From 8d375e0c4b10804c4c3b317988425f7451948ba5 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Thu, 7 Jan 2016 13:49:42 +0100 Subject: generalize --- cmd/acme/main.go | 15 ++++--- provider.go | 130 ++++++++++++++++++++++++++++--------------------------- 2 files changed, 75 insertions(+), 70 deletions(-) diff --git a/cmd/acme/main.go b/cmd/acme/main.go index 7cf990d..666c9b8 100644 --- a/cmd/acme/main.go +++ b/cmd/acme/main.go @@ -91,19 +91,22 @@ func main() { log.Fatal("register", err) } - err = p.Authorize(a, des.Altnames[0]) + d, err := acme.NewDesire(des.Altnames, des.Size) if err != nil { - log.Fatal("authz", err) + log.Fatal("newDesire", err) } - crt, err := p.Cert(a, des.Altnames, des.key) + err = p.Authorize(a, d) if err != nil { - log.Fatal("cert", err) + log.Fatal("authz", err) } - err = saveCert(des, crt) + err = p.Cert(a, d) if err != nil { - log.Fatal("save cert", err) + log.Fatal("cert", err) } + + d.SaveKey(des.Key) + d.SaveCert(des.Cert) } } diff --git a/provider.go b/provider.go index e22ffb6..a8cfa64 100644 --- a/provider.go +++ b/provider.go @@ -1,7 +1,6 @@ package acme import ( - "crypto/rsa" "crypto/x509" "encoding/json" "errors" @@ -219,71 +218,76 @@ func pickChallenge(c []Challenge) (int, Challenge) { return -1, Challenge{} } -func (p *Provider) Authorize(s ThumbSigner, domain string) error { - r := &Authorization{ - Resource: ResNewAuthz, - Identifier: NewIdent(domain), - } +func (p *Provider) Authorize(s ThumbSigner, d *Desire) error { + for _, domain := range d.altnames { + r := &Authorization{ + Resource: ResNewAuthz, + Identifier: NewIdent(domain), + } - resp, err := p.post(p.NewAuthz, s, r) - if err != nil { - return err - } - _, err = p.parseJson(resp, r) - if err != nil { - return err - } + resp, err := p.post(p.NewAuthz, s, r) + if err != nil { + return err + } + _, err = p.parseJson(resp, r) + if err != nil { + return err + } - if resp.StatusCode != http.StatusCreated { - return errStatus - } + if resp.StatusCode != http.StatusCreated { + return errStatus + } - n, ch := pickChallenge(r.Challenges) - if n < 0 { - return errors.New("can't solve any challenges") - } + n, ch := pickChallenge(r.Challenges) + if n < 0 { + return errors.New("can't solve any challenges") + } - ka, _ := KeyAuthorization(s, ch.Token) - ans := &Challenge{ - Resource: ResChallenge, - Type: ch.Type, - KeyAuthorization: ka, - } + ka, _ := KeyAuthorization(s, ch.Token) + ans := &Challenge{ + Resource: ResChallenge, + Type: ch.Type, + KeyAuthorization: ka, + } - resp, err = p.post(ch.URI, s, ans) - if err != nil { - return err - } + resp, err = p.post(ch.URI, s, ans) + if err != nil { + return err + } - ns, err := p.parseJson(resp, ans) - if err != nil { - return err - } + ns, err := p.parseJson(resp, ans) + if err != nil { + return err + } - var sol Solver + var sol Solver - switch ch.Type { - case ChallengeHTTP: - sol = &httpChallenge{Addr: "localhost:8080", Challenge: *ans} - default: - return errChallengeType - } + switch ch.Type { + case ChallengeHTTP: + sol = &httpChallenge{Addr: "localhost:8080", Challenge: *ans} + default: + return errChallengeType + } - if err := Solve(sol, time.Minute); err != nil { - return err - } + if err := Solve(sol, time.Minute); err != nil { + return err + } + + for { + done, err := p.queryStatus(ns.Location) + if err != nil { + return err + } + if done { + break + } + } - for { - done, err := p.queryStatus(ns.Location) if err != nil { return err } - if done { - break - } } - - return err + return nil } func (p *Provider) queryStatus(url string) (bool, error) { @@ -299,10 +303,10 @@ func (p *Provider) queryStatus(url string) (bool, error) { return r.Status == StatusValid, nil } -func (p *Provider) Cert(s Signer, altnames []string, key *rsa.PrivateKey) ([]*x509.Certificate, error) { - csr, err := NewCSR(altnames, key) +func (p *Provider) Cert(s Signer, d *Desire) error { + csr, err := NewCSR(d.altnames, d.key) if err != nil { - return nil, err + return err } r := &CSR{ Resource: ResNewCert, @@ -311,27 +315,25 @@ func (p *Provider) Cert(s Signer, altnames []string, key *rsa.PrivateKey) ([]*x5 resp, err := p.post(p.NewCert, s, r) if err != nil { - return nil, err + return err } - var crts []*x509.Certificate - crt, ns, err := p.parseCert(resp) if err != nil { - return nil, err + return err } - crts = append(crts, crt) + d.cert = append(d.cert, crt) resp, err = p.Get(ns.Link["up"]) if err != nil { - return nil, err + return err } crt, _, err = p.parseCert(resp) if err != nil { - return nil, err + return err } - crts = append(crts, crt) + d.cert = append(d.cert, crt) - return crts, nil + return nil } -- cgit v1.2.3