Exemple #1
0
func cmdCull() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	err = storageops.Cull(s, *cullSimulateFlag)
	log.Fatale(err, "cull")
}
Exemple #2
0
func cmdImportKey() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	err = importKey(s, *importKeyArg)
	log.Fatale(err, "import key")
}
Exemple #3
0
func cmdReconcile() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	err = storageops.Reconcile(s)
	log.Fatale(err, "reconcile")
}
Exemple #4
0
func cmdWant() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	alreadyExists := false
	s.VisitTargets(func(t *storage.Target) error {
		nm := map[string]struct{}{}
		for _, n := range t.Satisfy.Names {
			nm[n] = struct{}{}
		}

		for _, w := range *wantArg {
			if _, ok := nm[w]; !ok {
				return nil
			}
		}

		alreadyExists = true
		return nil
	})

	if alreadyExists {
		return
	}

	tgt := storage.Target{
		Satisfy: storage.TargetSatisfy{
			Names: *wantArg,
		},
	}

	err = s.SaveTarget(&tgt)
	log.Fatale(err, "add target")
}
Exemple #5
0
func cmdUnwant() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	for _, hn := range *unwantArg {
		err = storageops.RemoveTargetHostname(s, hn)
		log.Fatale(err, "remove target hostname ", hn)
	}
}
Exemple #6
0
func cmdStatus() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	info := StatusString(s)
	log.Fatale(err, "status")

	fmt.Print(info)
}
Exemple #7
0
func revokeByCertificateID(certID string) {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	err = storageops.RevokeByCertificateOrKeyID(s, certID)
	log.Fatale(err, "revoke")

	err = storageops.Reconcile(s)
	log.Fatale(err, "reconcile")
}
Exemple #8
0
func cmdAccountThumbprint() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	s.VisitAccounts(func(a *storage.Account) error {
		thumbprint, _ := acmeutils.Base64Thumbprint(a.PrivateKey)
		fmt.Printf("%s\t%s\n", thumbprint, a.ID())
		return nil
	})
}
Exemple #9
0
func determineWebroot() string {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	webrootPaths := s.DefaultTarget().Request.Challenge.WebrootPaths
	if len(webrootPaths) > 0 {
		return webrootPaths[0]
	}

	return responder.StandardWebrootPath
}
Exemple #10
0
func cmdImportLE() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	lePath := *importLEArg
	accountNames, err := getLEAccountNames(lePath)
	log.Fatale(err, "cannot inspect accounts directory - do you have permissions to read the Let's Encrypt directory (i.e. are you root)?")

	// In order to import a Let's Encrypt state directory, we must:
	//   - import the account keys
	//   - import the certificate keys
	//   - import the certificates

	// Import account keys.
	durls := map[string]struct{}{}

	for _, accountName := range accountNames {
		acct, err := importLEAccount(s, lePath, accountName)
		log.Fatale(err, "import account")

		durls[acct.DirectoryURL] = struct{}{}
	}

	keyFiles, err := filepath.Glob(filepath.Join(lePath, "keys", "*.pem"))
	log.Fatale(err)

	// Import certificate keys.
	for _, keyFile := range keyFiles {
		err := importKey(s, keyFile)
		log.Fatale(err, "import key")
	}

	// Import certificates.
	certFiles, err := filepath.Glob(filepath.Join(lePath, "archive", "*", "cert*.pem"))
	log.Fatale(err)

	for _, certFile := range certFiles {
		err := importCert(s, certFile)
		log.Fatale(err, "import certificate")
	}

	// If there is no default provider set, and we have only one directory URL
	// imported, set it as the default provider.
	if len(durls) == 1 && s.DefaultTarget().Request.Provider == "" {
		for p := range durls {
			s.DefaultTarget().Request.Provider = p
			err := s.SaveTarget(s.DefaultTarget())
			log.Fatale(err, "couldn't set default provider")
			break
		}
	}
}
Exemple #11
0
func cmdWant() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	tgt := storage.Target{
		Satisfy: storage.TargetSatisfy{
			Names: *wantArg,
		},
	}

	err = s.SaveTarget(&tgt)
	log.Fatale(err, "add target")
}
Exemple #12
0
func cmdWant() {
	hostnames := *wantArg

	// Ensure all hostnames provided are valid.
	for idx := range hostnames {
		norm, err := acmeutils.NormalizeHostname(hostnames[idx])
		if err != nil {
			log.Fatalf("invalid hostname: %#v: %v", hostnames[idx], err)
			return
		}
		hostnames[idx] = norm
	}

	// Determine whether there already exists a target satisfying all given
	// hostnames or a superset thereof.
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	alreadyExists := false
	s.VisitTargets(func(t *storage.Target) error {
		nm := map[string]struct{}{}
		for _, n := range t.Satisfy.Names {
			nm[n] = struct{}{}
		}

		for _, w := range hostnames {
			if _, ok := nm[w]; !ok {
				return nil
			}
		}

		alreadyExists = true
		return nil
	})

	if alreadyExists {
		return
	}

	// Add the target.
	tgt := storage.Target{
		Satisfy: storage.TargetSatisfy{
			Names: hostnames,
		},
	}

	err = s.SaveTarget(&tgt)
	log.Fatale(err, "add target")
}
Exemple #13
0
func cmdImportPEMAccount() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	f, err := os.Open(*importPEMPathArg)
	log.Fatale(err, "cannot open private key file")
	defer f.Close()

	b, err := ioutil.ReadAll(f)
	log.Fatale(err, "cannot read file")

	pk, err := acmeutils.LoadPrivateKey(b)
	log.Fatale(err, "cannot parse private key")

	_, err = s.ImportAccount(*importPEMURLArg, pk)
	log.Fatale(err, "cannot import account key")
}
Exemple #14
0
func cmdImportJWKAccount() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	f, err := os.Open(*importJWKPathArg)
	log.Fatale(err, "cannot open private key file")
	defer f.Close()

	b, err := ioutil.ReadAll(f)
	log.Fatale(err, "cannot read file")

	k := jose.JsonWebKey{}
	err = k.UnmarshalJSON(b)
	log.Fatale(err, "cannot unmarshal key")

	_, err = s.ImportAccount(*importJWKURLArg, k.Key)
	log.Fatale(err, "cannot import account key")
}
Exemple #15
0
func cmdImportLE() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	lePath := *importLEArg
	accountNames, err := getLEAccountNames(lePath)
	log.Fatale(err, "cannot inspect accounts directory - do you have permissions to read the Let's Encrypt directory (i.e. are you root)?")

	// In order to import a Let's Encrypt state directory, we must:
	//   - import the account keys
	//   - import the certificate keys
	//   - import the certificates

	// Import account keys.
	for _, accountName := range accountNames {
		err := importLEAccount(s, lePath, accountName)
		log.Fatale(err, "import account")
	}

	keyFiles, err := filepath.Glob(filepath.Join(lePath, "keys", "*.pem"))
	log.Fatale(err)

	// Import certificate keys.
	for _, keyFile := range keyFiles {
		err := importKey(s, keyFile)
		log.Fatale(err, "import key")
	}

	// Import certificates.
	certFiles, err := filepath.Glob(filepath.Join(lePath, "archive", "*", "cert*.pem"))
	log.Fatale(err)

	for _, certFile := range certFiles {
		err := importCert(s, certFile)
		log.Fatale(err, "import certificate")
	}
}
Exemple #16
0
func cmdQuickstart() {
	s, err := storage.NewFDB(*stateFlag)
	log.Fatale(err, "storage")

	serverURL := promptServerURL()
	s.DefaultTarget().Request.Provider = serverURL
	err = s.SaveTarget(s.DefaultTarget())
	log.Fatale(err, "set provider URL")

	// key type
	keyType := promptKeyType()
	switch keyType {
	case "rsa":
		s.DefaultTarget().Request.Key.Type = "rsa"
		rsaKeySize := promptRSAKeySize()
		if rsaKeySize != 0 {
			s.DefaultTarget().Request.Key.RSASize = rsaKeySize
			err = s.SaveTarget(s.DefaultTarget())
			log.Fatale(err, "set preferred RSA Key size")
		}
	case "ecdsa":
		s.DefaultTarget().Request.Key.Type = "ecdsa"
		ecdsaCurve := promptECDSACurve()
		if ecdsaCurve != "" {
			s.DefaultTarget().Request.Key.ECDSACurve = ecdsaCurve
			err = s.SaveTarget(s.DefaultTarget())
			log.Fatale(err, "set preferred ECDSA curve")
		}
	}

	// hook method
	method := promptHookMethod()
	var webroot []string
	switch method {
	case "webroot":
		webroot = []string{promptWebrootDir()}
	}

	if len(webroot) != 0 {
		err = os.MkdirAll(webroot[0], 0755)
		log.Fatale(err, "couldn't create webroot path")
	}

	s.DefaultTarget().Request.Challenge.WebrootPaths = webroot
	err = s.SaveTarget(s.DefaultTarget())
	log.Fatale(err, "set webroot path")

	prog, err := interaction.Auto.Status(&interaction.StatusInfo{
		Title: "Registering account...",
	})
	log.Fatale(err, "status")
	prog.SetProgress(0, 1)

	err = storageops.EnsureRegistration(s)
	log.Fatale(err, "couldn't complete registration")

	prog.SetProgress(1, 1)
	prog.Close()

	if method == "redirector" {
		promptSystemd()
	}

	installDefaultHooks()
	if promptInstallCombinedHooks() {
		installCombinedHooks()
	}

	promptCron()
	promptGettingStarted()
}