mirror of
https://github.com/XTLS/Xray-core.git
synced 2025-06-26 13:14:14 +00:00
456 lines
15 KiB
Go
456 lines
15 KiB
Go
// Code generated by protoc-gen-go. DO NOT EDIT.
|
|
// versions:
|
|
// protoc-gen-go v1.36.6
|
|
// protoc v5.28.2
|
|
// source: transport/internet/tls/config.proto
|
|
|
|
package tls
|
|
|
|
import (
|
|
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
|
|
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
|
|
reflect "reflect"
|
|
sync "sync"
|
|
unsafe "unsafe"
|
|
)
|
|
|
|
const (
|
|
// Verify that this generated code is sufficiently up-to-date.
|
|
_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
|
|
// Verify that runtime/protoimpl is sufficiently up-to-date.
|
|
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
|
|
)
|
|
|
|
type Certificate_Usage int32
|
|
|
|
const (
|
|
Certificate_ENCIPHERMENT Certificate_Usage = 0
|
|
Certificate_AUTHORITY_VERIFY Certificate_Usage = 1
|
|
Certificate_AUTHORITY_ISSUE Certificate_Usage = 2
|
|
)
|
|
|
|
// Enum value maps for Certificate_Usage.
|
|
var (
|
|
Certificate_Usage_name = map[int32]string{
|
|
0: "ENCIPHERMENT",
|
|
1: "AUTHORITY_VERIFY",
|
|
2: "AUTHORITY_ISSUE",
|
|
}
|
|
Certificate_Usage_value = map[string]int32{
|
|
"ENCIPHERMENT": 0,
|
|
"AUTHORITY_VERIFY": 1,
|
|
"AUTHORITY_ISSUE": 2,
|
|
}
|
|
)
|
|
|
|
func (x Certificate_Usage) Enum() *Certificate_Usage {
|
|
p := new(Certificate_Usage)
|
|
*p = x
|
|
return p
|
|
}
|
|
|
|
func (x Certificate_Usage) String() string {
|
|
return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
|
|
}
|
|
|
|
func (Certificate_Usage) Descriptor() protoreflect.EnumDescriptor {
|
|
return file_transport_internet_tls_config_proto_enumTypes[0].Descriptor()
|
|
}
|
|
|
|
func (Certificate_Usage) Type() protoreflect.EnumType {
|
|
return &file_transport_internet_tls_config_proto_enumTypes[0]
|
|
}
|
|
|
|
func (x Certificate_Usage) Number() protoreflect.EnumNumber {
|
|
return protoreflect.EnumNumber(x)
|
|
}
|
|
|
|
// Deprecated: Use Certificate_Usage.Descriptor instead.
|
|
func (Certificate_Usage) EnumDescriptor() ([]byte, []int) {
|
|
return file_transport_internet_tls_config_proto_rawDescGZIP(), []int{0, 0}
|
|
}
|
|
|
|
type Certificate struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// TLS certificate in x509 format.
|
|
Certificate []byte `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`
|
|
// TLS key in x509 format.
|
|
Key []byte `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"`
|
|
Usage Certificate_Usage `protobuf:"varint,3,opt,name=usage,proto3,enum=xray.transport.internet.tls.Certificate_Usage" json:"usage,omitempty"`
|
|
OcspStapling uint64 `protobuf:"varint,4,opt,name=ocsp_stapling,json=ocspStapling,proto3" json:"ocsp_stapling,omitempty"`
|
|
// TLS certificate path
|
|
CertificatePath string `protobuf:"bytes,5,opt,name=certificate_path,json=certificatePath,proto3" json:"certificate_path,omitempty"`
|
|
// TLS Key path
|
|
KeyPath string `protobuf:"bytes,6,opt,name=key_path,json=keyPath,proto3" json:"key_path,omitempty"`
|
|
// If true, one-Time Loading
|
|
OneTimeLoading bool `protobuf:"varint,7,opt,name=One_time_loading,json=OneTimeLoading,proto3" json:"One_time_loading,omitempty"`
|
|
BuildChain bool `protobuf:"varint,8,opt,name=build_chain,json=buildChain,proto3" json:"build_chain,omitempty"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *Certificate) Reset() {
|
|
*x = Certificate{}
|
|
mi := &file_transport_internet_tls_config_proto_msgTypes[0]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *Certificate) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*Certificate) ProtoMessage() {}
|
|
|
|
func (x *Certificate) ProtoReflect() protoreflect.Message {
|
|
mi := &file_transport_internet_tls_config_proto_msgTypes[0]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use Certificate.ProtoReflect.Descriptor instead.
|
|
func (*Certificate) Descriptor() ([]byte, []int) {
|
|
return file_transport_internet_tls_config_proto_rawDescGZIP(), []int{0}
|
|
}
|
|
|
|
func (x *Certificate) GetCertificate() []byte {
|
|
if x != nil {
|
|
return x.Certificate
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *Certificate) GetKey() []byte {
|
|
if x != nil {
|
|
return x.Key
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *Certificate) GetUsage() Certificate_Usage {
|
|
if x != nil {
|
|
return x.Usage
|
|
}
|
|
return Certificate_ENCIPHERMENT
|
|
}
|
|
|
|
func (x *Certificate) GetOcspStapling() uint64 {
|
|
if x != nil {
|
|
return x.OcspStapling
|
|
}
|
|
return 0
|
|
}
|
|
|
|
func (x *Certificate) GetCertificatePath() string {
|
|
if x != nil {
|
|
return x.CertificatePath
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Certificate) GetKeyPath() string {
|
|
if x != nil {
|
|
return x.KeyPath
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Certificate) GetOneTimeLoading() bool {
|
|
if x != nil {
|
|
return x.OneTimeLoading
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (x *Certificate) GetBuildChain() bool {
|
|
if x != nil {
|
|
return x.BuildChain
|
|
}
|
|
return false
|
|
}
|
|
|
|
type Config struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// Whether or not to allow self-signed certificates.
|
|
AllowInsecure bool `protobuf:"varint,1,opt,name=allow_insecure,json=allowInsecure,proto3" json:"allow_insecure,omitempty"`
|
|
// List of certificates to be served on server.
|
|
Certificate []*Certificate `protobuf:"bytes,2,rep,name=certificate,proto3" json:"certificate,omitempty"`
|
|
// Override server name.
|
|
ServerName string `protobuf:"bytes,3,opt,name=server_name,json=serverName,proto3" json:"server_name,omitempty"`
|
|
// Lists of string as ALPN values.
|
|
NextProtocol []string `protobuf:"bytes,4,rep,name=next_protocol,json=nextProtocol,proto3" json:"next_protocol,omitempty"`
|
|
// Whether or not to enable session (ticket) resumption.
|
|
EnableSessionResumption bool `protobuf:"varint,5,opt,name=enable_session_resumption,json=enableSessionResumption,proto3" json:"enable_session_resumption,omitempty"`
|
|
// If true, root certificates on the system will not be loaded for
|
|
// verification.
|
|
DisableSystemRoot bool `protobuf:"varint,6,opt,name=disable_system_root,json=disableSystemRoot,proto3" json:"disable_system_root,omitempty"`
|
|
// The minimum TLS version.
|
|
MinVersion string `protobuf:"bytes,7,opt,name=min_version,json=minVersion,proto3" json:"min_version,omitempty"`
|
|
// The maximum TLS version.
|
|
MaxVersion string `protobuf:"bytes,8,opt,name=max_version,json=maxVersion,proto3" json:"max_version,omitempty"`
|
|
// Specify cipher suites, except for TLS 1.3.
|
|
CipherSuites string `protobuf:"bytes,9,opt,name=cipher_suites,json=cipherSuites,proto3" json:"cipher_suites,omitempty"`
|
|
// TLS Client Hello fingerprint (uTLS).
|
|
Fingerprint string `protobuf:"bytes,11,opt,name=fingerprint,proto3" json:"fingerprint,omitempty"`
|
|
RejectUnknownSni bool `protobuf:"varint,12,opt,name=reject_unknown_sni,json=rejectUnknownSni,proto3" json:"reject_unknown_sni,omitempty"`
|
|
// @Document Some certificate chain sha256 hashes.
|
|
// @Document After normal validation or allow_insecure, if the server's cert chain hash does not match any of these values, the connection will be aborted.
|
|
// @Critical
|
|
PinnedPeerCertificateChainSha256 [][]byte `protobuf:"bytes,13,rep,name=pinned_peer_certificate_chain_sha256,json=pinnedPeerCertificateChainSha256,proto3" json:"pinned_peer_certificate_chain_sha256,omitempty"`
|
|
// @Document Some certificate public key sha256 hashes.
|
|
// @Document After normal validation (required), if one of certs in verified chain matches one of these values, the connection will be eventually accepted.
|
|
// @Critical
|
|
PinnedPeerCertificatePublicKeySha256 [][]byte `protobuf:"bytes,14,rep,name=pinned_peer_certificate_public_key_sha256,json=pinnedPeerCertificatePublicKeySha256,proto3" json:"pinned_peer_certificate_public_key_sha256,omitempty"`
|
|
MasterKeyLog string `protobuf:"bytes,15,opt,name=master_key_log,json=masterKeyLog,proto3" json:"master_key_log,omitempty"`
|
|
// Lists of string as CurvePreferences values.
|
|
CurvePreferences []string `protobuf:"bytes,16,rep,name=curve_preferences,json=curvePreferences,proto3" json:"curve_preferences,omitempty"`
|
|
// @Document Replaces server_name to verify the peer cert.
|
|
// @Document After allow_insecure (automatically), if the server's cert can't be verified by any of these names, pinned_peer_certificate_chain_sha256 will be tried.
|
|
// @Critical
|
|
VerifyPeerCertInNames []string `protobuf:"bytes,17,rep,name=verify_peer_cert_in_names,json=verifyPeerCertInNames,proto3" json:"verify_peer_cert_in_names,omitempty"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *Config) Reset() {
|
|
*x = Config{}
|
|
mi := &file_transport_internet_tls_config_proto_msgTypes[1]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *Config) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*Config) ProtoMessage() {}
|
|
|
|
func (x *Config) ProtoReflect() protoreflect.Message {
|
|
mi := &file_transport_internet_tls_config_proto_msgTypes[1]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use Config.ProtoReflect.Descriptor instead.
|
|
func (*Config) Descriptor() ([]byte, []int) {
|
|
return file_transport_internet_tls_config_proto_rawDescGZIP(), []int{1}
|
|
}
|
|
|
|
func (x *Config) GetAllowInsecure() bool {
|
|
if x != nil {
|
|
return x.AllowInsecure
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (x *Config) GetCertificate() []*Certificate {
|
|
if x != nil {
|
|
return x.Certificate
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *Config) GetServerName() string {
|
|
if x != nil {
|
|
return x.ServerName
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Config) GetNextProtocol() []string {
|
|
if x != nil {
|
|
return x.NextProtocol
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *Config) GetEnableSessionResumption() bool {
|
|
if x != nil {
|
|
return x.EnableSessionResumption
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (x *Config) GetDisableSystemRoot() bool {
|
|
if x != nil {
|
|
return x.DisableSystemRoot
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (x *Config) GetMinVersion() string {
|
|
if x != nil {
|
|
return x.MinVersion
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Config) GetMaxVersion() string {
|
|
if x != nil {
|
|
return x.MaxVersion
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Config) GetCipherSuites() string {
|
|
if x != nil {
|
|
return x.CipherSuites
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Config) GetFingerprint() string {
|
|
if x != nil {
|
|
return x.Fingerprint
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Config) GetRejectUnknownSni() bool {
|
|
if x != nil {
|
|
return x.RejectUnknownSni
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (x *Config) GetPinnedPeerCertificateChainSha256() [][]byte {
|
|
if x != nil {
|
|
return x.PinnedPeerCertificateChainSha256
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *Config) GetPinnedPeerCertificatePublicKeySha256() [][]byte {
|
|
if x != nil {
|
|
return x.PinnedPeerCertificatePublicKeySha256
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *Config) GetMasterKeyLog() string {
|
|
if x != nil {
|
|
return x.MasterKeyLog
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Config) GetCurvePreferences() []string {
|
|
if x != nil {
|
|
return x.CurvePreferences
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *Config) GetVerifyPeerCertInNames() []string {
|
|
if x != nil {
|
|
return x.VerifyPeerCertInNames
|
|
}
|
|
return nil
|
|
}
|
|
|
|
var File_transport_internet_tls_config_proto protoreflect.FileDescriptor
|
|
|
|
const file_transport_internet_tls_config_proto_rawDesc = "" +
|
|
"\n" +
|
|
"#transport/internet/tls/config.proto\x12\x1bxray.transport.internet.tls\"\x83\x03\n" +
|
|
"\vCertificate\x12 \n" +
|
|
"\vcertificate\x18\x01 \x01(\fR\vcertificate\x12\x10\n" +
|
|
"\x03key\x18\x02 \x01(\fR\x03key\x12D\n" +
|
|
"\x05usage\x18\x03 \x01(\x0e2..xray.transport.internet.tls.Certificate.UsageR\x05usage\x12#\n" +
|
|
"\rocsp_stapling\x18\x04 \x01(\x04R\focspStapling\x12)\n" +
|
|
"\x10certificate_path\x18\x05 \x01(\tR\x0fcertificatePath\x12\x19\n" +
|
|
"\bkey_path\x18\x06 \x01(\tR\akeyPath\x12(\n" +
|
|
"\x10One_time_loading\x18\a \x01(\bR\x0eOneTimeLoading\x12\x1f\n" +
|
|
"\vbuild_chain\x18\b \x01(\bR\n" +
|
|
"buildChain\"D\n" +
|
|
"\x05Usage\x12\x10\n" +
|
|
"\fENCIPHERMENT\x10\x00\x12\x14\n" +
|
|
"\x10AUTHORITY_VERIFY\x10\x01\x12\x13\n" +
|
|
"\x0fAUTHORITY_ISSUE\x10\x02\"\x9a\x06\n" +
|
|
"\x06Config\x12%\n" +
|
|
"\x0eallow_insecure\x18\x01 \x01(\bR\rallowInsecure\x12J\n" +
|
|
"\vcertificate\x18\x02 \x03(\v2(.xray.transport.internet.tls.CertificateR\vcertificate\x12\x1f\n" +
|
|
"\vserver_name\x18\x03 \x01(\tR\n" +
|
|
"serverName\x12#\n" +
|
|
"\rnext_protocol\x18\x04 \x03(\tR\fnextProtocol\x12:\n" +
|
|
"\x19enable_session_resumption\x18\x05 \x01(\bR\x17enableSessionResumption\x12.\n" +
|
|
"\x13disable_system_root\x18\x06 \x01(\bR\x11disableSystemRoot\x12\x1f\n" +
|
|
"\vmin_version\x18\a \x01(\tR\n" +
|
|
"minVersion\x12\x1f\n" +
|
|
"\vmax_version\x18\b \x01(\tR\n" +
|
|
"maxVersion\x12#\n" +
|
|
"\rcipher_suites\x18\t \x01(\tR\fcipherSuites\x12 \n" +
|
|
"\vfingerprint\x18\v \x01(\tR\vfingerprint\x12,\n" +
|
|
"\x12reject_unknown_sni\x18\f \x01(\bR\x10rejectUnknownSni\x12N\n" +
