File: main.go

package info (click to toggle)
golang-github-google-certificate-transparency 1.3.2-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 4,764 kB
  • sloc: sh: 606; makefile: 103; sql: 16
file content (74 lines) | stat: -rw-r--r-- 2,942 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
// Copyright 2019 Google LLC. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

// The submission_server runs (pre-)certs multi-Log submission complying with
// CT-policy provided.
package main

import (
	"context"
	"flag"
	"log"
	"net/http"
	"time"

	"github.com/google/certificate-transparency-go/submission"
	"github.com/google/trillian/monitoring/prometheus"
	"github.com/prometheus/client_golang/prometheus/promhttp"
	"k8s.io/klog/v2"
)

// Flags.
var (
	httpEndpoint             = flag.String("http_endpoint", "localhost:5951", "Endpoint for HTTP (host:port)")
	logListPath              = flag.String("loglist_path", "https://www.gstatic.com/ct/log_list/v3/log_list.json", "Path for list of CT Logs in JSON format")
	logListRefreshInterval   = flag.Duration("loglist_refresh_interval", 24*time.Hour, "Interval between consecutive reads of Log-list")
	rootsRefreshInterval     = flag.Duration("roots_refresh_interval", 24*time.Hour, "Interval between consecutive get-roots calls")
	policyType               = flag.String("policy_type", "chrome", "CT-policy <chrome|apple>")
	dryRun                   = flag.Bool("dry_run", false, "No real submissions done")
	addPreChainTimeout       = flag.Duration("add_prechain_timeout", 10*time.Second, "Timeout for each add-prechain call")
	loadPendingQualifiedLogs = flag.Bool("load_pending_qualified_logs", true, "Whether to submit cert to one of Pending+Qualified Logs along main submission")
)

func parsePolicyType() submission.CTPolicyType {
	switch *policyType {
	case "chrome":
		return submission.ChromeCTPolicy
	case "apple":
		return submission.AppleCTPolicy
	}
	klog.Fatalf("flag policyType does not support value %q", *policyType)
	return submission.ChromeCTPolicy
}

func main() {
	klog.InitFlags(nil)
	flag.Parse()

	plc := parsePolicyType()

	lcb := submission.BuildLogClient
	if *dryRun {
		lcb = submission.NewStubLogClient
	}
	mf := prometheus.MetricFactory{}

	s := submission.NewProxyServer(*logListPath, submission.GetDistributorBuilder(plc, lcb, mf), *addPreChainTimeout, mf)
	s.Run(context.Background(), *logListRefreshInterval, *rootsRefreshInterval, *loadPendingQualifiedLogs)
	http.HandleFunc("/ct/v1/proxy/add-pre-chain/", s.HandleAddPreChain)
	http.HandleFunc("/ct/v1/proxy/add-chain/", s.HandleAddChain)
	http.Handle("/metrics", promhttp.Handler())
	http.HandleFunc("/", s.HandleInfo)
	log.Fatal(http.ListenAndServe(*httpEndpoint, nil))
}