va

package
v0.0.0-...-e2de327 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 27, 2017 License: MPL-2.0 Imports: 35 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CAASet

type CAASet struct {
	Issue     []*dns.CAA
	Issuewild []*dns.CAA
	Iodef     []*dns.CAA
	Unknown   []*dns.CAA
}

CAASet consists of filtered CAA records

type RemoteVA

type RemoteVA struct {
	core.ValidationAuthority
	Addresses string
}

RemoteVA wraps the core.ValidationAuthority interface and adds a field containing the addresses of the remote gRPC server since the interface (and the underlying gRPC client) doesn't provide a way to extract this metadata which is useful for debugging gRPC connection issues.

type SafeBrowsing

type SafeBrowsing interface {
	// IsListed returns a non-empty string if the domain was bad. Specifically,
	// it is which Google Safe Browsing list the domain was found on.
	IsListed(ctx context.Context, url string) (list string, err error)
}

SafeBrowsing is an interface for a third-party safe browsing API client.

type SafeBrowsingV4

type SafeBrowsingV4 interface {
	LookupURLsContext(ctx context.Context, urls []string) (threats [][]safebrowsingv4.URLThreat, err error)
}

SafeBrowsingV4 is an interface around the functions from Google safebrowsing's v4 API's *SafeBrowser type that we use. Using this interface allows mocking for tests

type ValidationAuthorityImpl

type ValidationAuthorityImpl struct {
	// contains filtered or unexported fields
}

ValidationAuthorityImpl represents a VA

func NewValidationAuthorityImpl

func NewValidationAuthorityImpl(
	pc *cmd.PortConfig,
	sbc SafeBrowsing,
	resolver bdns.DNSClient,
	remoteVAs []RemoteVA,
	maxRemoteFailures int,
	userAgent string,
	issuerDomain string,
	stats metrics.Scope,
	clk clock.Clock,
	logger blog.Logger,
) *ValidationAuthorityImpl

NewValidationAuthorityImpl constructs a new VA

func (*ValidationAuthorityImpl) IsCAAValid

func (*ValidationAuthorityImpl) IsSafeDomain

IsSafeDomain returns true if the domain given is determined to be safe by a third-party safe browsing API. It's meant be called by the RA before pending authorization creation. If no third-party client was provided, it fails open and increments a Skips metric.

func (*ValidationAuthorityImpl) PerformValidation

func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, domain string, challenge core.Challenge, authz core.Authorization) ([]core.ValidationRecord, error)

PerformValidation validates the given challenge. It always returns a list of validation records, even when it also returns an error.

TODO(#1626): remove authz parameter

Directories

Path Synopsis
Package proto is a generated protocol buffer package.
Package proto is a generated protocol buffer package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL