aboutsummaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
Diffstat (limited to 'cmd')
-rw-r--r--cmd/acme/fs.go64
-rw-r--r--cmd/acme/main.go27
2 files changed, 78 insertions, 13 deletions
diff --git a/cmd/acme/fs.go b/cmd/acme/fs.go
new file mode 100644
index 0000000..4f8c479
--- /dev/null
+++ b/cmd/acme/fs.go
@@ -0,0 +1,64 @@
+package main
+
+import (
+ "crypto"
+ "crypto/tls"
+ "io"
+ "os"
+ "syscall"
+
+ "dim13.org/acme"
+)
+
+func NewFile(fname string, mode os.FileMode) (io.WriteCloser, error) {
+ err := os.Rename(fname, fname+".bak")
+ if nerr, ok := err.(*os.LinkError); ok && nerr.Err != syscall.ENOENT {
+ return nil, err
+ }
+ flags := os.O_WRONLY | os.O_CREATE | os.O_TRUNC
+ return os.OpenFile(fname, flags, mode)
+}
+
+func (d domain) Save(cert tls.Certificate) error {
+ // save key
+ fd, err := NewFile(d.KeyFile, 0600)
+ if err != nil {
+ return err
+ }
+ defer fd.Close()
+ err = acme.SaveKey(fd, cert.PrivateKey)
+ if err != nil {
+ return err
+ }
+
+ // save certs
+ fd, err = NewFile(d.CrtFile, 0644)
+ if err != nil {
+ return err
+ }
+ defer fd.Close()
+ for _, crt := range cert.Certificate {
+ if err := acme.SaveCert(fd, crt); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func (a account) Save(key crypto.PrivateKey) error {
+ fd, err := NewFile(a.KeyFile, 0600)
+ if err != nil {
+ return err
+ }
+ defer fd.Close()
+ return acme.SaveKey(fd, key)
+}
+
+func (a account) Load() (crypto.PrivateKey, error) {
+ fd, err := os.Open(a.KeyFile)
+ if err != nil {
+ return nil, err
+ }
+ defer fd.Close()
+ return acme.LoadKey(fd)
+}
diff --git a/cmd/acme/main.go b/cmd/acme/main.go
index 721d204..50855d9 100644
--- a/cmd/acme/main.go
+++ b/cmd/acme/main.go
@@ -41,10 +41,22 @@ func main() {
for _, v := range v.Account {
log.Println("Load", v.KeyFile)
- acc, err := getAccount(v.KeyFile, v.KeySize)
+ key, err := v.Load()
+ if err != nil {
+ key, err = acme.NewKey(v.KeySize)
+ if err != nil {
+ log.Fatal(err)
+ }
+ }
+ if err := v.Save(key); err != nil {
+ log.Fatal(err)
+ }
+
+ acc, err := acme.NewAccount(key)
if err != nil {
log.Fatal(err)
}
+
con := acme.Contacts{}
con.AddMail(v.Mail)
con.AddPhone(v.Phone)
@@ -84,21 +96,10 @@ func main() {
}
log.Println("Save", v.CrtFile, v.KeyFile)
- if err := des.SaveKeyPair(v.CrtFile, v.KeyFile); err != nil {
+ if err := v.Save(des.Cert()); err != nil {
log.Fatal(err)
}
}
}
}
}
-
-func getAccount(keyFile string, keySize int) (*acme.Account, error) {
- acc, err := acme.LoadAccount(keyFile)
- if err != nil {
- acc, err = acme.NewAccount(keySize)
- if err != nil {
- return nil, err
- }
- }
- return acc, acc.Save(keyFile)
-}