Documentation
¶
Overview ¶
Package acme provides ACME client functionality tailored to the needs of the load-generator. It is not a general purpose ACME client library.
Index ¶
Constants ¶
const ( // RandomChallengeStrategy is the name for a random challenge selection // strategy that will choose one of the authorization's challenges at random. RandomChallengeStrategy = "RANDOM" // The following challenge strategies will always pick the named challenge // type or return an error if there isn't a challenge of that type to pick. HTTP01ChallengeStrategy = "HTTP-01" DNS01ChallengeStrategy = "DNS-01" TLSALPN01ChallengeStrategy = "TLS-ALPN-01" )
Variables ¶
var ( ErrPickChallengeNilAuthz = errors.New("PickChallenge: provided authorization can not be nil") ErrPickChallengeAuthzMissingChallenges = errors.New("PickChallenge: provided authorization had no challenges") )
var ( // ErrEmptyDirectory is returned if NewDirectory is provided and empty directory URL. ErrEmptyDirectory = errors.New("directoryURL must not be empty") // ErrInvalidDirectoryURL is returned if NewDirectory is provided an invalid directory URL. ErrInvalidDirectoryURL = errors.New("directoryURL is not a valid URL") // ErrInvalidDirectoryHTTPCode is returned if NewDirectory is provided a directory URL // that returns something other than HTTP Status OK to a GET request. ErrInvalidDirectoryHTTPCode = errors.New("GET request to directoryURL did not result in HTTP Status 200") // ErrInvalidDirectoryJSON is returned if NewDirectory is provided a directory URL // that returns invalid JSON. ErrInvalidDirectoryJSON = errors.New("GET request to directoryURL returned invalid JSON") // ErrInvalidDirectoryMeta is returned if NewDirectory is provided a directory // URL that returns a directory resource with an invalid or missing "meta" key. ErrInvalidDirectoryMeta = errors.New(`server's directory resource had invalid or missing "meta" key`) // ErrInvalidTermsOfService is returned if NewDirectory is provided // a directory URL that returns a directory resource with an invalid or // missing "termsOfService" key in the "meta" map. ErrInvalidTermsOfService = errors.New(`server's directory resource had invalid or missing "meta.termsOfService" key`) // RequiredEndpoints is a slice of Endpoint keys that must be present in the // ACME server's directory. The load-generator uses each of these endpoints // and expects to be able to find a URL for each in the server's directory // resource. RequiredEndpoints = []Endpoint{ NewNonceEndpoint, NewAccountEndpoint, NewOrderEndpoint, RevokeCertEndpoint, } )
Functions ¶
This section is empty.
Types ¶
type ChallengeStrategy ¶
type ChallengeStrategy interface {
PickChallenge(*core.Authorization) (*core.Challenge, error)
}
ChallengeStrategy is an interface describing a strategy for picking a challenge from a given authorization.
func NewChallengeStrategy ¶
func NewChallengeStrategy(rawName string) (ChallengeStrategy, error)
NewChallengeStrategy returns the ChallengeStrategy for the given ChallengeStrategyName, or an error if it is unknown.
type Directory ¶
type Directory struct {
// TermsOfService is the URL identifying the current terms of service found in
// the ACME server's directory resource's "meta" field.
TermsOfService string
// contains filtered or unexported fields
}
Directory is a type for holding URLs extracted from the ACME server's Directory resource.
See RFC 8555 Section 7.1.1 "Directory".
Its public API is read-only and therefore it is safe for concurrent access.
func NewDirectory ¶
NewDirectory creates a Directory populated from the ACME directory resource returned by a GET request to the provided directoryURL. It also checks that the fetched directory contains each of the RequiredEndpoints.
func (*Directory) EndpointURL ¶
EndpointURL returns the string representation of the ACME server's URL for the provided endpoint. If the Endpoint is not known an empty string is returned.
type Endpoint ¶
type Endpoint string
Endpoint represents a string key used for looking up an endpoint URL in an ACME server directory resource.
E.g. NewOrderEndpoint -> "newOrder" -> "https://acme.example.com/acme/v1/new-order-plz"
See "ACME Resource Types" registry - RFC 8555 Section 9.7.5.
const ( // NewNonceEndpoint is the directory key for the newNonce endpoint. NewNonceEndpoint Endpoint = "newNonce" // NewAccountEndpoint is the directory key for the newAccount endpoint. NewAccountEndpoint Endpoint = "newAccount" // NewOrderEndpoint is the directory key for the newOrder endpoint. NewOrderEndpoint Endpoint = "newOrder" // RevokeCertEndpoint is the directory key for the revokeCert endpoint. RevokeCertEndpoint Endpoint = "revokeCert" // KeyChangeEndpoint is the directory key for the keyChange endpoint. KeyChangeEndpoint Endpoint = "keyChange" )
type ErrInvalidEndpointURL ¶
type ErrInvalidEndpointURL struct {
// contains filtered or unexported fields
}
ErrInvalidEndpointURL is an error returned if NewDirectory is provided an ACME server directory URL that has an invalid URL for a required endpoint. See also RequiredEndpoints.
func (ErrInvalidEndpointURL) Error ¶
func (e ErrInvalidEndpointURL) Error() string
Error returns the error message for an ErrInvalidEndpointURL error.
type ErrMissingEndpoint ¶
type ErrMissingEndpoint struct {
// contains filtered or unexported fields
}
ErrMissingEndpoint is an error returned if NewDirectory is provided an ACME server directory URL that is missing a key for a required endpoint in the response JSON. See also RequiredEndpoints.
func (ErrMissingEndpoint) Error ¶
func (e ErrMissingEndpoint) Error() string
Error returns the error message for an ErrMissingEndpoint error.
Source Files