blix-letsencrypt 1.0.1 → 1.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/letsencrypt +1 -1
- data/lib/blix/letsencrypt.rb +17 -12
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 02ba44d3482bd2db20399da7da2d3805ed631c337e64e6505c37b399eab7d1cd
|
4
|
+
data.tar.gz: 00fd0bd12be6948c198c408290e6898d98e0d9d33015e6c9ec7795ea9590c960
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7705cc16693b904a048c714574b8833754cd3e561f99ffeccfd6020853e2e55e213bb8b6f855c5753f17c5d07d21b1c53c82c4a59d9f164d5473ad63eac1dae0
|
7
|
+
data.tar.gz: 35e51a863e472b186b4195060049037d0619506cde4898cae9eade32f57e3e01f5eec0c4242dfe37bf231cced5782ac6db34a2c3037319347d689ed102dfce7f
|
data/bin/letsencrypt
CHANGED
data/lib/blix/letsencrypt.rb
CHANGED
@@ -68,6 +68,11 @@ def tidy_challenge_file(file)
|
|
68
68
|
file
|
69
69
|
end
|
70
70
|
|
71
|
+
def fatal_error(message)
|
72
|
+
STDERR.puts "error: #{message}"
|
73
|
+
exit(false)
|
74
|
+
end
|
75
|
+
|
71
76
|
# write the challenge file and ensure that intermediate dirs exist
|
72
77
|
def write_file(dir, file, content)
|
73
78
|
file = tidy_challenge_file(file)
|
@@ -80,7 +85,7 @@ def write_file(dir, file, content)
|
|
80
85
|
File.write(path, content)
|
81
86
|
else
|
82
87
|
if File.file?(path)
|
83
|
-
|
88
|
+
fatal_error "invalid challenge path: #{path}"
|
84
89
|
elsif File.directory?(path)
|
85
90
|
|
86
91
|
else
|
@@ -96,7 +101,7 @@ def backup_file(dir, file)
|
|
96
101
|
orig_file = File.basename(orig_path)
|
97
102
|
orig_dir = File.dirname(orig_path)
|
98
103
|
|
99
|
-
|
104
|
+
fatal_error "backup file does not exist:#{orig_path}" unless File.exist?(orig_path)
|
100
105
|
|
101
106
|
seq = 1
|
102
107
|
loop do
|
@@ -147,14 +152,14 @@ def perform_authorization(challenge_dir, authorization)
|
|
147
152
|
while http_challenge.status == 'pending'
|
148
153
|
if Time.now > timeout_time
|
149
154
|
remove_file(challenge_dir, challenge_file)
|
150
|
-
|
155
|
+
fatal_error 'Challenge timeout'
|
151
156
|
end
|
152
157
|
sleep(2)
|
153
158
|
http_challenge.reload
|
154
159
|
end
|
155
160
|
|
156
161
|
remove_file(challenge_dir, challenge_file)
|
157
|
-
|
162
|
+
fatal_error 'challenge failed' unless http_challenge.status == 'valid' # => 'valid'
|
158
163
|
end
|
159
164
|
|
160
165
|
# handle options here
|
@@ -220,11 +225,11 @@ challenge_dir = File.expand_path(options[:challenge_dir] || CHALLENGE_DIR)
|
|
220
225
|
ssl_key_path = options[:ssl_key] || File.join(ssl_dir, SSL_KEY)
|
221
226
|
hook_path = options[:hook]
|
222
227
|
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
+
fatal_error 'domain name missing' unless site
|
229
|
+
fatal_error 'invalid challenge directory' unless File.directory?(challenge_dir)
|
230
|
+
fatal_error 'invalid ssl certificate directory' unless File.directory?(ssl_dir)
|
231
|
+
fatal_error "ssl private key invalid:#{ssl_key_path}" unless File.file?(ssl_key_path)
|
232
|
+
fatal_error "script missing or not executable:#{hook_path}" unless !hook_path || File.executable?(hook_path)
|
228
233
|
|
229
234
|
certificate_file = File.join(site, SSL_CERT)
|
230
235
|
acme_key = File.expand_path(options[:key])
|
@@ -249,7 +254,7 @@ elsif options[:create]
|
|
249
254
|
private_key = OpenSSL::PKey::RSA.new(4096) # generate
|
250
255
|
File.write(acme_key, private_key)
|
251
256
|
else
|
252
|
-
|
257
|
+
fatal_error "acme key file:#{acme_key} not found"
|
253
258
|
end
|
254
259
|
|
255
260
|
client = if options[:test]
|
@@ -270,7 +275,7 @@ unless kid
|
|
270
275
|
print('enter your email:')
|
271
276
|
gets.strip
|
272
277
|
end
|
273
|
-
|
278
|
+
fatal_error "invalid email:#{email}" unless email && email =~ /^([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5})$/
|
274
279
|
|
275
280
|
account = client.new_account(:contact => "mailto:#{email}", :terms_of_service_agreed => true)
|
276
281
|
end
|
@@ -293,7 +298,7 @@ order.finalize(:csr => csr)
|
|
293
298
|
|
294
299
|
timeout_time = Time.now + TIMEOUT
|
295
300
|
while order.status == 'processing'
|
296
|
-
|
301
|
+
fatal_error 'certificate timeout' if Time.now > timeout_time
|
297
302
|
|
298
303
|
sleep(1)
|
299
304
|
order.reload
|