Esempio n. 1
0
func (s *fdbStore) validateAuthorization(account *Account, authName string, c *fdb.Collection) error {
	ss, err := fdb.String(c.Open("expiry"))
	if err != nil {
		return err
	}

	expiry, err := time.Parse(time.RFC3339, strings.TrimSpace(ss))
	if err != nil {
		return err
	}

	azURL, _ := fdb.String(c.Open("url"))
	if !acmeapi.ValidURL(azURL) {
		azURL = ""
	}

	az := &Authorization{
		Name:    authName,
		URL:     strings.TrimSpace(azURL),
		Expires: expiry,
	}

	account.Authorizations[authName] = az
	return nil
}
Esempio n. 2
0
func (s *Store) loadWebrootPaths() {
	webrootPath, _ := fdb.String(s.db.Collection("conf").Open("webroot-path")) // ignore errors
	webrootPath = strings.TrimSpace(webrootPath)
	webrootPaths := strings.Split(webrootPath, "\n")
	for i := range webrootPaths {
		webrootPaths[i] = strings.TrimSpace(webrootPaths[i])
	}

	s.webrootPaths = webrootPaths
}
Esempio n. 3
0
func (s *fdbStore) validateCert(certID string, c *fdb.Collection) error {
	ss, err := fdb.String(c.Open("url"))
	if err != nil {
		return err
	}

	ss = strings.TrimSpace(ss)
	if !acmeapi.ValidURL(ss) {
		return fmt.Errorf("certificate has invalid URI")
	}

	actualCertID := determineCertificateID(ss)
	if certID != actualCertID {
		return fmt.Errorf("cert ID mismatch: %#v != %#v", certID, actualCertID)
	}

	crt := &Certificate{
		URL:               ss,
		Certificates:      nil,
		Cached:            false,
		RevocationDesired: fdb.Exists(c, "revoke"),
		Revoked:           fdb.Exists(c, "revoked"),
	}

	fullchain, err := fdb.Bytes(c.Open("fullchain"))
	if err == nil {
		certs, err := acmeutils.LoadCertificates(fullchain)
		if err != nil {
			return err
		}

		xcrt, err := x509.ParseCertificate(certs[0])
		if err != nil {
			return err
		}

		keyID := determineKeyIDFromCert(xcrt)
		crt.Key = s.keys[keyID]

		if crt.Key != nil {
			err := c.WriteLink("privkey", fdb.Link{Target: "keys/" + keyID + "/privkey"})
			if err != nil {
				return err
			}
		}

		crt.Certificates = certs
		crt.Cached = true
	}

	s.certs[certID] = crt

	return nil
}
Esempio n. 4
0
func (s *fdbStore) loadWebrootPaths() {
	if len(s.defaultTarget.Request.Challenge.WebrootPaths) != 0 {
		// Path list in default target file takes precedence.
		return
	}

	webrootPath, _ := fdb.String(s.db.Collection("conf").Open("webroot-path")) // ignore errors
	webrootPath = strings.TrimSpace(webrootPath)
	webrootPaths := strings.Split(webrootPath, "\n")
	for i := range webrootPaths {
		webrootPaths[i] = strings.TrimSpace(webrootPaths[i])
	}

	if len(webrootPaths) == 1 && webrootPaths[0] == "" {
		webrootPaths = nil
	}

	s.defaultTarget.Request.Challenge.WebrootPaths = webrootPaths
}