va

package
v0.0.0-...-918a312 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 12, 2016 License: MPL-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CAASet

type CAASet struct {
	Issue     []*dns.CAA
	Issuewild []*dns.CAA
	Iodef     []*dns.CAA
	Unknown   []*dns.CAA
}

CAASet consists of filtered CAA records

type PortConfig

type PortConfig struct {
	HTTPPort  int
	HTTPSPort int
	TLSPort   int
}

PortConfig specifies what ports the VA should call to on the remote host when performing its checks.

type SafeBrowsing

type SafeBrowsing interface {
	// IsListed returns a non-empty string if the domain was bad. Specifically,
	// that list is which Google Safe Browsing list the domain was found on.
	IsListed(url string) (list string, err error)
}

SafeBrowsing is an interface for an third-party safe browing API client.

type ValidationAuthorityImpl

type ValidationAuthorityImpl struct {
	RA core.RegistrationAuthority

	DNSResolver  bdns.DNSResolver
	IssuerDomain string
	SafeBrowsing SafeBrowsing

	UserAgent string
	// contains filtered or unexported fields
}

ValidationAuthorityImpl represents a VA

func NewValidationAuthorityImpl

func NewValidationAuthorityImpl(pc *PortConfig, sbc SafeBrowsing, stats statsd.Statter, clk clock.Clock) *ValidationAuthorityImpl

NewValidationAuthorityImpl constructs a new VA

func (*ValidationAuthorityImpl) CheckCAARecords

func (va *ValidationAuthorityImpl) CheckCAARecords(identifier core.AcmeIdentifier) (present, valid bool, err error)

CheckCAARecords verifies that, if the indicated subscriber domain has any CAA records, they authorize the configured CA domain to issue a certificate

func (*ValidationAuthorityImpl) IsSafeDomain

IsSafeDomain returns true if the domain given is determined to be safe by an third-party safe browsing API. It's meant be called by the RA before pending authorization creation. If no third-party client was provided, it fails open and increments a Skips metric.

func (*ValidationAuthorityImpl) UpdateValidations

func (va *ValidationAuthorityImpl) UpdateValidations(authz core.Authorization, challengeIndex int) error

UpdateValidations runs the validate() method asynchronously using goroutines.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL