfig *tls.Config, provider auth.Provider) *AuthRemote

NewAuthServer sets up a new auth server target with an addr in the same format at NewServer and a default authentication provider to use for Sign requests.

func (*AuthRemote) Sign 

func (ar *AuthRemote) Sign(req []byte) ([]byte, error)

Sign is overloaded to perform an AuthSign request using the default auth provider.

type Remote 

type Remote interface {
	AuthSign(req, id []byte, provider auth.Provider) ([]byte, error)
	Sign(jsonData []byte) ([]byte, error)
	Info(jsonData []byte) (*info.Resp, error)
	Hosts() []string
	SetReqModifier(func(*http.Request, []byte))
	SetRequestTimeout(d time.Duration)
	SetProxy(func(*http.Request) (*url.URL, error))
}

A Remote points to at least one (but possibly multiple) remote CFSSL instances. It must be able to perform a authenticated and unauthenticated certificate signing requests, return information about the CA on the other end, and return a list of the hosts that are used by the remote.

func NewGroup 

func NewGroup(remotes []string, tlsConfig *tls.Config, strategy Strategy) (Remote, error)

NewGroup will use the collection of remotes specified with the given strategy.

func NewServer 

func NewServer(addr string) Remote

NewServer sets up a new server target. The address should be of The format [protocol:]name[:port] of the remote CFSSL instance. If no protocol is given http is default. If no port is specified, the CFSSL default port (8888) is used. If the name is a comma-separated list of hosts, an ordered group will be returned.

func NewServerTLS 

func NewServerTLS(addr string, tlsConfig *tls.Config) Remote

NewServerTLS is the TLS version of NewServer

type SignResult 

type SignResult struct {
	Certificate []byte `json:"certificate"`
}

SignResult is the result of signing a CSR.

type Strategy 

type Strategy int

Strategy is the means by which the server to use as a remote should be selected.

func StrategyFromString 

func StrategyFromString(s string) Strategy

StrategyFromString takes a string describing a

Source Files

api.go client.go group.go

Version
v1.6.5 (latest)
Published
Mar 5, 2024
Platform
linux/amd64
Imports
17 packages
Last checked
6 days ago

Tools for package owners.