Documentation ¶
Index ¶
- type CAASet
- type PortConfig
- type SafeBrowsing
- type ValidationAuthorityImpl
- func (va *ValidationAuthorityImpl) CheckCAARecords(identifier core.AcmeIdentifier) (present, valid bool, err error)
- func (va *ValidationAuthorityImpl) IsSafeDomain(req *core.IsSafeDomainRequest) (*core.IsSafeDomainResponse, error)
- func (va *ValidationAuthorityImpl) UpdateValidations(authz core.Authorization, challengeIndex int) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type PortConfig ¶
PortConfig specifies what ports the VA should call to on the remote host when performing its checks.
type SafeBrowsing ¶
type SafeBrowsing interface { // IsListed returns a non-empty string if the domain was bad. Specifically, // that list is which Google Safe Browsing list the domain was found on. IsListed(url string) (list string, err error) }
SafeBrowsing is an interface for an third-party safe browing API client.
type ValidationAuthorityImpl ¶
type ValidationAuthorityImpl struct { RA core.RegistrationAuthority DNSResolver core.DNSResolver IssuerDomain string SafeBrowsing SafeBrowsing UserAgent string // contains filtered or unexported fields }
ValidationAuthorityImpl represents a VA
func NewValidationAuthorityImpl ¶
func NewValidationAuthorityImpl(pc *PortConfig, sbc SafeBrowsing, stats statsd.Statter, clk clock.Clock) *ValidationAuthorityImpl
NewValidationAuthorityImpl constructs a new VA
func (*ValidationAuthorityImpl) CheckCAARecords ¶
func (va *ValidationAuthorityImpl) CheckCAARecords(identifier core.AcmeIdentifier) (present, valid bool, err error)
CheckCAARecords verifies that, if the indicated subscriber domain has any CAA records, they authorize the configured CA domain to issue a certificate
func (*ValidationAuthorityImpl) IsSafeDomain ¶
func (va *ValidationAuthorityImpl) IsSafeDomain(req *core.IsSafeDomainRequest) (*core.IsSafeDomainResponse, error)
IsSafeDomain returns true if the domain given is determined to be safe by an third-party safe browsing API. It's meant be called by the RA before pending authorization creation. If no third-party client was provided, it fails open and increments a Skips metric.
func (*ValidationAuthorityImpl) UpdateValidations ¶
func (va *ValidationAuthorityImpl) UpdateValidations(authz core.Authorization, challengeIndex int) error
UpdateValidations runs the validate() method asynchronously using goroutines.