We use cookies to ensure you get the best experience on our website
首页 发现 帮助
注册 登录
0ct0pu5
/
moby
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: debcb76939
分支列表 标签列表
moby
/
vendor
/
google.golang.org
/
api
/
internal
/
cert
/
default_cert.go

default_cert.go 2.0 KB
文件历史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 
  1. // Copyright 2020 Google LLC.
    2. 

  2. // Use of this source code is governed by a BSD-style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. // Package cert contains certificate tools for Google API clients.
    6. 

  6. // This package is intended to be used with crypto/tls.Config.GetClientCertificate.
    7. 

  7. //
    8. 

  8. // The certificates can be used to satisfy Google's Endpoint Validation.
    9. 

  9. // See https://cloud.google.com/endpoint-verification/docs/overview
    10. 

  10. //
    11. 

  11. // This package is not intended for use by end developers. Use the
    12. 

  12. // google.golang.org/api/option package to configure API clients.
    13. 

  13. package cert
    14. 

  14. 

  15. import (
    16. 

  16. 	"crypto/tls"
    17. 

  17. 	"errors"
    18. 

  18. 	"sync"
    19. 

  19. )
    20. 

  20. 

  21. // defaultCertData holds all the variables pertaining to
    22. 

  22. // the default certficate source created by DefaultSource.
    23. 

  23. //
    24. 

  24. // A singleton model is used to allow the source to be reused
    25. 

  25. // by the transport layer.
    26. 

  26. type defaultCertData struct {
    27. 

  27. 	once   sync.Once
    28. 

  28. 	source Source
    29. 

  29. 	err    error
    30. 

  30. }
    31. 

  31. 

  32. var (
    33. 

  33. 	defaultCert defaultCertData
    34. 

  34. )
    35. 

  35. 

  36. // Source is a function that can be passed into crypto/tls.Config.GetClientCertificate.
    37. 

  37. type Source func(*tls.CertificateRequestInfo) (*tls.Certificate, error)
    38. 

  38. 

  39. // errSourceUnavailable is a sentinel error to indicate certificate source is unavailable.
    40. 

  40. var errSourceUnavailable = errors.New("certificate source is unavailable")
    41. 

  41. 

  42. // DefaultSource returns a certificate source using the preferred EnterpriseCertificateProxySource.
    43. 

  43. // If EnterpriseCertificateProxySource is not available, fall back to the legacy SecureConnectSource.
    44. 

  44. //
    45. 

  45. // If neither source is available (due to missing configurations), a nil Source and a nil Error are
    46. 

  46. // returned to indicate that a default certificate source is unavailable.
    47. 

  47. func DefaultSource() (Source, error) {
    48. 

  48. 	defaultCert.once.Do(func() {
    49. 

  49. 		defaultCert.source, defaultCert.err = NewEnterpriseCertificateProxySource("")
    50. 

  50. 		if errors.Is(defaultCert.err, errSourceUnavailable) {
    51. 

  51. 			defaultCert.source, defaultCert.err = NewSecureConnectSource("")
    52. 

  52. 			if errors.Is(defaultCert.err, errSourceUnavailable) {
    53. 

  53. 				defaultCert.source, defaultCert.err = nil, nil
    54. 

  54. 			}
    55. 

  55. 		}
    56. 

  56. 	})
    57. 

  57. 	return defaultCert.source, defaultCert.err
    58. 

  58. }
    59.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5