aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-06-05 21:31:45 +0200
committerDimitri Sokolyuk <demon@dim13.org>2016-06-05 21:31:45 +0200
commitc1bbfede72bf9b81a8be2eb52dbedc964e837667 (patch)
treed3ad0fbbb277f98ab88a6aface9dfc859af4af7f
parentaa8f6baafc28dd118711716aadb1b1e16929b8a0 (diff)
Update to current state
-rw-r--r--cmd/acme/main.go68
-rw-r--r--crypto.go3
2 files changed, 30 insertions, 41 deletions
diff --git a/cmd/acme/main.go b/cmd/acme/main.go
index 6dc19db..cac04e2 100644
--- a/cmd/acme/main.go
+++ b/cmd/acme/main.go
@@ -2,6 +2,7 @@
package main
import (
+ "crypto"
"flag"
"fmt"
"log"
@@ -17,27 +18,13 @@ var (
httpSol, tlsSol acme.Solver
)
-func load(d desire) (*acme.Signer, error) {
- key, err := d.Load()
- if err != nil {
- return nil, err
- }
- log.Println("Load", d.KeyFile)
- return acme.NewSigner(key)
-}
-
-func register(prov *acme.Provider, d desire) (*acme.Signer, error) {
+func register(d desire, dir string) (crypto.PrivateKey, error) {
key, err := acme.NewKey(d.KeySize)
if err != nil {
return nil, err
}
defer d.Save(key)
- sig, err := acme.NewSigner(key)
- if err != nil {
- return nil, err
- }
-
con, err := acme.NewContacts(d.Mail, d.Phone)
if err != nil {
return nil, err
@@ -48,30 +35,20 @@ func register(prov *acme.Provider, d desire) (*acme.Signer, error) {
return true
}
- log.Println("Register", con)
- if err := prov.Register(con, agree); err != nil {
+ log.Println("Dial")
+ prov, err := acme.DialProvider(dir, key)
+ if err != nil {
return nil, err
}
- return sig, nil
-}
-func loadAccount(prov *acme.Provider, d desire) error {
- sig, err := load(d)
- if err != nil {
- sig, err = register(prov, d)
- if err != nil {
- return err
- }
- }
- for _, d := range d.Domain {
- if err := requestCert(prov, sig, d); err != nil {
- return err
- }
+ log.Println("Register", con)
+ if err := prov.Register(con, agree); err != nil {
+ return nil, err
}
- return nil
+ return key, nil
}
-func requestCert(prov *acme.Provider, d domain) error {
+func requestCert(prov *acme.Provider, d domain, mail string) error {
c, err := d.Load()
if err != nil {
c.PrivateKey, err = acme.NewKey(d.KeySize)
@@ -106,7 +83,7 @@ func requestCert(prov *acme.Provider, d domain) error {
}
log.Println("Request bundle for", d.Altnames)
- cert, err := prov.Bundle(c.PrivateKey, d.Altnames, nil)
+ cert, err := prov.Bundle(c.PrivateKey, d.Altnames, mail)
if err != nil {
return err
}
@@ -145,15 +122,24 @@ func main() {
log.Println("TLS Solver", err)
}
- log.Println("Dial", conf.Directory)
- prov, err := acme.DialProvider(conf.Directory)
- if err != nil {
- log.Fatal(err)
- }
-
for _, d := range conf.Desire {
- if err := loadAccount(prov, d); err != nil {
+ key, err := d.Load()
+ if err != nil {
+ if key, err = register(d, conf.Directory); err != nil {
+ log.Fatal(err)
+ }
+ }
+
+ log.Println("Dial", conf.Directory)
+ prov, err := acme.DialProvider(conf.Directory, key)
+ if err != nil {
log.Fatal(err)
}
+
+ for _, dom := range d.Domain {
+ if err := requestCert(prov, dom, d.Mail); err != nil {
+ log.Fatal(err)
+ }
+ }
}
}
diff --git a/crypto.go b/crypto.go
index 39c48fe..d0ea41e 100644
--- a/crypto.go
+++ b/crypto.go
@@ -14,6 +14,7 @@ import (
"errors"
"io"
"io/ioutil"
+ "log"
"os"
)
@@ -72,6 +73,7 @@ func LoadKey(r io.Reader) (crypto.PrivateKey, error) {
case pemEC:
return x509.ParseECPrivateKey(block.Bytes)
default:
+ log.Println("LoadKey")
return nil, ErrKeyType
}
}
@@ -128,6 +130,7 @@ func NewKey(size int) (crypto.PrivateKey, error) {
case 0:
return rsa.GenerateKey(rand.Reader, 2048)
default:
+ log.Println("NewKey")
return nil, ErrKeySize
}
}