Utility Go-API

utility

import "givc/modules/pkgs/utility"

SPDX-FileCopyrightText: 2024-2026 TII (SSRC) and the Ghaf contributors SPDX-License-Identifier: Apache-2.0

SPDX-FileCopyrightText: 2024-2026 TII (SSRC) and the Ghaf contributors SPDX-License-Identifier: Apache-2.0

Index

• Variables
• func CertIPVerifyInterceptor(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error)
• func CheckStringInArray(element string, array []string) bool
• func FindCGroupPath(serviceName string) (string, error)
• func GetCGroupPathForProcess(pid uint32) (string, error)
• func GetFqdn(addrs []net.IP) (string, error)
• func GetHostname() (string, error)
• func GetInterfaceIpv4(ifname string) (string, error)
• func GetInterfaceIpv4Dns(hostname string) (string, error)
• func GetIps(hostname string) ([]net.IP, error)
• func GetOutboundIP() net.IP
• func IsRoot() bool
• func IsUser(username string) bool
• func ParseVsockAddress(addr string) (uint32, uint32, error)
• func TlsClientConfig(cacertFilePath string, certFilePath string, keyFilePath string, serverName string) (*tls.Config, error)
• func TlsClientConfigFromTlsConfig(tlsConfig *tls.Config, serverName string) (*tls.Config, error)
• func TlsServerConfig(cacertFilePath string, certFilePath string, keyFilePath string, mutual bool) (*tls.Config, error)
• func extractIPFromAddr(addr net.Addr) (net.IP, error)
• func ipInCertSAN(cert *x509.Certificate, ip net.IP) bool

Variables

var (
    CIPHER_SUITES = []uint16{
        tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
        tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
        tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
    }
)

func CertIPVerifyInterceptor

func CertIPVerifyInterceptor(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error)

CertIPVerifyInterceptor is a gRPC server interceptor that verifies the peer’s IP address matches an IP in their TLS certificate’s SubjectAltName.

TCP: Verifies peer IP matches certificate SAN. Vsock/Unix: Skips IP check (hypervisor/filesystem provides isolation).

func CheckStringInArray

func CheckStringInArray(element string, array []string) bool

func FindCGroupPath

func FindCGroupPath(serviceName string) (string, error)

func GetCGroupPathForProcess

func GetCGroupPathForProcess(pid uint32) (string, error)

func GetFqdn

func GetFqdn(addrs []net.IP) (string, error)

func GetHostname

func GetHostname() (string, error)

func GetInterfaceIpv4

func GetInterfaceIpv4(ifname string) (string, error)

func GetInterfaceIpv4Dns

func GetInterfaceIpv4Dns(hostname string) (string, error)

func GetIps

func GetIps(hostname string) ([]net.IP, error)

func GetOutboundIP

func GetOutboundIP() net.IP

func IsRoot

func IsRoot() bool

func IsUser

func IsUser(username string) bool

func ParseVsockAddress

func ParseVsockAddress(addr string) (uint32, uint32, error)

func TlsClientConfig

func TlsClientConfig(cacertFilePath string, certFilePath string, keyFilePath string, serverName string) (*tls.Config, error)

func TlsClientConfigFromTlsConfig

func TlsClientConfigFromTlsConfig(tlsConfig *tls.Config, serverName string) (*tls.Config, error)

func TlsServerConfig

func TlsServerConfig(cacertFilePath string, certFilePath string, keyFilePath string, mutual bool) (*tls.Config, error)

func extractIPFromAddr

func extractIPFromAddr(addr net.Addr) (net.IP, error)

extractIPFromAddr extracts the IP address from a net.Addr

func ipInCertSAN

func ipInCertSAN(cert *x509.Certificate, ip net.IP) bool

ipInCertSAN checks if the given IP is in the certificate’s SubjectAltName IP addresses

Generated by gomarkdoc