deliveryservice

package
v1.0.2-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 18, 2022 License: Apache-2.0 Imports: 43 Imported by: 0

Documentation

Index

Constants

View Source
const HasRequiredCapabilitiesQuery = `` /* 132-byte string literal not displayed */

language=SQL

View Source
const LetsEncryptTimeout = time.Minute * 20
View Source
const NewCertValidDuration = time.Hour * 24 * 365
View Source
const (
	PemCertEndMarker = "-----END CERTIFICATE-----"
)
View Source
const StatNameKBPS = "kbps"
View Source
const StatNameMaxKBPS = "maxKbps"

Variables

This section is empty.

Functions

func AddSSLKeys

func AddSSLKeys(w http.ResponseWriter, r *http.Request)

AddSSLKeys adds the given ssl keys to the given delivery service.

func AlertExpiringCerts

func AlertExpiringCerts(certsFound ExpirationSummary, config config.Config) (int, error, error)

func ConvertPrivateKeyToKeyPem

func ConvertPrivateKeyToKeyPem(userPrivateKey *rsa.PrivateKey) ([]byte, error)

func CopyURLKeys

func CopyURLKeys(w http.ResponseWriter, r *http.Request)

func CreateDNSSECKeys

func CreateDNSSECKeys(tx *sql.Tx, cfg *config.Config, xmlID string, exampleURLs []string, cdnKeys tc.DNSSECKeySetV11, kskExpiration time.Duration, zskExpiration time.Duration, ttl time.Duration, overrideTTL bool) (tc.DNSSECKeySetV11, error)

CreateDNSSECKeys creates DNSSEC keys for the given delivery service, updating existing keys if they exist. The overrideTTL parameter determines whether to reuse existing key TTLs if they exist, or to override existing TTLs with the ttl parameter's value.

func CreateV12

func CreateV12(w http.ResponseWriter, r *http.Request)

func CreateV13

func CreateV13(w http.ResponseWriter, r *http.Request)

func CreateV14

func CreateV14(w http.ResponseWriter, r *http.Request)

func CreateV15

func CreateV15(w http.ResponseWriter, r *http.Request)

TODO allow users to post names (type, cdn, etc) and get the IDs from the names. This isn't trivial to do in a single query, without dynamically building the entire insert query, and ideally inserting would be one query. But it'd be much more convenient for users. Alternatively, remove IDs from the database entirely and use real candidate keys.

func CreateV30

func CreateV30(w http.ResponseWriter, r *http.Request)

func CreateV31

func CreateV31(w http.ResponseWriter, r *http.Request)

func DeleteOldCerts

func DeleteOldCerts(db *sql.DB, tx *sql.Tx, cfg *config.Config, cdn tc.CDNName) error

DeleteOldCerts asynchronously deletes HTTPS certificates in Riak which have no corresponding delivery service in the database.

Note the delivery service may still be in the CRConfig! Therefore, this should only be called immediately after a CRConfig Snapshot.

This creates a goroutine, and immediately returns. It returns an error if there was an error preparing the delete routine, such as an error creating a db transaction.

Note because it is asynchronous, this may return a nil error, but the asynchronous goroutine may error when fetching or deleting the certificates. If such an error occurs, it will be logged to the error log.

If certificate deletion is already being processed by a goroutine, another delete will be queued, and this immediately returns nil. Only one delete will ever be queued.

func DeleteSSLKeys

func DeleteSSLKeys(w http.ResponseWriter, r *http.Request)

DeleteSSLKeys deletes a Delivery Service's sslkeys via a DELETE method

func DeleteSSLKeysDeprecated

func DeleteSSLKeysDeprecated(w http.ResponseWriter, r *http.Request)

DeleteSSLKeysDeprecated deletes a Delivery Service's sslkeys via a deprecated GET method

func EncodePEMToLegacyPerlRiakFormat

func EncodePEMToLegacyPerlRiakFormat(pem []byte) []byte

EncodePEMToLegacyPerlRiakFormat takes a PEM-encoded byte (typically a certificate, csr, or key) and returns the format Perl Traffic Ops used to send to Riak.

func EnsureParams

func EnsureParams(tx *sql.Tx, dsID int, xmlID string, edgeHeaderRewrite *string, midHeaderRewrite *string, regexRemap *string, cacheURL *string, signingAlgorithm *string, dsType tc.DSType, maxOriginConns *int) error

EnsureParams ensures the given delivery service's necessary parameters exist on profiles of servers assigned to the delivery service. Note the edgeHeaderRewrite, midHeaderRewrite, regexRemap, and cacheURL may be nil, if the delivery service does not have those values.

func EnsureTopologyBasedRequiredCapabilities

func EnsureTopologyBasedRequiredCapabilities(tx *sql.Tx, dsID int, topology string, requiredCapabilities []string) (error, error, int)

EnsureTopologyBasedRequiredCapabilities ensures that at least one server per cachegroup in this delivery service's topology has this delivery service's required capabilities.

func GenerateCert

func GenerateCert(host, country, city, state, org, unit string) ([]byte, []byte, []byte, error)

GenerateCert generates a key and certificate for serving HTTPS. The generated key is 2048-bit RSA, to match the old Perl code. The certificate will be valid for NewCertValidDuration time after now. Returns PEM-encoded certificate signing request (csr), certificate (crt), and key; or any error.

func GenerateLetsEncryptCertificates

func GenerateLetsEncryptCertificates(w http.ResponseWriter, r *http.Request)

func GenerateSSLKeys

func GenerateSSLKeys(w http.ResponseWriter, r *http.Request)

GenerateSSLKeys generates a new private key, certificate signing request and certificate based on the values submitted. It then stores these values in TrafficVault and updates the SSL key version.

func GenerateURLKeys

func GenerateURLKeys(w http.ResponseWriter, r *http.Request)

func GenerateURLSigKeys

func GenerateURLSigKeys() (tc.URLSigKeys, error)

func GetAcmeClient

func GetAcmeClient(acmeAccount *config.ConfigAcmeAccount, userTx *sql.Tx, db *sqlx.DB) (*lego.Client, error)

GetAcmeClient uses the ACME account information in either cdn.conf or the database to create and register an ACME client

func GetCapacity

func GetCapacity(w http.ResponseWriter, r *http.Request)

func GetDNSSECKeysV11

func GetDNSSECKeysV11(keyType string, dsName string, ttl time.Duration, inception time.Time, expiration time.Time, status string, effectiveDate time.Time, tld bool) (tc.DNSSECKeyV11, error)

func GetDSDomainName

func GetDSDomainName(dsExampleURLs []string) (string, error)

func GetDSSelectQuery

func GetDSSelectQuery() string

export the selectQuery for the 'deliveryservice' package.

func GetDeliveryServices

func GetDeliveryServices(query string, queryValues map[string]interface{}, tx *sqlx.Tx) ([]tc.DeliveryServiceNullableV30, error, error, int)

func GetDeliveryServicesMatchLists

func GetDeliveryServicesMatchLists(dses []string, tx *sql.Tx) (map[string][]tc.DeliveryServiceMatch, error)

func GetDnsChallengeRecords

func GetDnsChallengeRecords(w http.ResponseWriter, r *http.Request)

func GetHealth

func GetHealth(w http.ResponseWriter, r *http.Request)

func GetInvalidCachegroupsForRequiredCapabilities

func GetInvalidCachegroupsForRequiredCapabilities(
	cachegroupServers map[string][]int,
	serverCapabilities map[int]map[string]struct{},
	requiredCapabilities []string,
) []string

GetInvalidCachegroupsForRequiredCapabilities returns the cachegroups that are invalid w.r.t. the given `requiredCapabilities` of a delivery service. `cachegroupServers` is a map of cachegroup names to server IDs that belong to the delivery service's CDN. `serverCapabilities` is a map of those server IDs to their set of capabilities.

func GetLetsEncryptCertificates

func GetLetsEncryptCertificates(cfg *config.Config, req tc.DeliveryServiceLetsEncryptSSLKeysReq, ctx context.Context, currentUser *auth.CurrentUser) error

func GetMatches

func GetMatches(w http.ResponseWriter, r *http.Request)

func GetSSLKeysByHostName

func GetSSLKeysByHostName(w http.ResponseWriter, r *http.Request)

GetSSLKeysByHostName fetches the ssl keys for a deliveryservice specified by the fully qualified hostname

func GetSSLKeysByHostNameV15

func GetSSLKeysByHostNameV15(w http.ResponseWriter, r *http.Request)

GetSSLKeysByHostNameV15 fetches the ssl keys for a deliveryservice specified by the fully qualified hostname. V15 includes expiration date.

func GetSSLKeysByXMLID

func GetSSLKeysByXMLID(w http.ResponseWriter, r *http.Request)

GetSSLKeysByXMLID fetches the deliveryservice ssl keys by the specified xmlID.

func GetSSLKeysByXMLIDV15

func GetSSLKeysByXMLIDV15(w http.ResponseWriter, r *http.Request)

GetSSLKeysByXMLIDV15 fetches the deliveryservice ssl keys by the specified xmlID. V15 includes expiration date.

func GetServersEligible

func GetServersEligible(w http.ResponseWriter, r *http.Request)

func GetURLKeysByID

func GetURLKeysByID(w http.ResponseWriter, r *http.Request)

func GetURLKeysByName

func GetURLKeysByName(w http.ResponseWriter, r *http.Request)

func GetXMLID

func GetXMLID(tx *sql.Tx, id int) (string, bool, error)

GetXMLID loads the DeliveryService's xml_id from the database, from the ID. Returns whether the delivery service was found, and any error.

func MakeDNSSECKeysFromRiakKeys

func MakeDNSSECKeysFromRiakKeys(riakKeys tc.DNSSECKeysRiak, dsTTL time.Duration) (tc.DNSSECKeys, error)

MakeDNSSECKeySetFromRiakKeySet creates a DNSSECKeySet (as served by Traffic Ops) from a DNSSECKeysRiak (as stored in Riak), adding any computed data. Notably, this adds the full DS Record text to CDN KSKs

func MakeDSRecordText

func MakeDSRecordText(ksk tc.DNSSECKeyV11, ttl time.Duration) (string, error)

func MakeExampleURLs

func MakeExampleURLs(protocol *int, dsType tc.DSType, routingName string, matchList []tc.DeliveryServiceMatch, cdnDomain string) []string

makeExampleURLs creates the example URLs for a delivery service. The dsProtocol may be nil, if the delivery service type doesn't have a protocol (e.g. ANY_MAP).

func PutDNSSecKeys

func PutDNSSecKeys(tx *sql.Tx, cfg *config.Config, xmlID string, cdnName string, exampleURLs []string) (error, error, int)

func RenewAcmeCertificate

func RenewAcmeCertificate(w http.ResponseWriter, r *http.Request)

func RenewCertificates

func RenewCertificates(w http.ResponseWriter, r *http.Request)

func RunAutorenewal

func RunAutorenewal(existingCerts []ExistingCerts, cfg *config.Config, ctx context.Context, currentUser *auth.CurrentUser)

func UpdateSafe

func UpdateSafe(w http.ResponseWriter, r *http.Request)

UpdateSafe is the handler for PUT requests to /deliveryservices/{{ID}}/safe.

The only fields which are "safe" to modify are the displayName, infoURL, longDesc, and longDesc1.

func UpdateV12

func UpdateV12(w http.ResponseWriter, r *http.Request)

func UpdateV13

func UpdateV13(w http.ResponseWriter, r *http.Request)

func UpdateV14

func UpdateV14(w http.ResponseWriter, r *http.Request)

func UpdateV15

func UpdateV15(w http.ResponseWriter, r *http.Request)

func UpdateV30

func UpdateV30(w http.ResponseWriter, r *http.Request)

func UpdateV31

func UpdateV31(w http.ResponseWriter, r *http.Request)

Types

type AcmeInfo

type AcmeInfo struct {
	Email      string `db:"email"`
	Key        string `db:"private_key"`
	URI        string `db:"uri"`
	PrivateKey rsa.PrivateKey
}

type CapData

type CapData struct {
	Available   float64
	Unavailable float64
	Maintenance float64
	Capacity    float64
}

type CapacityResp

type CapacityResp struct {
	AvailablePercent   float64 `json:"availablePercent"`
	UnavailablePercent float64 `json:"unavailablePercent"`
	UtilizedPercent    float64 `json:"utilizedPercent"`
	MaintenancePercent float64 `json:"maintenancePercent"`
}

type DNSProviderTrafficRouter

type DNSProviderTrafficRouter struct {
	// contains filtered or unexported fields
}

func NewDNSProviderTrafficRouter

func NewDNSProviderTrafficRouter() *DNSProviderTrafficRouter

func (*DNSProviderTrafficRouter) CleanUp

func (d *DNSProviderTrafficRouter) CleanUp(domain, token, keyAuth string) error

func (*DNSProviderTrafficRouter) Present

func (d *DNSProviderTrafficRouter) Present(domain, token, keyAuth string) error

func (*DNSProviderTrafficRouter) Timeout

func (d *DNSProviderTrafficRouter) Timeout() (timeout, interval time.Duration)

type DnsRecord

type DnsRecord struct {
	Fqdn   *string `json:"fqdn" db:"fqdn"`
	Record *string `json:"record" db:"record"`
}

type DsExpirationInfo

type DsExpirationInfo struct {
	XmlId      string
	Version    util.JSONIntStr
	Expiration time.Time
	AuthType   string
	Error      error
}

type DsKey

type DsKey struct {
	XmlId   string
	Version sql.NullInt64
}

type ExistingCerts

type ExistingCerts struct {
	Version sql.NullInt64
	XmlId   string
}

type ExpirationSummary

type ExpirationSummary struct {
	LetsEncryptExpirations []DsExpirationInfo
	SelfSignedExpirations  []DsExpirationInfo
	OtherExpirations       []DsExpirationInfo
}

type MyUser

type MyUser struct {
	Email        string
	Registration *registration.Resource
	// contains filtered or unexported fields
}

func (*MyUser) GetEmail

func (u *MyUser) GetEmail() string

func (*MyUser) GetPrivateKey

func (u *MyUser) GetPrivateKey() crypto.PrivateKey

func (MyUser) GetRegistration

func (u MyUser) GetRegistration() *registration.Resource

type OldCertDeleter

type OldCertDeleter struct {
	Start chan struct{}
	Die   chan struct{}
	Once  sync.Once
}

type OldCertDeleters

type OldCertDeleters struct {
	D map[tc.CDNName]*OldCertDeleter
	M sync.Mutex
}

type RequiredCapability

type RequiredCapability struct {
	api.APIInfoImpl `json:"-"`
	tc.DeliveryServicesRequiredCapability
}

RequiredCapability provides a type to define methods on.

func (*RequiredCapability) Create

func (rc *RequiredCapability) Create() (error, error, int)

Create implements the api.CRUDer interface.

func (*RequiredCapability) Delete

func (rc *RequiredCapability) Delete() (error, error, int)

Delete implements the api.CRUDer interface.

func (*RequiredCapability) DeleteQuery

func (rc *RequiredCapability) DeleteQuery() string

DeleteQuery implements the api.GenericDeleter interface.

func (*RequiredCapability) GetAuditName

func (rc *RequiredCapability) GetAuditName() string

GetAuditName implements the api.Identifier interface and returns the name of the object.

func (RequiredCapability) GetKeyFieldsInfo

func (rc RequiredCapability) GetKeyFieldsInfo() []api.KeyFieldInfo

GetKeyFieldsInfo implements the api.Identifier interface.

func (RequiredCapability) GetKeys

func (rc RequiredCapability) GetKeys() (map[string]interface{}, bool)

GetKeys implements the api.Identifier interface and is not needed because Update is not available.

func (*RequiredCapability) GetType

func (rc *RequiredCapability) GetType() string

GetType implements the api.Identifier interface and returns the name of the struct.

func (*RequiredCapability) NewReadObj

func (rc *RequiredCapability) NewReadObj() interface{}

NewReadObj implements the api.GenericReader interfaces.

func (*RequiredCapability) ParamColumns

func (rc *RequiredCapability) ParamColumns() map[string]dbhelpers.WhereColumnInfo

ParamColumns implements the api.GenericReader interface.

func (*RequiredCapability) Read

func (rc *RequiredCapability) Read(h http.Header, useIMS bool) ([]interface{}, error, error, int, *time.Time)

Read implements the api.CRUDer interface.

func (*RequiredCapability) SelectQuery

func (rc *RequiredCapability) SelectQuery() string

SelectQuery implements the api.GenericReader interface.

func (*RequiredCapability) SetKeys

func (rc *RequiredCapability) SetKeys(keys map[string]interface{})

SetKeys implements the api.Identifier interface and allows the create handler to assign deliveryServiceID and requiredCapability.

func (*RequiredCapability) SetLastUpdated

func (rc *RequiredCapability) SetLastUpdated(t tc.TimeNoMod)

SetLastUpdated implements the api.GenericCreator interfaces and sets the timestamp on insert.

func (*RequiredCapability) Update

func (rc *RequiredCapability) Update(http.Header) (error, error, int)

Update implements the api.CRUDer interface.

func (RequiredCapability) Validate

func (rc RequiredCapability) Validate() error

Validate implements the api.Validator interface.

type TODeliveryService

type TODeliveryService struct {
	api.APIInfoImpl
	tc.DeliveryServiceNullableV30
}

func (*TODeliveryService) APIInfo

func (ds *TODeliveryService) APIInfo() *api.APIInfo

func (*TODeliveryService) Delete

func (ds *TODeliveryService) Delete() (error, error, int)

Delete is the DeliveryService implementation of the Deleter interface.

func (*TODeliveryService) DeleteQuery

func (v *TODeliveryService) DeleteQuery() string

func (*TODeliveryService) GetAuditName

func (ds *TODeliveryService) GetAuditName() string

func (TODeliveryService) GetKeyFieldsInfo

func (ds TODeliveryService) GetKeyFieldsInfo() []api.KeyFieldInfo

func (TODeliveryService) GetKeys

func (ds TODeliveryService) GetKeys() (map[string]interface{}, bool)

func (*TODeliveryService) GetType

func (ds *TODeliveryService) GetType() string

func (*TODeliveryService) IsTenantAuthorized

func (ds *TODeliveryService) IsTenantAuthorized(user *auth.CurrentUser) (bool, error)

IsTenantAuthorized checks that the user is authorized for both the delivery service's existing tenant, and the new tenant they're changing it to (if different).

func (TODeliveryService) MarshalJSON

func (ds TODeliveryService) MarshalJSON() ([]byte, error)

func (*TODeliveryService) Read

func (ds *TODeliveryService) Read(h http.Header, useIMS bool) ([]interface{}, error, error, int, *time.Time)

func (*TODeliveryService) SetKeys

func (ds *TODeliveryService) SetKeys(keys map[string]interface{})

func (*TODeliveryService) UnmarshalJSON

func (ds *TODeliveryService) UnmarshalJSON(data []byte) error

type TODeliveryServiceOldDetails

type TODeliveryServiceOldDetails struct {
	OldOrgServerFqdn *string
	OldCdnName       string
	OldCdnId         int
	OldRoutingName   string
	OldSSLKeyVersion *int
}

TODeliveryServiceOldDetails is the struct to store the old details while updating a DS.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL