va

package

v0.0.0-...-94d1468 Latest Latest Go to latest Published: Apr 18, 2024 License: MPL-2.0 Imports: 43 Imported by: 6

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/letsencrypt/boulder

Documentation ¶

Index ¶

Constants
Variables
type RemoteClients
type RemoteVA
type ValidationAuthorityImpl
- func NewValidationAuthorityImpl(resolver bdns.Client, remoteVAs []RemoteVA, maxRemoteFailures int, ...) (*ValidationAuthorityImpl, error)
- func (va *ValidationAuthorityImpl) IsCAAValid(ctx context.Context, req *vapb.IsCAAValidRequest) (*vapb.IsCAAValidResponse, error)
- func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, req *vapb.PerformValidationRequest) (*vapb.ValidationResult, error)

Constants ¶

View Source

const (
	// ALPN protocol ID for TLS-ALPN-01 challenge
	// https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-01#section-5.2
	ACMETLS1Protocol = "acme-tls/1"
)

Variables ¶

View Source

var (
	// As defined in https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-04#section-5.1
	// id-pe OID + 31 (acmeIdentifier)
	IdPeAcmeIdentifier = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 1, 31}
	// OID for the Subject Alternative Name extension, as defined in
	// https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.6
	IdCeSubjectAltName = asn1.ObjectIdentifier{2, 5, 29, 17}
)

Functions ¶

This section is empty.

Types ¶

type RemoteClients ¶

type RemoteClients struct {
	vapb.VAClient
	vapb.CAAClient
}

RemoteClients wraps the vapb.VAClient and vapb.CAAClient interfaces to aid in mocking remote VAs for testing.

type RemoteVA ¶

type RemoteVA struct {
	RemoteClients
	Address string
}

RemoteVA embeds RemoteClients and adds a field containing the address of the remote gRPC server since the underlying gRPC client doesn't provide a way to extract this metadata which is useful for debugging gRPC connection issues.

type ValidationAuthorityImpl ¶

type ValidationAuthorityImpl struct {
	vapb.UnimplementedVAServer
	vapb.UnimplementedCAAServer
	// contains filtered or unexported fields
}

ValidationAuthorityImpl represents a VA

func NewValidationAuthorityImpl ¶

func NewValidationAuthorityImpl(
	resolver bdns.Client,
	remoteVAs []RemoteVA,
	maxRemoteFailures int,
	userAgent string,
	issuerDomain string,
	stats prometheus.Registerer,
	clk clock.Clock,
	logger blog.Logger,
	accountURIPrefixes []string,
) (*ValidationAuthorityImpl, error)

NewValidationAuthorityImpl constructs a new VA

func (*ValidationAuthorityImpl) IsCAAValid ¶

func (va *ValidationAuthorityImpl) IsCAAValid(ctx context.Context, req *vapb.IsCAAValidRequest) (*vapb.IsCAAValidResponse, error)

IsCAAValid checks requested CAA records from a VA, and recursively any RVAs configured in the VA. It returns a response or an error.

func (*ValidationAuthorityImpl) PerformValidation ¶

func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, req *vapb.PerformValidationRequest) (*vapb.ValidationResult, error)

PerformValidation validates the challenge for the domain in the request. The returned result will always contain a list of validation records, even when it also contains a problem.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
proto

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL