rpc

package
v0.0.0-...-98addd5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2017 License: MPL-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AmqpExchange     = "boulder"
	AmqpExchangeType = "topic"
	AmqpInternal     = false
	AmqpDurable      = false
	AmqpDeleteUnused = false
	AmqpExclusive    = false
	AmqpNoWait       = false
	AmqpNoLocal      = false
	AmqpAutoAck      = true
	AmqpMandatory    = false
	AmqpImmediate    = false
)

XXX: I *think* these constants are appropriate. We will probably want to tweak these in the future.

View Source 
const (
	MethodNewRegistration                   = "NewRegistration"                   // RA, SA
	MethodNewAuthorization                  = "NewAuthorization"                  // RA
	MethodNewCertificate                    = "NewCertificate"                    // RA
	MethodUpdateRegistration                = "UpdateRegistration"                // RA, SA
	MethodUpdateAuthorization               = "UpdateAuthorization"               // RA
	MethodRevokeCertificateWithReg          = "RevokeCertificateWithReg"          // RA
	MethodAdministrativelyRevokeCertificate = "AdministrativelyRevokeCertificate" // RA
	MethodPerformValidation                 = "PerformValidation"                 // VA
	MethodIsSafeDomain                      = "IsSafeDomain"                      // VA
	MethodIssueCertificate                  = "IssueCertificate"                  // CA
	MethodGenerateOCSP                      = "GenerateOCSP"                      // CA
	MethodGetRegistration                   = "GetRegistration"                   // SA
	MethodGetRegistrationByKey              = "GetRegistrationByKey"              // RA, SA
	MethodGetAuthorization                  = "GetAuthorization"                  // SA
	MethodGetValidAuthorizations            = "GetValidAuthorizations"            // SA
	MethodGetCertificate                    = "GetCertificate"                    // SA
	MethodGetCertificateStatus              = "GetCertificateStatus"              // SA
	MethodMarkCertificateRevoked            = "MarkCertificateRevoked"            // SA
	MethodNewPendingAuthorization           = "NewPendingAuthorization"           // SA
	MethodUpdatePendingAuthorization        = "UpdatePendingAuthorization"        // SA
	MethodFinalizeAuthorization             = "FinalizeAuthorization"             // SA
	MethodAddCertificate                    = "AddCertificate"                    // SA
	MethodCountCertificatesRange            = "CountCertificatesRange"            // SA
	MethodCountCertificatesByNames          = "CountCertificatesByNames"          // SA
	MethodCountRegistrationsByIP            = "CountRegistrationsByIP"            // SA
	MethodCountPendingAuthorizations        = "CountPendingAuthorizations"        // SA
	MethodGetSCTReceipt                     = "GetSCTReceipt"                     // SA
	MethodAddSCTReceipt                     = "AddSCTReceipt"                     // SA
	MethodSubmitToCT                        = "SubmitToCT"                        // Pub
	MethodRevokeAuthorizationsByDomain      = "RevokeAuthorizationsByDomain"      // SA
	MethodCountFQDNSets                     = "CountFQDNSets"                     // SA
	MethodFQDNSetExists                     = "FQDNSetExists"                     // SA
	MethodDeactivateAuthorizationSA         = "DeactivateAuthorizationSA"         // SA
	MethodDeactivateAuthorization           = "DeactivateAuthorization"           // RA
	MethodDeactivateRegistrationSA          = "DeactivateRegistrationSA"          // SA
	MethodDeactivateRegistration            = "DeactivateRegistration"            // RA
)

These strings are used by the RPC layer to identify function points.

Variables

This section is empty.

Functions

func NewCertificateAuthorityServer 

func NewCertificateAuthorityServer(rpc Server, impl core.CertificateAuthority) (err error)

NewCertificateAuthorityServer constructs an RPC server

CertificateAuthorityClient / Server 

-> IssueCertificate

func NewPublisherServer 

func NewPublisherServer(rpc Server, impl core.Publisher) (err error)

NewPublisherServer creates a new server that wraps a CT publisher

func NewRegistrationAuthorityServer 

func NewRegistrationAuthorityServer(rpc Server, impl core.RegistrationAuthority, log blog.Logger) error

NewRegistrationAuthorityServer constructs an RPC server

func NewStorageAuthorityServer 

func NewStorageAuthorityServer(rpc Server, impl core.StorageAuthority) error

NewStorageAuthorityServer constructs an RPC server

func NewValidationAuthorityServer 

func NewValidationAuthorityServer(rpc Server, impl core.ValidationAuthority) (err error)

NewValidationAuthorityServer constructs an RPC server

ValidationAuthorityClient / Server

Types

type AmqpRPCCLient 

type AmqpRPCCLient struct {
	// contains filtered or unexported fields
}

AmqpRPCCLient is an AMQP-RPC client that sends requests to a specific server queue, and uses a dedicated response queue for responses.

To implement specific functionality, using code uses the DispatchSync() method to send a method name and body, and get back a response. So you end up with wrapper methods of the form:

``` 

request = /* serialize request to []byte */
response = AmqpRPCCLient.Dispatch(method, request)
return /* deserialized response */

```

DispatchSync will manage the channel for you, and also enforce a timeout on the transaction.

func NewAmqpRPCClient 

func NewAmqpRPCClient(
	clientQueuePrefix string,
	amqpConf *cmd.AMQPConfig,
	rpcConf *cmd.RPCServerConfig,
	stats metrics.Scope,
) (rpc *AmqpRPCCLient, err error)

NewAmqpRPCClient constructs an RPC client using AMQP

func (*AmqpRPCCLient) DispatchSync 

func (rpc *AmqpRPCCLient) DispatchSync(method string, body []byte) (response []byte, err error)

DispatchSync sends a body to the destination, and blocks waiting on a response.

type AmqpRPCServer 

type AmqpRPCServer struct {
	// contains filtered or unexported fields
}

AmqpRPCServer listens on a specified queue within an AMQP channel. When messages arrive on that queue, it dispatches them based on type, and returns the response to the ReplyTo queue.

To implement specific functionality, using code should use the Handle method to add specific actions.

func NewAmqpRPCServer 

func NewAmqpRPCServer(
	amqpConf *cmd.AMQPConfig,
	maxConcurrentRPCServerRequests int64,
	stats metrics.Scope,
	log blog.Logger,
) (*AmqpRPCServer, error)

NewAmqpRPCServer creates a new RPC server for the given queue and will begin consuming requests from the queue. To start the server you must call Start().

func (*AmqpRPCServer) Handle 

func (rpc *AmqpRPCServer) Handle(method string, handler messageHandler)

Handle registers a function to handle a particular method.

func (*AmqpRPCServer) Start 

func (rpc *AmqpRPCServer) Start(c *cmd.AMQPConfig) error

Start starts the AMQP-RPC server and handles reconnections, this will block until a fatal error is returned or AmqpRPCServer.Stop() is called and all remaining messages are processed.

func (*AmqpRPCServer) Stop 

func (rpc *AmqpRPCServer) Stop()

Stop gracefully stops the AmqpRPCServer, after calling AmqpRPCServer.Start will continue blocking until it has processed any messages that have already been retrieved.

type CertificateAuthorityClient 

type CertificateAuthorityClient struct {
	// contains filtered or unexported fields
}

CertificateAuthorityClient is a client to communicate with the CA.

func NewCertificateAuthorityClient 

func NewCertificateAuthorityClient(clientName string, amqpConf *cmd.AMQPConfig, stats metrics.Scope) (*CertificateAuthorityClient, error)

NewCertificateAuthorityClient constructs an RPC client

func (CertificateAuthorityClient) GenerateOCSP 

func (cac CertificateAuthorityClient) GenerateOCSP(ctx context.Context, signRequest core.OCSPSigningRequest) (resp []byte, err error)

GenerateOCSP sends a request to generate an OCSP response

func (CertificateAuthorityClient) IssueCertificate 

func (cac CertificateAuthorityClient) IssueCertificate(ctx context.Context, csr x509.CertificateRequest, regID int64) (cert core.Certificate, err error)

