sa

package
v0.0.0-...-49c5947 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 2, 2018 License: MIT, MPL-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewDbMap

func NewDbMap(dbConnect string, maxOpenConns int) (*gorp.DbMap, error)

NewDbMap creates the root gorp mapping object. Create one of these for each database schema you wish to map. Each DbMap contains a list of mapped tables. It automatically maps the tables for the primary parts of Boulder around the Storage Authority.

func NewDbMapFromConfig

func NewDbMapFromConfig(config *mysql.Config, maxOpenConns int) (*gorp.DbMap, error)

NewDbMapFromConfig functions similarly to NewDbMap, but it takes the decomposed form of the connection string, a *mysql.Config.

func ReportDbConnCount

func ReportDbConnCount(dbMap *gorp.DbMap, statter metrics.Scope)

func ReverseName

func ReverseName(domain string) string

func Rollback

func Rollback(tx *gorp.Transaction, err error) error

Rollback rolls back the provided transaction. If the rollback fails for any reason a `RollbackError` error is returned wrapping the original error. If no rollback error occurs then the original error is returned.

func SelectCertificate

func SelectCertificate(s dbOneSelector, q string, args ...interface{}) (core.Certificate, error)

SelectCertificate selects all fields of one certificate object

func SelectCertificateStatus

func SelectCertificateStatus(s dbOneSelector, q string, args ...interface{}) (certStatusModel, error)

SelectCertificateStatus selects all fields of one certificate status model

func SelectCertificateStatuses

func SelectCertificateStatuses(s dbSelector, q string, args ...interface{}) ([]core.CertificateStatus, error)

SelectCertificateStatuses selects all fields of multiple certificate status objects

func SelectCertificates

func SelectCertificates(s dbSelector, q string, args map[string]interface{}) ([]core.Certificate, error)

SelectCertificates selects all fields of multiple certificate objects

func SetSQLDebug

func SetSQLDebug(dbMap *gorp.DbMap, log blog.Logger)

SetSQLDebug enables GORP SQL-level Debugging

Types

type BoulderTypeConverter

type BoulderTypeConverter struct{}

BoulderTypeConverter is used by Gorp for storing objects in DB.

func (BoulderTypeConverter) FromDb

func (tc BoulderTypeConverter) FromDb(target interface{}) (gorp.CustomScanner, bool)

FromDb converts a DB representation back into a Boulder object.

func (BoulderTypeConverter) ToDb

func (tc BoulderTypeConverter) ToDb(val interface{}) (interface{}, error)

ToDb converts a Boulder object to one suitable for the DB representation.

type ErrNoReceipt

type ErrNoReceipt string

ErrNoReceipt is an error type for non-existent SCT receipt

func (ErrNoReceipt) Error

func (e ErrNoReceipt) Error() string

type RollbackError

type RollbackError struct {
	Err         error
	RollbackErr error
}

RollbackError is a combination of a database error and the error, if any, encountered while trying to rollback the transaction.

func (*RollbackError) Error

func (re *RollbackError) Error() string

Error implements the error interface

type SQLLogger

type SQLLogger struct {
	blog.Logger
}

SQLLogger adapts the Boulder Logger to a format GORP can use.

func (*SQLLogger) Printf

func (log *SQLLogger) Printf(format string, v ...interface{})

Printf adapts the AuditLogger to GORP's interface

type SQLStorageAuthority

type SQLStorageAuthority struct {
	// contains filtered or unexported fields
}

SQLStorageAuthority defines a Storage Authority

func NewSQLStorageAuthority

func NewSQLStorageAuthority(
	dbMap *gorp.DbMap,
	clk clock.Clock,
	logger blog.Logger,
	scope metrics.Scope,
	parallelismPerRPC int,
) (*SQLStorageAuthority, error)

NewSQLStorageAuthority provides persistence using a SQL backend for Boulder. It will modify the given gorp.DbMap by adding relevant tables.

func (*SQLStorageAuthority) AddCertificate

func (ssa *SQLStorageAuthority) AddCertificate(ctx context.Context, certDER []byte, regID int64, ocspResponse []byte) (string, error)

AddCertificate stores an issued certificate and returns the digest as a string, or an error if any occurred.

func (*SQLStorageAuthority) AddPendingAuthorizations

AddPendingAuthorizations creates a batch of pending authorizations and returns their IDs

func (*SQLStorageAuthority) AddSCTReceipt

AddSCTReceipt adds a new SCT receipt to the (append-only) sctReceipts table

func (*SQLStorageAuthority) CountCertificatesByExactNames

func (ssa *SQLStorageAuthority) CountCertificatesByExactNames(ctx context.Context, domains []string, earliest, latest time.Time) ([]*sapb.CountByNames_MapElement, error)

func (*SQLStorageAuthority) CountCertificatesByNames

func (ssa *SQLStorageAuthority) CountCertificatesByNames(ctx context.Context, domains []string, earliest, latest time.Time) ([]*sapb.CountByNames_MapElement, error)

CountCertificatesByNames counts, for each input domain, the number of certificates issued in the given time range for that domain and its subdomains. It returns a map from domains to counts, which is guaranteed to contain an entry for each input domain, so long as err is nil. Queries will be run in parallel. If any of them error, only one error will be returned.

func (*SQLStorageAuthority) CountCertificatesRange

func (ssa *SQLStorageAuthority) CountCertificatesRange(ctx context.Context, start, end time.Time) (int64, error)

CountCertificatesRange returns the number of certificates issued in a specific date range

func (*SQLStorageAuthority) CountFQDNSets

func (ssa *SQLStorageAuthority) CountFQDNSets(ctx context.Context, window time.Duration, names []string) (int64, error)

CountFQDNSets returns the number of sets with hash |setHash| within the window |window|

func (*SQLStorageAuthority) CountInvalidAuthorizations

func (ssa *SQLStorageAuthority) CountInvalidAuthorizations(
	ctx context.Context,
	req *sapb.CountInvalidAuthorizationsRequest,
) (count *sapb.Count, err error)

CountInvalidAuthorizations counts invalid authorizations for a user expiring in a given time range. authorizations for the give registration.

func (*SQLStorageAuthority) CountOrders

func (ssa *SQLStorageAuthority) CountOrders(ctx context.Context, acctID int64, earliest, latest time.Time) (int, error)

func (*SQLStorageAuthority) CountPendingAuthorizations

func (ssa *SQLStorageAuthority) CountPendingAuthorizations(ctx context.Context, regID int64) (count int, err error)

CountPendingAuthorizations returns the number of pending, unexpired authorizations for the given registration.

func (*SQLStorageAuthority) CountRegistrationsByIP

func (ssa *SQLStorageAuthority) CountRegistrationsByIP(ctx context.Context, ip net.IP, earliest time.Time, latest time.Time) (int, error)

CountRegistrationsByIP returns the number of registrations created in the time range for a single IP address.

func (*SQLStorageAuthority) CountRegistrationsByIPRange

func (ssa *SQLStorageAuthority) CountRegistrationsByIPRange(ctx context.Context, ip net.IP, earliest time.Time, latest time.Time) (int, error)

CountRegistrationsByIPRange returns the number of registrations created in the time range in an IP range. For IPv4 addresses, that range is limited to the single IP. For IPv6 addresses, that range is a /48, since it's not uncommon for one person to have a /48 to themselves.

func (*SQLStorageAuthority) DeactivateAuthorization

func (ssa *SQLStorageAuthority) DeactivateAuthorization(ctx context.Context, id string) error

DeactivateAuthorization deactivates a currently valid or pending authorization

func (*SQLStorageAuthority) DeactivateRegistration

func (ssa *SQLStorageAuthority) DeactivateRegistration(ctx context.Context, id int64) error

DeactivateRegistration deactivates a currently valid registration

func (*SQLStorageAuthority) FQDNSetExists

func (ssa *SQLStorageAuthority) FQDNSetExists(ctx context.Context, names []string) (bool, error)

FQDNSetExists returns a bool indicating if one or more FQDN sets |names| exists in the database

func (*SQLStorageAuthority) FinalizeAuthorization

func (ssa *SQLStorageAuthority) FinalizeAuthorization(ctx context.Context, authz core.Authorization) error

FinalizeAuthorization converts a Pending Authorization to a final one. If the Authorization is not found a berrors.NotFound result is returned. If the Authorization is status pending a berrors.InternalServer error is returned.

func (*SQLStorageAuthority) FinalizeOrder

func (ssa *SQLStorageAuthority) FinalizeOrder(ctx context.Context, req *corepb.Order) error

FinalizeOrder finalizes a provided *corepb.Order by persisting the CertificateSerial and a valid status to the database. No fields other than CertificateSerial and the order ID on the provided order are processed (e.g. this is not a generic update RPC).

func (*SQLStorageAuthority) GetAuthorization

func (ssa *SQLStorageAuthority) GetAuthorization(ctx context.Context, id string) (core.Authorization, error)

GetAuthorization obtains an Authorization by ID

func (*SQLStorageAuthority) GetAuthorizations

GetAuthorizations returns a map of valid or pending authorizations for as many names as possible

func (*SQLStorageAuthority) GetCertificate

func (ssa *SQLStorageAuthority) GetCertificate(ctx context.Context, serial string) (core.Certificate, error)

GetCertificate takes a serial number and returns the corresponding certificate, or error if it does not exist.

func (*SQLStorageAuthority) GetCertificateStatus

func (ssa *SQLStorageAuthority) GetCertificateStatus(ctx context.Context, serial string) (core.CertificateStatus, error)

GetCertificateStatus takes a hexadecimal string representing the full 128-bit serial number of a certificate and returns data about that certificate's current validity.

func (*SQLStorageAuthority) GetOrder

func (ssa *SQLStorageAuthority) GetOrder(ctx context.Context, req *sapb.OrderRequest) (*corepb.Order, error)

GetOrder is used to retrieve an already existing order object

func (*SQLStorageAuthority) GetOrderForNames

func (ssa *SQLStorageAuthority) GetOrderForNames(
	ctx context.Context,
	req *sapb.GetOrderForNamesRequest) (*corepb.Order, error)

GetOrderForNames tries to find a **pending** order with the exact set of names requested, associated with the given accountID. Only unexpired orders with status pending are considered. If no order meeting these requirements is found a nil corepb.Order pointer is returned.

func (*SQLStorageAuthority) GetPendingAuthorization

func (ssa *SQLStorageAuthority) GetPendingAuthorization(
	ctx context.Context,
	req *sapb.GetPendingAuthorizationRequest,
) (*core.Authorization, error)

GetPendingAuthorization returns the most recent Pending authorization with the given identifier, if available.

func (*SQLStorageAuthority) GetRegistration

func (ssa *SQLStorageAuthority) GetRegistration(ctx context.Context, id int64) (core.Registration, error)

GetRegistration obtains a Registration by ID

func (*SQLStorageAuthority) GetRegistrationByKey

func (ssa *SQLStorageAuthority) GetRegistrationByKey(ctx context.Context, key *jose.JSONWebKey) (core.Registration, error)

GetRegistrationByKey obtains a Registration by JWK

func (*SQLStorageAuthority) GetSCTReceipt

func (ssa *SQLStorageAuthority) GetSCTReceipt(ctx context.Context, serial string, logID string) (core.SignedCertificateTimestamp, error)

GetSCTReceipt gets a specific SCT receipt for a given certificate serial and CT log ID

func (*SQLStorageAuthority) GetValidAuthorizations

func (ssa *SQLStorageAuthority) GetValidAuthorizations(
	ctx context.Context,
	registrationID int64,
	names []string,
	now time.Time) (map[string]*core.Authorization, error)

