Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Integrate CertFetcher with flag-protection into AMP Packager. #349

Merged
merged 23 commits into from
Nov 13, 2019
Merged

Integrate CertFetcher with flag-protection into AMP Packager. #349

Show file tree
Hide file tree
Changes from 18 commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
3eae168
Update ACME config to include email adddress and acme challenge port.…
banaag Sep 17, 2019
6e6936f
Update ACME config to include email adddress and acme challenge port.…
banaag Sep 18, 2019
da28431
Fix build errors in last commit.
banaag Sep 18, 2019
53252ce
Add config file error checking for PopulateCertCache.
banaag Sep 18, 2019
848dbff
Add more logic to handle initial conditions with invalid cert and to …
banaag Sep 18, 2019
bfd3a6d
Code refactor/cleanup involving certs.
banaag Sep 23, 2019
058fdff
Add DNS and TLS challenges, added them to load from config, cleaned u…
banaag Sep 27, 2019
5d0800d
go mod tidy, go mod vendor updates
banaag Sep 27, 2019
3869517
remove debug log statements
banaag Sep 27, 2019
e793128
Fixed CSR Loading, added it to config
banaag Sep 27, 2019
f5ba299
Fixed bugs with checking for cert expiry.
banaag Sep 30, 2019
7e81054
Added support for saving the fetched certs to disk and for certs to b…
banaag Oct 21, 2019
f2cdf94
Fixed gateway server call to certcache. Removed go module files insid…
banaag Oct 22, 2019
234a353
Merge branch 'master' into certfetcher-integrate
banaag Oct 23, 2019
f9bf520
Fixed certcache_test.go after merge.
banaag Oct 23, 2019
9633713
Fixed bugs in certcache, also fixed unit test.
banaag Oct 24, 2019
86f850b
Added locking for reading/writing certs.
banaag Oct 25, 2019
99e49b2
Ran go fmt on files that have incorrect formatting
banaag Oct 25, 2019
eeedb8f
Fix twifkak first-pass comments except the logic change comment which…
banaag Oct 31, 2019
eeae624
Fix twifkak comments for ocsp refresh logic and ocsp cache purge.
banaag Oct 31, 2019
8ac5827
Fix additional twifkak comments.
banaag Nov 7, 2019
1539d48
Fix 2nd round of twifkak comments.
banaag Nov 13, 2019
2a668e1
Fix gregable@ comments.
banaag Nov 13, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
6 changes: 5 additions & 1 deletion cmd/amppkg/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import (

"github.com/pkg/errors"

"github.com/ampproject/amppackager/packager/certcache"
"github.com/ampproject/amppackager/packager/certloader"
"github.com/ampproject/amppackager/packager/healthz"
"github.com/ampproject/amppackager/packager/mux"
Expand All @@ -41,6 +42,9 @@ var flagConfig = flag.String("config", "amppkg.toml", "Path to the config toml f
var flagDevelopment = flag.Bool("development", false, "True if this is a development server.")
var flagInvalidCert = flag.Bool("invalidcert", false, "True if invalid certificate intentionally used in production.")

// IMPORTANT: do not turn on this flag for now, it's still under development.
var flagAutoRenewCert = flag.Bool("autorenewcert", false, "True if amppackager is to attempt cert auto-renewal.")

// Prints errors returned by pkg/errors with stack traces.
func die(err interface{}) { log.Fatalf("%+v", err) }

Expand Down Expand Up @@ -83,7 +87,7 @@ func main() {
die(errors.Wrap(err, "loading key file"))
}

certCache, err := certloader.PopulateCertCache(config, key, *flagDevelopment || *flagInvalidCert);
certCache, err := certcache.PopulateCertCache(config, key, *flagDevelopment || *flagInvalidCert, *flagAutoRenewCert)
if err != nil {
die(errors.Wrap(err, "building cert cache"))
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/gateway_server/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ func (s *gatewayServer) GenerateSXG(ctx context.Context, request *pb.SXGRequest)
}

// Note: do not initialize certCache, we just want it to hold the certs for now.
certCache := certcache.New(certs, "");
certCache := certcache.New(certs, nil, []string{""}, "", "", "");

privateKey, err := util.ParsePrivateKey(request.PrivateKey)
if err != nil {
Expand Down
1 change: 1 addition & 0 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ require (
github.com/stretchr/testify v1.3.0
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c
google.golang.org/grpc v1.20.1
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
gopkg.in/square/go-jose.v2 v2.3.1
)
Expand Down
79 changes: 79 additions & 0 deletions go.sum
View file
Open in desktop

Large diffs are not rendered by default.

Loading