va

package
v0.0.0-...-0cb28c9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 7, 2018 License: MPL-2.0 Imports: 39 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// ALPN protocol ID for TLS-ALPN-01 challenge
	// https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-01#section-5.2
	ACMETLS1Protocol = "acme-tls/1"
)

Variables

View Source 
var IdPeAcmeIdentifierV1 = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 1, 30, 1}

As defined in https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-01#section-5.1 id-pe OID + 30 (acmeIdentifier) + 1 (v1)

Functions

This section is empty.

Types

type CAASet 

type CAASet struct {
	Issue     []*dns.CAA
	Issuewild []*dns.CAA
	Iodef     []*dns.CAA
	Unknown   []*dns.CAA
}

CAASet consists of filtered CAA records

type RemoteVA 

type RemoteVA struct {
	core.ValidationAuthority
	Addresses string
}

RemoteVA wraps the core.ValidationAuthority interface and adds a field containing the addresses of the remote gRPC server since the interface (and the underlying gRPC client) doesn't provide a way to extract this metadata which is useful for debugging gRPC connection issues.

type SafeBrowsing 

type SafeBrowsing interface {
	// IsListed returns a non-empty string if the domain was bad. Specifically,
	// it is which Google Safe Browsing list the domain was found on.
	IsListed(ctx context.Context, url string) (list string, err error)
}

SafeBrowsing is an interface for a third-party safe browsing API client.

type SafeBrowsingV4 

type SafeBrowsingV4 interface {
	LookupURLsContext(ctx context.Context, urls []string) (threats [][]safebrowsingv4.URLThreat, err error)
}

SafeBrowsingV4 is an interface around the functions from Google safebrowsing's v4 API's *SafeBrowser type that we use. Using this interface allows mocking for tests

type ValidationAuthorityImpl 

type ValidationAuthorityImpl struct {
	// contains filtered or unexported fields
}

ValidationAuthorityImpl represents a VA

func NewValidationAuthorityImpl 

func NewValidationAuthorityImpl(
	pc *cmd.PortConfig,
	sbc SafeBrowsing,
	resolver bdns.DNSClient,
	remoteVAs []RemoteVA,
	maxRemoteFailures int,
	userAgent string,
	issuerDomain string,
	stats metrics.Scope,
	clk clock.Clock,
	logger blog.Logger,
	accountURIPrefixes []string,
) (*ValidationAuthorityImpl, error)

NewValidationAuthorityImpl constructs a new VA

func (*ValidationAuthorityImpl) IsCAAValid 

func (va *ValidationAuthorityImpl) IsCAAValid(ctx context.Context, req *vapb.IsCAAValidRequest) (*vapb.IsCAAValidResponse, error)

func (*ValidationAuthorityImpl) IsSafeDomain 

func (va *ValidationAuthorityImpl) IsSafeDomain(ctx context.Context, req *vaPB.IsSafeDomainRequest) (*vaPB.IsDomainSafe, error)

IsSafeDomain returns true if the domain given is determined to be safe by a third-party safe browsing API. It's meant be called by the RA before pending authorization creation. If no third-party client was provided, it fails open and increments a Skips metric.

func (*ValidationAuthorityImpl) PerformValidation 

func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, domain string, challenge core.Challenge, authz core.Authorization) ([]core.ValidationRecord, error)

PerformValidation validates the given challenge. It always returns a list of validation records, even when it also returns an error.

Source Files

View all Source files

Directories

Path Synopsis
Package proto is a generated protocol buffer package.
 Package proto is a generated protocol buffer package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.