crypto/tls.Conn.config (field)
174 uses
crypto/tls (current package)
conn.go#L44: config *Config // configuration passed to constructor
conn.go#L902: if c.config.DynamicRecordSizingDisabled || typ != recordTypeApplicationData {
conn.go#L1031: outBuf, err = c.out.encrypt(outBuf, data[:m], c.config.rand())
conn.go#L1279: switch c.config.Renegotiation {
conn.go#L1639: if c.config.Renegotiation != RenegotiateNever {
handshake_client.go#L44: config := c.config
handshake_client.go#L174: if c.config.EncryptedClientHelloConfigList != nil {
handshake_client.go#L175: if c.config.MinVersion != 0 && c.config.MinVersion < VersionTLS13 {
handshake_client.go#L178: if c.config.MaxVersion != 0 && c.config.MaxVersion <= VersionTLS12 {
handshake_client.go#L181: echConfigs, err := parseECHConfigList(c.config.EncryptedClientHelloConfigList)
handshake_client.go#L222: if c.config == nil {
handshake_client.go#L223: c.config = defaultConfig()
handshake_client.go#L250: c.config.ClientSessionCache.Put(cacheKey, nil)
handshake_client.go#L265: _, err = io.ReadFull(c.config.rand(), hello.random)
handshake_client.go#L318: maxVers := c.config.maxSupportedVersion(roleClient)
handshake_client.go#L354: if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil {
handshake_client.go#L382: cs, ok := c.config.ClientSessionCache.Get(cacheKey)
handshake_client.go#L400: if c.config.time().After(session.peerCertificates[0].NotAfter) {
handshake_client.go#L402: c.config.ClientSessionCache.Put(cacheKey, nil)
handshake_client.go#L405: if !c.config.InsecureSkipVerify {
handshake_client.go#L410: if err := session.peerCertificates[0].VerifyHostname(c.config.ServerName); err != nil {
handshake_client.go#L416: CurrentTime: c.config.time(),
handshake_client.go#L417: Roots: c.config.RootCAs,
handshake_client.go#L422: c.config.ClientSessionCache.Put(cacheKey, nil)
handshake_client.go#L444: if c.config.time().After(time.Unix(int64(session.useBy), 0)) {
handshake_client.go#L445: c.config.ClientSessionCache.Put(cacheKey, nil)
handshake_client.go#L485: ticketAge := c.config.time().Sub(time.Unix(int64(session.createdAt), 0))
handshake_client.go#L510: vers, ok := c.config.mutualVersion(roleClient, []uint16{peerVersion})
handshake_client.go#L553: if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) {
handshake_client.go#L580: if c.config.VerifyConnection != nil {
handshake_client.go#L581: if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
handshake_client.go#L629: if hs.c.config.CipherSuites == nil && !fips140tls.Required() && rsaKexCiphers[hs.suite.id] {
handshake_client.go#L633: if hs.c.config.CipherSuites == nil && !fips140tls.Required() && tdesCiphers[hs.suite.id] {
handshake_client.go#L705: err = keyAgreement.processServerKeyExchange(c.config, hs.hello, hs.serverHello, c.peerCertificates[0], skx)
handshake_client.go#L756: preMasterSecret, ckx, err := keyAgreement.generateClientKeyExchange(c.config, hs.hello, c.peerCertificates[0])
handshake_client.go#L779: if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.hello.random, hs.masterSecret); err != nil {
handshake_client.go#L817: certVerify.signature, err = crypto.SignMessage(key, c.config.rand(), hs.finishedHash.buffer, signOpts)
handshake_client.go#L829: certVerify.signature, err = key.Sign(c.config.rand(), signed, sigHash)
handshake_client.go#L1059: c.config.ClientSessionCache.Put(cacheKey, cs)
handshake_client.go#L1117: echRejected := c.config.EncryptedClientHelloConfigList != nil && !c.echAccepted
handshake_client.go#L1119: if c.config.EncryptedClientHelloRejectionVerify != nil {
handshake_client.go#L1120: if err := c.config.EncryptedClientHelloRejectionVerify(c.connectionStateLocked()); err != nil {
handshake_client.go#L1126: Roots: c.config.RootCAs,
handshake_client.go#L1127: CurrentTime: c.config.time(),
handshake_client.go#L1147: } else if !c.config.InsecureSkipVerify {
handshake_client.go#L1149: Roots: c.config.RootCAs,
handshake_client.go#L1150: CurrentTime: c.config.time(),
handshake_client.go#L1151: DNSName: c.config.ServerName,
handshake_client.go#L1181: if c.config.VerifyPeerCertificate != nil && !echRejected {
handshake_client.go#L1182: if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil {
handshake_client.go#L1188: if c.config.VerifyConnection != nil && !echRejected {
handshake_client.go#L1189: if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
handshake_client.go#L1265: if c.config.GetClientCertificate != nil {
handshake_client.go#L1266: return c.config.GetClientCertificate(cri)
handshake_client.go#L1269: for _, chain := range c.config.Certificates {
handshake_client.go#L1283: if len(c.config.ServerName) > 0 {
handshake_client.go#L1284: return c.config.ServerName
handshake_client_tls13.go#L101: c.serverName = c.config.ServerName
handshake_client_tls13.go#L276: c.serverName = c.config.ServerName
handshake_client_tls13.go#L327: hs.keyShareKeys, hello.keyShares, err = ke.keyShares(c.config.rand())
handshake_client_tls13.go#L343: ticketAge := c.config.time().Sub(time.Unix(int64(hs.session.createdAt), 0))
handshake_client_tls13.go#L506: err = c.config.writeKeyLog(keyLogLabelClientHandshake, hs.hello.random, clientSecret)
handshake_client_tls13.go#L511: err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.hello.random, serverSecret)
handshake_client_tls13.go#L598: if c.config.VerifyConnection != nil {
handshake_client_tls13.go#L599: if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
handshake_client_tls13.go#L718: err = c.config.writeKeyLog(keyLogLabelClientTraffic, hs.hello.random, hs.trafficSecret)
handshake_client_tls13.go#L723: err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.hello.random, serverSecret)
handshake_client_tls13.go#L794: sig, err := crypto.SignMessage(cert.PrivateKey.(crypto.Signer), c.config.rand(), signed, signOpts)
handshake_client_tls13.go#L821: if !c.config.SessionTicketsDisabled && c.config.ClientSessionCache != nil {
handshake_client_tls13.go#L838: if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil {
handshake_client_tls13.go#L873: session.useBy = uint64(c.config.time().Add(lifetime).Unix())
handshake_client_tls13.go#L883: c.config.ClientSessionCache.Put(cacheKey, cs)
handshake_server.go#L151: echKeys := c.config.EncryptedClientHelloKeys
handshake_server.go#L152: if c.config.GetEncryptedClientHelloKeys != nil {
handshake_server.go#L153: echKeys, err = c.config.GetEncryptedClientHelloKeys(clientHelloInfo(ctx, c, clientHello))
handshake_server.go#L166: originalConfig := c.config
handshake_server.go#L167: if c.config.GetConfigForClient != nil {
handshake_server.go#L169: if configForClient, err = c.config.GetConfigForClient(chi); err != nil {
handshake_server.go#L173: c.config = configForClient
handshake_server.go#L190: c.vers, ok = c.config.mutualVersion(roleServer, clientVersions)
handshake_server.go#L211: if c.config.MinVersion == 0 && c.vers < VersionTLS12 {
handshake_server.go#L242: maxVers := c.config.maxSupportedVersion(roleServer)
handshake_server.go#L251: _, err := io.ReadFull(c.config.rand(), serverRandom)
handshake_server.go#L269: selectedProto, err := negotiateALPN(c.config.NextProtos, hs.clientHello.alpnProtocols, false)
handshake_server.go#L277: hs.cert, err = c.config.getCertificate(clientHelloInfo(hs.ctx, c, hs.clientHello))
handshake_server.go#L290: hs.ecdheOk, err = supportsECDHE(c.config, c.vers, hs.clientHello.supportedCurves, hs.clientHello.supportedPoints)
handshake_server.go#L399: preferenceList := c.config.cipherSuites(isAESGCMPreferred(hs.clientHello.cipherSuites))
handshake_server.go#L409: if c.config.CipherSuites == nil && !fips140tls.Required() && rsaKexCiphers[hs.suite.id] {
handshake_server.go#L413: if c.config.CipherSuites == nil && !fips140tls.Required() && tdesCiphers[hs.suite.id] {
handshake_server.go#L421: if hs.clientHello.vers < c.config.maxSupportedVersion(roleServer) {
handshake_server.go#L457: if c.config.SessionTicketsDisabled {
handshake_server.go#L462: if c.config.UnwrapSession != nil {
handshake_server.go#L463: ss, err := c.config.UnwrapSession(hs.clientHello.sessionTicket, c.connectionStateLocked())
handshake_server.go#L472: plaintext := c.config.decryptTicket(hs.clientHello.sessionTicket, c.ticketKeys)
handshake_server.go#L487: if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
handshake_server.go#L510: c.config.supportedCipherSuites(), hs.cipherSuiteOk)
handshake_server.go#L516: needClientCerts := requiresClientCert(c.config.ClientAuth)
handshake_server.go#L520: if sessionHasClientCerts && c.config.ClientAuth == NoClientCert {
handshake_server.go#L523: if sessionHasClientCerts && c.config.time().After(sessionState.peerCertificates[0].NotAfter) {
handshake_server.go#L527: CurrentTime: c.config.time(),
handshake_server.go#L528: Roots: c.config.ClientCAs,
handshake_server.go#L531: if sessionHasClientCerts && c.config.ClientAuth >= VerifyClientCertIfGiven &&
handshake_server.go#L583: if c.config.VerifyConnection != nil {
handshake_server.go#L584: if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
handshake_server.go#L606: hs.hello.ticketSupported = hs.clientHello.ticketSupported && !c.config.SessionTicketsDisabled
handshake_server.go#L610: if c.config.ClientAuth == NoClientCert {
handshake_server.go#L637: skx, err := keyAgreement.generateServerKeyExchange(c.config, hs.cert, hs.clientHello, hs.hello)
handshake_server.go#L653: if c.config.ClientAuth >= RequestClientCert {
handshake_server.go#L670: if c.config.ClientCAs != nil {
handshake_server.go#L671: certReq.certificateAuthorities = c.config.ClientCAs.Subjects()
handshake_server.go#L696: if c.config.ClientAuth >= RequestClientCert {
handshake_server.go#L717: if c.config.VerifyConnection != nil {
handshake_server.go#L718: if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
handshake_server.go#L731: preMasterSecret, err := keyAgreement.processClientKeyExchange(c.config, hs.cert, ckx, c.vers)
handshake_server.go#L748: if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.clientHello.random, hs.masterSecret); err != nil {
handshake_server.go#L896: if c.config.WrapSession != nil {
handshake_server.go#L898: m.ticket, err = c.config.WrapSession(c.connectionStateLocked(), state)
handshake_server.go#L907: m.ticket, err = c.config.encryptTicket(stateBytes, c.ticketKeys)
handshake_server.go#L958: if len(certs) == 0 && requiresClientCert(c.config.ClientAuth) {
handshake_server.go#L967: if c.config.ClientAuth >= VerifyClientCertIfGiven && len(certs) > 0 {
handshake_server.go#L969: Roots: c.config.ClientCAs,
handshake_server.go#L970: CurrentTime: c.config.time(),
handshake_server.go#L1011: if c.config.VerifyPeerCertificate != nil {
handshake_server.go#L1012: if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil {
handshake_server.go#L1038: config: c.config,
handshake_server_tls13.go#L135: if c.vers < c.config.maxSupportedVersion(roleServer) {
handshake_server_tls13.go#L150: if _, err := io.ReadFull(c.config.rand(), hs.hello.random); err != nil {
handshake_server_tls13.go#L209: preferredGroups := c.config.curvePreferences(c.vers)
handshake_server_tls13.go#L254: hs.sharedKey, hs.hello.serverShare, err = ke.serverSharedSecret(c.config.rand(), clientKeyShare.data)
handshake_server_tls13.go#L260: selectedProto, err := negotiateALPN(c.config.NextProtos, hs.clientHello.alpnProtocols, c.quic != nil)
handshake_server_tls13.go#L295: if c.config.SessionTicketsDisabled {
handshake_server_tls13.go#L324: if c.config.UnwrapSession != nil {
handshake_server_tls13.go#L326: sessionState, err = c.config.UnwrapSession(identity.label, c.connectionStateLocked())
handshake_server_tls13.go#L334: plaintext := c.config.decryptTicket(identity.label, c.ticketKeys)
handshake_server_tls13.go#L350: if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
handshake_server_tls13.go#L363: needClientCerts := requiresClientCert(c.config.ClientAuth)
handshake_server_tls13.go#L367: if sessionHasClientCerts && c.config.ClientAuth == NoClientCert {
handshake_server_tls13.go#L370: if sessionHasClientCerts && c.config.time().After(sessionState.peerCertificates[0].NotAfter) {
handshake_server_tls13.go#L374: CurrentTime: c.config.time(),
handshake_server_tls13.go#L375: Roots: c.config.ClientCAs,
handshake_server_tls13.go#L378: if sessionHasClientCerts && c.config.ClientAuth >= VerifyClientCertIfGiven &&
handshake_server_tls13.go#L487: certificate, err := c.config.getCertificate(clientHelloInfo(hs.ctx, c, hs.clientHello))
handshake_server_tls13.go#L766: err := c.config.writeKeyLog(keyLogLabelClientHandshake, hs.clientHello.random, clientSecret)
handshake_server_tls13.go#L771: err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.clientHello.random, serverSecret)
handshake_server_tls13.go#L795: echKeys := hs.c.config.EncryptedClientHelloKeys
handshake_server_tls13.go#L796: if hs.c.config.GetEncryptedClientHelloKeys != nil {
handshake_server_tls13.go#L797: echKeys, err = hs.c.config.GetEncryptedClientHelloKeys(clientHelloInfo(hs.ctx, c, hs.clientHello))
handshake_server_tls13.go#L819: return hs.c.config.ClientAuth >= RequestClientCert && !hs.usingPSK
handshake_server_tls13.go#L837: if c.config.ClientCAs != nil {
handshake_server_tls13.go#L838: certReq.certificateAuthorities = c.config.ClientCAs.Subjects()
handshake_server_tls13.go#L870: sig, err := crypto.SignMessage(hs.cert.PrivateKey.(crypto.Signer), c.config.rand(), signed, signOpts)
handshake_server_tls13.go#L913: err := c.config.writeKeyLog(keyLogLabelClientTraffic, hs.clientHello.random, hs.trafficSecret)
handshake_server_tls13.go#L918: err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.clientHello.random, serverSecret)
handshake_server_tls13.go#L939: if hs.c.config.SessionTicketsDisabled {
handshake_server_tls13.go#L987: if c.config.WrapSession != nil {
handshake_server_tls13.go#L989: m.label, err = c.config.WrapSession(c.connectionStateLocked(), state)
handshake_server_tls13.go#L999: m.label, err = c.config.encryptTicket(stateBytes, c.ticketKeys)
handshake_server_tls13.go#L1010: if _, err := c.config.rand().Read(ageAdd); err != nil {
handshake_server_tls13.go#L1033: if c.config.VerifyConnection != nil {
handshake_server_tls13.go#L1034: if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
handshake_server_tls13.go#L1060: if c.config.VerifyConnection != nil {
handshake_server_tls13.go#L1061: if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
quic.go#L218: if q.conn.config.MinVersion < VersionTLS13 {
quic.go#L325: if c.config.SessionTicketsDisabled {
quic.go#L355: c.config.ClientSessionCache.Put(cacheKey, cs)
ticket.go#L302: createdAt: uint64(c.config.time().Unix()),
tls.go#L49: config: config,
tls.go#L62: config: config,
 |
The pages are generated with Golds v0.8.4. (GOOS=linux GOARCH=amd64)
Golds is a Go 101 project developed by Tapir Liu.
PR and bug reports are welcome and can be submitted to the issue list.
Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds. |