TRKJ/EdgeCommon
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeCommon.git synced 2026-03-08 05:15:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

实现证书管理

Browse Source
This commit is contained in:
刘祥超
2020-09-30 17:46:33 +08:00
parent cdc7dfcc36
commit 5af65705d8
18 changed files with 2269 additions and 853 deletions
Download Patch File Download Diff File Expand all files Collapse all files

629
pkg/rpc/pb/service_server.pb.go
View File

@@ -1492,6 +1492,196 @@ func (x *FindAndInitServerWebConfigResponse) GetWebJSON() []byte {
return nil
}
// 计算使用某个SSL证书的服务数量
type CountServersWithSSLCertIdRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
CertId int64 `protobuf:"varint,1,opt,name=certId,proto3" json:"certId,omitempty"`
}
func (x *CountServersWithSSLCertIdRequest) Reset() {
*x = CountServersWithSSLCertIdRequest{}
if protoimpl.UnsafeEnabled {
mi := &file_service_server_proto_msgTypes[26]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *CountServersWithSSLCertIdRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*CountServersWithSSLCertIdRequest) ProtoMessage() {}
func (x *CountServersWithSSLCertIdRequest) ProtoReflect() protoreflect.Message {
mi := &file_service_server_proto_msgTypes[26]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use CountServersWithSSLCertIdRequest.ProtoReflect.Descriptor instead.
func (*CountServersWithSSLCertIdRequest) Descriptor() ([]byte, []int) {
return file_service_server_proto_rawDescGZIP(), []int{26}
}
func (x *CountServersWithSSLCertIdRequest) GetCertId() int64 {
if x != nil {
return x.CertId
}
return 0
}
type CountServersWithSSLCertIdResponse struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Count int64 `protobuf:"varint,1,opt,name=count,proto3" json:"count,omitempty"`
}
func (x *CountServersWithSSLCertIdResponse) Reset() {
*x = CountServersWithSSLCertIdResponse{}
if protoimpl.UnsafeEnabled {
mi := &file_service_server_proto_msgTypes[27]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *CountServersWithSSLCertIdResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*CountServersWithSSLCertIdResponse) ProtoMessage() {}
func (x *CountServersWithSSLCertIdResponse) ProtoReflect() protoreflect.Message {
mi := &file_service_server_proto_msgTypes[27]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use CountServersWithSSLCertIdResponse.ProtoReflect.Descriptor instead.
func (*CountServersWithSSLCertIdResponse) Descriptor() ([]byte, []int) {
return file_service_server_proto_rawDescGZIP(), []int{27}
}
func (x *CountServersWithSSLCertIdResponse) GetCount() int64 {
if x != nil {
return x.Count
}
return 0
}
// 查找使用某个SSL证书的所有服务
type FindAllServersWithSSLCertIdRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
CertId int64 `protobuf:"varint,1,opt,name=certId,proto3" json:"certId,omitempty"`
}
func (x *FindAllServersWithSSLCertIdRequest) Reset() {
*x = FindAllServersWithSSLCertIdRequest{}
if protoimpl.UnsafeEnabled {
mi := &file_service_server_proto_msgTypes[28]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *FindAllServersWithSSLCertIdRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*FindAllServersWithSSLCertIdRequest) ProtoMessage() {}
func (x *FindAllServersWithSSLCertIdRequest) ProtoReflect() protoreflect.Message {
mi := &file_service_server_proto_msgTypes[28]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use FindAllServersWithSSLCertIdRequest.ProtoReflect.Descriptor instead.
func (*FindAllServersWithSSLCertIdRequest) Descriptor() ([]byte, []int) {
return file_service_server_proto_rawDescGZIP(), []int{28}
}
func (x *FindAllServersWithSSLCertIdRequest) GetCertId() int64 {
if x != nil {
return x.CertId
}
return 0
}
type FindAllServersWithSSLCertIdResponse struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Servers []*Server `protobuf:"bytes,1,rep,name=servers,proto3" json:"servers,omitempty"`
}
func (x *FindAllServersWithSSLCertIdResponse) Reset() {
*x = FindAllServersWithSSLCertIdResponse{}
if protoimpl.UnsafeEnabled {
mi := &file_service_server_proto_msgTypes[29]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *FindAllServersWithSSLCertIdResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*FindAllServersWithSSLCertIdResponse) ProtoMessage() {}
func (x *FindAllServersWithSSLCertIdResponse) ProtoReflect() protoreflect.Message {
mi := &file_service_server_proto_msgTypes[29]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use FindAllServersWithSSLCertIdResponse.ProtoReflect.Descriptor instead.
func (*FindAllServersWithSSLCertIdResponse) Descriptor() ([]byte, []int) {
return file_service_server_proto_rawDescGZIP(), []int{29}
}
func (x *FindAllServersWithSSLCertIdResponse) GetServers() []*Server {
if x != nil {
return x.Servers
}
return nil
}
var File_service_server_proto protoreflect.FileDescriptor
var file_service_server_proto_rawDesc = []byte{
@@ -1647,100 +1837,130 @@ var file_service_server_proto_rawDesc = []byte{
0x6e, 0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57, 0x65, 0x62, 0x43, 0x6f, 0x6e, 0x66,
0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x77, 0x65,
0x62, 0x4a, 0x53, 0x4f, 0x4e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x77, 0x65, 0x62,
0x4a, 0x53, 0x4f, 0x4e, 0x32, 0xc8, 0x0b, 0x0a, 0x0d, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x53,
0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x41, 0x0a, 0x0c, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65,
0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x17, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61,
0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
0x18, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65,
0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x47, 0x0a, 0x11, 0x75, 0x70, 0x64,
0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x42, 0x61, 0x73, 0x69, 0x63, 0x12, 0x1c,
0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
0x42, 0x61, 0x73, 0x69, 0x63, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70,
0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65,
0x73, 0x73, 0x12, 0x45, 0x0a, 0x10, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76,
0x65, 0x72, 0x48, 0x54, 0x54, 0x50, 0x12, 0x1b, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61,
0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x54, 0x54, 0x50, 0x52, 0x65, 0x71, 0x75,
0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61,
0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x47, 0x0a, 0x11, 0x75, 0x70, 0x64,
0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x54, 0x54, 0x50, 0x53, 0x12, 0x1c,
0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
0x48, 0x54, 0x54, 0x50, 0x53, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70,
0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65,
0x73, 0x73, 0x12, 0x43, 0x0a, 0x0f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76,
0x65, 0x72, 0x54, 0x43, 0x50, 0x12, 0x1a, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74,
0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x43, 0x50, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65,
0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x43, 0x0a, 0x0f, 0x75, 0x70, 0x64, 0x61, 0x74,
0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x4c, 0x53, 0x12, 0x1a, 0x2e, 0x70, 0x62, 0x2e,
0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x4c, 0x53, 0x52,
0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55,
0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x45, 0x0a, 0x10,
0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x55, 0x6e, 0x69, 0x78,
0x12, 0x1b, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76,
0x65, 0x72, 0x55, 0x6e, 0x69, 0x78, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e,
0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63,
0x65, 0x73, 0x73, 0x12, 0x43, 0x0a, 0x0f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72,
0x76, 0x65, 0x72, 0x55, 0x44, 0x50, 0x12, 0x1a, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61,
0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x55, 0x44, 0x50, 0x52, 0x65, 0x71, 0x75, 0x65,
0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74,
0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x43, 0x0a, 0x0f, 0x75, 0x70, 0x64, 0x61,
0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57, 0x65, 0x62, 0x12, 0x1a, 0x2e, 0x70, 0x62,
0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57, 0x65, 0x62,
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43,
0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x55, 0x0a,
0x18, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x76,
0x65, 0x72, 0x73, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x12, 0x23, 0x2e, 0x70, 0x62, 0x2e, 0x55,
0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x76, 0x65, 0x72,
0x73, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14,
0x4a, 0x53, 0x4f, 0x4e, 0x22, 0x3a, 0x0a, 0x20, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x53, 0x65, 0x72,
0x76, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74, 0x68, 0x53, 0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x49,
0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x63, 0x65, 0x72, 0x74,
0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x06, 0x63, 0x65, 0x72, 0x74, 0x49, 0x64,
0x22, 0x39, 0x0a, 0x21, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73,
0x57, 0x69, 0x74, 0x68, 0x53, 0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x49, 0x64, 0x52, 0x65, 0x73,
0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01,
0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0x3c, 0x0a, 0x22, 0x46,
0x69, 0x6e, 0x64, 0x41, 0x6c, 0x6c, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74,
0x68, 0x53, 0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x49, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
0x74, 0x12, 0x16, 0x0a, 0x06, 0x63, 0x65, 0x72, 0x74, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28,
0x03, 0x52, 0x06, 0x63, 0x65, 0x72, 0x74, 0x49, 0x64, 0x22, 0x4b, 0x0a, 0x23, 0x46, 0x69, 0x6e,
0x64, 0x41, 0x6c, 0x6c, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74, 0x68, 0x53,
0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x49, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
0x12, 0x24, 0x0a, 0x07, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28,
0x0b, 0x32, 0x0a, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x07, 0x73,
0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x32, 0xa2, 0x0d, 0x0a, 0x0d, 0x53, 0x65, 0x72, 0x76, 0x65,
0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x41, 0x0a, 0x0c, 0x63, 0x72, 0x65, 0x61,
0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x17, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72,
0x65, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
0x74, 0x1a, 0x18, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72,
0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x47, 0x0a, 0x11, 0x75,
0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x42, 0x61, 0x73, 0x69, 0x63,
0x12, 0x1c, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76,
0x65, 0x72, 0x42, 0x61, 0x73, 0x69, 0x63, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14,
0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63,
0x63, 0x65, 0x73, 0x73, 0x12, 0x47, 0x0a, 0x11, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65,
0x72, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x1c, 0x2e, 0x70, 0x62, 0x2e, 0x55,
0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x73,
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43,
0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x5f, 0x0a,
0x16, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x6c, 0x6c, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64,
0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x12, 0x21, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x6f, 0x75,
0x6e, 0x74, 0x41, 0x6c, 0x6c, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76,
0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x70, 0x62, 0x2e,
0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x6c, 0x6c, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53,
0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x53,
0x0a, 0x12, 0x6c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72,
0x76, 0x65, 0x72, 0x73, 0x12, 0x1d, 0x2e, 0x70, 0x62, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x6e,
0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75,
0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x70, 0x62, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x61,
0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f,
0x6e, 0x73, 0x65, 0x12, 0x44, 0x0a, 0x0d, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x65,
0x72, 0x76, 0x65, 0x72, 0x12, 0x18, 0x2e, 0x70, 0x62, 0x2e, 0x44, 0x69, 0x73, 0x61, 0x62, 0x6c,
0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x19,
0x2e, 0x70, 0x62, 0x2e, 0x44, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65,
0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x50, 0x0a, 0x11, 0x66, 0x69, 0x6e,
0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x1c,
0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53,
0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x70,
0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72,
0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x5c, 0x0a, 0x15, 0x66,
0x63, 0x65, 0x73, 0x73, 0x12, 0x45, 0x0a, 0x10, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65,
0x72, 0x76, 0x65, 0x72, 0x48, 0x54, 0x54, 0x50, 0x12, 0x1b, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70,
0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x54, 0x54, 0x50, 0x52, 0x65,
0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70,
0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x47, 0x0a, 0x11, 0x75,
0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x54, 0x54, 0x50, 0x53,
0x12, 0x1c, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76,
0x65, 0x72, 0x48, 0x54, 0x54, 0x50, 0x53, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14,
0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63,
0x63, 0x65, 0x73, 0x73, 0x12, 0x43, 0x0a, 0x0f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65,
0x72, 0x76, 0x65, 0x72, 0x54, 0x43, 0x50, 0x12, 0x1a, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64,
0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x43, 0x50, 0x52, 0x65, 0x71, 0x75,
0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61,
0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x43, 0x0a, 0x0f, 0x75, 0x70, 0x64,
0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x4c, 0x53, 0x12, 0x1a, 0x2e, 0x70,
0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x4c,
0x53, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50,
0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x45,
0x0a, 0x10, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x55, 0x6e,
0x69, 0x78, 0x12, 0x1b, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65,
0x72, 0x76, 0x65, 0x72, 0x55, 0x6e, 0x69, 0x78, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75,
0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x43, 0x0a, 0x0f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53,
0x65, 0x72, 0x76, 0x65, 0x72, 0x55, 0x44, 0x50, 0x12, 0x1a, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70,
0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x55, 0x44, 0x50, 0x52, 0x65, 0x71,
0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64,
0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x43, 0x0a, 0x0f, 0x75, 0x70,
0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57, 0x65, 0x62, 0x12, 0x1a, 0x2e,
0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57,
0x65, 0x62, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52,
0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12,
0x55, 0x0a, 0x18, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52,
0x65, 0x76, 0x65, 0x72, 0x73, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x12, 0x23, 0x2e, 0x70, 0x62,
0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x76,
0x65, 0x72, 0x73, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53,
0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x47, 0x0a, 0x11, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65,
0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x1c, 0x2e, 0x70, 0x62,
0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d,
0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52,
0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12,
0x5f, 0x0a, 0x16, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x6c, 0x6c, 0x45, 0x6e, 0x61, 0x62, 0x6c,
0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x12, 0x21, 0x2e, 0x70, 0x62, 0x2e, 0x43,
0x6f, 0x75, 0x6e, 0x74, 0x41, 0x6c, 0x6c, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65,
0x72, 0x76, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x70,
0x62, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x41, 0x6c, 0x6c, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65,
0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
0x12, 0x53, 0x0a, 0x12, 0x6c, 0x69, 0x73, 0x74, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53,
0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x12, 0x1d, 0x2e, 0x70, 0x62, 0x2e, 0x4c, 0x69, 0x73, 0x74,
0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x52, 0x65,
0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x70, 0x62, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x45,
0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73,
0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x44, 0x0a, 0x0d, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65,
0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x18, 0x2e, 0x70, 0x62, 0x2e, 0x44, 0x69, 0x73, 0x61,
0x62, 0x6c, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
0x1a, 0x19, 0x2e, 0x70, 0x62, 0x2e, 0x44, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x65, 0x72,
0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x50, 0x0a, 0x11, 0x66,
0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
0x54, 0x79, 0x70, 0x65, 0x12, 0x20, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e,
0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x52,
0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64,
0x12, 0x1c, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65,
0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d,
0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53,
0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x5c, 0x0a,
0x15, 0x66, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76,
0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x12, 0x20, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64,
0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54, 0x79, 0x70,
0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x86, 0x01, 0x0a, 0x23, 0x66, 0x69,
0x6e, 0x64, 0x41, 0x6e, 0x64, 0x49, 0x6e, 0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52,
0x65, 0x76, 0x65, 0x72, 0x73, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69,
0x67, 0x12, 0x2e, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64, 0x49, 0x6e,
0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x76, 0x65, 0x72, 0x73, 0x65, 0x50,
0x72, 0x6f, 0x78, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
0x74, 0x1a, 0x2f, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64, 0x49, 0x6e,
0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x76, 0x65, 0x72, 0x73, 0x65, 0x50,
0x72, 0x6f, 0x78, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
0x73, 0x65, 0x12, 0x6b, 0x0a, 0x1a, 0x66, 0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64, 0x49, 0x6e, 0x69,
0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57, 0x65, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
0x12, 0x25, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64, 0x49, 0x6e, 0x69,
0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57, 0x65, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e,
0x64, 0x41, 0x6e, 0x64, 0x49, 0x6e, 0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57, 0x65,
0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42,
0x06, 0x5a, 0x04, 0x2e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69,
0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x54,
0x79, 0x70, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x86, 0x01, 0x0a, 0x23,
0x66, 0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64, 0x49, 0x6e, 0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65,
0x72, 0x52, 0x65, 0x76, 0x65, 0x72, 0x73, 0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x43, 0x6f, 0x6e,
0x66, 0x69, 0x67, 0x12, 0x2e, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64,
0x49, 0x6e, 0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x76, 0x65, 0x72, 0x73,
0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75,
0x65, 0x73, 0x74, 0x1a, 0x2f, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64,
0x49, 0x6e, 0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x65, 0x76, 0x65, 0x72, 0x73,
0x65, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70,
0x6f, 0x6e, 0x73, 0x65, 0x12, 0x6b, 0x0a, 0x1a, 0x66, 0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64, 0x49,
0x6e, 0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57, 0x65, 0x62, 0x43, 0x6f, 0x6e, 0x66,
0x69, 0x67, 0x12, 0x25, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64, 0x49,
0x6e, 0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x57, 0x65, 0x62, 0x43, 0x6f, 0x6e, 0x66,
0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x70, 0x62, 0x2e, 0x46,
0x69, 0x6e, 0x64, 0x41, 0x6e, 0x64, 0x49, 0x6e, 0x69, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
0x57, 0x65, 0x62, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
0x65, 0x12, 0x68, 0x0a, 0x19, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
0x73, 0x57, 0x69, 0x74, 0x68, 0x53, 0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x49, 0x64, 0x12, 0x24,
0x2e, 0x70, 0x62, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73,
0x57, 0x69, 0x74, 0x68, 0x53, 0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x49, 0x64, 0x52, 0x65, 0x71,
0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x53,
0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74, 0x68, 0x53, 0x53, 0x4c, 0x43, 0x65, 0x72,
0x74, 0x49, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x6e, 0x0a, 0x1b, 0x66,
0x69, 0x6e, 0x64, 0x41, 0x6c, 0x6c, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74,
0x68, 0x53, 0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x49, 0x64, 0x12, 0x26, 0x2e, 0x70, 0x62, 0x2e,
0x46, 0x69, 0x6e, 0x64, 0x41, 0x6c, 0x6c, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x57, 0x69,
0x74, 0x68, 0x53, 0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x49, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65,
0x73, 0x74, 0x1a, 0x27, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x41, 0x6c, 0x6c, 0x53,
0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x57, 0x69, 0x74, 0x68, 0x53, 0x53, 0x4c, 0x43, 0x65, 0x72,
0x74, 0x49, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x06, 0x5a, 0x04, 0x2e,
0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
}
var (
@@ -1755,7 +1975,7 @@ func file_service_server_proto_rawDescGZIP() []byte {
return file_service_server_proto_rawDescData
}
var file_service_server_proto_msgTypes = make([]protoimpl.MessageInfo, 26)
var file_service_server_proto_msgTypes = make([]protoimpl.MessageInfo, 30)
var file_service_server_proto_goTypes = []interface{}{
(*CreateServerRequest)(nil), // 0: pb.CreateServerRequest
(*CreateServerResponse)(nil), // 1: pb.CreateServerResponse
@@ -1783,53 +2003,62 @@ var file_service_server_proto_goTypes = []interface{}{
(*FindAndInitServerReverseProxyConfigResponse)(nil), // 23: pb.FindAndInitServerReverseProxyConfigResponse
(*FindAndInitServerWebConfigRequest)(nil), // 24: pb.FindAndInitServerWebConfigRequest
(*FindAndInitServerWebConfigResponse)(nil), // 25: pb.FindAndInitServerWebConfigResponse
(*Server)(nil), // 26: pb.Server
(*RPCUpdateSuccess)(nil), // 27: pb.RPCUpdateSuccess
(*CountServersWithSSLCertIdRequest)(nil), // 26: pb.CountServersWithSSLCertIdRequest
(*CountServersWithSSLCertIdResponse)(nil), // 27: pb.CountServersWithSSLCertIdResponse
(*FindAllServersWithSSLCertIdRequest)(nil), // 28: pb.FindAllServersWithSSLCertIdRequest
(*FindAllServersWithSSLCertIdResponse)(nil), // 29: pb.FindAllServersWithSSLCertIdResponse
(*Server)(nil), // 30: pb.Server
(*RPCUpdateSuccess)(nil), // 31: pb.RPCUpdateSuccess
}
var file_service_server_proto_depIdxs = []int32{
26, // 0: pb.ListEnabledServersResponse.servers:type_name -> pb.Server
26, // 1: pb.FindEnabledServerResponse.server:type_name -> pb.Server
0, // 2: pb.ServerService.createServer:input_type -> pb.CreateServerRequest
2, // 3: pb.ServerService.updateServerBasic:input_type -> pb.UpdateServerBasicRequest
3, // 4: pb.ServerService.updateServerHTTP:input_type -> pb.UpdateServerHTTPRequest
4, // 5: pb.ServerService.updateServerHTTPS:input_type -> pb.UpdateServerHTTPSRequest
5, // 6: pb.ServerService.updateServerTCP:input_type -> pb.UpdateServerTCPRequest
6, // 7: pb.ServerService.updateServerTLS:input_type -> pb.UpdateServerTLSRequest
7, // 8: pb.ServerService.updateServerUnix:input_type -> pb.UpdateServerUnixRequest
8, // 9: pb.ServerService.updateServerUDP:input_type -> pb.UpdateServerUDPRequest
9, // 10: pb.ServerService.updateServerWeb:input_type -> pb.UpdateServerWebRequest
10, // 11: pb.ServerService.updateServerReverseProxy:input_type -> pb.UpdateServerReverseProxyRequest
11, // 12: pb.ServerService.updateServerNames:input_type -> pb.UpdateServerNamesRequest
12, // 13: pb.ServerService.countAllEnabledServers:input_type -> pb.CountAllEnabledServersRequest
14, // 14: pb.ServerService.listEnabledServers:input_type -> pb.ListEnabledServersRequest
16, // 15: pb.ServerService.disableServer:input_type -> pb.DisableServerRequest
18, // 16: pb.ServerService.findEnabledServer:input_type -> pb.FindEnabledServerRequest
20, // 17: pb.ServerService.findEnabledServerType:input_type -> pb.FindEnabledServerTypeRequest
22, // 18: pb.ServerService.findAndInitServerReverseProxyConfig:input_type -> pb.FindAndInitServerReverseProxyConfigRequest
24, // 19: pb.ServerService.findAndInitServerWebConfig:input_type -> pb.FindAndInitServerWebConfigRequest
1, // 20: pb.ServerService.createServer:output_type -> pb.CreateServerResponse
27, // 21: pb.ServerService.updateServerBasic:output_type -> pb.RPCUpdateSuccess
27, // 22: pb.ServerService.updateServerHTTP:output_type -> pb.RPCUpdateSuccess
27, // 23: pb.ServerService.updateServerHTTPS:output_type -> pb.RPCUpdateSuccess
27, // 24: pb.ServerService.updateServerTCP:output_type -> pb.RPCUpdateSuccess
27, // 25: pb.ServerService.updateServerTLS:output_type -> pb.RPCUpdateSuccess
27, // 26: pb.ServerService.updateServerUnix:output_type -> pb.RPCUpdateSuccess
27, // 27: pb.ServerService.updateServerUDP:output_type -> pb.RPCUpdateSuccess
27, // 28: pb.ServerService.updateServerWeb:output_type -> pb.RPCUpdateSuccess
27, // 29: pb.ServerService.updateServerReverseProxy:output_type -> pb.RPCUpdateSuccess
27, // 30: pb.ServerService.updateServerNames:output_type -> pb.RPCUpdateSuccess
13, // 31: pb.ServerService.countAllEnabledServers:output_type -> pb.CountAllEnabledServersResponse
15, // 32: pb.ServerService.listEnabledServers:output_type -> pb.ListEnabledServersResponse
17, // 33: pb.ServerService.disableServer:output_type -> pb.DisableServerResponse
19, // 34: pb.ServerService.findEnabledServer:output_type -> pb.FindEnabledServerResponse
21, // 35: pb.ServerService.findEnabledServerType:output_type -> pb.FindEnabledServerTypeResponse
23, // 36: pb.ServerService.findAndInitServerReverseProxyConfig:output_type -> pb.FindAndInitServerReverseProxyConfigResponse
25, // 37: pb.ServerService.findAndInitServerWebConfig:output_type -> pb.FindAndInitServerWebConfigResponse
20, // [20:38] is the sub-list for method output_type
2, // [2:20] is the sub-list for method input_type
2, // [2:2] is the sub-list for extension type_name
2, // [2:2] is the sub-list for extension extendee
0, // [0:2] is the sub-list for field type_name
30, // 0: pb.ListEnabledServersResponse.servers:type_name -> pb.Server
30, // 1: pb.FindEnabledServerResponse.server:type_name -> pb.Server
30, // 2: pb.FindAllServersWithSSLCertIdResponse.servers:type_name -> pb.Server
0, // 3: pb.ServerService.createServer:input_type -> pb.CreateServerRequest
2, // 4: pb.ServerService.updateServerBasic:input_type -> pb.UpdateServerBasicRequest
3, // 5: pb.ServerService.updateServerHTTP:input_type -> pb.UpdateServerHTTPRequest
4, // 6: pb.ServerService.updateServerHTTPS:input_type -> pb.UpdateServerHTTPSRequest
5, // 7: pb.ServerService.updateServerTCP:input_type -> pb.UpdateServerTCPRequest
6, // 8: pb.ServerService.updateServerTLS:input_type -> pb.UpdateServerTLSRequest
7, // 9: pb.ServerService.updateServerUnix:input_type -> pb.UpdateServerUnixRequest
8, // 10: pb.ServerService.updateServerUDP:input_type -> pb.UpdateServerUDPRequest
