github.com/imannamdari/v2ray-core/v5@v5.0.5/transport/internet/tls/config.proto

github.com/imannamdari/v2ray-core/v5@v5.0.5/transport/internet/tls/config.proto (about)

     1  syntax = "proto3";
     2  
     3  package v2ray.core.transport.internet.tls;
     4  option csharp_namespace = "V2Ray.Core.Transport.Internet.Tls";
     5  option go_package = "github.com/imannamdari/v2ray-core/v5/transport/internet/tls";
     6  option java_package = "com.v2ray.core.transport.internet.tls";
     7  option java_multiple_files = true;
     8  
     9  import "common/protoext/extensions.proto";
    10  
    11  message Certificate {
    12    // TLS certificate in x509 format.
    13    bytes Certificate = 1;
    14  
    15    // TLS key in x509 format.
    16    bytes Key = 2;
    17  
    18    enum Usage {
    19      ENCIPHERMENT = 0;
    20      AUTHORITY_VERIFY = 1;
    21      AUTHORITY_ISSUE = 2;
    22      AUTHORITY_VERIFY_CLIENT = 3;
    23    }
    24  
    25    Usage usage = 3;
    26  
    27    string certificate_file = 96001 [(v2ray.core.common.protoext.field_opt).convert_time_read_file_into = "Certificate"];
    28    string key_file = 96002 [(v2ray.core.common.protoext.field_opt).convert_time_read_file_into = "Key"];
    29  }
    30  
    31  message Config {
    32    option (v2ray.core.common.protoext.message_opt).type = "security";
    33    option (v2ray.core.common.protoext.message_opt).short_name = "tls";
    34  
    35    // Whether or not to allow self-signed certificates.
    36    bool allow_insecure = 1 [(v2ray.core.common.protoext.field_opt).forbidden = true];
    37  
    38    // List of certificates to be served on server.
    39    repeated Certificate certificate = 2;
    40  
    41    // Override server name.
    42    string server_name = 3;
    43  
    44    // Lists of string as ALPN values.
    45    repeated string next_protocol = 4;
    46  
    47    // Whether or not to enable session (ticket) resumption.
    48    bool enable_session_resumption = 5;
    49  
    50    // If true, root certificates on the system will not be loaded for
    51    // verification.
    52    bool disable_system_root = 6;
    53  
    54    /* @Document A pinned certificate chain sha256 hash.
    55       @Document If the server's hash does not match this value, the connection will be aborted.
    56       @Document This value replace allow_insecure.
    57       @Critical
    58    */
    59    repeated bytes pinned_peer_certificate_chain_sha256 = 7;
    60  
    61    // If true, the client is required to present a certificate.
    62    bool verify_client_certificate = 8;
    63  
    64    // Enable this if you want tls client hello encryption.
    65    bool enable_ech = 9;
    66    ECHSetting ech_setting = 10;
    67  }
    68  
    69  message ECHSetting {
    70    string dns_addr = 1;
    71    string init_ech_key = 2;
    72  }