GetValidAuthorizations returns the latest authorization object for all domain names from the parameters that the account has authorizations for.

func (*SQLStorageAuthority) GetValidOrderAuthorizations

func (ssa *SQLStorageAuthority) GetValidOrderAuthorizations(
	ctx context.Context,
	req *sapb.GetValidOrderAuthorizationsRequest) (map[string]*core.Authorization, error)

GetValidOrderAuthorizations is used to find the valid, unexpired authorizations associated with a specific order and account ID.

func (*SQLStorageAuthority) MarkCertificateRevoked

func (ssa *SQLStorageAuthority) MarkCertificateRevoked(ctx context.Context, serial string, reasonCode revocation.Reason) error

MarkCertificateRevoked stores the fact that a certificate is revoked, along with a timestamp and a reason.

func (*SQLStorageAuthority) NewOrder

func (ssa *SQLStorageAuthority) NewOrder(ctx context.Context, req *corepb.Order) (*corepb.Order, error)

NewOrder adds a new v2 style order to the database

func (*SQLStorageAuthority) NewPendingAuthorization

func (ssa *SQLStorageAuthority) NewPendingAuthorization(ctx context.Context, authz core.Authorization) (core.Authorization, error)

NewPendingAuthorization retrieves a pending authorization for authz.Identifier if one exists, or creates a new one otherwise.

func (*SQLStorageAuthority) NewRegistration

func (ssa *SQLStorageAuthority) NewRegistration(ctx context.Context, reg core.Registration) (core.Registration, error)

NewRegistration stores a new Registration

func (*SQLStorageAuthority) PreviousCertificateExists

func (ssa *SQLStorageAuthority) PreviousCertificateExists(
	ctx context.Context,
	req *sapb.PreviousCertificateExistsRequest,
) (*sapb.Exists, error)

PreviousCertificateExists returns true iff there was at least one certificate issued with the provided domain name, and the most recent such certificate was issued by the provided registration ID. Note: This means that if two different accounts were issuing certificates for a domain, only one gets the right to revalidate using TLS-SNI-01. We think this is an acceptable tradeoff of complexity versus coverage, though we may reconsider in the future.

func (*SQLStorageAuthority) RevokeAuthorizationsByDomain

func (ssa *SQLStorageAuthority) RevokeAuthorizationsByDomain(ctx context.Context, ident core.AcmeIdentifier) (int64, int64, error)

RevokeAuthorizationsByDomain invalidates all pending or finalized authorizations for a specific domain

func (*SQLStorageAuthority) SetOrderError

func (ssa *SQLStorageAuthority) SetOrderError(ctx context.Context, order *corepb.Order) error

SetOrderError updates a provided Order's error field.

func (*SQLStorageAuthority) SetOrderProcessing

func (ssa *SQLStorageAuthority) SetOrderProcessing(ctx context.Context, req *corepb.Order) error

SetOrderProcessing updates a provided *corepb.Order in pending status to be in processing status by updating the `beganProcessing` field of the corresponding Order table row in the DB.

func (*SQLStorageAuthority) UpdatePendingAuthorization

func (ssa *SQLStorageAuthority) UpdatePendingAuthorization(ctx context.Context, authz core.Authorization) error

UpdatePendingAuthorization updates a Pending Authorization's Challenges. Despite what the name "UpdatePendingAuthorization" (preserved for legacy reasons) may indicate, the pending authorization table row is not changed, only the associated challenges by way of `sa.updateChallenges`.

func (*SQLStorageAuthority) UpdateRegistration

func (ssa *SQLStorageAuthority) UpdateRegistration(ctx context.Context, reg core.Registration) error

UpdateRegistration stores an updated Registration

Directories

Path Synopsis
Package proto is a generated protocol buffer package.
Package proto is a generated protocol buffer package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL