sa

package
v0.0.0-...-0cb28c9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 7, 2018 License: MPL-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewDbMap 

func NewDbMap(dbConnect string, maxOpenConns int) (*gorp.DbMap, error)

NewDbMap creates the root gorp mapping object. Create one of these for each database schema you wish to map. Each DbMap contains a list of mapped tables. It automatically maps the tables for the primary parts of Boulder around the Storage Authority.

func NewDbMapFromConfig 

func NewDbMapFromConfig(config *mysql.Config, maxOpenConns int) (*gorp.DbMap, error)

NewDbMapFromConfig functions similarly to NewDbMap, but it takes the decomposed form of the connection string, a *mysql.Config.

func ReportDbConnCount 

func ReportDbConnCount(dbMap *gorp.DbMap, statter metrics.Scope)

func ReverseName 

func ReverseName(domain string) string

func Rollback 

func Rollback(tx *gorp.Transaction, err error) error

Rollback rolls back the provided transaction. If the rollback fails for any reason a `RollbackError` error is returned wrapping the original error. If no rollback error occurs then the original error is returned.

func SelectCertificate 

func SelectCertificate(s dbOneSelector, q string, args ...interface{}) (core.Certificate, error)

SelectCertificate selects all fields of one certificate object

func SelectCertificateStatus 

func SelectCertificateStatus(s dbOneSelector, q string, args ...interface{}) (certStatusModel, error)

SelectCertificateStatus selects all fields of one certificate status model

func SelectCertificateStatuses 

func SelectCertificateStatuses(s dbSelector, q string, args ...interface{}) ([]core.CertificateStatus, error)

SelectCertificateStatuses selects all fields of multiple certificate status objects

func SelectCertificates 

func SelectCertificates(s dbSelector, q string, args map[string]interface{}) ([]core.Certificate, error)

SelectCertificates selects all fields of multiple certificate objects

func SetSQLDebug 

func SetSQLDebug(dbMap *gorp.DbMap, log blog.Logger)

SetSQLDebug enables GORP SQL-level Debugging

Types

type BoulderTypeConverter 

type BoulderTypeConverter struct{}

BoulderTypeConverter is used by Gorp for storing objects in DB.

func (BoulderTypeConverter) FromDb 

func (tc BoulderTypeConverter) FromDb(target interface{}) (gorp.CustomScanner, bool)

FromDb converts a DB representation back into a Boulder object.

func (BoulderTypeConverter) ToDb 

func (tc BoulderTypeConverter) ToDb(val interface{}) (interface{}, error)

ToDb converts a Boulder object to one suitable for the DB representation.

type RollbackError 

type RollbackError struct {
	Err         error
	RollbackErr error
}

RollbackError is a combination of a database error and the error, if any, encountered while trying to rollback the transaction.

func (*RollbackError) Error 

func (re *RollbackError) Error() string

Error implements the error interface

type SQLLogger 

type SQLLogger struct {
	blog.Logger
}

SQLLogger adapts the Boulder Logger to a format GORP can use.

func (*SQLLogger) Printf 

func (log *SQLLogger) Printf(format string, v ...interface{})

Printf adapts the AuditLogger to GORP's interface

type SQLStorageAuthority 

type SQLStorageAuthority struct {
	// contains filtered or unexported fields
}

SQLStorageAuthority defines a Storage Authority

func NewSQLStorageAuthority 

func NewSQLStorageAuthority(
	dbMap *gorp.DbMap,
	clk clock.Clock,
	logger blog.Logger,
	scope metrics.Scope,
	parallelismPerRPC int,
) (*SQLStorageAuthority, error)

NewSQLStorageAuthority provides persistence using a SQL backend for Boulder. It will modify the given gorp.DbMap by adding relevant tables.

func (*SQLStorageAuthority) AddCertificate 

func (ssa *SQLStorageAuthority) AddCertificate(
	ctx context.Context,
	certDER []byte,
	regID int64,
	ocspResponse []byte,
	issued *time.Time) (string, error)

AddCertificate stores an issued certificate and returns the digest as a string, or an error if any occurred.

func (*SQLStorageAuthority) AddPendingAuthorizations 

func (ssa *SQLStorageAuthority) AddPendingAuthorizations(ctx context.Context, req *sapb.AddPendingAuthorizationsRequest) (*sapb.AuthorizationIDs, error)

AddPendingAuthorizations creates a batch of pending authorizations and returns their IDs

func (*SQLStorageAuthority) CountCertificatesByExactNames 

func (ssa *SQLStorageAuthority) CountCertificatesByExactNames(ctx context.Context, domains []string, earliest, latest time.Time) ([]*sapb.CountByNames_MapElement, error)

func (*SQLStorageAuthority) CountCertificatesByNames 

func (ssa *SQLStorageAuthority) CountCertificatesByNames(ctx context.Context, domains []string, earliest, latest time.Time) ([]*sapb.CountByNames_MapElement, error)

CountCertificatesByNames counts, for each input domain, the number of certificates issued in the given time range for that domain and its subdomains. It returns a map from domains to counts, which is guaranteed to contain an entry for each input domain, so long as err is nil. Queries will be run in parallel. If any of them error, only one error will be returned.

func (*SQLStorageAuthority) CountFQDNSets 

func (ssa *SQLStorageAuthority) CountFQDNSets(ctx context.Context, window time.Duration, names []string) (int64, error)

CountFQDNSets returns the number of sets with hash |setHash| within the window |window|

func (*SQLStorageAuthority) CountInvalidAuthorizations 

func (ssa *SQLStorageAuthority) CountInvalidAuthorizations(
	ctx context.Context,
	req *sapb.CountInvalidAuthorizationsRequest,
) (count *sapb.Count, err error)

CountInvalidAuthorizations counts invalid authorizations for a user expiring in a given time range. authorizations for the give registration.

func (*SQLStorageAuthority) CountOrders 

func (ssa *SQLStorageAuthority) CountOrders(ctx context.Context, acctID int64, earliest, latest time.Time) (int, error)

func (*SQLStorageAuthority) CountPendingAuthorizations 

func (ssa *SQLStorageAuthority) CountPendingAuthorizations(ctx context.Context, regID int64) (count int, err error)

CountPendingAuthorizations returns the number of pending, unexpired authorizations for the given registration.

func (*SQLStorageAuthority) CountRegistrationsByIP 

func (ssa *SQLStorageAuthority) CountRegistrationsByIP(ctx context.Context, ip net.IP, earliest time.Time, latest time.Time) (int, error)

CountRegistrationsByIP returns the number of registrations created in the time range for a single IP address.

func (*SQLStorageAuthority) CountRegistrationsByIPRange 

func (ssa *SQLStorageAuthority) CountRegistrationsByIPRange(ctx context.Context, ip net.IP, earliest time.Time, latest time.Time) (int, error)

CountRegistrationsByIPRange returns the number of registrations created in the time range in an IP range. For IPv4 addresses, that range is limited to the single IP. For IPv6 addresses, that range is a /48, since it's not uncommon for one person to have a /48 to themselves.

func (*SQLStorageAuthority) DeactivateAuthorization 

func (ssa *SQLStorageAuthority) DeactivateAuthorization(ctx context.Context, id string) error

DeactivateAuthorization deactivates a currently valid or pending authorization

func (*SQLStorageAuthority) DeactivateRegistration 

func (ssa *SQLStorageAuthority) DeactivateRegistration(ctx context.Context, id int64) error

DeactivateRegistration deactivates a currently valid registration

func (*SQLStorageAuthority) FQDNSetExists 

func (ssa *SQLStorageAuthority) FQDNSetExists(ctx context.Context, names []string) (bool, error)

FQDNSetExists returns a bool indicating if one or more FQDN sets |names| exists in the database

func (*SQLStorageAuthority) FinalizeAuthorization 

func (ssa *SQLStorageAuthority) FinalizeAuthorization(ctx context.Context, authz core.Authorization) error

FinalizeAuthorization converts a Pending Authorization to a final one. If the Authorization is not found a berrors.NotFound result is returned. If the Authorization is status pending a berrors.InternalServer error is returned.

func (*SQLStorageAuthority) FinalizeOrder 

func (ssa *SQLStorageAuthority) FinalizeOrder(ctx context.Context, req *corepb.Order) error

FinalizeOrder finalizes a provided *corepb.Order by persisting the CertificateSerial and a valid status to the database. No fields other than CertificateSerial and the order ID on the provided order are processed (e.g. this is not a generic update RPC).

func (*SQLStorageAuthority) GetAuthorization 

func (ssa *SQLStorageAuthority) GetAuthorization(ctx context.Context, id string) (core.Authorization, error)

GetAuthorization obtains an Authorization by ID

func (*SQLStorageAuthority) GetAuthorizations 

func (ssa *SQLStorageAuthority) GetAuthorizations(
	ctx context.Context,
	req *sapb.GetAuthorizationsRequest) (*sapb.Authorizations, error)

GetAuthorizations returns a map of valid or pending authorizations for as many names as possible

func (*SQLStorageAuthority) GetCertificate 

func (ssa *SQLStorageAuthority) GetCertificate(ctx context.Context, serial string) (core.Certificate, error)

GetCertificate takes a serial number and returns the corresponding certificate, or error if it does not exist.

func (*SQLStorageAuthority) GetCertificateStatus 

func (ssa *SQLStorageAuthority) GetCertificateStatus(ctx context.Context, serial string) (core.CertificateStatus, error)

GetCertificateStatus takes a hexadecimal string representing the full 128-bit serial number of a certificate and returns data about that certificate's current validity.

func (*SQLStorageAuthority) GetOrder 

func (ssa *SQLStorageAuthority) GetOrder(ctx context.Context, req *sapb.OrderRequest) (*corepb.Order, error)

GetOrder is used to retrieve an already existing order object

func (*SQLStorageAuthority) GetOrderForNames 

func (ssa *SQLStorageAuthority) GetOrderForNames(
	ctx context.Context,
	req *sapb.GetOrderForNamesRequest) (*corepb.Order, error)

GetOrderForNames tries to find a **pending** order with the exact set of names requested, associated with the given accountID. Only unexpired orders with status pending are considered. If no order meeting these requirements is found a nil corepb.Order pointer is returned.

func (*SQLStorageAuthority) GetPendingAuthorization 

func (ssa *SQLStorageAuthority) GetPendingAuthorization(
	ctx context.Context,
	req *sapb.GetPendingAuthorizationRequest,
) (*core.Authorization, error)

GetPendingAuthorization returns the most recent Pending authorization with the given identifier, if available.

func (*SQLStorageAuthority) GetRegistration 

func (ssa *SQLStorageAuthority) GetRegistration(ctx context.Context, id int64) (core.Registration, error)

GetRegistration obtains a Registration by ID

func (*SQLStorageAuthority) GetRegistrationByKey 

func (ssa *SQLStorageAuthority) GetRegistrationByKey(ctx context.Context, key *jose.JSONWebKey) (core.Registration, error)

GetRegistrationByKey obtains a Registration by JWK

func (*SQLStorageAuthority) GetValidAuthorizations 

func (ssa *SQLStorageAuthority) GetValidAuthorizations(
	ctx context.Context,
	registrationID int64,
	names []string,
	now time.Time) (map[string]*core.Authorization, error)

GetValidAuthorizations returns the latest authorization object for all domain names from the parameters that the account has authorizations for.

func (*SQLStorageAuthority) GetValidOrderAuthorizations 

func (ssa *SQLStorageAuthority) GetValidOrderAuthorizations(
	ctx context.Context,
	req *sapb.GetValidOrderAuthorizationsRequest) (map[string]*core.Authorization, error)

GetValidOrderAuthorizations is used to find the valid, unexpired authorizations associated with a specific order and account ID.

func (*SQLStorageAuthority) MarkCertificateRevoked 

func (ssa *SQLStorageAuthority) MarkCertificateRevoked(ctx context.Context, serial string, reasonCode revocation.Reason) error

MarkCertificateRevoked stores the fact that a certificate is revoked, along with a timestamp and a reason.

func (*SQLStorageAuthority) NewOrder 

func (ssa *SQLStorageAuthority) NewOrder(ctx context.Context, req *corepb.Order) (*corepb.Order, error)

NewOrder adds a new v2 style order to the database

func (*SQLStorageAuthority) NewPendingAuthorization 

func (ssa *SQLStorageAuthority) NewPendingAuthorization(ctx context.Context, authz core.Authorization) (core.Authorization, error)

NewPendingAuthorization retrieves a pending authorization for authz.Identifier if one exists, or creates a new one otherwise.

func (*SQLStorageAuthority) NewRegistration 

func (ssa *SQLStorageAuthority) NewRegistration(ctx context.Context, reg core.Registration) (core.Registration, error)

NewRegistration stores a new Registration

func (*SQLStorageAuthority) PreviousCertificateExists 

func (ssa *SQLStorageAuthority) PreviousCertificateExists(
	ctx context.Context,
	req *sapb.PreviousCertificateExistsRequest,
) (*sapb.Exists, error)

PreviousCertificateExists returns true iff there was at least one certificate issued with the provided domain name, and the most recent such certificate was issued by the provided registration ID. Note: This means that if two different accounts were issuing certificates for a domain, only one gets the right to revalidate using TLS-SNI-01. We think this is an acceptable tradeoff of complexity versus coverage, though we may reconsider in the future.

func (*SQLStorageAuthority) RevokeAuthorizationsByDomain 

func (ssa *SQLStorageAuthority) RevokeAuthorizationsByDomain(ctx context.Context, ident core.AcmeIdentifier) (int64, int64, error)

RevokeAuthorizationsByDomain invalidates all pending or finalized authorizations for a specific domain

func (*SQLStorageAuthority) SetOrderError 

func (ssa *SQLStorageAuthority) SetOrderError(ctx context.Context, order *corepb.Order) error

SetOrderError updates a provided Order's error field.

func (*SQLStorageAuthority) SetOrderProcessing 

func (ssa *SQLStorageAuthority) SetOrderProcessing(ctx context.Context, req *corepb.Order) error

SetOrderProcessing updates a provided *corepb.Order in pending status to be in processing status by updating the `beganProcessing` field of the corresponding Order table row in the DB.

func (*SQLStorageAuthority) UpdatePendingAuthorization 

func (ssa *SQLStorageAuthority) UpdatePendingAuthorization(ctx context.Context, authz core.Authorization) error

UpdatePendingAuthorization updates a Pending Authorization's Challenges. Despite what the name "UpdatePendingAuthorization" (preserved for legacy reasons) may indicate, the pending authorization table row is not changed, only the associated challenges by way of `sa.updateChallenges`.

func (*SQLStorageAuthority) UpdateRegistration 

func (ssa *SQLStorageAuthority) UpdateRegistration(ctx context.Context, reg core.Registration) error

UpdateRegistration stores an updated Registration

Source Files

View all Source files

Directories

Path Synopsis
Package proto is a generated protocol buffer package.
 Package proto is a generated protocol buffer package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.