IssueCertificate sends a request to issue a certificate

type Client 

type Client interface {
	DispatchSync(string, []byte) ([]byte, error)
}

Client describes the functions an RPC Client performs

type DeliveryHandler 

type DeliveryHandler func(amqp.Delivery)

DeliveryHandler is a function that will process an amqp.DeliveryHandler

type PublisherClient 

type PublisherClient struct {
	// contains filtered or unexported fields
}

PublisherClient is a client to communicate with the Publisher Authority

func NewPublisherClient 

func NewPublisherClient(clientName string, amqpConf *cmd.AMQPConfig, stats metrics.Scope) (*PublisherClient, error)

NewPublisherClient constructs an RPC client

func (PublisherClient) SubmitToCT 

func (pub PublisherClient) SubmitToCT(ctx context.Context, der []byte) (err error)

SubmitToCT sends a request to submit a certificate to CT logs

func (PublisherClient) SubmitToSingleCT 

func (pub PublisherClient) SubmitToSingleCT(ctx context.Context, logURL, logPublicKey string, der []byte) (err error)

The only consumer of the publisher service's `SubmitToSingleCT` func is the `ocsp-updater`. Since it will *only* use gRPC to communicate with the Publisher we *do not* implement `SubmitToSingleCT` for AQMP. This method is here only to satisfy the publisher interface

type RegistrationAuthorityClient 

type RegistrationAuthorityClient struct {
	// contains filtered or unexported fields
}

RegistrationAuthorityClient represents an RA RPC client

func NewRegistrationAuthorityClient 

func NewRegistrationAuthorityClient(clientName string, amqpConf *cmd.AMQPConfig, stats metrics.Scope) (*RegistrationAuthorityClient, error)

NewRegistrationAuthorityClient constructs an RPC client

func (RegistrationAuthorityClient) AdministrativelyRevokeCertificate 

func (rac RegistrationAuthorityClient) AdministrativelyRevokeCertificate(ctx context.Context, cert x509.Certificate, reason revocation.Reason, user string) (err error)

AdministrativelyRevokeCertificate sends a Revoke Certificate request initiated by the admin-revoker

func (RegistrationAuthorityClient) DeactivateAuthorization 

func (rac RegistrationAuthorityClient) DeactivateAuthorization(ctx context.Context, authz core.Authorization) error

DeactivateAuthorization deactivates a currently valid or pending authorization

func (RegistrationAuthorityClient) DeactivateRegistration 

func (rac RegistrationAuthorityClient) DeactivateRegistration(ctx context.Context, reg core.Registration) error

DeactivateRegistration deactivates a currently valid registration

func (RegistrationAuthorityClient) NewAuthorization 

func (rac RegistrationAuthorityClient) NewAuthorization(ctx context.Context, authz core.Authorization, regID int64) (newAuthz core.Authorization, err error)

NewAuthorization sends a New Authorization request

func (RegistrationAuthorityClient) NewCertificate 

func (rac RegistrationAuthorityClient) NewCertificate(ctx context.Context, cr core.CertificateRequest, regID int64) (cert core.Certificate, err error)

NewCertificate sends a New Certificate request

func (RegistrationAuthorityClient) NewRegistration 

func (rac RegistrationAuthorityClient) NewRegistration(ctx context.Context, reg core.Registration) (newReg core.Registration, err error)

NewRegistration sends a New Registration request

func (RegistrationAuthorityClient) RevokeCertificateWithReg 

func (rac RegistrationAuthorityClient) RevokeCertificateWithReg(ctx context.Context, cert x509.Certificate, reason revocation.Reason, regID int64) (err error)

RevokeCertificateWithReg sends a Revoke Certificate request initiated by the WFE

func (RegistrationAuthorityClient) UpdateAuthorization 

func (rac RegistrationAuthorityClient) UpdateAuthorization(ctx context.Context, authz core.Authorization, index int, response core.Challenge) (newAuthz core.Authorization, err error)

UpdateAuthorization sends an Update Authorization request

func (RegistrationAuthorityClient) UpdateRegistration 

func (rac RegistrationAuthorityClient) UpdateRegistration(ctx context.Context, base core.Registration, update core.Registration) (newReg core.Registration, err error)

UpdateRegistration sends an Update Registration request

type Server 

type Server interface {
	Handle(string, messageHandler)
}

Server describes the functions an RPC Server performs

type StorageAuthorityClient 

type StorageAuthorityClient struct {
	// contains filtered or unexported fields
}

StorageAuthorityClient is a client to communicate with the Storage Authority

func NewStorageAuthorityClient 

func NewStorageAuthorityClient(clientName string, amqpConf *cmd.AMQPConfig, stats metrics.Scope) (*StorageAuthorityClient, error)

NewStorageAuthorityClient constructs an RPC client

func (StorageAuthorityClient) AddCertificate 

func (cac StorageAuthorityClient) AddCertificate(ctx context.Context, cert []byte, regID int64) (id string, err error)

AddCertificate sends a request to record the issuance of a certificate

func (StorageAuthorityClient) AddSCTReceipt 

func (cac StorageAuthorityClient) AddSCTReceipt(ctx context.Context, sct core.SignedCertificateTimestamp) (err error)

AddSCTReceipt adds a new SCT to the database.

func (StorageAuthorityClient) CountCertificatesByNames 

func (cac StorageAuthorityClient) CountCertificatesByNames(ctx context.Context, names []string, earliest, latest time.Time) (counts map[string]int, err error)

CountCertificatesByNames calls CountCertificatesRange on the remote StorageAuthority.

func (StorageAuthorityClient) CountCertificatesRange 

func (cac StorageAuthorityClient) CountCertificatesRange(ctx context.Context, start, end time.Time) (count int64, err error)

CountCertificatesRange sends a request to count the number of certificates issued in a certain time range

func (StorageAuthorityClient) CountFQDNSets 

func (cac StorageAuthorityClient) CountFQDNSets(ctx context.Context, window time.Duration, names []string) (int64, error)

CountFQDNSets returns the number of currently valid sets with hash |setHash|

func (StorageAuthorityClient) CountPendingAuthorizations 

func (cac StorageAuthorityClient) CountPendingAuthorizations(ctx context.Context, regID int64) (count int, err error)

CountPendingAuthorizations calls CountPendingAuthorizations on the remote StorageAuthority.

func (StorageAuthorityClient) CountRegistrationsByIP 

func (cac StorageAuthorityClient) CountRegistrationsByIP(ctx context.Context, ip net.IP, earliest, latest time.Time) (count int, err error)

CountRegistrationsByIP calls CountRegistrationsByIP on the remote StorageAuthority.

func (StorageAuthorityClient) DeactivateAuthorization 

func (cac StorageAuthorityClient) DeactivateAuthorization(ctx context.Context, id string) error

DeactivateAuthorization deactivates a currently valid or pending authorization

func (StorageAuthorityClient) DeactivateRegistration 

func (cac StorageAuthorityClient) DeactivateRegistration(ctx context.Context, id int64) error

DeactivateRegistration deactivates a currently valid registration

func (StorageAuthorityClient) FQDNSetExists 

func (cac StorageAuthorityClient) FQDNSetExists(ctx context.Context, names []string) (bool, error)

FQDNSetExists returns a bool indicating whether the FQDN set |name| exists in the database

func (StorageAuthorityClient) FinalizeAuthorization 

func (cac StorageAuthorityClient) FinalizeAuthorization(ctx context.Context, authz core.Authorization) (err error)

FinalizeAuthorization sends a request to finalize an authorization (convert from pending)

func (StorageAuthorityClient) GetAuthorization 

func (cac StorageAuthorityClient) GetAuthorization(ctx context.Context, id string) (authz core.Authorization, err error)

GetAuthorization sends a request to get an Authorization by ID

func (StorageAuthorityClient) GetCertificate 

func (cac StorageAuthorityClient) GetCertificate(ctx context.Context, id string) (cert core.Certificate, err error)

GetCertificate sends a request to get a Certificate by ID

func (StorageAuthorityClient) GetCertificateStatus 

func (cac StorageAuthorityClient) GetCertificateStatus(ctx context.Context, id string) (status core.CertificateStatus, err error)

