1
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-16 21:56:40 -05:00

go.mod: Upgrade CertMagic to v0.16.0

Includes several breaking changes; code base updated accordingly.

- Added lots of context arguments
- Use fs.ErrNotExist
- Rename ACMEManager -> ACMEIssuer; CertificateManager -> Manager
This commit is contained in:
Matthew Holt 2022-03-25 11:28:54 -06:00
parent a58f240d3e
commit d06d0e79f8
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
16 changed files with 73 additions and 62 deletions

View file

@ -1000,7 +1000,7 @@ func handleStop(w http.ResponseWriter, r *http.Request) error {
Log().Error("unable to notify stopping to service manager", zap.Error(err)) Log().Error("unable to notify stopping to service manager", zap.Error(err))
} }
exitProcess(Log().Named("admin.api")) exitProcess(context.Background(), Log().Named("admin.api"))
return nil return nil
} }

View file

@ -621,7 +621,7 @@ func Validate(cfg *Config) error {
// PID file, and shuts down admin endpoint(s) in a goroutine. // PID file, and shuts down admin endpoint(s) in a goroutine.
// Errors are logged along the way, and an appropriate exit // Errors are logged along the way, and an appropriate exit
// code is emitted. // code is emitted.
func exitProcess(logger *zap.Logger) { func exitProcess(ctx context.Context, logger *zap.Logger) {
if logger == nil { if logger == nil {
logger = Log() logger = Log()
} }
@ -636,7 +636,7 @@ func exitProcess(logger *zap.Logger) {
} }
// clean up certmagic locks // clean up certmagic locks
certmagic.CleanUpOwnLocks(logger) certmagic.CleanUpOwnLocks(ctx, logger)
// remove pidfile // remove pidfile
if pidfile != "" { if pidfile != "" {

View file

@ -95,7 +95,7 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
var keyType string var keyType string
var internalIssuer *caddytls.InternalIssuer var internalIssuer *caddytls.InternalIssuer
var issuers []certmagic.Issuer var issuers []certmagic.Issuer
var certManagers []certmagic.CertificateManager var certManagers []certmagic.Manager
var onDemand bool var onDemand bool
for h.Next() { for h.Next() {
@ -320,7 +320,7 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
certManager, ok := unm.(certmagic.CertificateManager) certManager, ok := unm.(certmagic.Manager)
if !ok { if !ok {
return nil, h.Errf("module %s (%T) is not a certmagic.CertificateManager", modID, unm) return nil, h.Errf("module %s (%T) is not a certmagic.CertificateManager", modID, unm)
} }

6
go.mod
View file

@ -8,7 +8,7 @@ require (
github.com/Masterminds/sprig/v3 v3.2.2 github.com/Masterminds/sprig/v3 v3.2.2
github.com/alecthomas/chroma v0.10.0 github.com/alecthomas/chroma v0.10.0
github.com/aryann/difflib v0.0.0-20210328193216-ff5ff6dc229b github.com/aryann/difflib v0.0.0-20210328193216-ff5ff6dc229b
github.com/caddyserver/certmagic v0.15.4 github.com/caddyserver/certmagic v0.16.0
github.com/dustin/go-humanize v1.0.1-0.20200219035652-afde56e7acac github.com/dustin/go-humanize v1.0.1-0.20200219035652-afde56e7acac
github.com/fsnotify/fsnotify v1.5.1 // indirect github.com/fsnotify/fsnotify v1.5.1 // indirect
github.com/go-chi/chi v4.1.2+incompatible github.com/go-chi/chi v4.1.2+incompatible
@ -33,8 +33,8 @@ require (
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.4.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.4.0
go.opentelemetry.io/otel/sdk v1.4.0 go.opentelemetry.io/otel/sdk v1.4.0
go.uber.org/zap v1.21.0 go.uber.org/zap v1.21.0
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 golang.org/x/crypto v0.0.0-20220210151621-f4118a5b28e2
golang.org/x/net v0.0.0-20220114011407-0dd24b26b47d golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5 google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5
google.golang.org/protobuf v1.27.1 google.golang.org/protobuf v1.27.1

24
go.sum
View file

@ -184,8 +184,8 @@ github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl
github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g= github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g=
github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
github.com/caarlos0/ctrlc v1.0.0/go.mod h1:CdXpj4rmq0q/1Eb44M9zi2nKB0QraNKuRGYGrrHhcQw= github.com/caarlos0/ctrlc v1.0.0/go.mod h1:CdXpj4rmq0q/1Eb44M9zi2nKB0QraNKuRGYGrrHhcQw=
github.com/caddyserver/certmagic v0.15.4 h1:kz//9+Z/xw197jtIBxxUDub8pQi9gcYvhXk5Ouw2EkM= github.com/caddyserver/certmagic v0.16.0 h1:nM6Fm+OSnTpx/uRWmN++I2fYq006uhi6m6m3rD1Jjtg=
github.com/caddyserver/certmagic v0.15.4/go.mod h1:qhkAOthf72ufAcp3Y5jF2RaGE96oip3UbEQRIzwe3/8= github.com/caddyserver/certmagic v0.16.0/go.mod h1:jKQ5n+ViHAr6DbPwEGLTSM2vDwTO6EvCKBblBRUvvuQ=
github.com/campoy/unique v0.0.0-20180121183637-88950e537e7e/go.mod h1:9IOqJGCPMSc6E5ydlp5NIonxObaeu/Iub/X03EKPVYo= github.com/campoy/unique v0.0.0-20180121183637-88950e537e7e/go.mod h1:9IOqJGCPMSc6E5ydlp5NIonxObaeu/Iub/X03EKPVYo=
github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ= github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
github.com/cavaliercoder/go-cpio v0.0.0-20180626203310-925f9528c45e/go.mod h1:oDpT4efm8tSYHXV5tHSdRvBet/b/QzxZ+XyyPehvm3A= github.com/cavaliercoder/go-cpio v0.0.0-20180626203310-925f9528c45e/go.mod h1:oDpT4efm8tSYHXV5tHSdRvBet/b/QzxZ+XyyPehvm3A=
@ -634,7 +634,6 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o
github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
github.com/klauspost/compress v1.15.0 h1:xqfchp4whNFxn5A4XFyyYtitiWI8Hy5EW59jEwcyL6U= github.com/klauspost/compress v1.15.0 h1:xqfchp4whNFxn5A4XFyyYtitiWI8Hy5EW59jEwcyL6U=
github.com/klauspost/compress v1.15.0/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/compress v1.15.0/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
github.com/klauspost/cpuid/v2 v2.0.11 h1:i2lw1Pm7Yi/4O6XCSyJWqEHI2MDw2FzUK6o/D21xn2A= github.com/klauspost/cpuid/v2 v2.0.11 h1:i2lw1Pm7Yi/4O6XCSyJWqEHI2MDw2FzUK6o/D21xn2A=
github.com/klauspost/cpuid/v2 v2.0.11/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c= github.com/klauspost/cpuid/v2 v2.0.11/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
@ -708,15 +707,14 @@ github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5
github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE= github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d h1:5PJl274Y63IEHC+7izoQE9x6ikvDFZS2mDVS3drnohI= github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d h1:5PJl274Y63IEHC+7izoQE9x6ikvDFZS2mDVS3drnohI=
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE= github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
github.com/mholt/acmez v1.0.1/go.mod h1:8qnn8QA/Ewx8E3ZSsmscqsIjhhpxuy9vqdgbX2ceceM=
github.com/mholt/acmez v1.0.2 h1:C8wsEBIUVi6e0DYoxqCcFuXtwc4AWXL/jgcDjF7mjVo= github.com/mholt/acmez v1.0.2 h1:C8wsEBIUVi6e0DYoxqCcFuXtwc4AWXL/jgcDjF7mjVo=
github.com/mholt/acmez v1.0.2/go.mod h1:8qnn8QA/Ewx8E3ZSsmscqsIjhhpxuy9vqdgbX2ceceM= github.com/mholt/acmez v1.0.2/go.mod h1:8qnn8QA/Ewx8E3ZSsmscqsIjhhpxuy9vqdgbX2ceceM=
github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4= github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4=
github.com/micromdm/scep/v2 v2.1.0 h1:2fS9Rla7qRR266hvUoEauBJ7J6FhgssEiq2OkSKXmaU= github.com/micromdm/scep/v2 v2.1.0 h1:2fS9Rla7qRR266hvUoEauBJ7J6FhgssEiq2OkSKXmaU=
github.com/micromdm/scep/v2 v2.1.0/go.mod h1:BkF7TkPPhmgJAMtHfP+sFTKXmgzNJgLQlvvGoOExBcc= github.com/micromdm/scep/v2 v2.1.0/go.mod h1:BkF7TkPPhmgJAMtHfP+sFTKXmgzNJgLQlvvGoOExBcc=
github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
github.com/miekg/dns v1.1.43 h1:JKfpVSCB84vrAmHzyrsxB5NAr5kLoMXZArPSw7Qlgyg= github.com/miekg/dns v1.1.46 h1:uzwpxRtSVxtcIZmz/4Uz6/Rn7G11DvsaslXoy5LxQio=
github.com/miekg/dns v1.1.43/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4= github.com/miekg/dns v1.1.46/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
github.com/miekg/pkcs11 v1.0.2/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/miekg/pkcs11 v1.0.2/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
github.com/miekg/pkcs11 v1.0.3-0.20190429190417-a667d056470f/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/miekg/pkcs11 v1.0.3-0.20190429190417-a667d056470f/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
@ -1171,8 +1169,8 @@ golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20210915214749-c084706c2272/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210915214749-c084706c2272/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M= golang.org/x/crypto v0.0.0-20220210151621-f4118a5b28e2 h1:XdAboW3BNMv9ocSCOk/u1MFioZGzCNkiJZ19v9Oe3Ig=
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220210151621-f4118a5b28e2/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@ -1271,10 +1269,11 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20210913180222-943fd674d43e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210913180222-943fd674d43e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220114011407-0dd24b26b47d h1:1n1fc535VhN8SYtD4cDUyNlfpAF2ROMM9+11equK3hs= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd h1:O7DYs+zxREGLKzKoMQrtrEacpb0ZVXA5rIwylE2Xchk=
golang.org/x/net v0.0.0-20220114011407-0dd24b26b47d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@ -1379,7 +1378,6 @@ golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210309074719-68d13333faf2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210309074719-68d13333faf2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@ -1403,6 +1401,7 @@ golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20210915083310-ed5796bab164/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210915083310-ed5796bab164/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210917161153-d61c044b1678/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210917161153-d61c044b1678/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211031064116-611d5d643895/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211031064116-611d5d643895/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 h1:XfKQ4OlFl8okEOr5UvAqFRVj8pY/4yfcXrddB8qAbU0= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 h1:XfKQ4OlFl8okEOr5UvAqFRVj8pY/4yfcXrddB8qAbU0=
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
@ -1500,8 +1499,9 @@ golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.5 h1:ouewzE6p+/VEB31YYnTbEJdi8pFqKp4P4n85vwo3DHA=
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2 h1:BonxutuHCTL0rBDnZlKjpGIQFTjyUVTexFOdWkB6Fg0=
golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

View file

@ -480,7 +480,7 @@ func (app *App) createAutomationPolicies(ctx caddy.Context, internalNames []stri
if err != nil { if err != nil {
return err return err
} }
ap.Managers = []certmagic.CertificateManager{ts} ap.Managers = []certmagic.Manager{ts}
} }
// while we're here, is this the catch-all/base policy? // while we're here, is this the catch-all/base policy?
@ -497,7 +497,7 @@ func (app *App) createAutomationPolicies(ctx caddy.Context, internalNames []stri
return err return err
} }
basePolicy = &caddytls.AutomationPolicy{ basePolicy = &caddytls.AutomationPolicy{
Managers: []certmagic.CertificateManager{ts}, Managers: []certmagic.Manager{ts},
} }
} }

View file

@ -18,7 +18,9 @@ import (
"crypto" "crypto"
"crypto/x509" "crypto/x509"
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"io/fs"
"path" "path"
"sync" "sync"
"time" "time"
@ -76,12 +78,14 @@ type CA struct {
rootCertPath string // mainly used for logging purposes if trusting rootCertPath string // mainly used for logging purposes if trusting
log *zap.Logger log *zap.Logger
ctx caddy.Context
} }
// Provision sets up the CA. // Provision sets up the CA.
func (ca *CA) Provision(ctx caddy.Context, id string, log *zap.Logger) error { func (ca *CA) Provision(ctx caddy.Context, id string, log *zap.Logger) error {
ca.mu = new(sync.RWMutex) ca.mu = new(sync.RWMutex)
ca.log = log.Named("ca." + id) ca.log = log.Named("ca." + id)
ca.ctx = ctx
if id == "" { if id == "" {
return fmt.Errorf("CA ID is required (use 'local' for the default CA)") return fmt.Errorf("CA ID is required (use 'local' for the default CA)")
@ -215,9 +219,9 @@ func (ca CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authority
} }
func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey interface{}, err error) { func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey interface{}, err error) {
rootCertPEM, err := ca.storage.Load(ca.storageKeyRootCert()) rootCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyRootCert())
if err != nil { if err != nil {
if _, ok := err.(certmagic.ErrNotExist); !ok { if !errors.Is(err, fs.ErrNotExist) {
return nil, nil, fmt.Errorf("loading root cert: %v", err) return nil, nil, fmt.Errorf("loading root cert: %v", err)
} }
@ -235,7 +239,7 @@ func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey interface{}, e
} }
} }
if rootKey == nil { if rootKey == nil {
rootKeyPEM, err := ca.storage.Load(ca.storageKeyRootKey()) rootKeyPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyRootKey())
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("loading root key: %v", err) return nil, nil, fmt.Errorf("loading root key: %v", err)
} }
@ -259,7 +263,7 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey interface{}, err err
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("encoding root certificate: %v", err) return nil, nil, fmt.Errorf("encoding root certificate: %v", err)
} }
err = ca.storage.Store(ca.storageKeyRootCert(), rootCertPEM) err = ca.storage.Store(ca.ctx, ca.storageKeyRootCert(), rootCertPEM)
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("saving root certificate: %v", err) return nil, nil, fmt.Errorf("saving root certificate: %v", err)
} }
@ -267,7 +271,7 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey interface{}, err err
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("encoding root key: %v", err) return nil, nil, fmt.Errorf("encoding root key: %v", err)
} }
err = ca.storage.Store(ca.storageKeyRootKey(), rootKeyPEM) err = ca.storage.Store(ca.ctx, ca.storageKeyRootKey(), rootKeyPEM)
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("saving root key: %v", err) return nil, nil, fmt.Errorf("saving root key: %v", err)
} }
@ -276,9 +280,9 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey interface{}, err err
} }
func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateKey) (interCert *x509.Certificate, interKey crypto.PrivateKey, err error) { func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateKey) (interCert *x509.Certificate, interKey crypto.PrivateKey, err error) {
interCertPEM, err := ca.storage.Load(ca.storageKeyIntermediateCert()) interCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyIntermediateCert())
if err != nil { if err != nil {
if _, ok := err.(certmagic.ErrNotExist); !ok { if !errors.Is(err, fs.ErrNotExist) {
return nil, nil, fmt.Errorf("loading intermediate cert: %v", err) return nil, nil, fmt.Errorf("loading intermediate cert: %v", err)
} }
@ -297,7 +301,7 @@ func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.Pr
} }
if interKey == nil { if interKey == nil {
interKeyPEM, err := ca.storage.Load(ca.storageKeyIntermediateKey()) interKeyPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyIntermediateKey())
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("loading intermediate key: %v", err) return nil, nil, fmt.Errorf("loading intermediate key: %v", err)
} }
@ -321,7 +325,7 @@ func (ca CA) genIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateK
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("encoding intermediate certificate: %v", err) return nil, nil, fmt.Errorf("encoding intermediate certificate: %v", err)
} }
err = ca.storage.Store(ca.storageKeyIntermediateCert(), interCertPEM) err = ca.storage.Store(ca.ctx, ca.storageKeyIntermediateCert(), interCertPEM)
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("saving intermediate certificate: %v", err) return nil, nil, fmt.Errorf("saving intermediate certificate: %v", err)
} }
@ -329,7 +333,7 @@ func (ca CA) genIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateK
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("encoding intermediate key: %v", err) return nil, nil, fmt.Errorf("encoding intermediate key: %v", err)
} }
err = ca.storage.Store(ca.storageKeyIntermediateKey(), interKeyPEM) err = ca.storage.Store(ca.ctx, ca.storageKeyIntermediateKey(), interKeyPEM)
if err != nil { if err != nil {
return nil, nil, fmt.Errorf("saving intermediate key: %v", err) return nil, nil, fmt.Errorf("saving intermediate key: %v", err)
} }

View file

@ -85,7 +85,7 @@ type ACMEIssuer struct {
PreferredChains *ChainPreference `json:"preferred_chains,omitempty"` PreferredChains *ChainPreference `json:"preferred_chains,omitempty"`
rootPool *x509.CertPool rootPool *x509.CertPool
template certmagic.ACMEManager template certmagic.ACMEIssuer
magic *certmagic.Config magic *certmagic.Config
logger *zap.Logger logger *zap.Logger
} }
@ -172,8 +172,8 @@ func (iss *ACMEIssuer) Provision(ctx caddy.Context) error {
return nil return nil
} }
func (iss *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEManager, error) { func (iss *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEIssuer, error) {
template := certmagic.ACMEManager{ template := certmagic.ACMEIssuer{
CA: iss.CA, CA: iss.CA,
TestCA: iss.TestCA, TestCA: iss.TestCA,
Email: iss.Email, Email: iss.Email,
@ -224,22 +224,22 @@ func (iss *ACMEIssuer) SetConfig(cfg *certmagic.Config) {
// PreCheck implements the certmagic.PreChecker interface. // PreCheck implements the certmagic.PreChecker interface.
func (iss *ACMEIssuer) PreCheck(ctx context.Context, names []string, interactive bool) error { func (iss *ACMEIssuer) PreCheck(ctx context.Context, names []string, interactive bool) error {
return certmagic.NewACMEManager(iss.magic, iss.template).PreCheck(ctx, names, interactive) return certmagic.NewACMEIssuer(iss.magic, iss.template).PreCheck(ctx, names, interactive)
} }
// Issue obtains a certificate for the given csr. // Issue obtains a certificate for the given csr.
func (iss *ACMEIssuer) Issue(ctx context.Context, csr *x509.CertificateRequest) (*certmagic.IssuedCertificate, error) { func (iss *ACMEIssuer) Issue(ctx context.Context, csr *x509.CertificateRequest) (*certmagic.IssuedCertificate, error) {
return certmagic.NewACMEManager(iss.magic, iss.template).Issue(ctx, csr) return certmagic.NewACMEIssuer(iss.magic, iss.template).Issue(ctx, csr)
} }
// IssuerKey returns the unique issuer key for the configured CA endpoint. // IssuerKey returns the unique issuer key for the configured CA endpoint.
func (iss *ACMEIssuer) IssuerKey() string { func (iss *ACMEIssuer) IssuerKey() string {
return certmagic.NewACMEManager(iss.magic, iss.template).IssuerKey() return certmagic.NewACMEIssuer(iss.magic, iss.template).IssuerKey()
} }
// Revoke revokes the given certificate. // Revoke revokes the given certificate.
func (iss *ACMEIssuer) Revoke(ctx context.Context, cert certmagic.CertificateResource, reason int) error { func (iss *ACMEIssuer) Revoke(ctx context.Context, cert certmagic.CertificateResource, reason int) error {
return certmagic.NewACMEManager(iss.magic, iss.template).Revoke(ctx, cert, reason) return certmagic.NewACMEIssuer(iss.magic, iss.template).Revoke(ctx, cert, reason)
} }
// GetACMEIssuer returns iss. This is useful when other types embed ACMEIssuer, because // GetACMEIssuer returns iss. This is useful when other types embed ACMEIssuer, because

View file

@ -142,7 +142,7 @@ type AutomationPolicy struct {
// fields during provisioning so that the modules can survive a // fields during provisioning so that the modules can survive a
// re-provisioning. // re-provisioning.
Issuers []certmagic.Issuer `json:"-"` Issuers []certmagic.Issuer `json:"-"`
Managers []certmagic.CertificateManager `json:"-"` Managers []certmagic.Manager `json:"-"`
magic *certmagic.Config magic *certmagic.Config
storage certmagic.Storage storage certmagic.Storage
@ -199,7 +199,7 @@ func (ap *AutomationPolicy) Provision(tlsApp *TLS) error {
return fmt.Errorf("loading external certificate manager modules: %v", err) return fmt.Errorf("loading external certificate manager modules: %v", err)
} }
for _, getCertVal := range vals.([]interface{}) { for _, getCertVal := range vals.([]interface{}) {
ap.Managers = append(ap.Managers, getCertVal.(certmagic.CertificateManager)) ap.Managers = append(ap.Managers, getCertVal.(certmagic.Manager))
} }
} }

View file

@ -198,11 +198,11 @@ func (hcg *HTTPCertGetter) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
// Interface guards // Interface guards
var ( var (
_ certmagic.CertificateManager = (*Tailscale)(nil) _ certmagic.Manager = (*Tailscale)(nil)
_ caddy.Provisioner = (*Tailscale)(nil) _ caddy.Provisioner = (*Tailscale)(nil)
_ caddyfile.Unmarshaler = (*Tailscale)(nil) _ caddyfile.Unmarshaler = (*Tailscale)(nil)
_ certmagic.CertificateManager = (*HTTPCertGetter)(nil) _ certmagic.Manager = (*HTTPCertGetter)(nil)
_ caddy.Provisioner = (*HTTPCertGetter)(nil) _ caddy.Provisioner = (*HTTPCertGetter)(nil)
_ caddyfile.Unmarshaler = (*HTTPCertGetter)(nil) _ caddyfile.Unmarshaler = (*HTTPCertGetter)(nil)
) )

View file

@ -26,7 +26,9 @@ import (
"bytes" "bytes"
"encoding/gob" "encoding/gob"
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"io/fs"
"log" "log"
"runtime/debug" "runtime/debug"
"time" "time"
@ -115,7 +117,7 @@ func (s *Provider) Next(doneChan <-chan struct{}) <-chan [][32]byte {
func (s *Provider) loadSTEK() (distributedSTEK, error) { func (s *Provider) loadSTEK() (distributedSTEK, error) {
var sg distributedSTEK var sg distributedSTEK
gobBytes, err := s.storage.Load(stekFileName) gobBytes, err := s.storage.Load(s.ctx, stekFileName)
if err != nil { if err != nil {
return sg, err // don't wrap, in case error is certmagic.ErrNotExist return sg, err // don't wrap, in case error is certmagic.ErrNotExist
} }
@ -133,7 +135,7 @@ func (s *Provider) storeSTEK(dstek distributedSTEK) error {
if err != nil { if err != nil {
return fmt.Errorf("encoding STEK gob: %v", err) return fmt.Errorf("encoding STEK gob: %v", err)
} }
err = s.storage.Store(stekFileName, buf.Bytes()) err = s.storage.Store(s.ctx, stekFileName, buf.Bytes())
if err != nil { if err != nil {
return fmt.Errorf("storing STEK gob: %v", err) return fmt.Errorf("storing STEK gob: %v", err)
} }
@ -151,11 +153,11 @@ func (s *Provider) getSTEK() (distributedSTEK, error) {
} }
//nolint:errcheck //nolint:errcheck
defer s.storage.Unlock(stekLockName) defer s.storage.Unlock(s.ctx, stekLockName)
// load the current STEKs from storage // load the current STEKs from storage
dstek, err := s.loadSTEK() dstek, err := s.loadSTEK()
if _, isNotExist := err.(certmagic.ErrNotExist); isNotExist { if errors.Is(err, fs.ErrNotExist) {
// if there is none, then make some right away // if there is none, then make some right away
dstek, err = s.rotateKeys(dstek) dstek, err = s.rotateKeys(dstek)
if err != nil { if err != nil {

View file

@ -35,6 +35,8 @@ type StorageLoader struct {
// Reference to the globally configured storage module. // Reference to the globally configured storage module.
storage certmagic.Storage storage certmagic.Storage
ctx caddy.Context
} }
// CaddyModule returns the Caddy module information. // CaddyModule returns the Caddy module information.
@ -48,6 +50,7 @@ func (StorageLoader) CaddyModule() caddy.ModuleInfo {
// Provision loads the storage module for sl. // Provision loads the storage module for sl.
func (sl *StorageLoader) Provision(ctx caddy.Context) error { func (sl *StorageLoader) Provision(ctx caddy.Context) error {
sl.storage = ctx.Storage() sl.storage = ctx.Storage()
sl.ctx = ctx
return nil return nil
} }
@ -55,11 +58,11 @@ func (sl *StorageLoader) Provision(ctx caddy.Context) error {
func (sl StorageLoader) LoadCertificates() ([]Certificate, error) { func (sl StorageLoader) LoadCertificates() ([]Certificate, error) {
certs := make([]Certificate, 0, len(sl.Pairs)) certs := make([]Certificate, 0, len(sl.Pairs))
for _, pair := range sl.Pairs { for _, pair := range sl.Pairs {
certData, err := sl.storage.Load(pair.Certificate) certData, err := sl.storage.Load(sl.ctx, pair.Certificate)
if err != nil { if err != nil {
return nil, err return nil, err
} }
keyData, err := sl.storage.Load(pair.Key) keyData, err := sl.storage.Load(sl.ctx, pair.Key)
if err != nil { if err != nil {
return nil, err return nil, err
} }

