boulder: github.com/letsencrypt/boulder/features Index | Files

package features

import "github.com/letsencrypt/boulder/features"

Index

Package Files

featureflag_string.go features.go

func Enabled Uses

func Enabled(n FeatureFlag) bool

Enabled returns true if the feature is enabled or false if it isn't, it will panic if passed a feature that it doesn't know.

func Reset Uses

func Reset()

Reset resets the features to their initial state

func Set Uses

func Set(featureSet map[string]bool) error

Set accepts a list of features and whether they should be enabled or disabled, it will return a error if passed a feature name that it doesn't know

type FeatureFlag Uses

type FeatureFlag int
const (

    //   Deprecated features, these can be removed once stripped from production configs
    PerformValidationRPC FeatureFlag
    ACME13KeyRollover
    SimplifiedVAHTTP
    TLSSNIRevalidation
    AllowRenewalFirstRL
    SetIssuedNamesRenewalBit
    FasterRateLimit
    ProbeCTLogs
    RevokeAtRA
    NewAuthorizationSchema
    DisableAuthz2Orders
    EarlyOrderRateLimit
    FasterGetOrderForNames

    //   Currently in-use features
    // Check CAA and respect validationmethods parameter.
    CAAValidationMethods
    // Check CAA and respect accounturi parameter.
    CAAAccountURI
    // HEAD requests to the WFE2 new-nonce endpoint should return HTTP StatusOK
    // instead of HTTP StatusNoContent.
    HeadNonceStatusOK
    // EnforceMultiVA causes the VA to block on remote VA PerformValidation
    // requests in order to make a valid/invalid decision with the results.
    EnforceMultiVA
    // MultiVAFullResults will cause the main VA to wait for all of the remote VA
    // results, not just the threshold required to make a decision.
    MultiVAFullResults
    // RemoveWFE2AccountID will remove the account ID from account objects returned
    // from the new-account endpoint if enabled.
    RemoveWFE2AccountID
    // CheckRenewalFirst will check whether an issuance is a renewal before
    // checking the "certificates per name" rate limit.
    CheckRenewalFirst
    // MandatoryPOSTAsGET forbids legacy unauthenticated GET requests for ACME
    // resources.
    MandatoryPOSTAsGET
    // Allow creation of new registrations in ACMEv1.
    AllowV1Registration
    // Check the failed validation limit in parallel during NewOrder
    ParallelCheckFailedValidation
    // Upon authorization validation, delete the challenges that weren't used.
    DeleteUnusedChallenges
    // V1DisableNewValidations disables validations for new domain names in the V1
    // API.
    V1DisableNewValidations
    // PrecertificateOCSP ensures that we write an OCSP response immediately upon
    // generating a precertificate. This also changes the issuance / storage flow,
    // adding two new calls from CA to SA: AddSerial and AddPrecertificate.
    PrecertificateOCSP
    // PrecertificateRevocation allows revocation of precertificates with the
    // ACMEv2 interface.
    PrecertificateRevocation
    // StripDefaultSchemePort enables stripping of default scheme ports from HTTP
    // request Host headers
    StripDefaultSchemePort
    // GetAuthorizationsPerf enables a more performant GetAuthorizations2 query
    // at the SA.
    GetAuthorizationsPerf
)

func (FeatureFlag) String Uses

func (i FeatureFlag) String() string

Package features imports 3 packages (graph) and is imported by 207 packages. Updated 2019-11-06. Refresh now. Tools for package owners.