Use file URLs for static responders.
This commit is contained in:
Jacob Hoffman-Andrews
parent
c7d0d8f5d8
commit
3bec0076cd
|
|
@ -11,6 +11,7 @@ import (
|
|||
"encoding/hex"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"time"
|
||||
|
||||
"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/cactus/go-statsd-client/statsd"
|
||||
|
|
@ -134,14 +135,22 @@ func main() {
|
|||
|
||||
config := c.OCSPResponder
|
||||
var source cfocsp.Source
|
||||
if config.Source.DBConnect != "" {
|
||||
url, err := url.Parse(config.Source)
|
||||
cmd.FailOnError(err, fmt.Sprintf("Source was not a URL: %s", config.Source))
|
||||
|
||||
if url.Scheme == "mysql+tcp" {
|
||||
auditlogger.Info(fmt.Sprintf("Loading OCSP Database for CA Cert: %s", c.Common.IssuerCert))
|
||||
source, err = makeDBSource(config.Source.DBConnect, c.Common.IssuerCert, c.SQL.SQLDebug)
|
||||
source, err = makeDBSource(config.Source, c.Common.IssuerCert, c.SQL.SQLDebug)
|
||||
cmd.FailOnError(err, "Couldn't load OCSP DB")
|
||||
} else {
|
||||
filename := config.Source.Filename
|
||||
} else if url.Scheme == "file" {
|
||||
filename := url.Path
|
||||
// Go interprets cwd-relative file urls (file:test/foo.txt) as having the
|
||||
// relative part of the path in the 'Opaque' field.
|
||||
if filename == "" {
|
||||
filename = url.Opaque
|
||||
}
|
||||
source, err = cfocsp.NewSourceFromFile(filename)
|
||||
cmd.FailOnError(err, fmt.Sprintf("Couldn't read file: %s", filename))
|
||||
cmd.FailOnError(err, fmt.Sprintf("Couldn't read file: %s", url.Path))
|
||||
}
|
||||
|
||||
stopTimeout, err := time.ParseDuration(c.OCSPResponder.ShutdownStopTimeout)
|
||||
|
|
|
|||
12
cmd/shell.go
12
cmd/shell.go
|
|
@ -152,14 +152,10 @@ type Config struct {
|
|||
}
|
||||
|
||||
OCSPResponder struct {
|
||||
// Exactly one of DBConnect or Filename should be filled.
|
||||
// DBConnect is used when responding for end-entity certs,
|
||||
// and Filename is used when responding from a static file for intermediates
|
||||
// and roots.
|
||||
Source struct {
|
||||
DBConnect string
|
||||
Filename string
|
||||
}
|
||||
// Source indicates the source of pre-signed OCSP responses to be used. It
|
||||
// can be a DBConnect string or a file URL. The file URL style is used
|
||||
// when responding from a static file for intermediates and roots.
|
||||
Source string
|
||||
|
||||
Path string
|
||||
ListenAddress string
|
||||
|
|
|
|||
|
|
@ -145,9 +145,7 @@
|
|||
},
|
||||
|
||||
"ocspResponder": {
|
||||
"source": {
|
||||
"dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_sa_integration"
|
||||
},
|
||||
"source": "mysql+tcp://boulder@localhost:3306/boulder_sa_integration",
|
||||
"path": "/",
|
||||
"listenAddress": "localhost:4002",
|
||||
"shutdownStopTimeout": "10s",
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
{
|
||||
"ocspResponder": {
|
||||
"source": {
|
||||
"filename": "test/issuer-ocsp-responses.txt"
|
||||
},
|
||||
"source": "file:test/issuer-ocsp-responses.txt",
|
||||
"path": "/",
|
||||
"listenAddress": "localhost:4003",
|
||||
"shutdownStopTimeout": "10s",
|
||||
|
|
|
|||
Loading…
Reference in New Issue