forked from google/certificate-transparency-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
72 lines (63 loc) · 2.87 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
// Copyright 2019 Google LLC. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// The submission_server runs (pre-)certs multi-Log submission complying with
// CT-policy provided.
package main
import (
"context"
"flag"
"log"
"net/http"
"time"
"github.com/golang/glog"
"github.com/google/certificate-transparency-go/submission"
"github.com/google/trillian/monitoring/prometheus"
"github.com/prometheus/client_golang/prometheus/promhttp"
)
// Flags.
var (
httpEndpoint = flag.String("http_endpoint", "localhost:5951", "Endpoint for HTTP (host:port)")
logListPath = flag.String("loglist_path", "https://www.gstatic.com/ct/log_list/v2/log_list.json", "Path for list of CT Logs in JSON format")
logListRefreshInterval = flag.Duration("loglist_refresh_interval", 24*time.Hour, "Interval between consecutive reads of Log-list")
rootsRefreshInterval = flag.Duration("roots_refresh_interval", 24*time.Hour, "Interval between consecutive get-roots calls")
policyType = flag.String("policy_type", "chrome", "CT-policy <chrome|apple>")
dryRun = flag.Bool("dry_run", false, "No real submissions done")
addPreChainTimeout = flag.Duration("add_prechain_timeout", 10*time.Second, "Timeout for each add-prechain call")
loadPendingQualifiedLogs = flag.Bool("load_pending_qualified_logs", true, "Whether to submit cert to one of Pending+Qualified Logs along main submission")
)
func parsePolicyType() submission.CTPolicyType {
if *policyType == "chrome" {
return submission.ChromeCTPolicy
} else if *policyType == "apple" {
return submission.AppleCTPolicy
}
glog.Fatalf("flag policyType does not support value %q", *policyType)
return submission.ChromeCTPolicy
}
func main() {
flag.Parse()
plc := parsePolicyType()
lcb := submission.BuildLogClient
if *dryRun {
lcb = submission.NewStubLogClient
}
mf := prometheus.MetricFactory{}
s := submission.NewProxyServer(*logListPath, submission.GetDistributorBuilder(plc, lcb, mf), *addPreChainTimeout, mf)
s.Run(context.Background(), *logListRefreshInterval, *rootsRefreshInterval, *loadPendingQualifiedLogs)
http.HandleFunc("/ct/v1/proxy/add-pre-chain/", s.HandleAddPreChain)
http.HandleFunc("/ct/v1/proxy/add-chain/", s.HandleAddChain)
http.Handle("/metrics", promhttp.Handler())
http.HandleFunc("/", s.HandleInfo)
log.Fatal(http.ListenAndServe(*httpEndpoint, nil))
}