letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Lay the groundwork for supporting IP identifiers (#7692) 

Clean up how we handle identifiers throughout the Boulder codebase by
- moving the Identifier protobuf message definition from sa.proto to
core.proto;
- adding support for IP identifier to the "identifier" package;
- renaming the "identifier" package's exported names to be clearer; and
- ensuring we use the identifier package's helper functions everywhere
we can.

This will make future work to actually respect identifier types (such as
in Authorization and Order protobuf messages) simpler and easier to
review.

Part of https://github.com/letsencrypt/boulder/issues/7311
This commit is contained in:
Aaron Gable 2024-08-30 11:40:38 -07:00 committed by GitHub
parent d58d09615a
commit dad9e08606
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
33 changed files with 1007 additions and 1000 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cmd/admin/pause_identifier.go
View File

@ -12,6 +12,7 @@ import (
"sync"
"sync/atomic"
corepb "github.com/letsencrypt/boulder/core/proto"
"github.com/letsencrypt/boulder/identifier"
sapb "github.com/letsencrypt/boulder/sa/proto"
)
@ -59,9 +60,9 @@ func (a *admin) pauseIdentifiers(ctx context.Context, entries []pauseCSVData, pa
return nil, errors.New("cannot pause identifiers because no pauseData was sent")
}
accountToIdentifiers := make(map[int64][]*sapb.Identifier)
accountToIdentifiers := make(map[int64][]*corepb.Identifier)
for _, entry := range entries {
accountToIdentifiers[entry.accountID] = append(accountToIdentifiers[entry.accountID], &sapb.Identifier{
accountToIdentifiers[entry.accountID] = append(accountToIdentifiers[entry.accountID], &corepb.Identifier{
Type: string(entry.identifierType),
Value: entry.identifierValue,
})
@ -71,7 +72,7 @@ func (a *admin) pauseIdentifiers(ctx context.Context, entries []pauseCSVData, pa
respChan := make(chan *sapb.PauseIdentifiersResponse, len(accountToIdentifiers))
work := make(chan struct {
accountID int64
identifiers []*sapb.Identifier
identifiers []*corepb.Identifier
}, parallelism)
var wg sync.WaitGroup
@ -97,7 +98,7 @@ func (a *admin) pauseIdentifiers(ctx context.Context, entries []pauseCSVData, pa
for accountID, identifiers := range accountToIdentifiers {
work <- struct {
accountID int64
identifiers []*sapb.Identifier
identifiers []*corepb.Identifier
}{accountID, identifiers}
}
close(work)

513
core/proto/core.pb.go
View File

@ -21,6 +21,61 @@ const (
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
)
type Identifier struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
}
func (x *Identifier) Reset() {
*x = Identifier{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[0]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *Identifier) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*Identifier) ProtoMessage() {}
func (x *Identifier) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[0]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use Identifier.ProtoReflect.Descriptor instead.
func (*Identifier) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{0}
}
func (x *Identifier) GetType() string {
if x != nil {
return x.Type
}
return ""
}
func (x *Identifier) GetValue() string {
if x != nil {
return x.Value
}
return ""
}
type Challenge struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
@ -42,7 +97,7 @@ type Challenge struct {
func (x *Challenge) Reset() {
*x = Challenge{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[0]
mi := &file_core_proto_msgTypes[1]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@ -55,7 +110,7 @@ func (x *Challenge) String() string {
func (*Challenge) ProtoMessage() {}
func (x *Challenge) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[0]
mi := &file_core_proto_msgTypes[1]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@ -68,7 +123,7 @@ func (x *Challenge) ProtoReflect() protoreflect.Message {
// Deprecated: Use Challenge.ProtoReflect.Descriptor instead.
func (*Challenge) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{0}
return file_core_proto_rawDescGZIP(), []int{1}
}
func (x *Challenge) GetId() int64 {
@ -149,7 +204,7 @@ type ValidationRecord struct {
func (x *ValidationRecord) Reset() {
*x = ValidationRecord{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[1]
mi := &file_core_proto_msgTypes[2]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@ -162,7 +217,7 @@ func (x *ValidationRecord) String() string {
func (*ValidationRecord) ProtoMessage() {}
func (x *ValidationRecord) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[1]
mi := &file_core_proto_msgTypes[2]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@ -175,7 +230,7 @@ func (x *ValidationRecord) ProtoReflect() protoreflect.Message {
// Deprecated: Use ValidationRecord.ProtoReflect.Descriptor instead.
func (*ValidationRecord) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{1}
return file_core_proto_rawDescGZIP(), []int{2}
}
func (x *ValidationRecord) GetHostname() string {
@ -247,7 +302,7 @@ type ProblemDetails struct {
func (x *ProblemDetails) Reset() {
*x = ProblemDetails{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[2]
mi := &file_core_proto_msgTypes[3]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@ -260,7 +315,7 @@ func (x *ProblemDetails) String() string {
func (*ProblemDetails) ProtoMessage() {}
func (x *ProblemDetails) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[2]
mi := &file_core_proto_msgTypes[3]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@ -273,7 +328,7 @@ func (x *ProblemDetails) ProtoReflect() protoreflect.Message {
// Deprecated: Use ProblemDetails.ProtoReflect.Descriptor instead.
func (*ProblemDetails) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{2}
return file_core_proto_rawDescGZIP(), []int{3}
}
func (x *ProblemDetails) GetProblemType() string {
@ -314,7 +369,7 @@ type Certificate struct {
func (x *Certificate) Reset() {
*x = Certificate{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[3]
mi := &file_core_proto_msgTypes[4]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@ -327,7 +382,7 @@ func (x *Certificate) String() string {
func (*Certificate) ProtoMessage() {}
func (x *Certificate) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[3]
mi := &file_core_proto_msgTypes[4]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@ -340,7 +395,7 @@ func (x *Certificate) ProtoReflect() protoreflect.Message {
// Deprecated: Use Certificate.ProtoReflect.Descriptor instead.
func (*Certificate) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{3}
return file_core_proto_rawDescGZIP(), []int{4}
}
func (x *Certificate) GetRegistrationID() int64 {
@ -405,7 +460,7 @@ type CertificateStatus struct {
func (x *CertificateStatus) Reset() {
*x = CertificateStatus{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[4]
mi := &file_core_proto_msgTypes[5]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@ -418,7 +473,7 @@ func (x *CertificateStatus) String() string {
func (*CertificateStatus) ProtoMessage() {}
func (x *CertificateStatus) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[4]
mi := &file_core_proto_msgTypes[5]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@ -431,7 +486,7 @@ func (x *CertificateStatus) ProtoReflect() protoreflect.Message {
// Deprecated: Use CertificateStatus.ProtoReflect.Descriptor instead.
func (*CertificateStatus) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{4}
return file_core_proto_rawDescGZIP(), []int{5}
}
func (x *CertificateStatus) GetSerial() string {
@ -516,7 +571,7 @@ type Registration struct {
func (x *Registration) Reset() {
*x = Registration{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[5]
mi := &file_core_proto_msgTypes[6]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@ -529,7 +584,7 @@ func (x *Registration) String() string {
func (*Registration) ProtoMessage() {}
func (x *Registration) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[5]
mi := &file_core_proto_msgTypes[6]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@ -542,7 +597,7 @@ func (x *Registration) ProtoReflect() protoreflect.Message {
// Deprecated: Use Registration.ProtoReflect.Descriptor instead.
func (*Registration) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{5}
return file_core_proto_rawDescGZIP(), []int{6}
}
func (x *Registration) GetId() int64 {
@ -618,7 +673,7 @@ type Authorization struct {
func (x *Authorization) Reset() {
*x = Authorization{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[6]
mi := &file_core_proto_msgTypes[7]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@ -631,7 +686,7 @@ func (x *Authorization) String() string {
func (*Authorization) ProtoMessage() {}
func (x *Authorization) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[6]
mi := &file_core_proto_msgTypes[7]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@ -644,7 +699,7 @@ func (x *Authorization) ProtoReflect() protoreflect.Message {
// Deprecated: Use Authorization.ProtoReflect.Descriptor instead.
func (*Authorization) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{6}
return file_core_proto_rawDescGZIP(), []int{7}
}
func (x *Authorization) GetId() string {
@ -714,7 +769,7 @@ type Order struct {
func (x *Order) Reset() {
*x = Order{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[7]
mi := &file_core_proto_msgTypes[8]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@ -727,7 +782,7 @@ func (x *Order) String() string {
func (*Order) ProtoMessage() {}
func (x *Order) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[7]
mi := &file_core_proto_msgTypes[8]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@ -740,7 +795,7 @@ func (x *Order) ProtoReflect() protoreflect.Message {
// Deprecated: Use Order.ProtoReflect.Descriptor instead.
func (*Order) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{7}
return file_core_proto_rawDescGZIP(), []int{8}
}
func (x *Order) GetId() int64 {
@ -834,7 +889,7 @@ type CRLEntry struct {
func (x *CRLEntry) Reset() {
*x = CRLEntry{}
if protoimpl.UnsafeEnabled {
mi := &file_core_proto_msgTypes[8]
mi := &file_core_proto_msgTypes[9]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
@ -847,7 +902,7 @@ func (x *CRLEntry) String() string {
func (*CRLEntry) ProtoMessage() {}
func (x *CRLEntry) ProtoReflect() protoreflect.Message {
mi := &file_core_proto_msgTypes[8]
mi := &file_core_proto_msgTypes[9]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
@ -860,7 +915,7 @@ func (x *CRLEntry) ProtoReflect() protoreflect.Message {
// Deprecated: Use CRLEntry.ProtoReflect.Descriptor instead.
func (*CRLEntry) Descriptor() ([]byte, []int) {
return file_core_proto_rawDescGZIP(), []int{8}
return file_core_proto_rawDescGZIP(), []int{9}
}
func (x *CRLEntry) GetSerial() string {
@ -890,168 +945,171 @@ var file_core_proto_rawDesc = []byte{
0x0a, 0x0a, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x04, 0x63, 0x6f,
0x72, 0x65, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x22, 0xb3, 0x02, 0x0a, 0x09, 0x43, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67,
0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x02, 0x69,
0x64, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18, 0x09, 0x20, 0x01,
0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75,
0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12,
0x38, 0x0a, 0x09, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x0c, 0x20, 0x01,
0x6f, 0x74, 0x6f, 0x22, 0x36, 0x0a, 0x0a, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65,
0x72, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02,
0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xb3, 0x02, 0x0a, 0x09,
0x43, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18,
0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70,
0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x10, 0x0a,
0x03, 0x75, 0x72, 0x6c, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x6c, 0x12,
0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52,
0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x38, 0x0a, 0x09, 0x76, 0x61, 0x6c, 0x69, 0x64,
0x61, 0x74, 0x65, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65,
0x64, 0x12, 0x2a, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b,
0x32, 0x14, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x44,
0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x14, 0x0a,
0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f,
0x6b, 0x65, 0x6e, 0x12, 0x44, 0x0a, 0x11, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x73, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16,
0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e,
0x52, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x52, 0x11, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69,
0x6f, 0x6e, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x73, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x4a,
0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x4a, 0x04, 0x08, 0x0b, 0x10,
0x0c, 0x22, 0x94, 0x02, 0x0a, 0x10, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e,
0x52, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61,
0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61,
0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
0x52, 0x04, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x2c, 0x0a, 0x11, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73,
0x73, 0x65, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x64, 0x18, 0x03, 0x20, 0x03, 0x28,
0x0c, 0x52, 0x11, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x52, 0x65, 0x73, 0x6f,
0x6c, 0x76, 0x65, 0x64, 0x12, 0x20, 0x0a, 0x0b, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x55,
0x73, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0b, 0x61, 0x64, 0x64, 0x72, 0x65,
0x73, 0x73, 0x55, 0x73, 0x65, 0x64, 0x12, 0x20, 0x0a, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72,
0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x75, 0x74,
0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18,
0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x6c, 0x12, 0x26, 0x0a, 0x0e, 0x61, 0x64,
0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x54, 0x72, 0x69, 0x65, 0x64, 0x18, 0x07, 0x20, 0x03,
0x28, 0x0c, 0x52, 0x0e, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x54, 0x72, 0x69,
0x65, 0x64, 0x12, 0x24, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x41, 0x64,
0x64, 0x72, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x6c,
0x76, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x73, 0x22, 0x6a, 0x0a, 0x0e, 0x50, 0x72, 0x6f, 0x62,
0x6c, 0x65, 0x6d, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x20, 0x0a, 0x0b, 0x70, 0x72,
0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x54, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
0x0b, 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x54, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06,
0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x65,
0x74, 0x61, 0x69, 0x6c, 0x12, 0x1e, 0x0a, 0x0a, 0x68, 0x74, 0x74, 0x70, 0x53, 0x74, 0x61, 0x74,
0x75, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x68, 0x74, 0x74, 0x70, 0x53, 0x74,
0x61, 0x74, 0x75, 0x73, 0x22, 0xed, 0x01, 0x0a, 0x0b, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
0x63, 0x61, 0x74, 0x65, 0x12, 0x26, 0x0a, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61,
0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x72, 0x65,
0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x12, 0x16, 0x0a, 0x06,
0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x65,
0x72, 0x69, 0x61, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x18, 0x03,
0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x12, 0x10, 0x0a, 0x03,
0x64, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x03, 0x64, 0x65, 0x72, 0x12, 0x32,
0x0a, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a,
0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x06, 0x69, 0x73, 0x73, 0x75,
0x65, 0x64, 0x12, 0x34, 0x0a, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x18, 0x08, 0x20,
0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52,
0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04,
0x08, 0x06, 0x10, 0x07, 0x22, 0xd5, 0x03, 0x0a, 0x11, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
0x63, 0x61, 0x74, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x65,
0x72, 0x69, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x65, 0x72, 0x69,
0x61, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x03, 0x20, 0x01,
0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x44, 0x0a, 0x0f, 0x6f, 0x63,
0x73, 0x70, 0x4c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x0f, 0x20,
0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52,
0x0f, 0x6f, 0x63, 0x73, 0x70, 0x4c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64,
0x12, 0x3c, 0x0a, 0x0b, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x44, 0x61, 0x74, 0x65, 0x18,
0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
0x70, 0x52, 0x0b, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x44, 0x61, 0x74, 0x65, 0x12, 0x24,
0x0a, 0x0d, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x52, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x18,
0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0d, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x52, 0x65,
0x61, 0x73, 0x6f, 0x6e, 0x12, 0x50, 0x0a, 0x15, 0x6c, 0x61, 0x73, 0x74, 0x45, 0x78, 0x70, 0x69,
0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x67, 0x53, 0x65, 0x6e, 0x74, 0x18, 0x0d, 0x20,
0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52,
0x15, 0x6c, 0x61, 0x73, 0x74, 0x45, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4e,
0x61, 0x67, 0x53, 0x65, 0x6e, 0x74, 0x12, 0x36, 0x0a, 0x08, 0x6e, 0x6f, 0x74, 0x41, 0x66, 0x74,
0x65, 0x72, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73,
0x74, 0x61, 0x6d, 0x70, 0x52, 0x08, 0x6e, 0x6f, 0x74, 0x41, 0x66, 0x74, 0x65, 0x72, 0x12, 0x1c,
0x0a, 0x09, 0x69, 0x73, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x64, 0x18, 0x0a, 0x20, 0x01, 0x28,
0x08, 0x52, 0x09, 0x69, 0x73, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x64, 0x12, 0x1a, 0x0a, 0x08,
0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x49, 0x44, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x03, 0x52, 0x08,
0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x49, 0x44, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x4a, 0x04,
0x08, 0x04, 0x10, 0x05, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08,
0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x4a, 0x04, 0x08, 0x09, 0x10, 0x0a, 0x22, 0x88, 0x02, 0x0a,
0x0c, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0e, 0x0a,
0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x02, 0x69, 0x64, 0x12, 0x10, 0x0a,
0x03, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12,
0x18, 0x0a, 0x07, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x63, 0x74, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09,
0x52, 0x07, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x63, 0x74, 0x12, 0x28, 0x0a, 0x0f, 0x63, 0x6f, 0x6e,
0x74, 0x61, 0x63, 0x74, 0x73, 0x50, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01,
0x28, 0x08, 0x52, 0x0f, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x63, 0x74, 0x73, 0x50, 0x72, 0x65, 0x73,
0x65, 0x6e, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x61, 0x67, 0x72, 0x65, 0x65, 0x6d, 0x65, 0x6e, 0x74,
0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x61, 0x67, 0x72, 0x65, 0x65, 0x6d, 0x65, 0x6e,
0x74, 0x12, 0x1c, 0x0a, 0x09, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x49, 0x50, 0x18, 0x06,
0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x49, 0x50, 0x12,
0x38, 0x0a, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x18, 0x09, 0x20, 0x01,
0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09,
0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x64, 0x12, 0x2a, 0x0a, 0x05, 0x65, 0x72, 0x72,
0x6f, 0x72, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e,
0x50, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x05,
0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03,
0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x44, 0x0a, 0x11, 0x76,
0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x73,
0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x56, 0x61,
0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x52, 0x11,
0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64,
0x73, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08,
0x08, 0x10, 0x09, 0x4a, 0x04, 0x08, 0x0b, 0x10, 0x0c, 0x22, 0x94, 0x02, 0x0a, 0x10, 0x56, 0x61,
0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x12, 0x1a,
0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x6f,
0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x2c,
0x0a, 0x11, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c,
0x76, 0x65, 0x64, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x11, 0x61, 0x64, 0x64, 0x72, 0x65,
0x73, 0x73, 0x65, 0x73, 0x52, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x64, 0x12, 0x20, 0x0a, 0x0b,
0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x55, 0x73, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28,
0x0c, 0x52, 0x0b, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x55, 0x73, 0x65, 0x64, 0x12, 0x20,
0x0a, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x05, 0x20,
0x03, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73,
0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75,
0x72, 0x6c, 0x12, 0x26, 0x0a, 0x0e, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x54,
0x72, 0x69, 0x65, 0x64, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x0e, 0x61, 0x64, 0x64, 0x72,
0x65, 0x73, 0x73, 0x65, 0x73, 0x54, 0x72, 0x69, 0x65, 0x64, 0x12, 0x24, 0x0a, 0x0d, 0x72, 0x65,
0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28,
0x09, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x6c, 0x76, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x73,
0x22, 0x6a, 0x0a, 0x0e, 0x50, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x44, 0x65, 0x74, 0x61, 0x69,
0x6c, 0x73, 0x12, 0x20, 0x0a, 0x0b, 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x54, 0x79, 0x70,
0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d,
0x54, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x18, 0x02,
0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x12, 0x1e, 0x0a, 0x0a,
0x68, 0x74, 0x74, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05,
0x52, 0x0a, 0x68, 0x74, 0x74, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0xed, 0x01, 0x0a,
0x0b, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x26, 0x0a, 0x0e,
0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x18, 0x01,
0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69,
0x6f, 0x6e, 0x49, 0x44, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x02,
0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x16, 0x0a, 0x06,
0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x69,
0x67, 0x65, 0x73, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x64, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28,
0x0c, 0x52, 0x03, 0x64, 0x65, 0x72, 0x12, 0x32, 0x0a, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64,
0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
0x6d, 0x70, 0x52, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x64, 0x12, 0x34, 0x0a, 0x07, 0x65, 0x78,
0x70, 0x69, 0x72, 0x65, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73,
0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x06, 0x10, 0x07, 0x22, 0xd5, 0x03, 0x0a,
0x11, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x74, 0x61, 0x74,
0x75, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01,
0x28, 0x09, 0x52, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74,
0x61, 0x74, 0x75, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74,
0x75, 0x73, 0x12, 0x44, 0x0a, 0x0f, 0x6f, 0x63, 0x73, 0x70, 0x4c, 0x61, 0x73, 0x74, 0x55, 0x70,
0x64, 0x61, 0x74, 0x65, 0x64, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0f, 0x6f, 0x63, 0x73, 0x70, 0x4c, 0x61, 0x73,
0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x12, 0x3c, 0x0a, 0x0b, 0x72, 0x65, 0x76, 0x6f,
0x6b, 0x65, 0x64, 0x44, 0x61, 0x74, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0b, 0x72, 0x65, 0x76, 0x6f, 0x6b,
0x65, 0x64, 0x44, 0x61, 0x74, 0x65, 0x12, 0x24, 0x0a, 0x0d, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65,
0x64, 0x52, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0d, 0x72,
0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x52, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x12, 0x50, 0x0a, 0x15,
0x6c, 0x61, 0x73, 0x74, 0x45, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61,
0x67, 0x53, 0x65, 0x6e, 0x74, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x15, 0x6c, 0x61, 0x73, 0x74, 0x45, 0x78, 0x70,
0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x67, 0x53, 0x65, 0x6e, 0x74, 0x12, 0x36,
0x0a, 0x08, 0x6e, 0x6f, 0x74, 0x41, 0x66, 0x74, 0x65, 0x72, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b,
0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x08, 0x6e, 0x6f,
0x74, 0x41, 0x66, 0x74, 0x65, 0x72, 0x12, 0x1c, 0x0a, 0x09, 0x69, 0x73, 0x45, 0x78, 0x70, 0x69,
0x72, 0x65, 0x64, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x69, 0x73, 0x45, 0x78, 0x70,
0x69, 0x72, 0x65, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x49, 0x44,
0x18, 0x0b, 0x20, 0x01, 0x28, 0x03, 0x52, 0x08, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x49, 0x44,
0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x4a, 0x04, 0x08, 0x05,
0x10, 0x06, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x4a, 0x04,
0x08, 0x09, 0x10, 0x0a, 0x22, 0x88, 0x02, 0x0a, 0x0c, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72,
0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28,
0x03, 0x52, 0x02, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01,
0x28, 0x0c, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x63, 0x6f, 0x6e, 0x74, 0x61,
0x63, 0x74, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x63,
0x74, 0x12, 0x28, 0x0a, 0x0f, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x63, 0x74, 0x73, 0x50, 0x72, 0x65,
0x73, 0x65, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x63, 0x6f, 0x6e, 0x74,
0x61, 0x63, 0x74, 0x73, 0x50, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x61,
0x67, 0x72, 0x65, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09,
0x61, 0x67, 0x72, 0x65, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x69, 0x6e, 0x69,
0x74, 0x69, 0x61, 0x6c, 0x49, 0x50, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x69, 0x6e,
0x69, 0x74, 0x69, 0x61, 0x6c, 0x49, 0x50, 0x12, 0x38, 0x0a, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74,
0x65, 0x64, 0x41, 0x74, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41,
0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28,
0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x22,
0xf2, 0x01, 0x0a, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69,
0x64, 0x12, 0x26, 0x0a, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x49, 0x44, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73,
0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x12, 0x18, 0x0a, 0x07, 0x64, 0x6e, 0x73,
0x4e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x64, 0x6e, 0x73, 0x4e,
0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x04, 0x20,
0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x34, 0x0a, 0x07, 0x65,
0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54,
0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65,
0x73, 0x12, 0x2f, 0x0a, 0x0a, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x73, 0x18,
0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x68, 0x61,
0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x52, 0x0a, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67,
0x65, 0x73, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x4a, 0x04,
0x08, 0x08, 0x10, 0x09, 0x22, 0xd9, 0x03, 0x0a, 0x05, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x12, 0x0e,
0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x02, 0x69, 0x64, 0x12, 0x26,
0x0a, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44,
0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61,
0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x34,
0x0a, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32,
0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x07, 0x65, 0x78, 0x70,
0x69, 0x72, 0x65, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x64, 0x6e, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x73,
0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x08, 0x64, 0x6e, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x73,
0x12, 0x2a, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
0x14, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x44, 0x65,
0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x2a, 0x0a, 0x10,
0x76, 0x32, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
0x18, 0x0b, 0x20, 0x03, 0x28, 0x03, 0x52, 0x10, 0x76, 0x32, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72,
0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x2c, 0x0a, 0x11, 0x63, 0x65, 0x72, 0x74,
0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x05, 0x20,
0x01, 0x28, 0x09, 0x52, 0x11, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x34, 0x0a, 0x07, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65,
0x64, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61,
0x74, 0x75, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75,
0x73, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x22, 0xf2, 0x01, 0x0a, 0x0d, 0x41, 0x75, 0x74, 0x68,
0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18,
0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x26, 0x0a, 0x0e, 0x72, 0x65, 0x67,
0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x18, 0x03, 0x20, 0x01, 0x28,
0x03, 0x52, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49,
0x44, 0x12, 0x18, 0x0a, 0x07, 0x64, 0x6e, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01,
0x28, 0x09, 0x52, 0x07, 0x64, 0x6e, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x73,
0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61,
0x74, 0x75, 0x73, 0x12, 0x34, 0x0a, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x18, 0x09,
0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
0x52, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x12, 0x2f, 0x0a, 0x0a, 0x63, 0x68, 0x61,
0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0f, 0x2e,
0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x52, 0x0a,
0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x73, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06,
0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x22, 0xd9, 0x03, 0x0a,
0x05, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01,
0x28, 0x03, 0x52, 0x02, 0x69, 0x64, 0x12, 0x26, 0x0a, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e,
0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x12, 0x16,
0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06,
0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x34, 0x0a, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65,
0x73, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74,
0x61, 0x6d, 0x70, 0x52, 0x07, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x12, 0x36, 0x0a, 0x16,
0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69,
0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16, 0x63, 0x65,
0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
0x4e, 0x61, 0x6d, 0x65, 0x12, 0x28, 0x0a, 0x0f, 0x62, 0x65, 0x67, 0x61, 0x6e, 0x50, 0x72, 0x6f,
0x63, 0x65, 0x73, 0x73, 0x69, 0x6e, 0x67, 0x18, 0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x62,
0x65, 0x67, 0x61, 0x6e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x69, 0x6e, 0x67, 0x4a, 0x04,
0x08, 0x03, 0x10, 0x04, 0x4a, 0x04, 0x08, 0x06, 0x10, 0x07, 0x4a, 0x04, 0x08, 0x0a, 0x10, 0x0b,
0x22, 0x7a, 0x0a, 0x08, 0x43, 0x52, 0x4c, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x16, 0x0a, 0x06,
0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x65,
0x72, 0x69, 0x61, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x18, 0x02,
0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x09,
0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x41, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32,
0x61, 0x6d, 0x70, 0x52, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x12, 0x1a, 0x0a, 0x08,
0x64, 0x6e, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x08,
0x64, 0x6e, 0x73, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x2a, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f,
0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50,
0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x05, 0x65,
0x72, 0x72, 0x6f, 0x72, 0x12, 0x2a, 0x0a, 0x10, 0x76, 0x32, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72,
0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x03, 0x52, 0x10,
0x76, 0x32, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73,
0x12, 0x2c, 0x0a, 0x11, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53,
0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x63, 0x65, 0x72,
0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x34,
0x0a, 0x07, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32,
0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x72, 0x65, 0x76,
0x6f, 0x6b, 0x65, 0x64, 0x41, 0x74, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x42, 0x2b, 0x5a, 0x29,
0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6c, 0x65, 0x74, 0x73, 0x65,
0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x2f, 0x62, 0x6f, 0x75, 0x6c, 0x64, 0x65, 0x72, 0x2f, 0x63,
0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
0x33,
0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x07, 0x63, 0x72, 0x65,
0x61, 0x74, 0x65, 0x64, 0x12, 0x36, 0x0a, 0x16, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x0e,
0x20, 0x01, 0x28, 0x09, 0x52, 0x16, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x28, 0x0a, 0x0f,
0x62, 0x65, 0x67, 0x61, 0x6e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x69, 0x6e, 0x67, 0x18,
0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x62, 0x65, 0x67, 0x61, 0x6e, 0x50, 0x72, 0x6f, 0x63,
0x65, 0x73, 0x73, 0x69, 0x6e, 0x67, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x4a, 0x04, 0x08, 0x06,
0x10, 0x07, 0x4a, 0x04, 0x08, 0x0a, 0x10, 0x0b, 0x22, 0x7a, 0x0a, 0x08, 0x43, 0x52, 0x4c, 0x45,
0x6e, 0x74, 0x72, 0x79, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x01,
0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x16, 0x0a, 0x06,
0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x72, 0x65,
0x61, 0x73, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x09, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x41,
0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74,
0x61, 0x6d, 0x70, 0x52, 0x09, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x41, 0x74, 0x4a, 0x04,
0x08, 0x03, 0x10, 0x04, 0x42, 0x2b, 0x5a, 0x29, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63,
0x6f, 0x6d, 0x2f, 0x6c, 0x65, 0x74, 0x73, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x2f, 0x62,
0x6f, 0x75, 0x6c, 0x64, 0x65, 0x72, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
}
var (
@ -1066,36 +1124,37 @@ func file_core_proto_rawDescGZIP() []byte {
return file_core_proto_rawDescData
}
var file_core_proto_msgTypes = make([]protoimpl.MessageInfo, 9)
var file_core_proto_msgTypes = make([]protoimpl.MessageInfo, 10)
var file_core_proto_goTypes = []interface{}{
(*Challenge)(nil), // 0: core.Challenge
(*ValidationRecord)(nil), // 1: core.ValidationRecord
(*ProblemDetails)(nil), // 2: core.ProblemDetails
(*Certificate)(nil), // 3: core.Certificate
(*CertificateStatus)(nil), // 4: core.CertificateStatus
(*Registration)(nil), // 5: core.Registration
(*Authorization)(nil), // 6: core.Authorization
(*Order)(nil), // 7: core.Order
(*CRLEntry)(nil), // 8: core.CRLEntry
(*timestamppb.Timestamp)(nil), // 9: google.protobuf.Timestamp
(*Identifier)(nil), // 0: core.Identifier
(*Challenge)(nil), // 1: core.Challenge
(*ValidationRecord)(nil), // 2: core.ValidationRecord
(*ProblemDetails)(nil), // 3: core.ProblemDetails
(*Certificate)(nil), // 4: core.Certificate
(*CertificateStatus)(nil), // 5: core.CertificateStatus
(*Registration)(nil), // 6: core.Registration
(*Authorization)(nil), // 7: core.Authorization
(*Order)(nil), // 8: core.Order
(*CRLEntry)(nil), // 9: core.CRLEntry
(*timestamppb.Timestamp)(nil), // 10: google.protobuf.Timestamp
}
var file_core_proto_depIdxs = []int32{
9, // 0: core.Challenge.validated:type_name -> google.protobuf.Timestamp
2, // 1: core.Challenge.error:type_name -> core.ProblemDetails
1, // 2: core.Challenge.validationrecords:type_name -> core.ValidationRecord
9, // 3: core.Certificate.issued:type_name -> google.protobuf.Timestamp
9, // 4: core.Certificate.expires:type_name -> google.protobuf.Timestamp
9, // 5: core.CertificateStatus.ocspLastUpdated:type_name -> google.protobuf.Timestamp
9, // 6: core.CertificateStatus.revokedDate:type_name -> google.protobuf.Timestamp
9, // 7: core.CertificateStatus.lastExpirationNagSent:type_name -> google.protobuf.Timestamp
9, // 8: core.CertificateStatus.notAfter:type_name -> google.protobuf.Timestamp
9, // 9: core.Registration.createdAt:type_name -> google.protobuf.Timestamp
9, // 10: core.Authorization.expires:type_name -> google.protobuf.Timestamp
0, // 11: core.Authorization.challenges:type_name -> core.Challenge
9, // 12: core.Order.expires:type_name -> google.protobuf.Timestamp
2, // 13: core.Order.error:type_name -> core.ProblemDetails
9, // 14: core.Order.created:type_name -> google.protobuf.Timestamp
9, // 15: core.CRLEntry.revokedAt:type_name -> google.protobuf.Timestamp
10, // 0: core.Challenge.validated:type_name -> google.protobuf.Timestamp
3, // 1: core.Challenge.error:type_name -> core.ProblemDetails
2, // 2: core.Challenge.validationrecords:type_name -> core.ValidationRecord
10, // 3: core.Certificate.issued:type_name -> google.protobuf.Timestamp
10, // 4: core.Certificate.expires:type_name -> google.protobuf.Timestamp
10, // 5: core.CertificateStatus.ocspLastUpdated:type_name -> google.protobuf.Timestamp
10, // 6: core.CertificateStatus.revokedDate:type_name -> google.protobuf.Timestamp
10, // 7: core.CertificateStatus.lastExpirationNagSent:type_name -> google.protobuf.Timestamp
10, // 8: core.CertificateStatus.notAfter:type_name -> google.protobuf.Timestamp
10, // 9: core.Registration.createdAt:type_name -> google.protobuf.Timestamp
10, // 10: core.Authorization.expires:type_name -> google.protobuf.Timestamp
1, // 11: core.Authorization.challenges:type_name -> core.Challenge
10, // 12: core.Order.expires:type_name -> google.protobuf.Timestamp
3, // 13: core.Order.error:type_name -> core.ProblemDetails
10, // 14: core.Order.created:type_name -> google.protobuf.Timestamp
10, // 15: core.CRLEntry.revokedAt:type_name -> google.protobuf.Timestamp
16, // [16:16] is the sub-list for method output_type
16, // [16:16] is the sub-list for method input_type
16, // [16:16] is the sub-list for extension type_name
@ -1110,7 +1169,7 @@ func file_core_proto_init() {
}
if !protoimpl.UnsafeEnabled {
file_core_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*Challenge); i {
switch v := v.(*Identifier); i {
case 0:
return &v.state
case 1:
@ -1122,7 +1181,7 @@ func file_core_proto_init() {
}
}
file_core_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*ValidationRecord); i {
switch v := v.(*Challenge); i {
case 0:
return &v.state
case 1:
@ -1134,7 +1193,7 @@ func file_core_proto_init() {
}
}
file_core_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*ProblemDetails); i {
switch v := v.(*ValidationRecord); i {
case 0:
return &v.state
case 1:
@ -1146,7 +1205,7 @@ func file_core_proto_init() {
}
}
file_core_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*Certificate); i {
switch v := v.(*ProblemDetails); i {
case 0:
return &v.state
case 1:
@ -1158,7 +1217,7 @@ func file_core_proto_init() {
}
}
file_core_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*CertificateStatus); i {
switch v := v.(*Certificate); i {
case 0:
return &v.state
case 1:
@ -1170,7 +1229,7 @@ func file_core_proto_init() {
}
}
file_core_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*Registration); i {
switch v := v.(*CertificateStatus); i {
case 0:
return &v.state
case 1:
@ -1182,7 +1241,7 @@ func file_core_proto_init() {
}
}
file_core_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*Authorization); i {
switch v := v.(*Registration); i {
case 0:
return &v.state
case 1:
@ -1194,7 +1253,7 @@ func file_core_proto_init() {
}
}
file_core_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*Order); i {
switch v := v.(*Authorization); i {
case 0:
return &v.state
case 1:
@ -1206,6 +1265,18 @@ func file_core_proto_init() {
}
}
file_core_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*Order); i {
case 0:
return &v.state
case 1:
return &v.sizeCache
case 2:
return &v.unknownFields
default:
return nil
}
}
file_core_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
switch v := v.(*CRLEntry); i {
case 0:
return &v.state
@ -1224,7 +1295,7 @@ func file_core_proto_init() {
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_core_proto_rawDesc,
NumEnums: 0,
NumMessages: 9,
NumMessages: 10,
NumExtensions: 0,
NumServices: 0,
},

5
core/proto/core.proto
View File

@ -5,6 +5,11 @@ option go_package = "github.com/letsencrypt/boulder/core/proto";
import "google/protobuf/timestamp.proto";
message Identifier {
string type = 1;
string value = 2;
}
message Challenge {
// Next unused field number: 13
reserved 4, 5, 8, 11;

6
errors/errors_test.go
View File

@ -17,14 +17,14 @@ func TestWithSubErrors(t *testing.T) {
subErrs := []SubBoulderError{
{
Identifier: identifier.DNSIdentifier("example.com"),
Identifier: identifier.NewDNS("example.com"),
BoulderError: &BoulderError{
Type: RateLimit,
Detail: "everyone uses this example domain",
},
},
{
Identifier: identifier.DNSIdentifier("what about example.com"),
Identifier: identifier.NewDNS("what about example.com"),
BoulderError: &BoulderError{
Type: RateLimit,
Detail: "try a real identifier value next time",
@ -39,7 +39,7 @@ func TestWithSubErrors(t *testing.T) {
test.AssertDeepEquals(t, outResult.SubErrors, subErrs)
// Adding another suberr shouldn't squash the original sub errors
anotherSubErr := SubBoulderError{
Identifier: identifier.DNSIdentifier("another ident"),
Identifier: identifier.NewDNS("another ident"),
BoulderError: &BoulderError{
Type: RateLimit,
Detail: "another rate limit err",

3
grpc/errors_test.go
View File

@ -12,6 +12,7 @@ import (
"google.golang.org/grpc/credentials/insecure"
"github.com/jmhodges/clock"
berrors "github.com/letsencrypt/boulder/errors"
"github.com/letsencrypt/boulder/grpc/test_proto"
"github.com/letsencrypt/boulder/identifier"
@ -96,7 +97,7 @@ func TestSubErrorWrapping(t *testing.T) {
subErrors := []berrors.SubBoulderError{
{
Identifier: identifier.DNSIdentifier("chillserver.com"),
Identifier: identifier.NewDNS("chillserver.com"),
BoulderError: &berrors.BoulderError{
Type: berrors.RejectedIdentifier,
Detail: "2 ill 2 chill",

2
grpc/pb-marshalling.go
View File

@ -338,7 +338,7 @@ func PBToAuthz(pb *corepb.Authorization) (core.Authorization, error) {
}
authz := core.Authorization{
ID: pb.Id,
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: pb.DnsName},
Identifier: identifier.NewDNS(pb.DnsName),
RegistrationID: pb.RegistrationID,
Status: core.AcmeStatus(pb.Status),
Expires: expires,

2
grpc/pb-marshalling_test.go
View File

@ -225,7 +225,7 @@ func TestRegistration(t *testing.T) {
func TestAuthz(t *testing.T) {
exp := time.Now().AddDate(0, 0, 1).UTC()
identifier := identifier.ACMEIdentifier{Type: identifier.DNS, Value: "example.com"}
identifier := identifier.NewDNS("example.com")
challA := core.Challenge{
Type: core.ChallengeTypeDNS01,
Status: core.StatusPending,

38
identifier/identifier.go
View File

@ -1,13 +1,23 @@
// The identifier package defines types for RFC 8555 ACME identifiers.
// It exists as a separate package to prevent an import loop between the core
// and probs packages.
package identifier
import (
"net/netip"
corepb "github.com/letsencrypt/boulder/core/proto"
)
// IdentifierType is a named string type for registered ACME identifier types.
// See https://tools.ietf.org/html/rfc8555#section-9.7.7
type IdentifierType string
const (
// DNS is specified in RFC 8555 for DNS type identifiers.
DNS = IdentifierType("dns")
// TypeDNS is specified in RFC 8555 for TypeDNS type identifiers.
TypeDNS = IdentifierType("dns")
// TypeIP is specified in RFC 8738
TypeIP = IdentifierType("ip")
)
// ACMEIdentifier is a struct encoding an identifier that can be validated. The
@ -22,11 +32,27 @@ type ACMEIdentifier struct {
Value string `json:"value"`
}
// DNSIdentifier is a convenience function for creating an ACMEIdentifier with
// Type DNS for a given domain name.
func DNSIdentifier(domain string) ACMEIdentifier {
func (i ACMEIdentifier) AsProto() *corepb.Identifier {
return &corepb.Identifier{
Type: string(i.Type),
Value: i.Value,
}
}
// NewDNS is a convenience function for creating an ACMEIdentifier with Type
// "dns" for a given domain name.
func NewDNS(domain string) ACMEIdentifier {
return ACMEIdentifier{
Type: DNS,
Type: TypeDNS,
Value: domain,
}
}
// NewIP is a convenience function for creating an ACMEIdentifier with Type "ip"
// for a given IP address.
func NewIP(ip netip.Addr) ACMEIdentifier {
return ACMEIdentifier{
Type: TypeIP,
Value: ip.StringExpanded(),
}
}

5
mocks/sa.go
View File

@ -475,10 +475,7 @@ func (sa *StorageAuthorityReadOnly) GetValidAuthorizations2(ctx context.Context,
Status: core.StatusValid,
RegistrationID: req.RegistrationID,
Expires: &exp,
Identifier: identifier.ACMEIdentifier{
Type: identifier.DNS,
Value: name,
},
Identifier: identifier.NewDNS(name),
Challenges: []core.Challenge{
{
Status: core.StatusValid,

8
policy/pa.go
View File

@ -362,12 +362,12 @@ func subError(name string, err error) berrors.SubBoulderError {
var bErr *berrors.BoulderError
if errors.As(err, &bErr) {
return berrors.SubBoulderError{
Identifier: identifier.DNSIdentifier(name),
Identifier: identifier.NewDNS(name),
BoulderError: bErr,
}
} else {
return berrors.SubBoulderError{
Identifier: identifier.DNSIdentifier(name),
Identifier: identifier.NewDNS(name),
BoulderError: &berrors.BoulderError{
Type: berrors.RejectedIdentifier,
Detail: err.Error(),
@ -526,12 +526,12 @@ func (pa *AuthorityImpl) ChallengeTypesFor(ident identifier.ACMEIdentifier) ([]c
// challenge, to comply with the BRs Sections 3.2.2.4.19 and 3.2.2.4.20
// stating that ACME HTTP-01 and TLS-ALPN-01 are not suitable for validating
// Wildcard Domains.
if ident.Type == identifier.DNS && strings.HasPrefix(ident.Value, "*.") {
if ident.Type == identifier.TypeDNS && strings.HasPrefix(ident.Value, "*.") {
return []core.AcmeChallenge{core.ChallengeTypeDNS01}, nil
}
// Return all challenge types we support for non-wildcard DNS identifiers.
if ident.Type == identifier.DNS {
if ident.Type == identifier.TypeDNS {
return []core.AcmeChallenge{
core.ChallengeTypeHTTP01,
core.ChallengeTypeDNS01,

25
policy/pa_test.go
View File

@ -2,6 +2,7 @@ package policy
import (
"fmt"
"net/netip"
"os"
"testing"
@ -335,14 +336,14 @@ func TestWillingToIssue_SubErrors(t *testing.T) {
Type: berrors.Malformed,
Detail: "Domain name contains an invalid character",
},
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: "letsdecrypt_org"},
Identifier: identifier.NewDNS("letsdecrypt_org"),
},
{
BoulderError: &berrors.BoulderError{
Type: berrors.Malformed,
Detail: "Domain name does not end with a valid public suffix (TLD)",
},
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: "example.comm"},
Identifier: identifier.NewDNS("example.comm"),
},
},
})
@ -366,14 +367,14 @@ func TestWillingToIssue_SubErrors(t *testing.T) {
Type: berrors.RejectedIdentifier,
Detail: "The ACME server refuses to issue a certificate for this domain name, because it is forbidden by policy",
},
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: "letsdecrypt.org"},
Identifier: identifier.NewDNS("letsdecrypt.org"),
},
{
BoulderError: &berrors.BoulderError{
Type: berrors.RejectedIdentifier,
Detail: "The ACME server refuses to issue a certificate for this domain name, because it is forbidden by policy",
},
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: "example.com"},
Identifier: identifier.NewDNS("example.com"),
},
},
})
@ -399,21 +400,21 @@ func TestChallengeTypesFor(t *testing.T) {
}{
{
name: "dns",
ident: identifier.DNSIdentifier("example.com"),
ident: identifier.NewDNS("example.com"),
wantChalls: []core.AcmeChallenge{
core.ChallengeTypeHTTP01, core.ChallengeTypeDNS01, core.ChallengeTypeTLSALPN01,
},
},
{
name: "wildcard",
ident: identifier.DNSIdentifier("*.example.com"),
ident: identifier.NewDNS("*.example.com"),
wantChalls: []core.AcmeChallenge{
core.ChallengeTypeDNS01,
},
},
{
name: "other",
ident: identifier.ACMEIdentifier{Type: "ip", Value: "1.2.3.4"},
ident: identifier.NewIP(netip.MustParseAddr("1.2.3.4")),
wantErr: "unrecognized identifier type",
},
}
@ -504,7 +505,7 @@ func TestCheckAuthzChallenges(t *testing.T) {
{
name: "no challenges",
authz: core.Authorization{
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: "example.com"},
Identifier: identifier.NewDNS("example.com"),
Challenges: []core.Challenge{},
},
wantErr: "has no challenges",
@ -512,7 +513,7 @@ func TestCheckAuthzChallenges(t *testing.T) {
{
name: "no valid challenges",
authz: core.Authorization{
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: "example.com"},
Identifier: identifier.NewDNS("example.com"),
Challenges: []core.Challenge{{Type: core.ChallengeTypeDNS01, Status: core.StatusPending}},
},
wantErr: "not solved by any challenge",
@ -520,7 +521,7 @@ func TestCheckAuthzChallenges(t *testing.T) {
{
name: "solved by disabled challenge",
authz: core.Authorization{
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: "example.com"},
Identifier: identifier.NewDNS("example.com"),
Challenges: []core.Challenge{{Type: core.ChallengeTypeDNS01, Status: core.StatusValid}},
},
enabled: map[core.AcmeChallenge]bool{core.ChallengeTypeHTTP01: true},
@ -529,7 +530,7 @@ func TestCheckAuthzChallenges(t *testing.T) {
{
name: "solved by wrong kind of challenge",
authz: core.Authorization{
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: "*.example.com"},
Identifier: identifier.NewDNS("*.example.com"),
Challenges: []core.Challenge{{Type: core.ChallengeTypeHTTP01, Status: core.StatusValid}},
},
wantErr: "inapplicable challenge type",
@ -537,7 +538,7 @@ func TestCheckAuthzChallenges(t *testing.T) {
{
name: "valid authz",
authz: core.Authorization{
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: "example.com"},
Identifier: identifier.NewDNS("example.com"),
Challenges: []core.Challenge{{Type: core.ChallengeTypeTLSALPN01, Status: core.StatusValid}},
},
},

6
probs/probs_test.go
View File

@ -67,7 +67,7 @@ func TestWithSubProblems(t *testing.T) {
}
subProbs := []SubProblemDetails{
{
Identifier: identifier.DNSIdentifier("example.com"),
Identifier: identifier.NewDNS("example.com"),
ProblemDetails: ProblemDetails{
Type: RateLimitedProblem,
Detail: "don't you think you have enough certificates already?",
@ -75,7 +75,7 @@ func TestWithSubProblems(t *testing.T) {
},
},
{
Identifier: identifier.DNSIdentifier("what about example.com"),
Identifier: identifier.NewDNS("what about example.com"),
ProblemDetails: ProblemDetails{
Type: MalformedProblem,
Detail: "try a real identifier value next time",
@ -92,7 +92,7 @@ func TestWithSubProblems(t *testing.T) {
test.AssertDeepEquals(t, outResult.SubProblems, subProbs)
// Adding another sub problem shouldn't squash the original sub problems
anotherSubProb := SubProblemDetails{
Identifier: identifier.DNSIdentifier("another ident"),
Identifier: identifier.NewDNS("another ident"),
ProblemDetails: ProblemDetails{
Type: RateLimitedProblem,
Detail: "yet another rate limit err",

22
ra/ra.go
View File

@ -811,7 +811,7 @@ func (ra *RegistrationAuthorityImpl) checkOrderAuthorizations(
for _, name := range names {
// TODO(#7647): Iterate directly over identifiers here, once the rest of the
// finalization flow supports non-dnsName identifiers.
ident := identifier.DNSIdentifier(name)
ident := identifier.NewDNS(name)
authz, ok := authzs[ident]
if !ok || authz == nil {
@ -1565,7 +1565,7 @@ func (ra *RegistrationAuthorityImpl) checkCertificatesPerNameLimit(ctx context.C
var subErrors []berrors.SubBoulderError
for _, name := range namesOutOfLimit {
subErrors = append(subErrors, berrors.SubBoulderError{
Identifier: identifier.DNSIdentifier(name),
Identifier: identifier.NewDNS(name),
BoulderError: berrors.RateLimitError(retryAfter, "too many certificates already issued. Retry after %s", retryString).(*berrors.BoulderError),
})
}
@ -2181,7 +2181,7 @@ func (ra *RegistrationAuthorityImpl) RevokeCertByApplicant(ctx context.Context,
// TODO(#7647): Support other kinds of SANs/identifiers here.
for _, name := range cert.DNSNames {
if _, present := authzMap[identifier.DNSIdentifier(name)]; !present {
if _, present := authzMap[identifier.NewDNS(name)]; !present {
return nil, berrors.UnauthorizedError("requester does not control all names in cert with serial %q", serialString)
}
}
@ -2617,7 +2617,7 @@ func (ra *RegistrationAuthorityImpl) NewOrder(ctx context.Context, req *rapb.New
// TODO(#7647): Support non-dnsName identifier types here.
var missingAuthzIdents []identifier.ACMEIdentifier
for _, name := range newOrder.DnsNames {
ident := identifier.DNSIdentifier(name)
ident := identifier.NewDNS(name)
// If there isn't an existing authz, note that its missing and continue
authz, exists := identToExistingAuthz[ident]
if !exists {
@ -2680,10 +2680,7 @@ func (ra *RegistrationAuthorityImpl) NewOrder(ctx context.Context, req *rapb.New
// authorization for each.
var newAuthzs []*sapb.NewAuthzRequest
for _, ident := range missingAuthzIdents {
pb, err := ra.createPendingAuthz(newOrder.RegistrationID, identifier.ACMEIdentifier{
Type: ident.Type,
Value: ident.Value,
})
pb, err := ra.createPendingAuthz(newOrder.RegistrationID, ident)
if err != nil {
return nil, err
}
@ -2745,8 +2742,8 @@ func (ra *RegistrationAuthorityImpl) NewOrder(ctx context.Context, req *rapb.New
// createPendingAuthz checks that a name is allowed for issuance and creates the
// necessary challenges for it and puts this and all of the relevant information
// into a corepb.Authorization for transmission to the SA to be stored
func (ra *RegistrationAuthorityImpl) createPendingAuthz(reg int64, identifier identifier.ACMEIdentifier) (*sapb.NewAuthzRequest, error) {
challTypes, err := ra.PA.ChallengeTypesFor(identifier)
func (ra *RegistrationAuthorityImpl) createPendingAuthz(reg int64, ident identifier.ACMEIdentifier) (*sapb.NewAuthzRequest, error) {
challTypes, err := ra.PA.ChallengeTypesFor(ident)
if err != nil {
return nil, err
}
@ -2757,10 +2754,7 @@ func (ra *RegistrationAuthorityImpl) createPendingAuthz(reg int64, identifier id
}
authz := &sapb.NewAuthzRequest{
Identifier: &sapb.Identifier{
Type: string(identifier.Type),
Value: identifier.Value,
},
Identifier: ident.AsProto(),
RegistrationID: reg,
Expires: timestamppb.New(ra.clk.Now().Add(ra.pendingAuthorizationLifetime).Truncate(time.Second)),
ChallengeTypes: challStrs,

56
ra/ra_test.go
View File

@ -82,7 +82,7 @@ func createPendingAuthorization(t *testing.T, sa sapb.StorageAuthorityClient, do
},
NewAuthzs: []*sapb.NewAuthzRequest{
{
Identifier: &sapb.Identifier{Type: string(core.ChallengeTypeDNS01), Value: domain},
Identifier: &corepb.Identifier{Type: string(core.ChallengeTypeDNS01), Value: domain},
RegistrationID: Registration.Id,
Expires: timestamppb.New(exp),
ChallengeTypes: []string{
@ -817,7 +817,7 @@ func TestPerformValidationAlreadyValid(t *testing.T) {
exp := ra.clk.Now().Add(365 * 24 * time.Hour)
authz := core.Authorization{
ID: "1337",
Identifier: identifier.DNSIdentifier("not-example.com"),
Identifier: identifier.NewDNS("not-example.com"),
RegistrationID: 1,
Status: "valid",
Expires: &exp,
@ -1715,16 +1715,10 @@ func TestRecheckCAADates(t *testing.T) {
recentExpires := fc.Now().Add(15 * time.Hour)
olderValidated := fc.Now().Add(-8 * time.Hour)
olderExpires := fc.Now().Add(5 * time.Hour)
makeIdentifier := func(name string) identifier.ACMEIdentifier {
return identifier.ACMEIdentifier{
Type: identifier.DNS,
Value: name,
}
}
authzs := map[identifier.ACMEIdentifier]*core.Authorization{
identifier.DNSIdentifier("recent.com"): {
Identifier: makeIdentifier("recent.com"),
identifier.NewDNS("recent.com"): {
Identifier: identifier.NewDNS("recent.com"),
Expires: &recentExpires,
Challenges: []core.Challenge{
{
@ -1735,8 +1729,8 @@ func TestRecheckCAADates(t *testing.T) {
},
},
},
identifier.DNSIdentifier("older.com"): {
Identifier: makeIdentifier("older.com"),
identifier.NewDNS("older.com"): {
Identifier: identifier.NewDNS("older.com"),
Expires: &olderExpires,
Challenges: []core.Challenge{
{
@ -1747,8 +1741,8 @@ func TestRecheckCAADates(t *testing.T) {
},
},
},
identifier.DNSIdentifier("older2.com"): {
Identifier: makeIdentifier("older2.com"),
identifier.NewDNS("older2.com"): {
Identifier: identifier.NewDNS("older2.com"),
Expires: &olderExpires,
Challenges: []core.Challenge{
{
@ -1759,8 +1753,8 @@ func TestRecheckCAADates(t *testing.T) {
},
},
},
identifier.DNSIdentifier("wildcard.com"): {
Identifier: makeIdentifier("wildcard.com"),
identifier.NewDNS("wildcard.com"): {
Identifier: identifier.NewDNS("wildcard.com"),
Expires: &olderExpires,
Challenges: []core.Challenge{
{
@ -1771,8 +1765,8 @@ func TestRecheckCAADates(t *testing.T) {
},
},
},
identifier.DNSIdentifier("*.wildcard.com"): {
Identifier: makeIdentifier("*.wildcard.com"),
identifier.NewDNS("*.wildcard.com"): {
Identifier: identifier.NewDNS("*.wildcard.com"),
Expires: &olderExpires,
Challenges: []core.Challenge{
{
@ -1785,9 +1779,9 @@ func TestRecheckCAADates(t *testing.T) {
},
}
twoChallenges := map[identifier.ACMEIdentifier]*core.Authorization{
identifier.DNSIdentifier("twochallenges.com"): {
identifier.NewDNS("twochallenges.com"): {
ID: "twochal",
Identifier: makeIdentifier("twochallenges.com"),
Identifier: identifier.NewDNS("twochallenges.com"),
Expires: &recentExpires,
Challenges: []core.Challenge{
{
@ -1806,17 +1800,17 @@ func TestRecheckCAADates(t *testing.T) {
},
}
noChallenges := map[identifier.ACMEIdentifier]*core.Authorization{
identifier.DNSIdentifier("nochallenges.com"): {
identifier.NewDNS("nochallenges.com"): {
ID: "nochal",
Identifier: makeIdentifier("nochallenges.com"),
Identifier: identifier.NewDNS("nochallenges.com"),
Expires: &recentExpires,
Challenges: []core.Challenge{},
},
}
noValidationTime := map[identifier.ACMEIdentifier]*core.Authorization{
identifier.DNSIdentifier("novalidationtime.com"): {
identifier.NewDNS("novalidationtime.com"): {
ID: "noval",
Identifier: makeIdentifier("novalidationtime.com"),
Identifier: identifier.NewDNS("novalidationtime.com"),
Expires: &recentExpires,
Challenges: []core.Challenge{
{
@ -1909,7 +1903,7 @@ func TestRecheckCAAEmpty(t *testing.T) {
func makeHTTP01Authorization(domain string) *core.Authorization {
return &core.Authorization{
Identifier: identifier.ACMEIdentifier{Type: identifier.DNS, Value: domain},
Identifier: identifier.NewDNS(domain),
Challenges: []core.Challenge{{Status: core.StatusValid, Type: core.ChallengeTypeHTTP01}},
}
}
@ -2288,7 +2282,7 @@ func TestNewOrderCheckFailedAuthorizationsFirst(t *testing.T) {
authzs: []*core.Authorization{
{
ID: "1",
Identifier: identifier.DNSIdentifier("example.com"),
Identifier: identifier.NewDNS("example.com"),
RegistrationID: Registration.Id,
Expires: &expires,
Status: "valid",
@ -2409,7 +2403,7 @@ func TestNewOrderAuthzReuseSafety(t *testing.T) {
{
// A static fake ID we can check for in a unit test
ID: "1",
Identifier: identifier.DNSIdentifier("*.zombo.com"),
Identifier: identifier.NewDNS("*.zombo.com"),
RegistrationID: Registration.Id,
// Authz is valid
Status: "valid",
@ -2432,7 +2426,7 @@ func TestNewOrderAuthzReuseSafety(t *testing.T) {
{
// A static fake ID we can check for in a unit test
ID: "2",
Identifier: identifier.DNSIdentifier("zombo.com"),
Identifier: identifier.NewDNS("zombo.com"),
RegistrationID: Registration.Id,
// Authz is valid
Status: "valid",
@ -2656,7 +2650,7 @@ func TestNewOrderExpiry(t *testing.T) {
{
// A static fake ID we can check for in a unit test
ID: "1",
Identifier: identifier.DNSIdentifier("zombo.com"),
Identifier: identifier.NewDNS("zombo.com"),
RegistrationID: Registration.Id,
Expires: &fakeAuthzExpires,
Status: "valid",
@ -3472,7 +3466,7 @@ func TestPerformValidationBadChallengeType(t *testing.T) {
exp := fc.Now().Add(10 * time.Hour)
authz := core.Authorization{
ID: "1337",
Identifier: identifier.DNSIdentifier("not-example.com"),
Identifier: identifier.NewDNS("not-example.com"),
RegistrationID: 1,
Status: "valid",
Challenges: []core.Challenge{
@ -4617,7 +4611,7 @@ func TestGetAuthorization(t *testing.T) {
authzs: []*core.Authorization{
{
ID: "1",
Identifier: identifier.DNSIdentifier("example.com"),
Identifier: identifier.NewDNS("example.com"),
Status: "valid",
Challenges: []core.Challenge{
{

16
sa/model.go
View File

@ -642,7 +642,7 @@ func SelectAuthzsMatchingIssuance(
statusToUint[core.StatusDeactivated],
issued.Add(-1*time.Second), // leeway for clock skew
issued.Add(1*time.Second), // leeway for clock skew
identifierTypeToUint[string(identifier.DNS)],
identifierTypeToUint[string(identifier.TypeDNS)],
)
for _, name := range dnsNames {
args = append(args, name)
@ -712,7 +712,7 @@ func newAuthzReqToModel(authz *sapb.NewAuthzRequest) (*authzModel, error) {
// authzModel storage representation.
func authzPBToModel(authz *corepb.Authorization) (*authzModel, error) {
am := &authzModel{
IdentifierType: identifierTypeToUint[string(identifier.DNS)],
IdentifierType: identifierTypeToUint[string(identifier.TypeDNS)],
IdentifierValue: authz.DnsName,
RegistrationID: authz.RegistrationID,
Status: statusToUint[core.AcmeStatus(authz.Status)],
@ -855,7 +855,7 @@ func populateAttemptedFields(am authzModel, challenge *corepb.Challenge) error {
func modelToAuthzPB(am authzModel) (*corepb.Authorization, error) {
identType, ok := uintToIdentifierType[am.IdentifierType]
if !ok || identType != string(identifier.DNS) {
if !ok || identType != string(identifier.TypeDNS) {
return nil, fmt.Errorf("unrecognized identifier type encoding %d", am.IdentifierType)
}
@ -1332,7 +1332,7 @@ type identifierModel struct {
Value string `db:"identifierValue"`
}
func newIdentifierModelFromPB(pb *sapb.Identifier) (identifierModel, error) {
func newIdentifierModelFromPB(pb *corepb.Identifier) (identifierModel, error) {
idType, ok := identifierTypeToUint[pb.Type]
if !ok {
return identifierModel{}, fmt.Errorf("unsupported identifier type %q", pb.Type)
@ -1344,19 +1344,19 @@ func newIdentifierModelFromPB(pb *sapb.Identifier) (identifierModel, error) {
}, nil
}
func newPBFromIdentifierModel(id identifierModel) (*sapb.Identifier, error) {
func newPBFromIdentifierModel(id identifierModel) (*corepb.Identifier, error) {
idType, ok := uintToIdentifierType[id.Type]
if !ok {
return nil, fmt.Errorf("unsupported identifier type %d", id.Type)
}
return &sapb.Identifier{
return &corepb.Identifier{
Type: idType,
Value: id.Value,
}, nil
}
func newIdentifierModelsFromPB(pbs []*sapb.Identifier) ([]identifierModel, error) {
func newIdentifierModelsFromPB(pbs []*corepb.Identifier) ([]identifierModel, error) {
ids := make([]identifierModel, 0, len(pbs))
for _, pb := range pbs {
id, err := newIdentifierModelFromPB(pb)
@ -1369,7 +1369,7 @@ func newIdentifierModelsFromPB(pbs []*sapb.Identifier) ([]identifierModel, error
}
func newPBFromIdentifierModels(ids []identifierModel) (*sapb.Identifiers, error) {
pbs := make([]*sapb.Identifier, 0, len(ids))
pbs := make([]*corepb.Identifier, 0, len(ids))
for _, id := range ids {
pb, err := newPBFromIdentifierModel(id)
if err != nil {

1084
sa/proto/sa.pb.go
View File

File diff suppressed because it is too large Load Diff

11
sa/proto/sa.proto
View File

@ -255,7 +255,7 @@ message NewAuthzRequest {
// Next unused field number: 13
reserved 1; // previously id
reserved 2; // previously dnsName
Identifier identifier = 12;
core.Identifier identifier = 12;
int64 registrationID = 3;
reserved 4; // previously status
reserved 5; // previously expiresNS
@ -416,18 +416,13 @@ message UpdateCRLShardRequest {
google.protobuf.Timestamp nextUpdate = 4;
}
message Identifier {
string type = 1;
string value = 2;
}
message Identifiers {
repeated Identifier identifiers = 1;
repeated core.Identifier identifiers = 1;
}
message PauseRequest {
int64 registrationID = 1;
repeated Identifier identifiers = 2;
repeated core.Identifier identifiers = 2;
}
message PauseIdentifiersResponse {

112
sa/sa_test.go
View File

@ -1253,14 +1253,14 @@ func TestNewOrderAndAuthzs(t *testing.T) {
// And add new authorizations for the other two names.
NewAuthzs: []*sapb.NewAuthzRequest{
{
Identifier: &sapb.Identifier{Type: "dns", Value: "c.com"},
Identifier: &corepb.Identifier{Type: "dns", Value: "c.com"},
RegistrationID: reg.Id,
Expires: timestamppb.New(nowC),
ChallengeTypes: []string{string(core.ChallengeTypeHTTP01)},
Token: core.NewToken(),
},
{
Identifier: &sapb.Identifier{Type: "dns", Value: "d.com"},
Identifier: &corepb.Identifier{Type: "dns", Value: "d.com"},
RegistrationID: reg.Id,
Expires: timestamppb.New(nowD),
ChallengeTypes: []string{string(core.ChallengeTypeHTTP01)},
@ -1291,7 +1291,7 @@ func TestNewOrderAndAuthzs_NonNilInnerOrder(t *testing.T) {
_, err := sa.NewOrderAndAuthzs(context.Background(), &sapb.NewOrderAndAuthzsRequest{
NewAuthzs: []*sapb.NewAuthzRequest{
{
Identifier: &sapb.Identifier{Type: "dns", Value: "c.com"},
Identifier: &corepb.Identifier{Type: "dns", Value: "c.com"},
RegistrationID: reg.Id,
Expires: timestamppb.New(expires),
ChallengeTypes: []string{string(core.ChallengeTypeDNS01)},
@ -1333,7 +1333,7 @@ func TestNewOrderAndAuthzs_NewAuthzExpectedFields(t *testing.T) {
order, err := sa.NewOrderAndAuthzs(context.Background(), &sapb.NewOrderAndAuthzsRequest{
NewAuthzs: []*sapb.NewAuthzRequest{
{
Identifier: &sapb.Identifier{Type: "dns", Value: domain},
Identifier: &corepb.Identifier{Type: "dns", Value: domain},
RegistrationID: reg.Id,
Expires: timestamppb.New(expires),
ChallengeTypes: []string{string(core.ChallengeTypeHTTP01)},
@ -4242,7 +4242,7 @@ func TestUnpauseAccount(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4256,7 +4256,7 @@ func TestUnpauseAccount(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4264,7 +4264,7 @@ func TestUnpauseAccount(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.net",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4272,7 +4272,7 @@ func TestUnpauseAccount(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.org",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4335,7 +4335,7 @@ func bulkInsertPausedIdentifiers(ctx context.Context, sa *SQLStorageAuthority, c
query += ","
}
query += "(?, ?, ?, ?)"
values = append(values, 1, identifierTypeToUint[string(identifier.DNS)], fmt.Sprintf("example%d.com", i), now)
values = append(values, 1, identifierTypeToUint[string(identifier.TypeDNS)], fmt.Sprintf("example%d.com", i), now)
}
_, err := sa.dbMap.ExecContext(ctx, query, values...)
@ -4405,9 +4405,9 @@ func TestPauseIdentifiers(t *testing.T) {
state: nil,
req: &sapb.PauseRequest{
RegistrationID: 1,
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
},
@ -4423,7 +4423,7 @@ func TestPauseIdentifiers(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: fourWeeksAgo,
@ -4432,9 +4432,9 @@ func TestPauseIdentifiers(t *testing.T) {
},
req: &sapb.PauseRequest{
RegistrationID: 1,
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
},
@ -4450,7 +4450,7 @@ func TestPauseIdentifiers(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: fourWeeksAgo,
@ -4459,9 +4459,9 @@ func TestPauseIdentifiers(t *testing.T) {
},
req: &sapb.PauseRequest{
RegistrationID: 1,
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
},
@ -4477,7 +4477,7 @@ func TestPauseIdentifiers(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: fourWeeksAgo,
@ -4485,9 +4485,9 @@ func TestPauseIdentifiers(t *testing.T) {
},
req: &sapb.PauseRequest{
RegistrationID: 1,
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
},
@ -4503,7 +4503,7 @@ func TestPauseIdentifiers(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: fourWeeksAgo,
@ -4512,7 +4512,7 @@ func TestPauseIdentifiers(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.net",
},
PausedAt: fourWeeksAgo,
@ -4521,17 +4521,17 @@ func TestPauseIdentifiers(t *testing.T) {
},
req: &sapb.PauseRequest{
RegistrationID: 1,
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.net",
},
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.org",
},
},
@ -4586,15 +4586,15 @@ func TestCheckIdentifiersPaused(t *testing.T) {
state: nil,
req: &sapb.PauseRequest{
RegistrationID: 1,
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
},
},
want: &sapb.Identifiers{
Identifiers: []*sapb.Identifier{},
Identifiers: []*corepb.Identifier{},
},
},
{
@ -4603,7 +4603,7 @@ func TestCheckIdentifiersPaused(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4611,17 +4611,17 @@ func TestCheckIdentifiersPaused(t *testing.T) {
},
req: &sapb.PauseRequest{
RegistrationID: 1,
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
},
},
want: &sapb.Identifiers{
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
},
@ -4633,7 +4633,7 @@ func TestCheckIdentifiersPaused(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4641,7 +4641,7 @@ func TestCheckIdentifiersPaused(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.net",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4649,7 +4649,7 @@ func TestCheckIdentifiersPaused(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.org",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4658,29 +4658,29 @@ func TestCheckIdentifiersPaused(t *testing.T) {
},
req: &sapb.PauseRequest{
RegistrationID: 1,
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.net",
},
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.org",
},
},
},
want: &sapb.Identifiers{
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.net",
},
},
@ -4730,7 +4730,7 @@ func TestGetPausedIdentifiers(t *testing.T) {
state: nil,
req: &sapb.RegistrationID{Id: 1},
want: &sapb.Identifiers{
Identifiers: []*sapb.Identifier{},
Identifiers: []*corepb.Identifier{},
},
},
{
@ -4739,7 +4739,7 @@ func TestGetPausedIdentifiers(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4747,9 +4747,9 @@ func TestGetPausedIdentifiers(t *testing.T) {
},
req: &sapb.RegistrationID{Id: 1},
want: &sapb.Identifiers{
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
},
@ -4761,7 +4761,7 @@ func TestGetPausedIdentifiers(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4769,7 +4769,7 @@ func TestGetPausedIdentifiers(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.net",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4777,7 +4777,7 @@ func TestGetPausedIdentifiers(t *testing.T) {
{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.org",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4786,13 +4786,13 @@ func TestGetPausedIdentifiers(t *testing.T) {
},
req: &sapb.RegistrationID{Id: 1},
want: &sapb.Identifiers{
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.com",
},
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: "example.net",
},
},
@ -4831,7 +4831,7 @@ func TestGetPausedIdentifiersOnlyUnpausesOneAccount(t *testing.T) {
err := sa.dbMap.Insert(ctx, &pausedModel{
RegistrationID: 1,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.com",
},
PausedAt: sa.clk.Now().Add(-time.Hour),
@ -4841,7 +4841,7 @@ func TestGetPausedIdentifiersOnlyUnpausesOneAccount(t *testing.T) {
err = sa.dbMap.Insert(ctx, &pausedModel{
RegistrationID: 2,
identifierModel: identifierModel{
Type: identifierTypeToUint[string(identifier.DNS)],
Type: identifierTypeToUint[string(identifier.TypeDNS)],
Value: "example.net",
},
PausedAt: sa.clk.Now().Add(-time.Hour),

8
sa/saro.go
View File

@ -804,7 +804,7 @@ func (ssa *SQLStorageAuthorityRO) GetAuthorizations2(ctx context.Context, req *s
req.RegistrationID,
statusUint(core.StatusValid), statusUint(core.StatusPending),
req.ValidUntil.AsTime(),
identifierTypeToUint[string(identifier.DNS)],
identifierTypeToUint[string(identifier.TypeDNS)],
}
for _, dnsName := range req.DnsNames {
params = append(params, dnsName)
@ -908,7 +908,7 @@ func (ssa *SQLStorageAuthorityRO) GetValidOrderAuthorizations2(ctx context.Conte
// other identifier types, and is an inefficient wire format.
byName := make(map[string]authzModel)
for _, am := range ams {
if uintToIdentifierType[am.IdentifierType] != string(identifier.DNS) {
if uintToIdentifierType[am.IdentifierType] != string(identifier.TypeDNS) {
return nil, fmt.Errorf("unknown identifier type: %q on authz id %d", am.IdentifierType, am.ID)
}
_, present := byName[am.IdentifierValue]
@ -942,7 +942,7 @@ func (ssa *SQLStorageAuthorityRO) CountInvalidAuthorizations2(ctx context.Contex
identifierValue = :ident`,
map[string]interface{}{
"regID": req.RegistrationID,
"dnsType": identifierTypeToUint[string(identifier.DNS)],
"dnsType": identifierTypeToUint[string(identifier.TypeDNS)],
"ident": req.DnsName,
"expiresEarliest": req.Range.Earliest.AsTime(),
"expiresLatest": req.Range.Latest.AsTime(),
@ -980,7 +980,7 @@ func (ssa *SQLStorageAuthorityRO) GetValidAuthorizations2(ctx context.Context, r
req.RegistrationID,
statusUint(core.StatusValid),
req.ValidUntil.AsTime(),
identifierTypeToUint[string(identifier.DNS)],
identifierTypeToUint[string(identifier.TypeDNS)],
}
for _, dnsName := range req.DnsNames {
params = append(params, dnsName)

6
test/integration/pausing_test.go
View File

@ -11,8 +11,10 @@ import (
"time"
"github.com/jmhodges/clock"
"github.com/letsencrypt/boulder/cmd"
"github.com/letsencrypt/boulder/config"
corepb "github.com/letsencrypt/boulder/core/proto"
bgrpc "github.com/letsencrypt/boulder/grpc"
"github.com/letsencrypt/boulder/identifier"
"github.com/letsencrypt/boulder/metrics"
@ -60,9 +62,9 @@ func TestIdentifiersPausedForAccount(t *testing.T) {
_, err = saClient.PauseIdentifiers(context.Background(), &sapb.PauseRequest{
RegistrationID: regID,
Identifiers: []*sapb.Identifier{
Identifiers: []*corepb.Identifier{
{
Type: string(identifier.DNS),
Type: string(identifier.TypeDNS),
Value: domain},
},
})

5
test/load-generator/boulder-calls.go
View File

@ -169,10 +169,7 @@ func newOrder(s *State, c *acmeCache) error {
// don't care. The ACME server will collapse those down for us, how handy!
dnsNames := []identifier.ACMEIdentifier{}
for range orderSize {
dnsNames = append(dnsNames, identifier.ACMEIdentifier{
Type: identifier.DNS,
Value: randDomain(s.domainBase),
})
dnsNames = append(dnsNames, identifier.NewDNS(randDomain(s.domainBase)))
}
// create the new order request object

5
va/caa.go
View File

@ -49,10 +49,7 @@ func (va *ValidationAuthorityImpl) IsCAAValid(ctx context.Context, req *vapb.IsC
return nil, berrors.InternalServerError("unrecognized validation method %q", req.ValidationMethod)
}
acmeID := identifier.ACMEIdentifier{
Type: identifier.DNS,
Value: req.Domain,
}
acmeID := identifier.NewDNS(req.Domain)
params := &caaParams{
accountURIID: req.AccountURIID,
validationMethod: validationMethod,

6
va/caa_test.go
View File

@ -197,7 +197,7 @@ func TestCAATimeout(t *testing.T) {
validationMethod: core.ChallengeTypeHTTP01,
}
err := va.checkCAA(ctx, identifier.DNSIdentifier("caa-timeout.com"), params)
err := va.checkCAA(ctx, identifier.NewDNS("caa-timeout.com"), params)
test.AssertErrorIs(t, err, berrors.DNS)
test.AssertContains(t, err.Error(), "error")
}
@ -414,7 +414,7 @@ func TestCAAChecking(t *testing.T) {
mockLog := va.log.(*blog.Mock)
defer mockLog.Clear()
t.Run(caaTest.Name, func(t *testing.T) {
ident := identifier.DNSIdentifier(caaTest.Domain)
ident := identifier.NewDNS(caaTest.Domain)
foundAt, valid, _, err := va.checkCAARecords(ctx, ident, params)
if err != nil {
t.Errorf("checkCAARecords error for %s: %s", caaTest.Domain, err)
@ -504,7 +504,7 @@ func TestCAALogging(t *testing.T) {
accountURIID: tc.AccountURIID,
validationMethod: tc.ChallengeType,
}
_ = va.checkCAA(ctx, identifier.ACMEIdentifier{Type: identifier.DNS, Value: tc.Domain}, params)
_ = va.checkCAA(ctx, identifier.NewDNS(tc.Domain), params)
caaLogLines := mockLog.GetAllMatching(`Checked CAA records for`)
if len(caaLogLines) != 1 {

2
va/dns.go
View File

@ -49,7 +49,7 @@ func availableAddresses(allAddrs []net.IP) (v4 []net.IP, v6 []net.IP) {
}
func (va *ValidationAuthorityImpl) validateDNS01(ctx context.Context, ident identifier.ACMEIdentifier, keyAuthorization string) ([]core.ValidationRecord, error) {
if ident.Type != identifier.DNS {
if ident.Type != identifier.TypeDNS {
va.log.Infof("Identifier type for DNS challenge was not DNS: %s", ident)
return nil, berrors.MalformedError("Identifier type for DNS was not itself DNS")
}

2
va/http.go
View File

@ -640,7 +640,7 @@ func (va *ValidationAuthorityImpl) processHTTPValidation(
}
func (va *ValidationAuthorityImpl) validateHTTP01(ctx context.Context, ident identifier.ACMEIdentifier, token string, keyAuthorization string) ([]core.ValidationRecord, error) {
if ident.Type != identifier.DNS {
if ident.Type != identifier.TypeDNS {
va.log.Infof("Got non-DNS identifier for HTTP validation: %s", ident)
return nil, berrors.MalformedError("Identifier type for HTTP validation was not DNS")
}

6
va/http_test.go
View File

@ -10,6 +10,7 @@ import (
"net"
"net/http"
"net/http/httptest"
"net/netip"
"net/url"
"regexp"
"strconv"
@ -1311,14 +1312,13 @@ func TestHTTP(t *testing.T) {
test.AssertEquals(t, len(matchedValidRedirect), 1)
test.AssertEquals(t, len(matchedMovedRedirect), 1)
ipIdentifier := identifier.ACMEIdentifier{Type: identifier.IdentifierType("ip"), Value: "127.0.0.1"}
_, err = va.validateHTTP01(ctx, ipIdentifier, pathFound, ka(pathFound))
_, err = va.validateHTTP01(ctx, identifier.NewIP(netip.MustParseAddr("127.0.0.1")), pathFound, ka(pathFound))
if err == nil {
t.Fatalf("IdentifierType IP shouldn't have worked.")
}
test.AssertErrorIs(t, err, berrors.Malformed)
_, err = va.validateHTTP01(ctx, identifier.ACMEIdentifier{Type: identifier.DNS, Value: "always.invalid"}, pathFound, ka(pathFound))
_, err = va.validateHTTP01(ctx, identifier.NewDNS("always.invalid"), pathFound, ka(pathFound))
if err == nil {
t.Fatalf("Domain name is invalid.")
}

8
va/tlsalpn_test.go
View File

@ -14,8 +14,8 @@ import (
"net"
"net/http"
"net/http/httptest"
"net/netip"
"net/url"
"strconv"
"strings"
"testing"
"time"
@ -139,11 +139,7 @@ func TestTLSALPN01FailIP(t *testing.T) {
va, _ := setup(hs, 0, "", nil, nil)
port := getPort(hs)
_, err = va.validateTLSALPN01(ctx, identifier.ACMEIdentifier{
Type: identifier.IdentifierType("ip"),
Value: net.JoinHostPort("127.0.0.1", strconv.Itoa(port)),
}, expectedKeyAuthorization)
_, err = va.validateTLSALPN01(ctx, identifier.NewIP(netip.MustParseAddr("127.0.0.1")), expectedKeyAuthorization)
if err == nil {
t.Fatalf("IdentifierType IP shouldn't have worked.")
}

2
va/va.go
View File

@ -689,7 +689,7 @@ func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, req *v
// was successful or not, and cannot themselves fail.
records, err := va.performLocalValidation(
ctx,
identifier.DNSIdentifier(req.DnsName),
identifier.NewDNS(req.DnsName),
req.Authz.RegID,
challenge.Type,
challenge.Token,

2
va/va_test.go
View File

@ -69,7 +69,7 @@ var accountKey = &jose.JSONWebKey{Key: TheKey.Public()}
// Return an ACME DNS identifier for the given hostname
func dnsi(hostname string) identifier.ACMEIdentifier {
return identifier.DNSIdentifier(hostname)
return identifier.NewDNS(hostname)
}
var ctx context.Context

4
web/probs_test.go
View File

@ -67,14 +67,14 @@ func TestSubProblems(t *testing.T) {
}).WithSubErrors(
[]berrors.SubBoulderError{
{
Identifier: identifier.DNSIdentifier("threeletter.agency"),
Identifier: identifier.NewDNS("threeletter.agency"),
BoulderError: &berrors.BoulderError{
Type: berrors.CAA,
Detail: "Forbidden by ■■■■■■■■■■■ and directive ■■■■",
},
},
{
Identifier: identifier.DNSIdentifier("area51.threeletter.agency"),
Identifier: identifier.NewDNS("area51.threeletter.agency"),
BoulderError: &berrors.BoulderError{
Type: berrors.NotFound,
Detail: "No Such Area...",

8
web/send_error_test.go
View File

@ -19,14 +19,14 @@ func TestSendErrorSubProblemNamespace(t *testing.T) {
}).WithSubErrors(
[]berrors.SubBoulderError{
{
Identifier: identifier.DNSIdentifier("example.com"),
Identifier: identifier.NewDNS("example.com"),
BoulderError: &berrors.BoulderError{
Type: berrors.Malformed,
Detail: "nop",
},
},
{
Identifier: identifier.DNSIdentifier("what about example.com"),
Identifier: identifier.NewDNS("what about example.com"),
BoulderError: &berrors.BoulderError{
Type: berrors.Malformed,
Detail: "nah",
@ -73,14 +73,14 @@ func TestSendErrorSubProbLogging(t *testing.T) {
}).WithSubErrors(
[]berrors.SubBoulderError{
{
Identifier: identifier.DNSIdentifier("example.com"),
Identifier: identifier.NewDNS("example.com"),
BoulderError: &berrors.BoulderError{
Type: berrors.Malformed,
Detail: "nop",
},
},
{
Identifier: identifier.DNSIdentifier("what about example.com"),
Identifier: identifier.NewDNS("what about example.com"),
BoulderError: &berrors.BoulderError{
Type: berrors.Malformed,
Detail: "nah",

12
wfe2/wfe.go
View File

@ -1152,7 +1152,7 @@ func (wfe *WebFrontEndImpl) Challenge(
}
}
if authz.Identifier.Type == identifier.DNS {
if authz.Identifier.Type == identifier.TypeDNS {
logEvent.DNSName = authz.Identifier.Value
}
logEvent.Status = string(authz.Status)
@ -1578,7 +1578,7 @@ func (wfe *WebFrontEndImpl) Authorization(
return
}
if identifier.IdentifierType(authzPB.DnsName) == identifier.DNS {
if identifier.IdentifierType(authzPB.DnsName) == identifier.TypeDNS {
logEvent.DNSName = authzPB.DnsName
}
logEvent.Status = authzPB.Status
@ -2002,7 +2002,7 @@ type orderJSON struct {
func (wfe *WebFrontEndImpl) orderToOrderJSON(request *http.Request, order *corepb.Order) orderJSON {
idents := make([]identifier.ACMEIdentifier, len(order.DnsNames))
for i, name := range order.DnsNames {
idents[i] = identifier.ACMEIdentifier{Type: identifier.DNS, Value: name}
idents[i] = identifier.NewDNS(name)
}
finalizeURL := web.RelativeEndpoint(request,
fmt.Sprintf("%s%d/%d", finalizeOrderPath, order.RegistrationID, order.Id))
@ -2220,9 +2220,9 @@ func (wfe *WebFrontEndImpl) validateCertificateProfileName(profile string) error
func (wfe *WebFrontEndImpl) checkIdentifiersPaused(ctx context.Context, orderIdentifiers []identifier.ACMEIdentifier, regID int64) ([]string, error) {
uniqueOrderIdentifiers := core.NormalizeIdentifiers(orderIdentifiers)
var identifiers []*sapb.Identifier
var identifiers []*corepb.Identifier
for _, ident := range uniqueOrderIdentifiers {
identifiers = append(identifiers, &sapb.Identifier{
identifiers = append(identifiers, &corepb.Identifier{
Type: string(ident.Type),
Value: ident.Value,
})
@ -2297,7 +2297,7 @@ func (wfe *WebFrontEndImpl) NewOrder(
// short enough to meet the max CN bytes requirement.
names := make([]string, len(newOrderRequest.Identifiers))
for i, ident := range newOrderRequest.Identifiers {
if ident.Type != identifier.DNS {
if ident.Type != identifier.TypeDNS {
wfe.sendError(response, logEvent,
probs.UnsupportedIdentifier("NewOrder request included invalid non-DNS type identifier: type %q, value %q",
ident.Type, ident.Value),

8
wfe2/wfe_test.go
View File

@ -3391,7 +3391,7 @@ func TestPrepAuthzForDisplay(t *testing.T) {
ID: "12345",
Status: core.StatusPending,
RegistrationID: 1,
Identifier: identifier.DNSIdentifier("example.com"),
Identifier: identifier.NewDNS("example.com"),
Challenges: []core.Challenge{
{Type: core.ChallengeTypeDNS01, Status: core.StatusPending, Token: "token"},
{Type: core.ChallengeTypeHTTP01, Status: core.StatusPending, Token: "token"},
@ -3415,7 +3415,7 @@ func TestPrepRevokedAuthzForDisplay(t *testing.T) {
ID: "12345",
Status: core.StatusInvalid,
RegistrationID: 1,
Identifier: identifier.DNSIdentifier("example.com"),
Identifier: identifier.NewDNS("example.com"),
Challenges: []core.Challenge{
{Type: core.ChallengeTypeDNS01, Status: core.StatusPending, Token: "token"},
{Type: core.ChallengeTypeHTTP01, Status: core.StatusPending, Token: "token"},
@ -3440,7 +3440,7 @@ func TestPrepWildcardAuthzForDisplay(t *testing.T) {
ID: "12345",
Status: core.StatusPending,
RegistrationID: 1,
Identifier: identifier.DNSIdentifier("*.example.com"),
Identifier: identifier.NewDNS("*.example.com"),
Challenges: []core.Challenge{
{Type: core.ChallengeTypeDNS01, Status: core.StatusPending, Token: "token"},
},
@ -3463,7 +3463,7 @@ func TestPrepAuthzForDisplayShuffle(t *testing.T) {
ID: "12345",
Status: core.StatusPending,
RegistrationID: 1,
Identifier: identifier.DNSIdentifier("example.com"),
Identifier: identifier.NewDNS("example.com"),
Challenges: []core.Challenge{
{Type: core.ChallengeTypeDNS01, Status: core.StatusPending, Token: "token"},
{Type: core.ChallengeTypeHTTP01, Status: core.StatusPending, Token: "token"},