func (s *fdbStore) SaveAccount(a *Account) error { coll := s.db.Collection("accounts/" + a.ID()) w, err := coll.Create("privkey") if err != nil { return err } defer w.CloseAbort() err = acmeutils.SavePrivateKey(w, a.PrivateKey) if err != nil { return err } w.Close() for _, auth := range a.Authorizations { c := coll.Collection("authorizations/" + auth.Name) err := fdb.WriteBytes(c, "expiry", []byte(auth.Expires.Format(time.RFC3339))) if err != nil { return err } err = fdb.WriteBytes(c, "url", []byte(auth.URL)) if err != nil { return err } } return nil }
// Serializes the target to disk. Call after changing any settings. func (s *fdbStore) SaveTarget(t *Target) error { // Some basic validation. err := t.Validate() if err != nil { return err } if t != s.defaultTarget { t.ensureFilename() } tcopy := *t if t == s.defaultTarget { tcopy.genericise() } // don't serialize default request names list if tcopy.Request.implicitNames { tcopy.Request.Names = nil } b, err := yaml.Marshal(&tcopy) if err != nil { return err } // Save. if t == s.defaultTarget { return fdb.WriteBytes(s.db.Collection("conf"), "target", b) } return fdb.WriteBytes(s.db.Collection("desired"), t.Filename, b) }
func (s *Store) requestCertificateForTarget(t *Target) error { //return fmt.Errorf("not requesting certificate") cl := s.getAccountClient(t.Request.Account) err := solver.AssistedUpsertRegistration(cl, nil, context.TODO()) if err != nil { return err } authsNeeded, err := s.determineNecessaryAuthorizations(t) if err != nil { return err } for _, name := range authsNeeded { log.Debugf("trying to obtain authorization for %#v", name) err := s.obtainAuthorization(name, t.Request.Account) if err != nil { log.Errore(err, "could not obtain authorization for ", name) return err } } csr, err := s.createCSR(t) if err != nil { return err } log.Debugf("requesting certificate for %v", t) acrt, err := cl.RequestCertificate(csr, context.TODO()) if err != nil { log.Errore(err, "could not request certificate") return err } crt := &Certificate{ URL: acrt.URI, } certID := crt.ID() c := s.db.Collection("certs/" + certID) err = fdb.WriteBytes(c, "url", []byte(crt.URL)) if err != nil { log.Errore(err, "could not write certificate URL") return err } s.certs[certID] = crt log.Debugf("downloading certificate which was just requested: %#v", crt.URL) err = s.downloadCertificate(crt) if err != nil { return err } return nil }
// Set the preferred RSA key size. The size is not validated here, as it is // clamped later and a higher preferred size may become available in future // releases. func (s *Store) SetPreferredRSAKeySize(keySize int) error { err := fdb.WriteBytes(s.db.Collection("conf"), "rsa-key-size", []byte(fmt.Sprintf("%d", keySize))) if err != nil { return err } s.preferredRSAKeySize = keySize return nil }
// Given a certificate URL, imports the certificate into the store. The // certificate will be retrirved on the next reconcile. If a certificate with // that URL already exists, this is a no-op and returns nil. func (s *Store) ImportCertificate(url string) error { certID := determineCertificateID(url) _, ok := s.certs[certID] if ok { return nil } return fdb.WriteBytes(s.db.Collection("certs/"+certID), "url", []byte(url)) }
func (s *Store) obtainAuthorization(name string, a *Account, trc *TargetRequestChallenge) error { cl := s.getAccountClient(a) ccfg := responder.ChallengeConfig{ WebPaths: trc.WebrootPaths, HTTPPorts: trc.HTTPPorts, PriorKeyFunc: s.getPriorKey, } az, err := solver.Authorize(cl, name, ccfg, nil, context.TODO()) if err != nil { return err } err = cl.LoadAuthorization(az, context.TODO()) if err != nil { // Try proceeding anyway. return nil } c := s.db.Collection("accounts/" + a.ID() + "/authorizations/" + name) err = fdb.WriteBytes(c, "expiry", []byte(az.Expires.Format(time.RFC3339))) if err != nil { return err } err = fdb.WriteBytes(c, "url", []byte(az.URI)) if err != nil { return err } saz := &Authorization{ URL: az.URI, Name: az.Identifier.Value, Expires: az.Expires, } a.Authorizations[az.Identifier.Value] = saz return nil }
// Set the preferred webroot paths. func (s *Store) SetWebrootPaths(paths []string) error { confc := s.db.Collection("conf") err := fdb.WriteBytes(confc, "webroot-path", []byte(strings.Join(paths, "\n"))) if err != nil { return err } s.webrootPaths = paths return nil }
func (s *Store) saveDefaultTarget() error { confc := s.db.Collection("conf") b, err := yaml.Marshal(s.defaultTarget) if err != nil { return err } err = fdb.WriteBytes(confc, "target", b) if err != nil { return err } return nil }
func (s *Store) obtainAuthorization(name string, a *Account) error { cl := s.getAccountClient(a) az, err := solver.Authorize(cl, name, s.webrootPaths, nil, s.getPriorKey, context.TODO()) if err != nil { return err } err = cl.LoadAuthorization(az, context.TODO()) if err != nil { // Try proceeding anyway. return nil } c := s.db.Collection("accounts/" + a.ID() + "/authorizations/" + name) err = fdb.WriteBytes(c, "expiry", []byte(az.Expires.Format(time.RFC3339))) if err != nil { return err } err = fdb.WriteBytes(c, "url", []byte(az.URI)) if err != nil { return err } saz := &Authorization{ URL: az.URI, Name: az.Identifier.Value, Expires: az.Expires, } a.Authorizations[az.Identifier.Value] = saz return nil }
func (s *Store) serializeTarget(filename string, tgt *Target) error { tcopy := *tgt // don't serialize default request names list if tcopy.Request.implicitNames { tcopy.Request.Names = nil } b, err := yaml.Marshal(&tcopy) if err != nil { return err } c := s.db.Collection("desired") return fdb.WriteBytes(c, filename, b) }
// Given a certificate URL, imports the certificate into the store. The // certificate will be retrirved on the next reconcile. If a certificate with // that URL already exists, this is a no-op and returns nil. func (s *fdbStore) ImportCertificate(url string) (*Certificate, error) { certID := determineCertificateID(url) c, ok := s.certs[certID] if ok { return c, nil } err := fdb.WriteBytes(s.db.Collection("certs/"+certID), "url", []byte(url)) if err != nil { return nil, err } c = &Certificate{ URL: url, } s.certs[certID] = c return c, nil }
func (s *Store) SaveDefaultTarget() error { // Some basic validation. err := s.defaultTarget.Validate() if err != nil { return err } // Save. confc := s.db.Collection("conf") b, err := yaml.Marshal(s.defaultTarget) if err != nil { return err } err = fdb.WriteBytes(confc, "target", b) if err != nil { return err } return nil }
func (s *fdbStore) WriteMiscellaneousConfFile(filename string, data []byte) error { return fdb.WriteBytes(s.db.Collection("conf"), filename, data) }