certstream

package module

v0.11.1 Latest Latest Go to latest Published: Dec 13, 2024 License: MIT Imports: 20 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/linkdata/certstream

README ¶

CertStream

Small library wrapping github.com/google/certificate-transparency-go.

Adds no new dependencies except github.com/linkdata/bwlimit, which has no dependencies outside the standard library.

Documentation ¶

Index ¶

Variables
func DefaultLogStreamInit(op *loglist3.Operator, log *loglist3.Log) (httpClient *http.Client)
func GetLogList(ctx context.Context, httpClient *http.Client, listUrl string) (logList *loglist3.LogList, err error)
func OperatorDomain(urlString string) string
type CertStream
- func New() *CertStream
type Certificate
type LogEntry
type LogOperator
type LogStream
- func NewLogStream(logop *LogOperator, httpClient *http.Client, log *loglist3.Log) (ls *LogStream, err error)
type LogStreamInitFn
type Logger

Constants ¶

This section is empty.

Variables ¶

View Source

var BatchSize = 1024

View Source

var DefaultHttpClient = &http.Client{
	Timeout: 10 * time.Second,
	Transport: &http.Transport{
		TLSHandshakeTimeout:   30 * time.Second,
		ResponseHeaderTimeout: 30 * time.Second,
		MaxConnsPerHost:       2,
		MaxIdleConnsPerHost:   2,
		DisableKeepAlives:     false,
		ExpectContinueTimeout: 1 * time.Second,
		ForceAttemptHTTP2:     true,
	},
}

Functions ¶

func DefaultLogStreamInit ¶

func DefaultLogStreamInit(op *loglist3.Operator, log *loglist3.Log) (httpClient *http.Client)

DefaultLogStreamInit returns DefaultHttpClient for all operators and logs where the log is usable.

func GetLogList ¶

func GetLogList(ctx context.Context, httpClient *http.Client, listUrl string) (logList *loglist3.LogList, err error)

GetLogList fetches a CT log list from the given listUrl. Usually you would pass loglist3.AllLogListURL for the listUrl.

func OperatorDomain ¶

func OperatorDomain(urlString string) string

OperatorDomain returns the TLD+1 given an URL.

Types ¶

type CertStream ¶

type CertStream struct {
	LogStreamInit    LogStreamInitFn
	Operators        map[string]*LogOperator // operators by operator domain
	*bwlimit.Limiter                         // overall bandwidth limiter
	Logger
}

func New ¶

func New() *CertStream

New returns a CertStream with reasonable defaults.

func (*CertStream) CountStreams ¶ added in v0.0.3

func (cs *CertStream) CountStreams() (running, stopped int)

func (*CertStream) LogError ¶ added in v0.1.0

func (cs *CertStream) LogError(err error, msg string, args ...any)

func (*CertStream) Start ¶

func (cs *CertStream) Start(ctx context.Context, cd bwlimit.ContextDialer, logList *loglist3.LogList) (entryCh <-chan *LogEntry, err error)

Start returns a channel to read results from. If logList is nil, we fetch the list from loglist3.AllLogListURL using DefaultHttpClient.

type Certificate ¶ added in v0.10.0

type Certificate struct {
	PreCert   bool
	Seen      time.Time
	Signature []byte
	*x509.Certificate
}

type LogEntry ¶

type LogEntry struct {
	*LogStream
	Err          error           // error from RawLogEntryFromLeaf or ToLogEntry, or nil
	RawLogEntry  *ct.RawLogEntry // may be nil in case of error
	*ct.LogEntry                 // may be nil in case of error
	Id           int64           // database id, if available
	Historical   bool            // true if the entry is from gap or backfilling
}

func (*LogEntry) Cert ¶

func (le *LogEntry) Cert() (crt *Certificate)

Cert returns the Certificate given a LogEntry or nil.

func (*LogEntry) Index ¶

func (le *LogEntry) Index() (index int64)

Index returns the log index or -1 if none is available.

func (*LogEntry) String ¶

func (le *LogEntry) String() (s string)

type LogOperator ¶ added in v0.0.3

type LogOperator struct {
	*CertStream
	*loglist3.Operator
	Domain  string // e.g. "letsencrypt.org" or "googleapis.com"
	Count   int64  // atomic; sum of the stream's Count
	Streams []*LogStream
	Id      int32 // database ID, if available
}

type LogStream ¶

type LogStream struct {
	*LogOperator
	*loglist3.Log
	*client.LogClient
	HttpClient *http.Client
	Err        error // set if Stopped() returns true
	Count      int64 // atomic: number of certificates sent to the channel
	MinIndex   int64 // atomic: lowest index seen so far, -1 if none seen yet
	MaxIndex   int64 // atomic: highest index seen so far, -1 if none seen yet
	LastIndex  int64 // atomic: highest index that is available from stream source
	Id         int32 // database ID, if available
	Backfilled int32 // atomic: nonzero if database backfill called for this stream
	InsideGaps int64 // atomic: number of remaining entries inside gaps
	// contains filtered or unexported fields
}

func NewLogStream ¶

func NewLogStream(logop *LogOperator, httpClient *http.Client, log *loglist3.Log) (ls *LogStream, err error)

func (*LogStream) GetRawEntries ¶ added in v0.1.0

func (ls *LogStream) GetRawEntries(ctx context.Context, start, end int64, cb func(logindex int64, entry ct.LeafEntry))

func (*LogStream) MakeLogEntry ¶ added in v0.1.0

func (ls *LogStream) MakeLogEntry(logindex int64, entry ct.LeafEntry, historical bool) *LogEntry

func (*LogStream) NewLastIndex ¶ added in v0.1.0

func (ls *LogStream) NewLastIndex(ctx context.Context) (lastIndex int64, err error)

func (*LogStream) Run ¶

func (ls *LogStream) Run(ctx context.Context, entryCh chan<- *LogEntry)

func (*LogStream) Stopped ¶ added in v0.0.3

func (ls *LogStream) Stopped() bool

func (*LogStream) String ¶

func (ls *LogStream) String() string

type LogStreamInitFn ¶

type LogStreamInitFn func(op *loglist3.Operator, log *loglist3.Log) (httpClient *http.Client)

type Logger ¶ added in v0.1.0

type Logger interface {
	Info(msg string, args ...any)
	Error(msg string, args ...any)
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
certjson
certpg
cmd
certstream

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL