rpc

package
v0.0.0-...-c689599 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 23, 2015 License: MPL-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source
const (
	AmqpExchange     = "boulder"
	AmqpExchangeType = "topic"
	AmqpInternal     = false
	AmqpDurable      = false
	AmqpDeleteUnused = false
	AmqpExclusive    = false
	AmqpNoWait       = false
	AmqpNoLocal      = false
	AmqpAutoAck      = true
	AmqpMandatory    = false
	AmqpImmediate    = false
)

XXX: I *think* these constants are appropriate. We will probably want to tweak these in the future.

View Source
const (
	MethodNewRegistration                   = "NewRegistration"                   // RA, SA
	MethodNewAuthorization                  = "NewAuthorization"                  // RA
	MethodNewCertificate                    = "NewCertificate"                    // RA
	MethodUpdateRegistration                = "UpdateRegistration"                // RA, SA
	MethodUpdateAuthorization               = "UpdateAuthorization"               // RA
	MethodRevokeCertificate                 = "RevokeCertificate"                 // CA
	MethodRevokeCertificateWithReg          = "RevokeCertificateWithReg"          // RA
	MethodAdministrativelyRevokeCertificate = "AdministrativelyRevokeCertificate" // RA
	MethodOnValidationUpdate                = "OnValidationUpdate"                // RA
	MethodUpdateValidations                 = "UpdateValidations"                 // VA
	MethodCheckCAARecords                   = "CheckCAARecords"                   // VA
	MethodIsSafeDomain                      = "IsSafeDomain"                      // VA
	MethodIssueCertificate                  = "IssueCertificate"                  // CA
	MethodGenerateOCSP                      = "GenerateOCSP"                      // CA
	MethodGetRegistration                   = "GetRegistration"                   // SA
	MethodGetRegistrationByKey              = "GetRegistrationByKey"              // RA, SA
	MethodGetAuthorization                  = "GetAuthorization"                  // SA
	MethodGetLatestValidAuthorization       = "GetLatestValidAuthorization"       // SA
	MethodGetCertificate                    = "GetCertificate"                    // SA
	MethodGetCertificateStatus              = "GetCertificateStatus"              // SA
	MethodMarkCertificateRevoked            = "MarkCertificateRevoked"            // SA
	MethodUpdateOCSP                        = "UpdateOCSP"                        // SA
	MethodNewPendingAuthorization           = "NewPendingAuthorization"           // SA
	MethodUpdatePendingAuthorization        = "UpdatePendingAuthorization"        // SA
	MethodFinalizeAuthorization             = "FinalizeAuthorization"             // SA
	MethodAddCertificate                    = "AddCertificate"                    // SA
	MethodAlreadyDeniedCSR                  = "AlreadyDeniedCSR"                  // SA
	MethodCountCertificatesRange            = "CountCertificatesRange"            // SA
	MethodCountCertificatesByNames          = "CountCertificatesByNames"          // SA
	MethodCountRegistrationsByIP            = "CountRegistrationsByIP"            // SA
	MethodCountPendingAuthorizations        = "CountPendingAuthorizations"        // SA
	MethodGetSCTReceipt                     = "GetSCTReceipt"                     // SA
	MethodAddSCTReceipt                     = "AddSCTReceipt"                     // SA
	MethodSubmitToCT                        = "SubmitToCT"                        // Pub
)

These strings are used by the RPC layer to identify function points.

Variables

This section is empty.

Functions

func AmqpChannel

func AmqpChannel(conf *cmd.AMQPConfig) (*amqp.Channel, error)

AmqpChannel sets a AMQP connection up using SSL if configuration is provided

func NewCertificateAuthorityServer

func NewCertificateAuthorityServer(rpc Server, impl core.CertificateAuthority) (err error)

NewCertificateAuthorityServer constructs an RPC server

CertificateAuthorityClient / Server

-> IssueCertificate

func NewPublisherServer

func NewPublisherServer(rpc Server, impl core.Publisher) (err error)

NewPublisherServer creates a new server that wraps a CT publisher

func NewRegistrationAuthorityServer

func NewRegistrationAuthorityServer(rpc Server, impl core.RegistrationAuthority) error

NewRegistrationAuthorityServer constructs an RPC server

func NewStorageAuthorityServer

func NewStorageAuthorityServer(rpc Server, impl core.StorageAuthority) error

NewStorageAuthorityServer constructs an RPC server

func NewValidationAuthorityServer

func NewValidationAuthorityServer(rpc Server, impl core.ValidationAuthority) (err error)

NewValidationAuthorityServer constructs an RPC server

ValidationAuthorityClient / Server

-> UpdateValidations

Types

type AmqpRPCCLient

type AmqpRPCCLient struct {
	// contains filtered or unexported fields
}

AmqpRPCCLient is an AMQP-RPC client that sends requests to a specific server queue, and uses a dedicated response queue for responses.

To implement specific functionality, using code uses the DispatchSync() method to send a method name and body, and get back a response. So you end up with wrapper methods of the form:

```

request = /* serialize request to []byte */
response = AmqpRPCCLient.Dispatch(method, request)
return /* deserialized response */

```

DispatchSync will manage the channel for you, and also enforce a timeout on the transaction.

func NewAmqpRPCClient

func NewAmqpRPCClient(
	clientQueuePrefix string,
	amqpConf *cmd.AMQPConfig,
	rpcConf *cmd.RPCServerConfig,
	stats statsd.Statter,
) (rpc *AmqpRPCCLient, err error)

NewAmqpRPCClient constructs an RPC client using AMQP

func (*AmqpRPCCLient) DispatchSync

func (rpc *AmqpRPCCLient) DispatchSync(method string, body []byte) (response []byte, err error)

DispatchSync sends a body to the destination, and blocks waiting on a response.

type AmqpRPCServer

type AmqpRPCServer struct {
	// contains filtered or unexported fields
}

AmqpRPCServer listens on a specified queue within an AMQP channel. When messages arrive on that queue, it dispatches them based on type, and returns the response to the ReplyTo queue.

To implement specific functionality, using code should use the Handle method to add specific actions.

func NewAmqpRPCServer

func NewAmqpRPCServer(amqpConf *cmd.AMQPConfig, maxConcurrentRPCServerRequests int64, stats statsd.Statter) (*AmqpRPCServer, error)

NewAmqpRPCServer creates a new RPC server for the given queue and will begin consuming requests from the queue. To start the server you must call Start().

func (*AmqpRPCServer) Handle

func (rpc *AmqpRPCServer) Handle(method string, handler func([]byte) ([]byte, error))

Handle registers a function to handle a particular method.

func (*AmqpRPCServer) Start

func (rpc *AmqpRPCServer) Start(c *cmd.AMQPConfig) error

Start starts the AMQP-RPC server and handles reconnections, this will block until a fatal error is returned or AmqpRPCServer.Stop() is called and all remaining messages are processed.

func (*AmqpRPCServer) Stop

func (rpc *AmqpRPCServer) Stop()

Stop gracefully stops the AmqpRPCServer, after calling AmqpRPCServer.Start will continue blocking until it has processed any messages that have already been retrieved.

type CertificateAuthorityClient

type CertificateAuthorityClient struct {
	// contains filtered or unexported fields
}

CertificateAuthorityClient is a client to communicate with the CA.

func NewCertificateAuthorityClient

func NewCertificateAuthorityClient(clientName string, amqpConf *cmd.AMQPConfig, stats statsd.Statter) (*CertificateAuthorityClient, error)

NewCertificateAuthorityClient constructs an RPC client

func (CertificateAuthorityClient) GenerateOCSP

func (cac CertificateAuthorityClient) GenerateOCSP(signRequest core.OCSPSigningRequest) (resp []byte, err error)

GenerateOCSP sends a request to generate an OCSP response

func (CertificateAuthorityClient) IssueCertificate

func (cac CertificateAuthorityClient) IssueCertificate(csr x509.CertificateRequest, regID int64) (cert core.Certificate, err error)

IssueCertificate sends a request to issue a certificate

func (CertificateAuthorityClient) RevokeCertificate

func (cac CertificateAuthorityClient) RevokeCertificate(serial string, reasonCode core.RevocationCode) (err error)

RevokeCertificate sends a request to revoke a certificate

type Client

type Client interface {
	DispatchSync(string, []byte) ([]byte, error)
}

Client describes the functions an RPC Client performs

type PublisherClient

type PublisherClient struct {
	// contains filtered or unexported fields
}

PublisherClient is a client to communicate with the Publisher Authority

func NewPublisherClient

func NewPublisherClient(clientName string, amqpConf *cmd.AMQPConfig, stats statsd.Statter) (*PublisherClient, error)

NewPublisherClient constructs an RPC client

func (PublisherClient) SubmitToCT

func (pub PublisherClient) SubmitToCT(der []byte) (err error)

SubmitToCT sends a request to submit a certifcate to CT logs

type RegistrationAuthorityClient

type RegistrationAuthorityClient struct {
	// contains filtered or unexported fields
}

RegistrationAuthorityClient represents an RA RPC client

func NewRegistrationAuthorityClient

func NewRegistrationAuthorityClient(clientName string, amqpConf *cmd.AMQPConfig, stats statsd.Statter) (*RegistrationAuthorityClient, error)

NewRegistrationAuthorityClient constructs an RPC client

func (RegistrationAuthorityClient) AdministrativelyRevokeCertificate

func (rac RegistrationAuthorityClient) AdministrativelyRevokeCertificate(cert x509.Certificate, reason core.RevocationCode, user string) (err error)

AdministrativelyRevokeCertificate sends a Revoke Certificate request initiated by the admin-revoker

func (RegistrationAuthorityClient) NewAuthorization

func (rac RegistrationAuthorityClient) NewAuthorization(authz core.Authorization, regID int64) (newAuthz core.Authorization, err error)

NewAuthorization sends a New Authorization request

func (RegistrationAuthorityClient) NewCertificate

func (rac RegistrationAuthorityClient) NewCertificate(cr core.CertificateRequest, regID int64) (cert core.Certificate, err error)

NewCertificate sends a New Certificate request

func (RegistrationAuthorityClient) NewRegistration

func (rac RegistrationAuthorityClient) NewRegistration(reg core.Registration) (newReg core.Registration, err error)

NewRegistration sends a New Registration request

func (RegistrationAuthorityClient) OnValidationUpdate

func (rac RegistrationAuthorityClient) OnValidationUpdate(authz core.Authorization) (err error)

OnValidationUpdate senda a notice that a validation has updated

func (RegistrationAuthorityClient) RevokeCertificateWithReg

func (rac RegistrationAuthorityClient) RevokeCertificateWithReg(cert x509.Certificate, reason core.RevocationCode, regID int64) (err error)

RevokeCertificateWithReg sends a Revoke Certificate request initiated by the WFE

func (RegistrationAuthorityClient) UpdateAuthorization

func (rac RegistrationAuthorityClient) UpdateAuthorization(authz core.Authorization, index int, response core.Challenge) (newAuthz core.Authorization, err error)

UpdateAuthorization sends an Update Authorization request

func (RegistrationAuthorityClient) UpdateRegistration

func (rac RegistrationAuthorityClient) UpdateRegistration(base core.Registration, update core.Registration) (newReg core.Registration, err error)

UpdateRegistration sends an Update Registration request

type Server

type Server interface {
	Handle(string, func([]byte) ([]byte, error))
}

Server describes the functions an RPC Server performs

type StorageAuthorityClient

type StorageAuthorityClient struct {
	// contains filtered or unexported fields
}

StorageAuthorityClient is a client to communicate with the Storage Authority

func NewStorageAuthorityClient

func NewStorageAuthorityClient(clientName string, amqpConf *cmd.AMQPConfig, stats statsd.Statter) (*StorageAuthorityClient, error)

NewStorageAuthorityClient constructs an RPC client

func (StorageAuthorityClient) AddCertificate

func (cac StorageAuthorityClient) AddCertificate(cert []byte, regID int64) (id string, err error)

AddCertificate sends a request to record the issuance of a certificate

func (StorageAuthorityClient) AddSCTReceipt

func (cac StorageAuthorityClient) AddSCTReceipt(sct core.SignedCertificateTimestamp) (err error)

AddSCTReceipt adds a new SCT to the database.

func (StorageAuthorityClient) AlreadyDeniedCSR

func (cac StorageAuthorityClient) AlreadyDeniedCSR(names []string) (exists bool, err error)

AlreadyDeniedCSR sends a request to search for denied names

func (StorageAuthorityClient) CountCertificatesByNames

func (cac StorageAuthorityClient) CountCertificatesByNames(names []string, earliest, latest time.Time) (counts map[string]int, err error)

CountCertificatesByNames calls CountCertificatesRange on the remote StorageAuthority.

func (StorageAuthorityClient) CountCertificatesRange

func (cac StorageAuthorityClient) CountCertificatesRange(start, end time.Time) (count int64, err error)

CountCertificatesRange sends a request to count the number of certificates issued in a certain time range

func (StorageAuthorityClient) CountPendingAuthorizations

func (cac StorageAuthorityClient) CountPendingAuthorizations(regID int64) (count int, err error)

CountPendingAuthorizations calls CountPendingAuthorizations on the remote StorageAuthority.

func (StorageAuthorityClient) CountRegistrationsByIP

func (cac StorageAuthorityClient) CountRegistrationsByIP(ip net.IP, earliest, latest time.Time) (count int, err error)

CountRegistrationsByIP calls CountRegistrationsByIP on the remote StorageAuthority.

func (StorageAuthorityClient) FinalizeAuthorization

func (cac StorageAuthorityClient) FinalizeAuthorization(authz core.Authorization) (err error)

FinalizeAuthorization sends a request to finalize an authorization (convert from pending)

func (StorageAuthorityClient) GetAuthorization

func (cac StorageAuthorityClient) GetAuthorization(id string) (authz core.Authorization, err error)

GetAuthorization sends a request to get an Authorization by ID

func (StorageAuthorityClient) GetCertificate

func (cac StorageAuthorityClient) GetCertificate(id string) (cert core.Certificate, err error)

GetCertificate sends a request to get a Certificate by ID

func (StorageAuthorityClient) GetCertificateStatus

func (cac StorageAuthorityClient) GetCertificateStatus(id string) (status core.CertificateStatus, err error)

GetCertificateStatus sends a request to obtain the current status of a certificate by ID

func (StorageAuthorityClient) GetLatestValidAuthorization

func (cac StorageAuthorityClient) GetLatestValidAuthorization(registrationID int64, identifier core.AcmeIdentifier) (authz core.Authorization, err error)

GetLatestValidAuthorization sends a request to get an Authorization by RegID, Identifier

func (StorageAuthorityClient) GetRegistration

func (cac StorageAuthorityClient) GetRegistration(id int64) (reg core.Registration, err error)

GetRegistration sends a request to get a registration by ID

func (StorageAuthorityClient) GetRegistrationByKey

func (cac StorageAuthorityClient) GetRegistrationByKey(key jose.JsonWebKey) (reg core.Registration, err error)

GetRegistrationByKey sends a request to get a registration by JWK

func (StorageAuthorityClient) GetSCTReceipt

func (cac StorageAuthorityClient) GetSCTReceipt(serial string, logID string) (receipt core.SignedCertificateTimestamp, err error)

GetSCTReceipt retrieves an SCT according to the serial number of a certificate and the logID of the log to which it was submitted.

func (StorageAuthorityClient) MarkCertificateRevoked

func (cac StorageAuthorityClient) MarkCertificateRevoked(serial string, reasonCode core.RevocationCode) (err error)

MarkCertificateRevoked sends a request to mark a certificate as revoked

func (StorageAuthorityClient) NewPendingAuthorization

func (cac StorageAuthorityClient) NewPendingAuthorization(authz core.Authorization) (output core.Authorization, err error)

NewPendingAuthorization sends a request to store a pending authorization

func (StorageAuthorityClient) NewRegistration

func (cac StorageAuthorityClient) NewRegistration(reg core.Registration) (output core.Registration, err error)

NewRegistration sends a request to store a new registration

func (StorageAuthorityClient) UpdateOCSP

func (cac StorageAuthorityClient) UpdateOCSP(serial string, ocspResponse []byte) (err error)

UpdateOCSP sends a request to store an updated OCSP response

func (StorageAuthorityClient) UpdatePendingAuthorization

func (cac StorageAuthorityClient) UpdatePendingAuthorization(authz core.Authorization) (err error)

UpdatePendingAuthorization sends a request to update the data in a pending authorization

func (StorageAuthorityClient) UpdateRegistration

func (cac StorageAuthorityClient) UpdateRegistration(reg core.Registration) (err error)

UpdateRegistration sends a request to store an updated registration

type ValidationAuthorityClient

type ValidationAuthorityClient struct {
	// contains filtered or unexported fields
}

ValidationAuthorityClient represents an RPC client for the VA

func NewValidationAuthorityClient

func NewValidationAuthorityClient(clientName string, amqpConf *cmd.AMQPConfig, stats statsd.Statter) (*ValidationAuthorityClient, error)

NewValidationAuthorityClient constructs an RPC client

func (ValidationAuthorityClient) CheckCAARecords

func (vac ValidationAuthorityClient) CheckCAARecords(ident core.AcmeIdentifier) (present bool, valid bool, err error)

CheckCAARecords sends a request to check CAA records

func (ValidationAuthorityClient) IsSafeDomain

IsSafeDomain returns true if the domain given is determined to be safe by an third-party safe browsing API.

func (ValidationAuthorityClient) UpdateValidations

func (vac ValidationAuthorityClient) UpdateValidations(authz core.Authorization, index int) error

UpdateValidations sends an Update Validations request

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL