forked from TrueCloudLab/lego
Make acme.Logger optional; otherwise use standard log.Logger
Also fixed lil' vet warning
This commit is contained in:
parent
71d0e8db6f
commit
6f9e487d7d
3 changed files with 28 additions and 27 deletions
|
@ -10,22 +10,23 @@ import (
|
|||
"io/ioutil"
|
||||
"log"
|
||||
"net/http"
|
||||
"os"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
// Logger is used to log errors; if nil, the default log.Logger is used.
|
||||
// Logger is an optional custom logger.
|
||||
var Logger *log.Logger
|
||||
|
||||
// logger is an helper function to retrieve the available logger
|
||||
func logger() *log.Logger {
|
||||
if Logger == nil {
|
||||
Logger = log.New(os.Stderr, "", log.LstdFlags)
|
||||
// logf writes a log entry. It uses Logger if not
|
||||
// nil, otherwise it uses the default log.Logger.
|
||||
func logf(format string, args ...interface{}) {
|
||||
if Logger != nil {
|
||||
Logger.Printf(format, args...)
|
||||
} else {
|
||||
log.Printf(format, args...)
|
||||
}
|
||||
return Logger
|
||||
}
|
||||
|
||||
// User interface is to be implemented by users of this library.
|
||||
|
@ -105,7 +106,7 @@ func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, er
|
|||
|
||||
// Register the current account to the ACME server.
|
||||
func (c *Client) Register() (*RegistrationResource, error) {
|
||||
logger().Print("Registering account ... ")
|
||||
logf("Registering account ... ")
|
||||
|
||||
regMsg := registrationMessage{
|
||||
Resource: "new-reg",
|
||||
|
@ -184,7 +185,7 @@ func (c *Client) AgreeToTOS() error {
|
|||
// If bundle is true, the []byte contains both the issuer certificate and
|
||||
// your issued certificate as a bundle.
|
||||
func (c *Client) ObtainCertificates(domains []string, bundle bool) ([]CertificateResource, map[string]error) {
|
||||
logger().Print("Obtaining certificates...")
|
||||
logf("Obtaining certificates...")
|
||||
challenges, failures := c.getChallenges(domains)
|
||||
if len(challenges) == 0 {
|
||||
return nil, failures
|
||||
|
@ -199,7 +200,7 @@ func (c *Client) ObtainCertificates(domains []string, bundle bool) ([]Certificat
|
|||
return nil, failures
|
||||
}
|
||||
|
||||
logger().Print("Validations succeeded. Getting certificates")
|
||||
logf("Validations succeeded. Getting certificates")
|
||||
|
||||
certs, err := c.requestCertificates(challenges, bundle)
|
||||
for k, v := range err {
|
||||
|
@ -263,7 +264,7 @@ func (c *Client) RenewCertificate(cert CertificateResource, revokeOld bool, bund
|
|||
|
||||
// This is just meant to be informal for the user.
|
||||
timeLeft := x509Cert.NotAfter.Sub(time.Now().UTC())
|
||||
logger().Printf("[%s] Trying to renew certificate with %d hours remaining.", cert.Domain, int(timeLeft.Hours()))
|
||||
logf("[%s] Trying to renew certificate with %d hours remaining.", cert.Domain, int(timeLeft.Hours()))
|
||||
|
||||
// The first step of renewal is to check if we get a renewed cert
|
||||
// directly from the cert URL.
|
||||
|
@ -285,7 +286,7 @@ func (c *Client) RenewCertificate(cert CertificateResource, revokeOld bool, bund
|
|||
// If the server responds with a different certificate we are effectively renewed.
|
||||
// TODO: Further test if we can actually use the new certificate (Our private key works)
|
||||
if !x509Cert.Equal(serverCert) {
|
||||
logger().Printf("[%s] The server responded with a renewed certificate.", cert.Domain)
|
||||
logf("[%s] The server responded with a renewed certificate.", cert.Domain)
|
||||
if revokeOld {
|
||||
c.RevokeCertificate(cert.Certificate)
|
||||
}
|
||||
|
@ -299,7 +300,7 @@ func (c *Client) RenewCertificate(cert CertificateResource, revokeOld bool, bund
|
|||
issuerCert, err := c.getIssuerCertificate(links["up"])
|
||||
if err != nil {
|
||||
// If we fail to aquire the issuer cert, return the issued certificate - do not fail.
|
||||
logger().Printf("[%s] Could not bundle issuer certificate.\n%v", cert.Domain, err)
|
||||
logf("[%s] Could not bundle issuer certificate.\n%v", cert.Domain, err)
|
||||
} else {
|
||||
// Success - append the issuer cert to the issued cert.
|
||||
issuerCert = pemEncode(derCertificateBytes(issuerCert))
|
||||
|
@ -356,7 +357,7 @@ func (c *Client) chooseSolvers(auth authorization, domain string) map[int]solver
|
|||
if solver, ok := c.solvers[auth.Challenges[idx].Type]; ok {
|
||||
solvers[idx] = solver
|
||||
} else {
|
||||
logger().Printf("Could not find solver for: %s", auth.Challenges[idx].Type)
|
||||
logf("Could not find solver for: %s", auth.Challenges[idx].Type)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -392,7 +393,7 @@ func (c *Client) getChallenges(domains []string) ([]*authorizationResource, map[
|
|||
|
||||
links := parseLinks(resp.Header["Link"])
|
||||
if links["next"] == "" {
|
||||
logger().Println("The server did not provide enough information to proceed.")
|
||||
logf("The server did not provide enough information to proceed.")
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -514,7 +515,7 @@ func (c *Client) requestCertificate(authz *authorizationResource, result chan Ce
|
|||
issuerCert, err := c.getIssuerCertificate(links["up"])
|
||||
if err != nil {
|
||||
// If we fail to aquire the issuer cert, return the issued certificate - do not fail.
|
||||
logger().Printf("[%s] Could not bundle issuer certificate.\n%v", authz.Domain, err)
|
||||
logf("[%s] Could not bundle issuer certificate.\n%v", authz.Domain, err)
|
||||
} else {
|
||||
// Success - append the issuer cert to the issued cert.
|
||||
issuerCert = pemEncode(derCertificateBytes(issuerCert))
|
||||
|
@ -523,7 +524,7 @@ func (c *Client) requestCertificate(authz *authorizationResource, result chan Ce
|
|||
}
|
||||
|
||||
cerRes.Certificate = issuedCert
|
||||
logger().Printf("[%s] Server responded with a certificate.", authz.Domain)
|
||||
logf("[%s] Server responded with a certificate.", authz.Domain)
|
||||
result <- cerRes
|
||||
return
|
||||
}
|
||||
|
@ -537,7 +538,7 @@ func (c *Client) requestCertificate(authz *authorizationResource, result chan Ce
|
|||
return
|
||||
}
|
||||
|
||||
logger().Printf("[%s] Server responded with status 202. Respecting retry-after of: %d", authz.Domain, retryAfter)
|
||||
logf("[%s] Server responded with status 202. Respecting retry-after of: %d", authz.Domain, retryAfter)
|
||||
time.Sleep(time.Duration(retryAfter) * time.Second)
|
||||
|
||||
break
|
||||
|
@ -557,7 +558,7 @@ func (c *Client) requestCertificate(authz *authorizationResource, result chan Ce
|
|||
// getIssuerCertificate requests the issuer certificate and caches it for
|
||||
// subsequent requests.
|
||||
func (c *Client) getIssuerCertificate(url string) ([]byte, error) {
|
||||
logger().Printf("Requesting issuer cert from: %s", url)
|
||||
logf("Requesting issuer cert from: %s", url)
|
||||
if c.issuerCert != nil {
|
||||
return c.issuerCert, nil
|
||||
}
|
||||
|
@ -582,15 +583,15 @@ func (c *Client) getIssuerCertificate(url string) ([]byte, error) {
|
|||
}
|
||||
|
||||
func logResponseHeaders(resp *http.Response) {
|
||||
logger().Println(resp.Status)
|
||||
logf(resp.Status)
|
||||
for k, v := range resp.Header {
|
||||
logger().Printf("-- %s: %s", k, v)
|
||||
logf("-- %s: %s", k, v)
|
||||
}
|
||||
}
|
||||
|
||||
func logResponseBody(resp *http.Response) {
|
||||
body, _ := ioutil.ReadAll(resp.Body)
|
||||
logger().Printf("Returned json data: \n%s", body)
|
||||
logf("Returned json data: \n%s", body)
|
||||
}
|
||||
|
||||
func parseLinks(links []string) map[string]string {
|
||||
|
|
|
@ -44,7 +44,7 @@ func TestNewClient(t *testing.T) {
|
|||
}
|
||||
|
||||
if expected, actual := 1, len(client.solvers); actual != expected {
|
||||
t.Fatal("Expected %d solver(s), got %d", expected, actual)
|
||||
t.Fatalf("Expected %d solver(s), got %d", expected, actual)
|
||||
}
|
||||
|
||||
simphttp, ok := client.solvers["simpleHttp"].(*simpleHTTPChallenge)
|
||||
|
|
|
@ -27,7 +27,7 @@ type simpleHTTPChallenge struct {
|
|||
|
||||
func (s *simpleHTTPChallenge) Solve(chlng challenge, domain string) error {
|
||||
|
||||
logger().Print("Trying to solve SimpleHTTP")
|
||||
logf("Trying to solve SimpleHTTP")
|
||||
|
||||
// Generate random string for the path. The acme server will
|
||||
// access this path on the server in order to validate the request
|
||||
|
@ -68,7 +68,7 @@ Loop:
|
|||
if OnSimpleHTTPEnd != nil {
|
||||
OnSimpleHTTPEnd(true)
|
||||
}
|
||||
logger().Print("The server validated our request")
|
||||
logf("The server validated our request")
|
||||
break Loop
|
||||
case "pending":
|
||||
break
|
||||
|
@ -148,9 +148,9 @@ func (s *simpleHTTPChallenge) startHTTPSServer(domain string, token string) (net
|
|||
if strings.HasPrefix(r.Host, domain) && r.Method == "GET" {
|
||||
w.Header().Add("Content-Type", "application/jose+json")
|
||||
w.Write([]byte(signedCompact))
|
||||
logger().Print("Served JWS payload...")
|
||||
logf("Served JWS payload...")
|
||||
} else {
|
||||
logger().Printf("Received request for domain %s with method %s", r.Host, r.Method)
|
||||
logf("Received request for domain %s with method %s", r.Host, r.Method)
|
||||
w.Write([]byte("TEST"))
|
||||
}
|
||||
})
|
||||
|
|
Loading…
Reference in a new issue