83 lines
2.9 KiB
Go
83 lines
2.9 KiB
Go
// Copyright 2016 ISRG. All rights reserved
|
|
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
// Package wrappers wraps the GRPC calls in the core interfaces.
|
|
package grpc
|
|
|
|
import (
|
|
"golang.org/x/net/context"
|
|
ggrpc "google.golang.org/grpc"
|
|
|
|
"github.com/letsencrypt/boulder/core"
|
|
"github.com/letsencrypt/boulder/probs"
|
|
vaPB "github.com/letsencrypt/boulder/va/proto"
|
|
)
|
|
|
|
type ValidationAuthorityGRPCServer struct {
|
|
impl core.ValidationAuthority
|
|
}
|
|
|
|
func (s *ValidationAuthorityGRPCServer) PerformValidation(ctx context.Context, in *vaPB.PerformValidationRequest) (*vaPB.ValidationResult, error) {
|
|
domain, challenge, authz, err := performValidationReqToArgs(in)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
records, err := s.impl.PerformValidation(ctx, domain, challenge, authz)
|
|
// If the type of error was a ProblemDetails, we need to return
|
|
// both that and the records to the caller (so it can update
|
|
// the challenge / authz in the SA with the failing records).
|
|
// The least error-prone way of doing this is to send a struct
|
|
// as the RPC response and return a nil error on the RPC layer,
|
|
// then unpack that into (records, error) to the caller.
|
|
prob, ok := err.(*probs.ProblemDetails)
|
|
if !ok && err != nil {
|
|
return nil, err
|
|
}
|
|
return validationResultToPB(records, prob)
|
|
}
|
|
|
|
func (s *ValidationAuthorityGRPCServer) IsSafeDomain(ctx context.Context, in *vaPB.IsSafeDomainRequest) (*vaPB.IsDomainSafe, error) {
|
|
return s.impl.IsSafeDomain(ctx, in)
|
|
}
|
|
|
|
func RegisterValidationAuthorityGRPCServer(s *ggrpc.Server, impl core.ValidationAuthority) error {
|
|
rpcSrv := &ValidationAuthorityGRPCServer{impl}
|
|
vaPB.RegisterVAServer(s, rpcSrv)
|
|
return nil
|
|
}
|
|
|
|
type ValidationAuthorityGRPCClient struct {
|
|
gc vaPB.VAClient
|
|
}
|
|
|
|
func NewValidationAuthorityGRPCClient(cc *ggrpc.ClientConn) core.ValidationAuthority {
|
|
return &ValidationAuthorityGRPCClient{vaPB.NewVAClient(cc)}
|
|
}
|
|
|
|
// PerformValidation has the VA revalidate the specified challenge and returns
|
|
// the updated Challenge object.
|
|
func (vac ValidationAuthorityGRPCClient) PerformValidation(ctx context.Context, domain string, challenge core.Challenge, authz core.Authorization) ([]core.ValidationRecord, error) {
|
|
req, err := argsToPerformValidationRequest(domain, challenge, authz)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
gRecords, err := vac.gc.PerformValidation(ctx, req)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
records, prob, err := pbToValidationResult(gRecords)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return records, prob
|
|
}
|
|
|
|
// IsSafeDomain returns true if the domain given is determined to be safe by an
|
|
// third-party safe browsing API.
|
|
func (vac ValidationAuthorityGRPCClient) IsSafeDomain(ctx context.Context, req *vaPB.IsSafeDomainRequest) (*vaPB.IsDomainSafe, error) {
|
|
return vac.gc.IsSafeDomain(ctx, req)
|
|
}
|