monitor

package

v1.0.0 Latest Latest Go to latest Published: Feb 7, 2019 License: MPL-2.0 Imports: 28 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/letsencrypt/ct-woodpecker

Links

Open Source Insights

Documentation ¶

Overview ¶

Package monitor provides the mechanisms used to monitor a single CT log. This includes fetching the log STH periodically as well as issuing certificates and submitting them to the log periodically.

Index ¶

type FetcherOptions
- func (o FetcherOptions) Valid() error
type InclusionOptions
type Monitor
- func New(opts MonitorOptions, stdout, stderr *log.Logger, clk clock.Clock) (*Monitor, error)
type MonitorOptions
- func (conf MonitorOptions) Valid() error
type SubmitterOptions
- func (o SubmitterOptions) Valid() error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type FetcherOptions ¶

type FetcherOptions struct {
	// Interval describes the duration that the monitor will sleep between
	// fetching the STH.
	Interval time.Duration
	// Timeout is the STH fetch timeout.
	Timeout time.Duration
}

FetcherOptions is a struct holding options for STH fetching.

func (FetcherOptions) Valid ¶

func (o FetcherOptions) Valid() error

Valid checks that the FetcherOptions interval is positive.

type InclusionOptions ¶

type InclusionOptions struct {
	Interval       time.Duration
	FetchBatchSize int64
	MaxGetEntries  int64
	StartIndex     int64
}

type Monitor ¶

type Monitor struct {
	// contains filtered or unexported fields
}

Monitor is a struct for monitoring a CT log. It may fetch the log's STH periodically or submit certs periodically or both depending on whether fetcher and submitter are not nil.

func New ¶

func New(opts MonitorOptions, stdout, stderr *log.Logger, clk clock.Clock) (*Monitor, error)

New creates a Monitor for the given options. The monitor will not be started until Run() is called.

func (*Monitor) CertSubmitter ¶

func (m *Monitor) CertSubmitter() bool

CertSubmitter returns true if the monitor is configured to submit certificates or precertificates to the monitored log periodically.

func (*Monitor) Run ¶

func (m *Monitor) Run()

Run starts the log monitoring process by starting the log's STH fetcher, the cert submitter, and the inclusion checker.

func (*Monitor) STHFetcher ¶

func (m *Monitor) STHFetcher() bool

STHFetcher returns true if the monitor is configured to fetch the monitor log's STH periodically.

func (*Monitor) Stop ¶

func (m *Monitor) Stop()

type MonitorOptions ¶

type MonitorOptions struct {
	// LogURI is the URI of the log to be monitored
	LogURI string
	// LogKey is the BASE64 encoded DER of the log's public key (No PEM header/footer).
	LogKey string
	// MaximumMergeDelay is the fixed amount of time (expressed in seconds) that
	// the log commits to incorporating a certificate within after returning an
	// SCT.
	MaximumMergeDelay int

	DBURI string

	// FetchOpts holds the FetcherOptions for fetching the log STH periodically.
	// It may be nil if no STH fetching is to be performed.
	FetchOpts *FetcherOptions
	// SubmitOpts holds the optional SubmitterOptions for submitting certificates
	// to the log periodically. It may be nil if no certificate submission is to
	// be performed.
	SubmitOpts *SubmitterOptions
	// InclusionOpts holds the optional InclusionOptions for checking submitted
	// certificates for inclusion in the log. It may be nil if no certificate
	// inclusion checks are to be performed.
	InclusionOpts *InclusionOptions
}

MonitorOptions is a struct for holding monitor configuration options

func (MonitorOptions) Valid ¶

func (conf MonitorOptions) Valid() error

Valid enforces that a MonitorOptions instance is valid. There must be a non-empty LogURI and LogKey. One of FetchOpts or SubmitOpts must not be non-nil and valid.

type SubmitterOptions ¶

type SubmitterOptions struct {
	// Interval describes the duration that the monitor will sleep between
	// submitting certificates to the monitored log.
	Interval time.Duration
	// Timeout describes the timeout used for submitting precerts/certs to the
	// monitored log.
	Timeout time.Duration
	// IssuerKey is the ECDSA private key used to sign issued certificates
	IssuerKey *ecdsa.PrivateKey
	// IssuerCert is the issuer certificate used to issue certificates submitted
	// to the monitored log. Its public key must correspond to the private key in
	// IssuerKey
	IssuerCert *x509.Certificate
	// SubmitPreCert controls whether or not precertificates are submitted
	SubmitPreCert bool
	// SubmitCert controls whether or not final certificates are submitted
	SubmitCert bool
	// ResubmitIncluded controls whether or not already included duplicate
	// certificates are submitted
	ResubmitIncluded bool
	// If WindowStart or WindowEnd are not nil submitted certificate validity will
	// be constrained within the provided window.
	WindowStart *time.Time
	WindowEnd   *time.Time
}

SubmitterOptions is a struct holding options related to issuing and submitting certificates to the monitored log periodically.

func (SubmitterOptions) Valid ¶

func (o SubmitterOptions) Valid() error

Valid checks that the SubmitterOptions has a valid positive interval and that the IssuerKey and IssuerCert are not nil.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL