Documentation ¶
Index ¶
- type CertRecord
- type CertStorer
- type MemoryStore
- func (ms *MemoryStore) Close() error
- func (ms *MemoryStore) Get(id string) (*CertRecord, error)
- func (ms *MemoryStore) GetRevoked() ([]*CertRecord, error)
- func (ms *MemoryStore) List(includeExpired bool) ([]*CertRecord, error)
- func (ms *MemoryStore) Revoke(ids []string) error
- func (ms *MemoryStore) SetCert(cert *ssh.Certificate) error
- func (ms *MemoryStore) SetRecord(record *CertRecord) error
- type SQLStore
- func (db *SQLStore) Close() error
- func (db *SQLStore) Get(id string) (*CertRecord, error)
- func (db *SQLStore) GetRevoked() ([]*CertRecord, error)
- func (db *SQLStore) List(includeExpired bool) ([]*CertRecord, error)
- func (db *SQLStore) Revoke(ids []string) error
- func (db *SQLStore) SetCert(cert *ssh.Certificate) error
- func (db *SQLStore) SetRecord(rec *CertRecord) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertRecord ¶
type CertRecord struct { KeyID string `json:"key_id" db:"key_id"` Principals types.StringSlice `json:"principals" db:"principals"` CreatedAt time.Time `json:"created_at" db:"created_at"` Expires time.Time `json:"expires" db:"expires_at"` Revoked bool `json:"revoked" db:"revoked"` Raw string `json:"-" db:"raw_key"` }
A CertRecord is a representation of a ssh certificate used by a CertStorer.
func (*CertRecord) MarshalJSON ¶
func (c *CertRecord) MarshalJSON() ([]byte, error)
MarshalJSON implements the json.Marshaler interface for the CreatedAt and Expires fields. The resulting string looks like "2017-04-11 10:00:00 +0000"
type CertStorer ¶
type CertStorer interface { Get(id string) (*CertRecord, error) SetCert(cert *ssh.Certificate) error SetRecord(record *CertRecord) error List(includeExpired bool) ([]*CertRecord, error) Revoke(id []string) error GetRevoked() ([]*CertRecord, error) Close() error }
CertStorer records issued certs in a persistent store for audit and revocation purposes.
type MemoryStore ¶
MemoryStore is an in-memory CertStorer
func NewMemoryStore ¶
func NewMemoryStore() *MemoryStore
NewMemoryStore returns an in-memory CertStorer.
func (*MemoryStore) Close ¶
func (ms *MemoryStore) Close() error
Close the store. This will clear the contents.
func (*MemoryStore) Get ¶
func (ms *MemoryStore) Get(id string) (*CertRecord, error)
Get a single *CertRecord
func (*MemoryStore) GetRevoked ¶
func (ms *MemoryStore) GetRevoked() ([]*CertRecord, error)
GetRevoked returns all revoked certs
func (*MemoryStore) List ¶
func (ms *MemoryStore) List(includeExpired bool) ([]*CertRecord, error)
List returns all recorded certs. By default only active certs are returned.
func (*MemoryStore) Revoke ¶
func (ms *MemoryStore) Revoke(ids []string) error
Revoke an issued cert by id.
func (*MemoryStore) SetCert ¶
func (ms *MemoryStore) SetCert(cert *ssh.Certificate) error
SetCert parses a *ssh.Certificate and records it
func (*MemoryStore) SetRecord ¶
func (ms *MemoryStore) SetRecord(record *CertRecord) error
SetRecord records a *CertRecord
type SQLStore ¶
type SQLStore struct {
// contains filtered or unexported fields
}
SQLStore is an sql-based CertStorer
func NewSQLStore ¶
NewSQLStore returns a *sql.DB CertStorer.
func (*SQLStore) Get ¶
func (db *SQLStore) Get(id string) (*CertRecord, error)
Get a single *CertRecord
func (*SQLStore) GetRevoked ¶
func (db *SQLStore) GetRevoked() ([]*CertRecord, error)
GetRevoked returns all revoked certs
func (*SQLStore) List ¶
func (db *SQLStore) List(includeExpired bool) ([]*CertRecord, error)
List returns all recorded certs. By default only active certs are returned.
func (*SQLStore) SetCert ¶
func (db *SQLStore) SetCert(cert *ssh.Certificate) error
SetCert parses a *ssh.Certificate and records it
func (*SQLStore) SetRecord ¶
func (db *SQLStore) SetRecord(rec *CertRecord) error
SetRecord records a *CertRecord