v2fly/transport/internet/tls/config.proto

syntax = "proto3";

package v2ray.core.transport.internet.tls;
option csharp_namespace = "V2Ray.Core.Transport.Internet.Tls";
option go_package = "github.com/v2fly/v2ray-core/v4/transport/internet/tls";
option java_package = "com.v2ray.core.transport.internet.tls";
option java_multiple_files = true;

message Certificate {
  // TLS certificate in x509 format.
  bytes Certificate = 1;

  // TLS key in x509 format.
  bytes Key = 2;

  enum Usage {
    ENCIPHERMENT = 0;
    AUTHORITY_VERIFY = 1;
    AUTHORITY_ISSUE = 2;
  }

  Usage usage = 3;
}

message Config {
  // Whether or not to allow self-signed certificates.
  bool allow_insecure = 1;

  // List of certificates to be served on server.
  repeated Certificate certificate = 2;

  // Override server name.
  string server_name = 3;

  // Lists of string as ALPN values.
  repeated string next_protocol = 4;

  // Whether or not to enable session (ticket) resumption.
  bool enable_session_resumption = 5;

  // If true, root certificates on the system will not be loaded for
  // verification.
  bool disable_system_root = 6;

  /* @Document A pinned certificate chain sha256 hash.
     @Document If the server's hash does not match this value, the connection will be aborted.
     @Document This value replace allow_insecure.
     @Critical
  */
  repeated bytes pinned_peer_certificate_chain_sha256 = 7;
}
protobuf for stream settings 2016-10-02 17:43:58 -04:00			`syntax = "proto3";`

			`package v2ray.core.transport.internet.tls;`
proto option for C# namespace 2016-12-22 18:24:28 -05:00			`option csharp_namespace = "V2Ray.Core.Transport.Internet.Tls";`
Chore: change module name (#677) 2021-02-16 15:31:50 -05:00			`option go_package = "github.com/v2fly/v2ray-core/v4/transport/internet/tls";`
protobuf for stream settings 2016-10-02 17:43:58 -04:00			`option java_package = "com.v2ray.core.transport.internet.tls";`
update java options 2017-02-03 17:15:10 -05:00			`option java_multiple_files = true;`
protobuf for stream settings 2016-10-02 17:43:58 -04:00
			`message Certificate {`
comments 2016-10-18 09:31:39 -04:00			`// TLS certificate in x509 format.`
protobuf for stream settings 2016-10-02 17:43:58 -04:00			`bytes Certificate = 1;`
comments 2016-10-18 09:31:39 -04:00
			`// TLS key in x509 format.`
protobuf for stream settings 2016-10-02 17:43:58 -04:00			`bytes Key = 2;`
automatic issuing certificates from provided CA 2018-04-10 06:42:02 -04:00
			`enum Usage {`
			`ENCIPHERMENT = 0;`
			`AUTHORITY_VERIFY = 1;`
			`AUTHORITY_ISSUE = 2;`
			`}`

			`Usage usage = 3;`
protobuf for stream settings 2016-10-02 17:43:58 -04:00			`}`

			`message Config {`
comments 2016-10-18 09:31:39 -04:00			`// Whether or not to allow self-signed certificates.`
protobuf for stream settings 2016-10-02 17:43:58 -04:00			`bool allow_insecure = 1;`
comments 2016-10-18 09:31:39 -04:00
			`// List of certificates to be served on server.`
protobuf for stream settings 2016-10-02 17:43:58 -04:00			`repeated Certificate certificate = 2;`
support server name override 2016-12-11 17:58:37 -05:00
			`// Override server name.`
			`string server_name = 3;`
Use 'h2' for ALPN in TCP 2018-01-02 12:16:36 -05:00
			`// Lists of string as ALPN values.`
			`repeated string next_protocol = 4;`
offer an option to disable session resumption 2018-07-24 09:12:09 -04:00
Disable session resumption by default (#569) 2021-01-01 04:01:14 -05:00			`// Whether or not to enable session (ticket) resumption.`
			`bool enable_session_resumption = 5;`
add support for not loading system roots. fixes #1513 2019-02-26 15:58:54 -05:00
Format proto files using clang-format according to google style (#264) * Format proto files using clang-format according to google style * Regenerate pb.go files 2020-10-04 20:36:40 -04:00			`// If true, root certificates on the system will not be loaded for`
			`// verification.`
Disable session resumption by default (#569) 2021-01-01 04:01:14 -05:00			`bool disable_system_root = 6;`
verify peer cert function for better man in the middle prevention 2021-04-15 13:16:19 -04:00
			`/* @Document A pinned certificate chain sha256 hash.`
			`@Document If the server's hash does not match this value, the connection will be aborted.`
			`@Document This value replace allow_insecure.`
			`@Critical`
			`*/`
			`repeated bytes pinned_peer_certificate_chain_sha256 = 7;`
automatic issuing certificates from provided CA 2018-04-10 06:42:02 -04:00			`}`