-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
124 lines (112 loc) · 2.69 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
package main
import "github.com/mehmooda/acme_client/acme"
import "flag"
//import "encoding/json"
//import "encoding/pem"
import "crypto/rsa"
var CONFIGURATION_FILE *string
var ACME_SERVER *string
var LOGLEVEL *int
var ACCOUNT_KEY *rsa.PrivateKey
func main() {
// flag.Usage = Usage
CONFIGURATION_FILE = flag.String("c", "acme.ini", "load data file")
ACME_SERVER = flag.String("s", "https://acme-staging.api.letsencrypt.org/directory", "ACME SERVER DIRECTORY")
LOGLEVEL = flag.Int("v", 3, "LOGLEVEL 0:SILENT, 1:ERRORS, 2:VERBOSE, 3:NETWORK")
flag.Parse()
n := flag.NArg()
if n > 2 {
if flag.Arg(0) == "register" {
LogV("Creating Acme Client from",
*ACME_SERVER)
client, err := acme.CreateACMEClient(*ACME_SERVER)
if err != nil {
LogE(err)
}
switch flag.Arg(1) {
case "pem":
LogV("Parsing", flag.Arg(2), "with pem")
ACCOUNT_KEY = Import_Rsa_Key_PEM(flag.Arg(2))
case "jwk":
LogV("Parsing", flag.Arg(2), "with jwk")
ACCOUNT_KEY = Import_Rsa_Key_JWK(flag.Arg(2))
default:
LogE("Unsupported Key format:", flag.Arg(1))
return
}
if ACCOUNT_KEY == nil {
return
}
client.SetAccountKey(ACCOUNT_KEY)
LogV("Attempting to retrieve Registration")
registration, err := client.GetRegistration()
if err != nil {
LogE(err)
return
}
s := registration.NeedsAgreement()
if s != "" {
LogV("Agreeing to Terms:", s)
err = client.AgreeToTerms(registration, s)
if err != nil {
LogE(err)
return
}
}
LogN(registration)
UpdateConfig()
return
}
}
if !LoadConfiguration() {
return
}
client, err := acme.CreateACMEClient(*ACME_SERVER)
LogV("Getting Registration")
client.SetAccountKey(ACCOUNT_KEY)
_, err = client.GetRegistration()
if err != nil {
LogE(err)
return
}
// TODO: Use Registration object to get auth_urls if server implements
LogV("Find Authorizations")
for name, _ := range GLOBAL.HOST {
LogV("Getting Auth:", name)
a := GetAuth(name, client)
if a == nil {
continue
}
if a.AuthNeedsCompletion() {
if !PerformAuth(name, client, a) {
LogE("Unable to Authorize:", name)
}
//Update Authorization Object
a = GetAuth(name, client)
}
if a.AuthValid() {
GetCertificate(name, client)
}
}
}
func GetAuth(name string, client *acme.Client) *acme.Resource {
url, ok := GLOBAL.HOST[name]["AUTH"]
var auth *acme.Resource
var err error
if ok {
auth, err = acme.GetAuthorization(url)
if err != nil {
LogE(err)
}
}
if auth == nil || !auth.AuthMatchesIdent(name) || !auth.AuthValid() {
auth, err = client.NewAuthorization(name)
if err != nil {
LogE(err)
return nil
}
}
GLOBAL.HOST[name]["AUTH"] = auth.Location
UpdateConfig()
return auth
}