GetCertificateStatus sends a request to obtain the current status of a certificate by ID

func (StorageAuthorityClient) GetRegistration 

func (cac StorageAuthorityClient) GetRegistration(ctx context.Context, id int64) (reg core.Registration, err error)

GetRegistration sends a request to get a registration by ID

func (StorageAuthorityClient) GetRegistrationByKey 

func (cac StorageAuthorityClient) GetRegistrationByKey(ctx context.Context, key *jose.JsonWebKey) (reg core.Registration, err error)

GetRegistrationByKey sends a request to get a registration by JWK

func (StorageAuthorityClient) GetSCTReceipt 

func (cac StorageAuthorityClient) GetSCTReceipt(ctx context.Context, serial string, logID string) (receipt core.SignedCertificateTimestamp, err error)

GetSCTReceipt retrieves an SCT according to the serial number of a certificate and the logID of the log to which it was submitted.

func (StorageAuthorityClient) GetValidAuthorizations 

func (cac StorageAuthorityClient) GetValidAuthorizations(ctx context.Context, registrationID int64, names []string, now time.Time) (auths map[string]*core.Authorization, err error)

GetValidAuthorizations sends a request to get a batch of Authorizations by RegID and dnsName. The current time is also included in the request to assist filtering.

func (StorageAuthorityClient) MarkCertificateRevoked 

func (cac StorageAuthorityClient) MarkCertificateRevoked(ctx context.Context, serial string, reasonCode revocation.Reason) (err error)

MarkCertificateRevoked sends a request to mark a certificate as revoked

func (StorageAuthorityClient) NewPendingAuthorization 

func (cac StorageAuthorityClient) NewPendingAuthorization(ctx context.Context, authz core.Authorization) (output core.Authorization, err error)

NewPendingAuthorization sends a request to store a pending authorization

func (StorageAuthorityClient) NewRegistration 

func (cac StorageAuthorityClient) NewRegistration(ctx context.Context, reg core.Registration) (output core.Registration, err error)

NewRegistration sends a request to store a new registration

func (StorageAuthorityClient) RevokeAuthorizationsByDomain 

func (cac StorageAuthorityClient) RevokeAuthorizationsByDomain(ctx context.Context, ident core.AcmeIdentifier) (aRevoked int64, paRevoked int64, err error)

RevokeAuthorizationsByDomain sends a request to revoke all pending or finalized authorizations for a single domain

func (StorageAuthorityClient) UpdatePendingAuthorization 

func (cac StorageAuthorityClient) UpdatePendingAuthorization(ctx context.Context, authz core.Authorization) (err error)

UpdatePendingAuthorization sends a request to update the data in a pending authorization

func (StorageAuthorityClient) UpdateRegistration 

func (cac StorageAuthorityClient) UpdateRegistration(ctx context.Context, reg core.Registration) (err error)

UpdateRegistration sends a request to store an updated registration

type ValidationAuthorityClient 

type ValidationAuthorityClient struct {
	// contains filtered or unexported fields
}

ValidationAuthorityClient represents an RPC client for the VA

func NewValidationAuthorityClient 

func NewValidationAuthorityClient(clientName string, amqpConf *cmd.AMQPConfig, stats metrics.Scope) (*ValidationAuthorityClient, error)

NewValidationAuthorityClient constructs an RPC client

func (ValidationAuthorityClient) IsSafeDomain 

func (vac ValidationAuthorityClient) IsSafeDomain(ctx context.Context, req *vaPB.IsSafeDomainRequest) (resp *vaPB.IsDomainSafe, err error)

IsSafeDomain returns true if the domain given is determined to be safe by an third-party safe browsing API.

func (ValidationAuthorityClient) PerformValidation 

func (vac ValidationAuthorityClient) PerformValidation(ctx context.Context, domain string, challenge core.Challenge, authz core.Authorization) ([]core.ValidationRecord, error)

PerformValidation has the VA revalidate the specified challenge and returns the updated Challenge object.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.