From c1bbfede72bf9b81a8be2eb52dbedc964e837667 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Sun, 5 Jun 2016 21:31:45 +0200 Subject: Update to current state --- cmd/acme/main.go | 68 ++++++++++++++++++++++---------------------------------- crypto.go | 3 +++ 2 files changed, 30 insertions(+), 41 deletions(-) diff --git a/cmd/acme/main.go b/cmd/acme/main.go index 6dc19db..cac04e2 100644 --- a/cmd/acme/main.go +++ b/cmd/acme/main.go @@ -2,6 +2,7 @@ package main import ( + "crypto" "flag" "fmt" "log" @@ -17,27 +18,13 @@ var ( httpSol, tlsSol acme.Solver ) -func load(d desire) (*acme.Signer, error) { - key, err := d.Load() - if err != nil { - return nil, err - } - log.Println("Load", d.KeyFile) - return acme.NewSigner(key) -} - -func register(prov *acme.Provider, d desire) (*acme.Signer, error) { +func register(d desire, dir string) (crypto.PrivateKey, error) { key, err := acme.NewKey(d.KeySize) if err != nil { return nil, err } defer d.Save(key) - sig, err := acme.NewSigner(key) - if err != nil { - return nil, err - } - con, err := acme.NewContacts(d.Mail, d.Phone) if err != nil { return nil, err @@ -48,30 +35,20 @@ func register(prov *acme.Provider, d desire) (*acme.Signer, error) { return true } - log.Println("Register", con) - if err := prov.Register(con, agree); err != nil { + log.Println("Dial") + prov, err := acme.DialProvider(dir, key) + if err != nil { return nil, err } - return sig, nil -} -func loadAccount(prov *acme.Provider, d desire) error { - sig, err := load(d) - if err != nil { - sig, err = register(prov, d) - if err != nil { - return err - } - } - for _, d := range d.Domain { - if err := requestCert(prov, sig, d); err != nil { - return err - } + log.Println("Register", con) + if err := prov.Register(con, agree); err != nil { + return nil, err } - return nil + return key, nil } -func requestCert(prov *acme.Provider, d domain) error { +func requestCert(prov *acme.Provider, d domain, mail string) error { c, err := d.Load() if err != nil { c.PrivateKey, err = acme.NewKey(d.KeySize) @@ -106,7 +83,7 @@ func requestCert(prov *acme.Provider, d domain) error { } log.Println("Request bundle for", d.Altnames) - cert, err := prov.Bundle(c.PrivateKey, d.Altnames, nil) + cert, err := prov.Bundle(c.PrivateKey, d.Altnames, mail) if err != nil { return err } @@ -145,15 +122,24 @@ func main() { log.Println("TLS Solver", err) } - log.Println("Dial", conf.Directory) - prov, err := acme.DialProvider(conf.Directory) - if err != nil { - log.Fatal(err) - } - for _, d := range conf.Desire { - if err := loadAccount(prov, d); err != nil { + key, err := d.Load() + if err != nil { + if key, err = register(d, conf.Directory); err != nil { + log.Fatal(err) + } + } + + log.Println("Dial", conf.Directory) + prov, err := acme.DialProvider(conf.Directory, key) + if err != nil { log.Fatal(err) } + + for _, dom := range d.Domain { + if err := requestCert(prov, dom, d.Mail); err != nil { + log.Fatal(err) + } + } } } diff --git a/crypto.go b/crypto.go index 39c48fe..d0ea41e 100644 --- a/crypto.go +++ b/crypto.go @@ -14,6 +14,7 @@ import ( "errors" "io" "io/ioutil" + "log" "os" ) @@ -72,6 +73,7 @@ func LoadKey(r io.Reader) (crypto.PrivateKey, error) { case pemEC: return x509.ParseECPrivateKey(block.Bytes) default: + log.Println("LoadKey") return nil, ErrKeyType } } @@ -128,6 +130,7 @@ func NewKey(size int) (crypto.PrivateKey, error) { case 0: return rsa.GenerateKey(rand.Reader, 2048) default: + log.Println("NewKey") return nil, ErrKeySize } } -- cgit v1.2.3