aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-01-07 13:49:42 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-01-07 13:49:42 +0100
commit8d375e0c4b10804c4c3b317988425f7451948ba5 (patch)
tree53cc62dbaa4172ec359f21ad9131066e84ab91a6
parenta0d0c73d20f8cfb9e25e455ff6d31360e33d596e (diff)
generalize
-rw-r--r--cmd/acme/main.go15
-rw-r--r--provider.go130
2 files changed, 75 insertions, 70 deletions
diff --git a/cmd/acme/main.go b/cmd/acme/main.go
index 7cf990d..666c9b8 100644
--- a/cmd/acme/main.go
+++ b/cmd/acme/main.go
@@ -91,19 +91,22 @@ func main() {
log.Fatal("register", err)
}
- err = p.Authorize(a, des.Altnames[0])
+ d, err := acme.NewDesire(des.Altnames, des.Size)
if err != nil {
- log.Fatal("authz", err)
+ log.Fatal("newDesire", err)
}
- crt, err := p.Cert(a, des.Altnames, des.key)
+ err = p.Authorize(a, d)
if err != nil {
- log.Fatal("cert", err)
+ log.Fatal("authz", err)
}
- err = saveCert(des, crt)
+ err = p.Cert(a, d)
if err != nil {
- log.Fatal("save cert", err)
+ log.Fatal("cert", err)
}
+
+ d.SaveKey(des.Key)
+ d.SaveCert(des.Cert)
}
}
diff --git a/provider.go b/provider.go
index e22ffb6..a8cfa64 100644
--- a/provider.go
+++ b/provider.go
@@ -1,7 +1,6 @@
package acme
import (
- "crypto/rsa"
"crypto/x509"
"encoding/json"
"errors"
@@ -219,71 +218,76 @@ func pickChallenge(c []Challenge) (int, Challenge) {
return -1, Challenge{}
}
-func (p *Provider) Authorize(s ThumbSigner, domain string) error {
- r := &Authorization{
- Resource: ResNewAuthz,
- Identifier: NewIdent(domain),
- }
+func (p *Provider) Authorize(s ThumbSigner, d *Desire) error {
+ for _, domain := range d.altnames {
+ r := &Authorization{
+ Resource: ResNewAuthz,
+ Identifier: NewIdent(domain),
+ }
- resp, err := p.post(p.NewAuthz, s, r)
- if err != nil {
- return err
- }
- _, err = p.parseJson(resp, r)
- if err != nil {
- return err
- }
+ resp, err := p.post(p.NewAuthz, s, r)
+ if err != nil {
+ return err
+ }
+ _, err = p.parseJson(resp, r)
+ if err != nil {
+ return err
+ }
- if resp.StatusCode != http.StatusCreated {
- return errStatus
- }
+ if resp.StatusCode != http.StatusCreated {
+ return errStatus
+ }
- n, ch := pickChallenge(r.Challenges)
- if n < 0 {
- return errors.New("can't solve any challenges")
- }
+ n, ch := pickChallenge(r.Challenges)
+ if n < 0 {
+ return errors.New("can't solve any challenges")
+ }
- ka, _ := KeyAuthorization(s, ch.Token)
- ans := &Challenge{
- Resource: ResChallenge,
- Type: ch.Type,
- KeyAuthorization: ka,
- }
+ ka, _ := KeyAuthorization(s, ch.Token)
+ ans := &Challenge{
+ Resource: ResChallenge,
+ Type: ch.Type,
+ KeyAuthorization: ka,
+ }
- resp, err = p.post(ch.URI, s, ans)
- if err != nil {
- return err
- }
+ resp, err = p.post(ch.URI, s, ans)
+ if err != nil {
+ return err
+ }
- ns, err := p.parseJson(resp, ans)
- if err != nil {
- return err
- }
+ ns, err := p.parseJson(resp, ans)
+ if err != nil {
+ return err
+ }
- var sol Solver
+ var sol Solver
- switch ch.Type {
- case ChallengeHTTP:
- sol = &httpChallenge{Addr: "localhost:8080", Challenge: *ans}
- default:
- return errChallengeType
- }
+ switch ch.Type {
+ case ChallengeHTTP:
+ sol = &httpChallenge{Addr: "localhost:8080", Challenge: *ans}
+ default:
+ return errChallengeType
+ }
- if err := Solve(sol, time.Minute); err != nil {
- return err
- }
+ if err := Solve(sol, time.Minute); err != nil {
+ return err
+ }
+
+ for {
+ done, err := p.queryStatus(ns.Location)
+ if err != nil {
+ return err
+ }
+ if done {
+ break
+ }
+ }
- for {
- done, err := p.queryStatus(ns.Location)
if err != nil {
return err
}
- if done {
- break
- }
}
-
- return err
+ return nil
}
func (p *Provider) queryStatus(url string) (bool, error) {
@@ -299,10 +303,10 @@ func (p *Provider) queryStatus(url string) (bool, error) {
return r.Status == StatusValid, nil
}
-func (p *Provider) Cert(s Signer, altnames []string, key *rsa.PrivateKey) ([]*x509.Certificate, error) {
- csr, err := NewCSR(altnames, key)
+func (p *Provider) Cert(s Signer, d *Desire) error {
+ csr, err := NewCSR(d.altnames, d.key)
if err != nil {
- return nil, err
+ return err
}
r := &CSR{
Resource: ResNewCert,
@@ -311,27 +315,25 @@ func (p *Provider) Cert(s Signer, altnames []string, key *rsa.PrivateKey) ([]*x5
resp, err := p.post(p.NewCert, s, r)
if err != nil {
- return nil, err
+ return err
}
- var crts []*x509.Certificate
-
crt, ns, err := p.parseCert(resp)
if err != nil {
- return nil, err
+ return err
}
- crts = append(crts, crt)
+ d.cert = append(d.cert, crt)
resp, err = p.Get(ns.Link["up"])
if err != nil {
- return nil, err
+ return err
}
crt, _, err = p.parseCert(resp)
if err != nil {
- return nil, err
+ return err
}
- crts = append(crts, crt)
+ d.cert = append(d.cert, crt)
- return crts, nil
+ return nil
}