9, // 11: pb.ServerService.updateServerWeb:input_type -> pb.UpdateServerWebRequest
10, // 12: pb.ServerService.updateServerReverseProxy:input_type -> pb.UpdateServerReverseProxyRequest
11, // 13: pb.ServerService.updateServerNames:input_type -> pb.UpdateServerNamesRequest
12, // 14: pb.ServerService.countAllEnabledServers:input_type -> pb.CountAllEnabledServersRequest
14, // 15: pb.ServerService.listEnabledServers:input_type -> pb.ListEnabledServersRequest
16, // 16: pb.ServerService.disableServer:input_type -> pb.DisableServerRequest
18, // 17: pb.ServerService.findEnabledServer:input_type -> pb.FindEnabledServerRequest
20, // 18: pb.ServerService.findEnabledServerType:input_type -> pb.FindEnabledServerTypeRequest
22, // 19: pb.ServerService.findAndInitServerReverseProxyConfig:input_type -> pb.FindAndInitServerReverseProxyConfigRequest
24, // 20: pb.ServerService.findAndInitServerWebConfig:input_type -> pb.FindAndInitServerWebConfigRequest
26, // 21: pb.ServerService.countServersWithSSLCertId:input_type -> pb.CountServersWithSSLCertIdRequest
28, // 22: pb.ServerService.findAllServersWithSSLCertId:input_type -> pb.FindAllServersWithSSLCertIdRequest
1, // 23: pb.ServerService.createServer:output_type -> pb.CreateServerResponse
31, // 24: pb.ServerService.updateServerBasic:output_type -> pb.RPCUpdateSuccess
31, // 25: pb.ServerService.updateServerHTTP:output_type -> pb.RPCUpdateSuccess
31, // 26: pb.ServerService.updateServerHTTPS:output_type -> pb.RPCUpdateSuccess
31, // 27: pb.ServerService.updateServerTCP:output_type -> pb.RPCUpdateSuccess
31, // 28: pb.ServerService.updateServerTLS:output_type -> pb.RPCUpdateSuccess
31, // 29: pb.ServerService.updateServerUnix:output_type -> pb.RPCUpdateSuccess
31, // 30: pb.ServerService.updateServerUDP:output_type -> pb.RPCUpdateSuccess
31, // 31: pb.ServerService.updateServerWeb:output_type -> pb.RPCUpdateSuccess
31, // 32: pb.ServerService.updateServerReverseProxy:output_type -> pb.RPCUpdateSuccess
31, // 33: pb.ServerService.updateServerNames:output_type -> pb.RPCUpdateSuccess
13, // 34: pb.ServerService.countAllEnabledServers:output_type -> pb.CountAllEnabledServersResponse
15, // 35: pb.ServerService.listEnabledServers:output_type -> pb.ListEnabledServersResponse
17, // 36: pb.ServerService.disableServer:output_type -> pb.DisableServerResponse
19, // 37: pb.ServerService.findEnabledServer:output_type -> pb.FindEnabledServerResponse
21, // 38: pb.ServerService.findEnabledServerType:output_type -> pb.FindEnabledServerTypeResponse
23, // 39: pb.ServerService.findAndInitServerReverseProxyConfig:output_type -> pb.FindAndInitServerReverseProxyConfigResponse
25, // 40: pb.ServerService.findAndInitServerWebConfig:output_type -> pb.FindAndInitServerWebConfigResponse
27, // 41: pb.ServerService.countServersWithSSLCertId:output_type -> pb.CountServersWithSSLCertIdResponse
29, // 42: pb.ServerService.findAllServersWithSSLCertId:output_type -> pb.FindAllServersWithSSLCertIdResponse
23, // [23:43] is the sub-list for method output_type
3, // [3:23] is the sub-list for method input_type
3, // [3:3] is the sub-list for extension type_name
3, // [3:3] is the sub-list for extension extendee
0, // [0:3] is the sub-list for field type_name
}
func init() { file_service_server_proto_init() }
@@ -2152,6 +2381,54 @@ func file_service_server_proto_init() {
return nil
}
}
file_service_server_proto_msgTypes[26].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*CountServersWithSSLCertIdRequest); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_service_server_proto_msgTypes[27].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*CountServersWithSSLCertIdResponse); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_service_server_proto_msgTypes[28].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*FindAllServersWithSSLCertIdRequest); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_service_server_proto_msgTypes[29].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*FindAllServersWithSSLCertIdResponse); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
}
type x struct{}
out := protoimpl.TypeBuilder{
@@ -2159,7 +2436,7 @@ func file_service_server_proto_init() {
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_service_server_proto_rawDesc,
NumEnums: 0,
NumMessages: 26,
NumMessages: 30,
NumExtensions: 0,
NumServices: 1,
},
@@ -2221,6 +2498,10 @@ type ServerServiceClient interface {
FindAndInitServerReverseProxyConfig(ctx context.Context, in *FindAndInitServerReverseProxyConfigRequest, opts ...grpc.CallOption) (*FindAndInitServerReverseProxyConfigResponse, error)
// 初始化Web设置
FindAndInitServerWebConfig(ctx context.Context, in *FindAndInitServerWebConfigRequest, opts ...grpc.CallOption) (*FindAndInitServerWebConfigResponse, error)
// 计算使用某个SSL证书的服务数量
CountServersWithSSLCertId(ctx context.Context, in *CountServersWithSSLCertIdRequest, opts ...grpc.CallOption) (*CountServersWithSSLCertIdResponse, error)
// 查找使用某个SSL证书的所有服务
FindAllServersWithSSLCertId(ctx context.Context, in *FindAllServersWithSSLCertIdRequest, opts ...grpc.CallOption) (*FindAllServersWithSSLCertIdResponse, error)
}
type serverServiceClient struct {
@@ -2393,6 +2674,24 @@ func (c *serverServiceClient) FindAndInitServerWebConfig(ctx context.Context, in
return out, nil
}
func (c *serverServiceClient) CountServersWithSSLCertId(ctx context.Context, in *CountServersWithSSLCertIdRequest, opts ...grpc.CallOption) (*CountServersWithSSLCertIdResponse, error) {
out := new(CountServersWithSSLCertIdResponse)
err := c.cc.Invoke(ctx, "/pb.ServerService/countServersWithSSLCertId", in, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *serverServiceClient) FindAllServersWithSSLCertId(ctx context.Context, in *FindAllServersWithSSLCertIdRequest, opts ...grpc.CallOption) (*FindAllServersWithSSLCertIdResponse, error) {
out := new(FindAllServersWithSSLCertIdResponse)
err := c.cc.Invoke(ctx, "/pb.ServerService/findAllServersWithSSLCertId", in, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
// ServerServiceServer is the server API for ServerService service.
type ServerServiceServer interface {
// 创建服务
@@ -2431,6 +2730,10 @@ type ServerServiceServer interface {
FindAndInitServerReverseProxyConfig(context.Context, *FindAndInitServerReverseProxyConfigRequest) (*FindAndInitServerReverseProxyConfigResponse, error)
// 初始化Web设置
FindAndInitServerWebConfig(context.Context, *FindAndInitServerWebConfigRequest) (*FindAndInitServerWebConfigResponse, error)
// 计算使用某个SSL证书的服务数量
CountServersWithSSLCertId(context.Context, *CountServersWithSSLCertIdRequest) (*CountServersWithSSLCertIdResponse, error)
// 查找使用某个SSL证书的所有服务
FindAllServersWithSSLCertId(context.Context, *FindAllServersWithSSLCertIdRequest) (*FindAllServersWithSSLCertIdResponse, error)
}
// UnimplementedServerServiceServer can be embedded to have forward compatible implementations.
@@ -2491,6 +2794,12 @@ func (*UnimplementedServerServiceServer) FindAndInitServerReverseProxyConfig(con
func (*UnimplementedServerServiceServer) FindAndInitServerWebConfig(context.Context, *FindAndInitServerWebConfigRequest) (*FindAndInitServerWebConfigResponse, error) {
return nil, status.Errorf(codes.Unimplemented, "method FindAndInitServerWebConfig not implemented")
}
func (*UnimplementedServerServiceServer) CountServersWithSSLCertId(context.Context, *CountServersWithSSLCertIdRequest) (*CountServersWithSSLCertIdResponse, error) {
return nil, status.Errorf(codes.Unimplemented, "method CountServersWithSSLCertId not implemented")
}
func (*UnimplementedServerServiceServer) FindAllServersWithSSLCertId(context.Context, *FindAllServersWithSSLCertIdRequest) (*FindAllServersWithSSLCertIdResponse, error) {
return nil, status.Errorf(codes.Unimplemented, "method FindAllServersWithSSLCertId not implemented")
}
func RegisterServerServiceServer(s *grpc.Server, srv ServerServiceServer) {
s.RegisterService(&_ServerService_serviceDesc, srv)
@@ -2820,6 +3129,42 @@ func _ServerService_FindAndInitServerWebConfig_Handler(srv interface{}, ctx cont
return interceptor(ctx, in, info, handler)
}
func _ServerService_CountServersWithSSLCertId_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(CountServersWithSSLCertIdRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(ServerServiceServer).CountServersWithSSLCertId(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: "/pb.ServerService/CountServersWithSSLCertId",
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(ServerServiceServer).CountServersWithSSLCertId(ctx, req.(*CountServersWithSSLCertIdRequest))
}
return interceptor(ctx, in, info, handler)
}
func _ServerService_FindAllServersWithSSLCertId_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(FindAllServersWithSSLCertIdRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(ServerServiceServer).FindAllServersWithSSLCertId(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: "/pb.ServerService/FindAllServersWithSSLCertId",
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(ServerServiceServer).FindAllServersWithSSLCertId(ctx, req.(*FindAllServersWithSSLCertIdRequest))
}
return interceptor(ctx, in, info, handler)
}
var _ServerService_serviceDesc = grpc.ServiceDesc{
ServiceName: "pb.ServerService",
HandlerType: (*ServerServiceServer)(nil),
@@ -2896,6 +3241,14 @@ var _ServerService_serviceDesc = grpc.ServiceDesc{
MethodName: "findAndInitServerWebConfig",
Handler: _ServerService_FindAndInitServerWebConfig_Handler,
},
{
MethodName: "countServersWithSSLCertId",
Handler: _ServerService_CountServersWithSSLCertId_Handler,
},
{
MethodName: "findAllServersWithSSLCertId",
Handler: _ServerService_FindAllServersWithSSLCertId_Handler,
},
},
Streams: []grpc.StreamDesc{},
Metadata: "service_server.proto",

1346
pkg/rpc/pb/service_ssl_cert.pb.go Normal file
View File

File diff suppressed because it is too large Load Diff

24
pkg/rpc/protos/service_server.proto
View File

@@ -60,6 +60,12 @@ service ServerService {
// 初始化Web设置
rpc findAndInitServerWebConfig (FindAndInitServerWebConfigRequest) returns (FindAndInitServerWebConfigResponse);
// 计算使用某个SSL证书的服务数量
rpc countServersWithSSLCertId (CountServersWithSSLCertIdRequest) returns (CountServersWithSSLCertIdResponse);
// 查找使用某个SSL证书的所有服务
rpc findAllServersWithSSLCertId (FindAllServersWithSSLCertIdRequest) returns (FindAllServersWithSSLCertIdResponse);
}
// 创建服务
@@ -208,4 +214,22 @@ message FindAndInitServerWebConfigRequest {
message FindAndInitServerWebConfigResponse {
bytes webJSON = 1;
}
// 计算使用某个SSL证书的服务数量
message CountServersWithSSLCertIdRequest {
int64 certId = 1;
}
message CountServersWithSSLCertIdResponse {
int64 count = 1;
}
// 查找使用某个SSL证书的所有服务
message FindAllServersWithSSLCertIdRequest {
int64 certId = 1;
}
message FindAllServersWithSSLCertIdResponse {
repeated Server servers = 1;
}

103
pkg/rpc/protos/service_ssl_cert.proto Normal file
View File

@@ -0,0 +1,103 @@
syntax = "proto3";
option go_package = "./pb";
package pb;
import "rpc_messages.proto";
service SSLCertService {
// 创建Cert
rpc createSSLCert (CreateSSLCertRequest) returns (CreateSSLCertResponse);
// 修改Cert
rpc updateSSLCert (UpdateSSLCertRequest) returns (RPCUpdateSuccess);
// 删除Cert
rpc deleteSSLCert (DeleteSSLCertRequest) returns (RPCDeleteSuccess);
// 查找证书配置
rpc findEnabledSSLCertConfig (FindEnabledSSLCertConfigRequest) returns (FindEnabledSSLCertConfigResponse);
// 计算匹配的Cert数量
rpc countSSLCerts (CountSSLCertRequest) returns (CountSSLCertResponse);
// 列出单页匹配的Cert
rpc listSSLCerts (ListSSLCertsRequest) returns (ListSSLCertsResponse);
}
// 创建Cert
message CreateSSLCertRequest {
bool isOn = 1;
string name = 2;
string description = 3;
string serverName = 4;
bool isCA = 5;
bytes certData = 6;
bytes keyData = 7;
int64 timeBeginAt = 8;
int64 timeEndAt = 9;
repeated string dnsNames = 10;
repeated string commonNames = 11;
}
message CreateSSLCertResponse {
int64 certId = 1;
}
// 修改Cert
message UpdateSSLCertRequest {
int64 certId = 1;
bool isOn = 2;
string name = 3;
string description = 4;
string serverName = 5;
bool isCA = 6;
bytes certData = 7;
bytes keyData = 8;
int64 timeBeginAt = 9;
int64 timeEndAt = 10;
repeated string dnsNames = 11;
repeated string commonNames = 12;
}
// 查找证书配置
message FindEnabledSSLCertConfigRequest {
int64 certId = 1;
}
message FindEnabledSSLCertConfigResponse {
bytes certJSON = 1;
}
// 删除证书
message DeleteSSLCertRequest {
int64 certId = 1;
}
// 计算匹配的Cert数量
message CountSSLCertRequest {
bool isCA = 1;
bool isAvailable = 2;
bool isExpired = 3;
int32 expiringDays = 4;
string keyword = 5;
}
message CountSSLCertResponse {
int64 count = 1;
}
// 列出单页匹配的Cert
message ListSSLCertsRequest {
bool isCA = 1;
bool isAvailable = 2;
bool isExpired = 3;
int32 expiringDays = 4;
string keyword = 5;
int64 offset = 6;
int64 size = 7;
}
message ListSSLCertsResponse {
bytes certsJSON = 1;
}

5
pkg/serverconfigs/http_gzip_config.go
View File

@@ -4,11 +4,6 @@ import (
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
)
// 默认的文件类型
var (
DefaultGzipMimeTypes = []string{"text/html", "application/json"}
)
// gzip配置
type HTTPGzipConfig struct {
Id int64 `yaml:"id" json:"id"` // ID

18
pkg/serverconfigs/protocol_https_config.go
View File

@@ -2,23 +2,27 @@ package serverconfigs
import "github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
// TLS Version
type TLSVersion = string
// Cipher Suites
type TLSCipherSuite = string
// HTTPS协议配置
type HTTPSProtocolConfig struct {
BaseProtocol `yaml:",inline"`
SSL *sslconfigs.SSLConfig `yaml:"ssl"`
SSLPolicyRef *sslconfigs.SSLRef `yaml:"sslPolicyRef" json:"sslPolicyRef"`
SSLPolicy *sslconfigs.SSLPolicy `yaml:"sslPolicy" json:"sslPolicy"`
}
// 初始化
func (this *HTTPSProtocolConfig) Init() error {
err := this.InitBase()
if err != nil {
return err
}
if this.SSLPolicy != nil {
err := this.SSLPolicy.Init()
if err != nil {
return err
}
}
return nil
}

11
pkg/serverconfigs/protocol_tls_config.go
View File

@@ -2,10 +2,12 @@ package serverconfigs
import "github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
// TLS协议配置
type TLSProtocolConfig struct {
BaseProtocol `yaml:",inline"`
SSL *sslconfigs.SSLConfig `yaml:"ssl" json:"ssl"`
SSLPolicyRef *sslconfigs.SSLRef `yaml:"sslPolicyRef" json:"sslPolicyRef"`
SSLPolicy *sslconfigs.SSLPolicy `yaml:"sslPolicy" json:"sslPolicy"`
}
// 初始化
@@ -15,5 +17,12 @@ func (this *TLSProtocolConfig) Init() error {
return err
}
if this.SSLPolicy != nil {
err := this.SSLPolicy.Init()
if err != nil {
return err
}
}
return nil
}

6
pkg/serverconfigs/server_config.go
View File

@@ -196,12 +196,12 @@ func (this *ServerConfig) MatchNameStrictly(name string) bool {
}
// SSL信息
func (this *ServerConfig) SSLConfig() *sslconfigs.SSLConfig {
func (this *ServerConfig) SSLPolicy() *sslconfigs.SSLPolicy {
if this.HTTPS != nil {
return this.HTTPS.SSL
return this.HTTPS.SSLPolicy
}
if this.TLS != nil {
return this.TLS.SSL
return this.TLS.SSLPolicy
}
return nil
}

207
pkg/serverconfigs/sslconfigs/ssl.go
View File

@@ -1,207 +0,0 @@
package sslconfigs
import (
"crypto/tls"
"crypto/x509"
"errors"
"github.com/iwind/TeaGo/types"
"io/ioutil"
"net"
"regexp"
"strconv"
"strings"
)
// TLS Version
type TLSVersion = string
// Cipher Suites
type TLSCipherSuite = string
// SSL配置
type SSLConfig struct {
IsOn bool `yaml:"isOn" json:"isOn"` // 是否开启
Certs []*SSLCertConfig `yaml:"certs" json:"certs"`
ClientAuthType SSLClientAuthType `yaml:"clientAuthType" json:"clientAuthType"` // 客户端认证类型
ClientCACertIds []string `yaml:"clientCACertIds" json:"clientCACertIds"` // 客户端认证CA
Listen []string `yaml:"listen" json:"listen"` // 网络地址
MinVersion TLSVersion `yaml:"minVersion" json:"minVersion"` // 支持的最小版本
CipherSuites []TLSCipherSuite `yaml:"cipherSuites" json:"cipherSuites"` // 加密算法套件
HSTS *HSTSConfig `yaml:"hsts2" json:"hsts"` // HSTS配置yaml之所以使用hsts2是因为要和以前的版本分开
HTTP2Disabled bool `yaml:"http2Disabled" json:"http2Disabled"` // 是否禁用HTTP2
nameMapping map[string]*tls.Certificate // dnsName => cert
minVersion uint16
cipherSuites []uint16
clientCAPool *x509.CertPool
}
// 获取新对象
func NewSSLConfig() *SSLConfig {
return &SSLConfig{}
}
// 校验配置
func (this *SSLConfig) Init() error {
if !this.IsOn {
return nil
}
if len(this.Certs) == 0 {
return errors.New("no certificates in https config")
}
for _, cert := range this.Certs {
err := cert.Init()
if err != nil {
return err
}
}
if this.Listen == nil {
this.Listen = []string{}
} else {
for index, addr := range this.Listen {
_, _, err := net.SplitHostPort(addr)
if err != nil {
this.Listen[index] = strings.TrimSuffix(addr, ":") + ":443"
}
}
}
// min version
this.convertMinVersion()
// cipher suite categories
this.initCipherSuites()
// hsts
if this.HSTS != nil {
err := this.HSTS.Init()
if err != nil {
return err
}
}
// CA证书
if len(this.ClientCACertIds) > 0 && this.ClientAuthType != SSLClientAuthTypeNoClientCert {
this.clientCAPool = x509.NewCertPool()
list := SharedSSLCertList()
for _, certId := range this.ClientCACertIds {
cert := list.FindCert(certId)
if cert == nil {
continue
}
if !cert.IsOn {
continue
}
data, err := ioutil.ReadFile(cert.FullCertPath())
if err != nil {
return err
}
this.clientCAPool.AppendCertsFromPEM(data)
}
}
return nil
}
// 取得最小版本
func (this *SSLConfig) TLSMinVersion() uint16 {
return this.minVersion
}
// 套件
func (this *SSLConfig) TLSCipherSuites() []uint16 {
return this.cipherSuites
}
// 校验是否匹配某个域名
func (this *SSLConfig) MatchDomain(domain string) (cert *tls.Certificate, ok bool) {
for _, cert := range this.Certs {
if cert.MatchDomain(domain) {
return cert.CertObject(), true
}
}
return nil, false
}
// 取得第一个证书
func (this *SSLConfig) FirstCert() *tls.Certificate {
for _, cert := range this.Certs {
return cert.CertObject()
}
return nil
}
// 是否包含某个证书或密钥路径
func (this *SSLConfig) ContainsFile(file string) bool {
for _, cert := range this.Certs {
if cert.CertFile == file || cert.KeyFile == file {
return true
}
}
return false
}
// 删除证书文件
func (this *SSLConfig) DeleteFiles() error {
var resultErr error = nil
for _, cert := range this.Certs {
err := cert.DeleteFiles()
if err != nil {
resultErr = err
}
}
return resultErr
}
// 查找单个证书配置
func (this *SSLConfig) FindCert(certId string) *SSLCertConfig {
for _, cert := range this.Certs {
if cert.Id == certId {
return cert
}
}
return nil
}
// 添加证书
func (this *SSLConfig) AddCert(cert *SSLCertConfig) {
this.Certs = append(this.Certs, cert)
}
// CA证书Pool用于TLS对客户端进行认证
func (this *SSLConfig) CAPool() *x509.CertPool {
return this.clientCAPool
}
// 分解所有监听地址
func (this *SSLConfig) ParseListenAddresses() []string {
result := []string{}
var reg = regexp.MustCompile(`\[\s*(\d+)\s*[,:-]\s*(\d+)\s*]$`)
for _, addr := range this.Listen {
match := reg.FindStringSubmatch(addr)
if len(match) == 0 {
result = append(result, addr)
} else {
min := types.Int(match[1])
max := types.Int(match[2])
if min > max {
min, max = max, min
}
for i := min; i <= max; i++ {
newAddr := reg.ReplaceAllString(addr, ":"+strconv.Itoa(i))
result = append(result, newAddr)
}
}
}
return result
}

271
pkg/serverconfigs/sslconfigs/ssl_cert.go
View File

@@ -1,271 +0,0 @@
package sslconfigs
import (
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"errors"
"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
"github.com/iwind/TeaGo/Tea"
"github.com/iwind/TeaGo/files"
"github.com/iwind/TeaGo/lists"
"github.com/iwind/TeaGo/utils/string"
"io/ioutil"
"strings"
"time"
)
// SSL证书
type SSLCertConfig struct {
Id string `yaml:"id" json:"id"`
IsOn bool `yaml:"isOn" json:"isOn"`
Description string `yaml:"description" json:"description"` // 说明
CertFile string `yaml:"certFile" json:"certFile"`
KeyFile string `yaml:"keyFile" json:"keyFile"`
IsLocal bool `yaml:"isLocal" json:"isLocal"` // 是否为本地文件
TaskId string `yaml:"taskId" json:"taskId"` // 生成证书任务ID
IsShared bool `yaml:"isShared" json:"isShared"` // 是否为公用组件
ServerName string `yaml:"serverName" json:"serverName"` // 证书使用的主机名在请求TLS服务器时需要
IsCA bool `yaml:"isCA" json:"isCA"` // 是否为CA证书
dnsNames []string
cert *tls.Certificate
timeBefore time.Time
timeAfter time.Time
issuer pkix.Name
}
// 获取新的SSL证书
func NewSSLCertConfig(certFile string, keyFile string) *SSLCertConfig {
return &SSLCertConfig{
IsOn: true,
Id: stringutil.Rand(16),
CertFile: certFile,
KeyFile: keyFile,
}
}
// 校验
func (this *SSLCertConfig) Init() error {
if this.IsShared {
shared := this.FindShared()
if shared == nil {
return errors.New("the shared cert has been deleted")
}
// 拷贝之前需要保留的
serverName := this.ServerName
// copy
configutils.CopyStructObject(this, shared)
this.ServerName = serverName
}
this.dnsNames = []string{}
if len(this.CertFile) == 0 {
return errors.New("cert file should not be empty")
}
// 分析证书
if this.IsCA { // CA证书
data, err := ioutil.ReadFile(this.FullCertPath())
if err != nil {
return err
}
index := -1
this.cert = &tls.Certificate{
Certificate: [][]byte{},
}
for {
index++
block, rest := pem.Decode(data)
if block == nil {
break
}
if len(rest) == 0 {
break
}
this.cert.Certificate = append(this.cert.Certificate, block.Bytes)
data = rest
c, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return err
}
if c == nil {
return errors.New("no available certificates in file")
}
dnsNames := c.DNSNames
if len(dnsNames) > 0 {
for _, dnsName := range dnsNames {
if !lists.ContainsString(this.dnsNames, dnsName) {
this.dnsNames = append(this.dnsNames, dnsName)
}
}
}
if index == 0 {
this.timeBefore = c.NotBefore
this.timeAfter = c.NotAfter
this.issuer = c.Issuer
}
}
} else { // 证书+私钥
if len(this.KeyFile) == 0 {
return errors.New("key file should not be empty")
}
cert, err := tls.LoadX509KeyPair(this.FullCertPath(), this.FullKeyPath())
if err != nil {
return errors.New("load certificate '" + this.CertFile + "', '" + this.KeyFile + "' failed:" + err.Error())
}
for index, data := range cert.Certificate {
c, err := x509.ParseCertificate(data)
if err != nil {
continue
}
dnsNames := c.DNSNames
if len(dnsNames) > 0 {
for _, dnsName := range dnsNames {
if !lists.ContainsString(this.dnsNames, dnsName) {
this.dnsNames = append(this.dnsNames, dnsName)
}
}
}
if index == 0 {
this.timeBefore = c.NotBefore
this.timeAfter = c.NotAfter
this.issuer = c.Issuer
}
}
this.cert = &cert
}
return nil
}
// 查找共享的证书
func (this *SSLCertConfig) FindShared() *SSLCertConfig {
if !this.IsShared {
return nil
}
return SharedSSLCertList().FindCert(this.Id)
}
// 证书文件路径
func (this *SSLCertConfig) FullCertPath() string {
if len(this.CertFile) == 0 {
return ""
}
if !strings.ContainsAny(this.CertFile, "/\\") {
return Tea.ConfigFile(this.CertFile)
}
return this.CertFile
}
// 密钥文件路径
func (this *SSLCertConfig) FullKeyPath() string {
if len(this.KeyFile) == 0 {
return ""
}
if !strings.ContainsAny(this.KeyFile, "/\\") {
return Tea.ConfigFile(this.KeyFile)
}
return this.KeyFile
}
// 校验是否匹配某个域名
func (this *SSLCertConfig) MatchDomain(domain string) bool {
if len(this.dnsNames) == 0 {
return false
}
return configutils.MatchDomains(this.dnsNames, domain)
}
// 证书中的域名
func (this *SSLCertConfig) DNSNames() []string {
return this.dnsNames
}
// 获取证书对象
func (this *SSLCertConfig) CertObject() *tls.Certificate {
return this.cert
}
// 开始时间
func (this *SSLCertConfig) TimeBefore() time.Time {
return this.timeBefore
}
// 结束时间
func (this *SSLCertConfig) TimeAfter() time.Time {
return this.timeAfter
}
// 发行信息
func (this *SSLCertConfig) Issuer() pkix.Name {
return this.issuer
}
// 删除文件
func (this *SSLCertConfig) DeleteFiles() error {
if this.IsLocal {
return nil
}
var resultErr error = nil
if len(this.CertFile) > 0 && !strings.ContainsAny(this.CertFile, "/\\") {
err := files.NewFile(this.FullCertPath()).Delete()
if err != nil {
resultErr = err
}
}
if len(this.KeyFile) > 0 && !strings.ContainsAny(this.KeyFile, "/\\") {
err := files.NewFile(this.FullKeyPath()).Delete()
if err != nil {
resultErr = err
}
}
return resultErr
}
// 读取证书文件
func (this *SSLCertConfig) ReadCert() ([]byte, error) {
if len(this.CertFile) == 0 {
return nil, errors.New("cert file should not be empty")
}
if this.IsLocal {
return ioutil.ReadFile(this.CertFile)
}
return ioutil.ReadFile(Tea.ConfigFile(this.CertFile))
}
// 读取密钥文件
func (this *SSLCertConfig) ReadKey() ([]byte, error) {
if len(this.KeyFile) == 0 {
return nil, errors.New("key file should not be empty")
}
if this.IsLocal {
return ioutil.ReadFile(this.KeyFile)
}
return ioutil.ReadFile(Tea.ConfigFile(this.KeyFile))
}
// 匹配关键词
func (this *SSLCertConfig) MatchKeyword(keyword string) (matched bool, name string, tags []string) {
if configutils.MatchKeyword(this.Description, keyword) {
matched = true
name = this.Description
}
return
}

140
pkg/serverconfigs/sslconfigs/ssl_cert_config.go Normal file
View File

@@ -0,0 +1,140 @@
package sslconfigs
import (
"crypto/tls"
"crypto/x509"
"encoding/pem"
"errors"
"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
"github.com/iwind/TeaGo/lists"
"strconv"
"time"
)
// SSL证书
type SSLCertConfig struct {
Id int64 `yaml:"id" json:"id"`
IsOn bool `yaml:"isOn" json:"isOn"`
Name string `yaml:"name" json:"name"`
Description string `yaml:"description" json:"description"` // 说明
CertData []byte `yaml:"certData" json:"certData"` // 证书数据
KeyData []byte `yaml:"keyData" json:"keyData"` // 密钥数据
ServerName string `yaml:"serverName" json:"serverName"` // 证书使用的主机名在请求TLS服务器时需要
IsCA bool `yaml:"isCA" json:"isCA"` // 是否为CA证书
// 以下是从证书中分析所得
TimeBeginAt int64 `yaml:"timeBeginAt" json:"timeBeginAt"`
TimeEndAt int64 `yaml:"timeEndAt" json:"timeEndAt"`
DNSNames []string `yaml:"dnsNames" json:"dnsNames"`
CommonNames []string `yaml:"commonNames" json:"commonNames"`
cert *tls.Certificate
timeBegin time.Time
timeEnd time.Time
}
// 校验
func (this *SSLCertConfig) Init() error {
var commonNames []string // 发行组织
var dnsNames []string // 域名
// 分析证书
if this.IsCA { // CA证书
data := this.CertData
index := -1
this.cert = &tls.Certificate{
Certificate: [][]byte{},
}
for {
index++
block, rest := pem.Decode(data)
if block == nil {
break
}
if len(rest) == 0 {
break
}
this.cert.Certificate = append(this.cert.Certificate, block.Bytes)
data = rest
c, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return err
}
if c == nil {
return errors.New("no available certificates in file")
}
for _, dnsName := range c.DNSNames {
if !lists.ContainsString(dnsNames, dnsName) {
dnsNames = append(dnsNames, dnsName)
}
}
commonNames = append(commonNames, c.Issuer.CommonName)
if index == 0 {
this.timeBegin = c.NotBefore
this.timeEnd = c.NotAfter
}
}
} else { // 证书+私钥
cert, err := tls.X509KeyPair(this.CertData, this.KeyData)
if err != nil {
return errors.New("load certificate '" + strconv.FormatInt(this.Id, 10) + "' failed:" + err.Error())
}
for index, data := range cert.Certificate {
c, err := x509.ParseCertificate(data)
if err != nil {
continue
}
for _, dnsName := range c.DNSNames {
if !lists.ContainsString(dnsNames, dnsName) {
dnsNames = append(dnsNames, dnsName)
}
}
commonNames = append(commonNames, c.Issuer.CommonName)
if index == 0 {
this.timeBegin = c.NotBefore
this.timeEnd = c.NotAfter
}
}
this.cert = &cert
}
// 赋值分析结果
this.DNSNames = dnsNames
this.CommonNames = commonNames
this.TimeBeginAt = this.timeBegin.Unix()
this.TimeEndAt = this.timeEnd.Unix()
return nil
}
// 校验是否匹配某个域名
func (this *SSLCertConfig) MatchDomain(domain string) bool {
if len(this.DNSNames) == 0 {
return false
}
return configutils.MatchDomains(this.DNSNames, domain)
}
// 获取证书对象
func (this *SSLCertConfig) CertObject() *tls.Certificate {
return this.cert
}
// 开始时间
func (this *SSLCertConfig) TimeBegin() time.Time {
return this.timeBegin
}
// 结束时间
func (this *SSLCertConfig) TimeEnd() time.Time {
return this.timeEnd
}

86
pkg/serverconfigs/sslconfigs/ssl_cert_list.go
View File

@@ -1,86 +0,0 @@
package sslconfigs
import (
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
"github.com/iwind/TeaGo/Tea"
"github.com/iwind/TeaGo/logs"
"gopkg.in/yaml.v3"
"io/ioutil"
)
const (
sslCertListFilename = "ssl.certs.conf"
)
// 获取证书列表实例
// 一定会返回不为nil的值
func SharedSSLCertList() *SSLCertList {
data, err := ioutil.ReadFile(Tea.ConfigFile(sslCertListFilename))
if err != nil {
return NewSSLCertList()
}
list := &SSLCertList{}
err = yaml.Unmarshal(data, list)
if err != nil {
logs.Error(err)
return NewSSLCertList()
}
return list
}
// 公共的SSL证书列表
type SSLCertList struct {
Certs []*SSLCertConfig `yaml:"certs" json:"certs"` // 证书
}
// 获取新对象
func NewSSLCertList() *SSLCertList {
return &SSLCertList{
Certs: []*SSLCertConfig{},
}
}
// 添加证书
func (this *SSLCertList) AddCert(cert *SSLCertConfig) {
this.Certs = append(this.Certs, cert)
}
// 删除证书
func (this *SSLCertList) RemoveCert(certId string) {
result := []*SSLCertConfig{}
for _, cert := range this.Certs {
if cert.Id == certId {
continue
}
result = append(result, cert)
}
this.Certs = result
}
// 查找证书
func (this *SSLCertList) FindCert(certId string) *SSLCertConfig {
if len(certId) == 0 {
return nil
}
for _, cert := range this.Certs {
if cert.Id == certId {
return cert
}
}
return nil
}
// 保存
func (this *SSLCertList) Save() error {
shared.Locker.Lock()
defer shared.Locker.Unlock()
data, err := yaml.Marshal(this)
if err != nil {
return err
}
return ioutil.WriteFile(Tea.ConfigFile(sslCertListFilename), data, 0777)
}

6
pkg/serverconfigs/sslconfigs/ssl_cert_ref.go Normal file
View File

@@ -0,0 +1,6 @@
package sslconfigs
type SSLCertRef struct {
IsOn bool `yaml:"isOn" json:"isOn"`
CertId int64 `yaml:"certId" json:"certId"`
}

6
pkg/serverconfigs/sslconfigs/ssl_go_1.12.go → pkg/serverconfigs/sslconfigs/ssl_consts.go
View File

@@ -1,5 +1,3 @@
// +build go1.12
package sslconfigs
import (
@@ -68,7 +66,7 @@ var TLSIntermediateCipherSuites = []string{
"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
}
func (this *SSLConfig) convertMinVersion() {
func (this *SSLPolicy) convertMinVersion() {
switch this.MinVersion {
case "SSL 3.0":
this.minVersion = tls.VersionSSL30
@@ -87,7 +85,7 @@ func (this *SSLConfig) convertMinVersion() {
}
}
func (this *SSLConfig) initCipherSuites() {
func (this *SSLPolicy) initCipherSuites() {
// cipher suites
suites := []uint16{}
for _, suite := range this.CipherSuites {

124
pkg/serverconfigs/sslconfigs/ssl_go_1.11.go
View File

@@ -1,124 +0,0 @@
// +build !go1.12
package sslconfigs
import "crypto/tls"
var AllTlsVersions = []TLSVersion{"SSL 3.0", "TLS 1.0", "TLS 1.1", "TLS 1.2"}
var AllTLSCipherSuites = []TLSCipherSuite{
"TLS_RSA_WITH_RC4_128_SHA",
"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_RC4_128_SHA",
"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
}
var TLSModernCipherSuites = []string{
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
}
var TLSIntermediateCipherSuites = []string{
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
}
func (this *SSLConfig) convertMinVersion() {
switch this.MinVersion {
case "SSL 3.0":
this.minVersion = tls.VersionSSL30
case "TLS 1.0":
this.minVersion = tls.VersionTLS10
case "TLS 1.1":
this.minVersion = tls.VersionTLS11
case "TLS 1.2":
this.minVersion = tls.VersionTLS12
default:
this.minVersion = tls.VersionTLS10
}
}
func (this *SSLConfig) initCipherSuites() {
// cipher suites
suites := []uint16{}
for _, suite := range this.CipherSuites {
switch suite {
case "TLS_RSA_WITH_RC4_128_SHA":
suites = append(suites, tls.TLS_RSA_WITH_RC4_128_SHA)
case "TLS_RSA_WITH_3DES_EDE_CBC_SHA":
suites = append(suites, tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA)
case "TLS_RSA_WITH_AES_128_CBC_SHA":
suites = append(suites, tls.TLS_RSA_WITH_AES_128_CBC_SHA)
case "TLS_RSA_WITH_AES_256_CBC_SHA":
suites = append(suites, tls.TLS_RSA_WITH_AES_256_CBC_SHA)
case "TLS_RSA_WITH_AES_128_CBC_SHA256":
suites = append(suites, tls.TLS_RSA_WITH_AES_128_CBC_SHA256)
case "TLS_RSA_WITH_AES_128_GCM_SHA256":
suites = append(suites, tls.TLS_RSA_WITH_AES_128_GCM_SHA256)
case "TLS_RSA_WITH_AES_256_GCM_SHA384":
suites = append(suites, tls.TLS_RSA_WITH_AES_256_GCM_SHA384)
case "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA":
suites = append(suites, tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA)
case "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA":
suites = append(suites, tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA)
case "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA":
suites = append(suites, tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA)
case "TLS_ECDHE_RSA_WITH_RC4_128_SHA":
suites = append(suites, tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA)
case "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA":
suites = append(suites, tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA)
case "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA":
suites = append(suites, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA)
case "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA":
suites = append(suites, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
case "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256":
suites = append(suites, tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256)
case "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256":
suites = append(suites, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256)
case "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256":
suites = append(suites, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
case "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256":
suites = append(suites, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
case "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384":
suites = append(suites, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384)
case "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384":
suites = append(suites, tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
case "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305":
suites = append(suites, tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305)
case "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305":
suites = append(suites, tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305)
}
}
this.cipherSuites = suites
}

35
pkg/serverconfigs/sslconfigs/ssl_hsts_test.go
View File

@@ -7,33 +7,54 @@ import (
func TestHSTSConfig(t *testing.T) {
h := &HSTSConfig{}
h.Init()
err := h.Init()
if err != nil {
t.Fatal(err)
}
t.Log(h.HeaderValue())
h.IncludeSubDomains = true
h.Init()
err = h.Init()
if err != nil {
t.Fatal(err)
}
t.Log(h.HeaderValue())
h.Preload = true
h.Init()
err = h.Init()
if err != nil {
t.Fatal(err)
}
t.Log(h.HeaderValue())
h.IncludeSubDomains = false
h.Init()
err = h.Init()
if err != nil {
t.Fatal(err)
}
t.Log(h.HeaderValue())
h.MaxAge = 86400
h.Init()
err = h.Init()
if err != nil {
t.Fatal(err)
}
t.Log(h.HeaderValue())
a := assert.NewAssertion(t)
a.IsTrue(h.Match("abc.com"))
h.Domains = []string{"abc.com"}
h.Init()
err = h.Init()
if err != nil {
t.Fatal(err)
}
a.IsTrue(h.Match("abc.com"))
h.Domains = []string{"1.abc.com"}
h.Init()
err = h.Init()
if err != nil {
t.Fatal(err)
}
a.IsFalse(h.Match("abc.com"))
}

99
pkg/serverconfigs/sslconfigs/ssl_policy.go Normal file
View File

@@ -0,0 +1,99 @@
package sslconfigs
import (
"crypto/tls"
"crypto/x509"
"errors"
)
// TLS Version
type TLSVersion = string
// Cipher Suites
type TLSCipherSuite = string
// SSL配置
type SSLPolicy struct {
Id int64 `yaml:"id" json:"id"` // ID
IsOn bool `yaml:"isOn" json:"isOn"` // 是否开启
CertRefs []*SSLCertRef `yaml:"certRefs" json:"certRefs"`
Certs []*SSLCertConfig `yaml:"certs" json:"certs"`
ClientAuthType SSLClientAuthType `yaml:"clientAuthType" json:"clientAuthType"` // 客户端认证类型
MinVersion TLSVersion `yaml:"minVersion" json:"minVersion"` // 支持的最小版本
CipherSuites []TLSCipherSuite `yaml:"cipherSuites" json:"cipherSuites"` // 加密算法套件
HSTS *HSTSConfig `yaml:"hsts2" json:"hsts"` // HSTS配置yaml之所以使用hsts2是因为要和以前的版本分开
HTTP2Enabled bool `yaml:"http2Enabled" json:"http2Enabled"` // 是否启用HTTP2
nameMapping map[string]*tls.Certificate // dnsName => cert
minVersion uint16
cipherSuites []uint16
clientCAPool *x509.CertPool
}
// 校验配置
func (this *SSLPolicy) Init() error {
if len(this.Certs) == 0 {
return errors.New("no certificates in https config")
}
for _, cert := range this.Certs {
err := cert.Init()
if err != nil {
return err
}
}
// min version
this.convertMinVersion()
// cipher suite categories
this.initCipherSuites()
// hsts
if this.HSTS != nil {
err := this.HSTS.Init()
if err != nil {
return err
}
}
return nil
}
// 取得最小版本
func (this *SSLPolicy) TLSMinVersion() uint16 {
return this.minVersion
}
// 套件
func (this *SSLPolicy) TLSCipherSuites() []uint16 {
return this.cipherSuites
}
// 校验是否匹配某个域名
func (this *SSLPolicy) MatchDomain(domain string) (cert *tls.Certificate, ok bool) {
for _, cert := range this.Certs {
if cert.MatchDomain(domain) {
return cert.CertObject(), true
}
}
return nil, false
}
// 取得第一个证书
func (this *SSLPolicy) FirstCert() *tls.Certificate {
for _, cert := range this.Certs {
return cert.CertObject()
}
return nil
}
// CA证书Pool用于TLS对客户端进行认证
func (this *SSLPolicy) CAPool() *x509.CertPool {
return this.clientCAPool
}

6
pkg/serverconfigs/sslconfigs/ssl_ref.go Normal file
View File

@@ -0,0 +1,6 @@
package sslconfigs
type SSLRef struct {
IsOn bool `yaml:"isOn" json:"isOn"`
SSLPolicyId int64 `yaml:"sslPolicyId" json:"sslPolicyId"`
}