View file

@ -199,7 +199,7 @@ func (t *TLS) Provision(ctx caddy.Context) error {
return fmt.Errorf("loading certificates: %v", err) return fmt.Errorf("loading certificates: %v", err)
} }
for _, cert := range certs { for _, cert := range certs {
err := magic.CacheUnmanagedTLSCertificate(cert.Certificate, cert.Tags) err := magic.CacheUnmanagedTLSCertificate(ctx, cert.Certificate, cert.Tags)
if err != nil { if err != nil {
return fmt.Errorf("caching unmanaged certificate: %v", err) return fmt.Errorf("caching unmanaged certificate: %v", err)
} }
@ -336,7 +336,7 @@ func (t *TLS) HandleHTTPChallenge(w http.ResponseWriter, r *http.Request) bool {
for _, iss := range ap.magic.Issuers { for _, iss := range ap.magic.Issuers {
if am, ok := iss.(acmeCapable); ok { if am, ok := iss.(acmeCapable); ok {
iss := am.GetACMEIssuer() iss := am.GetACMEIssuer()
if certmagic.NewACMEManager(iss.magic, iss.template).HandleHTTPChallenge(w, r) { if certmagic.NewACMEIssuer(iss.magic, iss.template).HandleHTTPChallenge(w, r) {
return true return true
} }
} }

View file

@ -69,12 +69,12 @@ func (iss *ZeroSSLIssuer) Provision(ctx caddy.Context) error {
} }
// newAccountCallback generates EAB if not already provided. It also sets a valid default contact on the account if not set. // newAccountCallback generates EAB if not already provided. It also sets a valid default contact on the account if not set.
func (iss *ZeroSSLIssuer) newAccountCallback(ctx context.Context, am *certmagic.ACMEManager, acct acme.Account) (acme.Account, error) { func (iss *ZeroSSLIssuer) newAccountCallback(ctx context.Context, acmeIss *certmagic.ACMEIssuer, acct acme.Account) (acme.Account, error) {
if am.ExternalAccount != nil { if acmeIss.ExternalAccount != nil {
return acct, nil return acct, nil
} }
var err error var err error
am.ExternalAccount, acct, err = iss.generateEABCredentials(ctx, acct) acmeIss.ExternalAccount, acct, err = iss.generateEABCredentials(ctx, acct)
return acct, err return acct, err
} }
@ -153,7 +153,7 @@ func (iss *ZeroSSLIssuer) generateEABCredentials(ctx context.Context, acct acme.
}, acct, nil }, acct, nil
} }
// initialize modifies the template for the underlying ACMEManager // initialize modifies the template for the underlying ACMEIssuer
// values by setting the CA endpoint to the ZeroSSL directory and // values by setting the CA endpoint to the ZeroSSL directory and
// setting the NewAccountFunc callback to one which allows us to // setting the NewAccountFunc callback to one which allows us to
// generate EAB credentials only if a new account is being made. // generate EAB credentials only if a new account is being made.

View file

@ -15,6 +15,7 @@
package caddy package caddy
import ( import (
"context"
"os" "os"
"os/signal" "os/signal"
@ -55,7 +56,7 @@ func trapSignalsCrossPlatform() {
// exitProcessFromSignal exits the process from a system signal. // exitProcessFromSignal exits the process from a system signal.
func exitProcessFromSignal(sigName string) { func exitProcessFromSignal(sigName string) {
logger := Log().With(zap.String("signal", sigName)) logger := Log().With(zap.String("signal", sigName))
exitProcess(logger) exitProcess(context.TODO(), logger)
} }
// Exit codes. Generally, you should NOT // Exit codes. Generally, you should NOT

View file

@ -18,6 +18,7 @@
package caddy package caddy
import ( import (
"context"
"os" "os"
"os/signal" "os/signal"
"syscall" "syscall"
@ -36,7 +37,7 @@ func trapSignalsPosix() {
switch sig { switch sig {
case syscall.SIGQUIT: case syscall.SIGQUIT:
Log().Info("quitting process immediately", zap.String("signal", "SIGQUIT")) Log().Info("quitting process immediately", zap.String("signal", "SIGQUIT"))
certmagic.CleanUpOwnLocks(Log()) // try to clean up locks anyway, it's important certmagic.CleanUpOwnLocks(context.TODO(), Log()) // try to clean up locks anyway, it's important
os.Exit(ExitCodeForceQuit) os.Exit(ExitCodeForceQuit)
case syscall.SIGTERM: case syscall.SIGTERM: