alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Add acme property to enable challenges

Browse source 
Fixes #1027
This commit is contained in:
Mariano Cano 2022-08-23 17:11:40 -07:00 committed by max furman
parent 567d96c771
commit f0a24bd8ca
No known key found for this signature in database
4 changed files with 16 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
acme/common.go
View file

@ -112,9 +112,13 @@ type MockProvisioner struct {
MauthorizeOrderIdentifier func(ctx context.Context, identifier provisioner.ACMEIdentifier) error
MauthorizeSign func(ctx context.Context, ott string) ([]provisioner.SignOption, error)
MauthorizeRevoke func(ctx context.Context, token string) error
<<<<<<< HEAD
MisChallengeEnabled func(ctx context.Context, challenge provisioner.ACMEChallenge) bool
MisAttFormatEnabled func(ctx context.Context, format provisioner.ACMEAttestationFormat) bool
MgetAttestationRoots func() (*x509.CertPool, bool)
=======
MauthorizeChallenge func(Ctx context.Context, challenge string) error
>>>>>>> 0f84b333 (Add acme property to enable challenges)
MdefaultTLSCertDuration func() time.Duration
MgetOptions func() *provisioner.Options
}
@ -151,6 +155,7 @@ func (m *MockProvisioner) AuthorizeRevoke(ctx context.Context, token string) err
return m.Merr
}
<<<<<<< HEAD
// IsChallengeEnabled mock
func (m *MockProvisioner) IsChallengeEnabled(ctx context.Context, challenge provisioner.ACMEChallenge) bool {
if m.MisChallengeEnabled != nil {
@ -172,6 +177,14 @@ func (m *MockProvisioner) GetAttestationRoots() (*x509.CertPool, bool) {
return m.MgetAttestationRoots()
}
return m.Mret1.(*x509.CertPool), m.Mret1 != nil
=======
// AuthorizeChallenge mock
func (m *MockProvisioner) AuthorizeChallenge(ctx context.Context, challenge string) error {
if m.MauthorizeChallenge != nil {
return m.MauthorizeChallenge(ctx, challenge)
}
return m.Merr
>>>>>>> 0f84b333 (Add acme property to enable challenges)
}
// DefaultTLSCertDuration mock

2
acme/order.go
View file

@ -1,4 +1,4 @@
cpackage acme
package acme
import (
"bytes"

1
authority/provisioner/acme.go
View file

@ -217,6 +217,7 @@ type ACMEIdentifier struct {
// AuthorizeOrderIdentifier verifies the provisioner is allowed to issue a
// certificate for an ACME Order Identifier.
func (p *ACME) AuthorizeOrderIdentifier(ctx context.Context, identifier ACMEIdentifier) error {
x509Policy := p.ctl.getPolicy().getX509()
// identifier is allowed if no policy is configured

2
authority/provisioners.go
View file

@ -145,6 +145,7 @@ func (a *Authority) generateProvisionerConfig(ctx context.Context) (provisioner.
AuthorizeRenewFunc: a.authorizeRenewFunc,
AuthorizeSSHRenewFunc: a.authorizeSSHRenewFunc,
}, nil
}
// StoreProvisioner stores a provisioner to the authority.
@ -529,7 +530,6 @@ func durationsToLinkedca(d *provisioner.Duration) string {
// certifictes claims type.
func claimsToCertificates(c *linkedca.Claims) (*provisioner.Claims, error) {
if c == nil {
//nolint:nilnil // legacy
return nil, nil
}