|
|
"$pinned_peer_certificate_chain_sha256\x18\r \x03(\fR pinnedPeerCertificateChainSha256\x12W\n" +
|
|
")pinned_peer_certificate_public_key_sha256\x18\x0e \x03(\fR$pinnedPeerCertificatePublicKeySha256\x12$\n" +
|
|
"\x0emaster_key_log\x18\x0f \x01(\tR\fmasterKeyLog\x12+\n" +
|
|
"\x11curve_preferences\x18\x10 \x03(\tR\x10curvePreferences\x128\n" +
|
|
"\x19verify_peer_cert_in_names\x18\x11 \x03(\tR\x15verifyPeerCertInNamesBs\n" +
|
|
"\x1fcom.xray.transport.internet.tlsP\x01Z0github.com/xtls/xray-core/transport/internet/tls\xaa\x02\x1bXray.Transport.Internet.Tlsb\x06proto3"
|
|
|
|
var (
|
|
file_transport_internet_tls_config_proto_rawDescOnce sync.Once
|
|
file_transport_internet_tls_config_proto_rawDescData []byte
|
|
)
|
|
|
|
func file_transport_internet_tls_config_proto_rawDescGZIP() []byte {
|
|
file_transport_internet_tls_config_proto_rawDescOnce.Do(func() {
|
|
file_transport_internet_tls_config_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_transport_internet_tls_config_proto_rawDesc), len(file_transport_internet_tls_config_proto_rawDesc)))
|
|
})
|
|
return file_transport_internet_tls_config_proto_rawDescData
|
|
}
|
|
|
|
var file_transport_internet_tls_config_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
|
|
var file_transport_internet_tls_config_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
|
|
var file_transport_internet_tls_config_proto_goTypes = []any{
|
|
(Certificate_Usage)(0), // 0: xray.transport.internet.tls.Certificate.Usage
|
|
(*Certificate)(nil), // 1: xray.transport.internet.tls.Certificate
|
|
(*Config)(nil), // 2: xray.transport.internet.tls.Config
|
|
}
|
|
var file_transport_internet_tls_config_proto_depIdxs = []int32{
|
|
0, // 0: xray.transport.internet.tls.Certificate.usage:type_name -> xray.transport.internet.tls.Certificate.Usage
|
|
1, // 1: xray.transport.internet.tls.Config.certificate:type_name -> xray.transport.internet.tls.Certificate
|
|
2, // [2:2] is the sub-list for method output_type
|
|
2, // [2:2] is the sub-list for method input_type
|
|
2, // [2:2] is the sub-list for extension type_name
|
|
2, // [2:2] is the sub-list for extension extendee
|
|
0, // [0:2] is the sub-list for field type_name
|
|
}
|
|
|
|
func init() { file_transport_internet_tls_config_proto_init() }
|
|
func file_transport_internet_tls_config_proto_init() {
|
|
if File_transport_internet_tls_config_proto != nil {
|
|
return
|
|
}
|
|
type x struct{}
|
|
out := protoimpl.TypeBuilder{
|
|
File: protoimpl.DescBuilder{
|
|
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
|
RawDescriptor: unsafe.Slice(unsafe.StringData(file_transport_internet_tls_config_proto_rawDesc), len(file_transport_internet_tls_config_proto_rawDesc)),
|
|
NumEnums: 1,
|
|
NumMessages: 2,
|
|
NumExtensions: 0,
|
|
NumServices: 0,
|
|
},
|
|
GoTypes: file_transport_internet_tls_config_proto_goTypes,
|
|
DependencyIndexes: file_transport_internet_tls_config_proto_depIdxs,
|
|
EnumInfos: file_transport_internet_tls_config_proto_enumTypes,
|
|
MessageInfos: file_transport_internet_tls_config_proto_msgTypes,
|
|
}.Build()
|
|
File_transport_internet_tls_config_proto = out.File
|
|
file_transport_internet_tls_config_proto_goTypes = nil
|
|
file_transport_internet_tls_config_proto_depIdxs = nil
|
|
}
|