need to fail when privkey cannot be found

This commit is contained in:
AJ ONeal 2019-10-20 03:17:19 -06:00
parent 7d8674cb7e
commit fd04a5070b
5 changed files with 22 additions and 20 deletions

View File

@ -7,11 +7,9 @@ var E = require('./errors.js');
var pending = {}; var pending = {};
A._getOrCreate = function(greenlock, db, acme, args) { A._getOrCreate = function(greenlock, db, acme, args) {
console.log('[debug] A get or create', args);
var email = args.subscriberEmail || greenlock._defaults.subscriberEmail; var email = args.subscriberEmail || greenlock._defaults.subscriberEmail;
if (!email) { if (!email) {
console.log('[debug] throw no sub');
throw E.NO_SUBSCRIBER('get account', args.subject); throw E.NO_SUBSCRIBER('get account', args.subject);
} }
@ -21,9 +19,7 @@ A._getOrCreate = function(greenlock, db, acme, args) {
throw E.NO_SUBSCRIBER('get account', args.subcriberEmail); throw E.NO_SUBSCRIBER('get account', args.subcriberEmail);
}) })
.then(function() { .then(function() {
console.log('[debug] valid email');
if (pending[email]) { if (pending[email]) {
console.log('[debug] return pending');
return pending[email]; return pending[email];
} }
@ -37,7 +33,6 @@ A._getOrCreate = function(greenlock, db, acme, args) {
return result; return result;
}); });
console.log('[debug] return new');
return pending[email]; return pending[email];
}); });
}; };
@ -52,7 +47,6 @@ A._rawGetOrCreate = function(greenlock, db, acme, args, email) {
} }
return p.then(function(fullAccount) { return p.then(function(fullAccount) {
console.log('[debug] full account', fullAccount);
if (!fullAccount) { if (!fullAccount) {
return A._newAccount(greenlock, db, acme, args, email, null); return A._newAccount(greenlock, db, acme, args, email, null);
} }
@ -83,7 +77,6 @@ A._newAccount = function(greenlock, db, acme, args, email, fullAccount) {
accountKeypair: keypair, accountKeypair: keypair,
debug: args.debug debug: args.debug
}; };
console.log('[debug] create account', accReg);
return acme.accounts.create(accReg).then(function(receipt) { return acme.accounts.create(accReg).then(function(receipt) {
var reg = { var reg = {
keypair: keypair, keypair: keypair,

View File

@ -61,7 +61,7 @@ C._rawGetOrOrder = function(
args args
).then(function(newPems) { ).then(function(newPems) {
// do not wait on notify // do not wait on notify
greenlock.notify('cert_issue', { greenlock._notify('cert_issue', {
options: args, options: args,
subject: args.subject, subject: args.subject,
altnames: args.altnames, altnames: args.altnames,
@ -92,7 +92,7 @@ C._rawGetOrOrder = function(
args args
).then(function(renewedPems) { ).then(function(renewedPems) {
// do not wait on notify // do not wait on notify
greenlock.notify('cert_renewal', { greenlock._notify('cert_renewal', {
options: args, options: args,
subject: args.subject, subject: args.subject,
altnames: args.altnames, altnames: args.altnames,
@ -144,7 +144,7 @@ C._rawOrder = function(greenlock, db, acme, challenges, account, email, args) {
}) })
.then(function(csr) { .then(function(csr) {
function notify() { function notify() {
greenlock.notify('challenge_status', { greenlock._notify('challenge_status', {
options: args, options: args,
subject: args.subject, subject: args.subject,
altnames: args.altnames, altnames: args.altnames,
@ -176,6 +176,7 @@ C._rawOrder = function(greenlock, db, acme, challenges, account, email, args) {
if (kresult.exists) { if (kresult.exists) {
return pems; return pems;
} }
query.keypair = serverKeypair;
return db.setKeypair(query, serverKeypair).then(function() { return db.setKeypair(query, serverKeypair).then(function() {
return pems; return pems;
}); });

View File

@ -4,6 +4,7 @@ var pkg = require('./package.json');
var ACME = require('@root/acme'); var ACME = require('@root/acme');
var Greenlock = module.exports; var Greenlock = module.exports;
var homedir = require('os').homedir();
var G = Greenlock; var G = Greenlock;
var U = require('./utils.js'); var U = require('./utils.js');
@ -201,7 +202,6 @@ G.create = function(gconf) {
return greenlock.manager.find(args).then(function(sites) { return greenlock.manager.find(args).then(function(sites) {
// Note: the manager must guaranteed that these are mutable copies // Note: the manager must guaranteed that these are mutable copies
console.log('[debug] found what?', sites);
var renewedOrFailed = []; var renewedOrFailed = [];
function next() { function next() {
@ -267,7 +267,6 @@ G.create = function(gconf) {
greenlock.order = function(args) { greenlock.order = function(args) {
return greenlock._acme(args).then(function(acme) { return greenlock._acme(args).then(function(acme) {
console.log('[debug] acme meta', acme);
var storeConf = args.store || greenlock._defaults.store; var storeConf = args.store || greenlock._defaults.store;
return P._load(storeConf.module).then(function(plugin) { return P._load(storeConf.module).then(function(plugin) {
var store = Greenlock._normalizeStore( var store = Greenlock._normalizeStore(
@ -275,20 +274,19 @@ G.create = function(gconf) {
plugin.create(storeConf) plugin.create(storeConf)
); );
console.log('[debug] store', storeConf);
return A._getOrCreate( return A._getOrCreate(
greenlock, greenlock,
store.accounts, store.accounts,
acme, acme,
args args
).then(function(account) { ).then(function(account) {
console.log('[debug] account', account);
var challengeConfs = var challengeConfs =
args.challenges || greenlock._defaults.challenges; args.challenges || greenlock._defaults.challenges;
console.log('[debug] challenge confs', challengeConfs); console.log('[debug] challenge confs', challengeConfs);
return Promise.all( return Promise.all(
Object.keys(challengeConfs).map(function(typ01) { Object.keys(challengeConfs).map(function(typ01) {
var chConf = challengeConfs[typ01]; var chConf = challengeConfs[typ01];
console.log('[debug] module', chConf);
return P._load(chConf.module).then(function( return P._load(chConf.module).then(function(
plugin plugin
) { ) {
@ -367,7 +365,7 @@ G._defaults = function(opts) {
if (!defaults.store) { if (!defaults.store) {
defaults.store = { defaults.store = {
module: 'greenlock-store-fs', module: 'greenlock-store-fs',
basePath: '~/.config/greenlock/' basePath: homedir + '/.config/greenlock/'
}; };
} }
P._loadSync(defaults.store.module); P._loadSync(defaults.store.module);
@ -405,6 +403,13 @@ G._defaults = function(opts) {
}; };
} }
if (!defaults.renewOffset) {
defaults.renewOffset = '-45d';
}
if (!defaults.renewStagger) {
defaults.renewStagger = '3d';
}
if (!defaults.accountKeyType) { if (!defaults.accountKeyType) {
defaults.accountKeyType = 'EC-P256'; defaults.accountKeyType = 'EC-P256';
} }
@ -412,8 +417,9 @@ G._defaults = function(opts) {
if (defaults.domainKeyType) { if (defaults.domainKeyType) {
console.warn('use serverKeyType instead of domainKeyType'); console.warn('use serverKeyType instead of domainKeyType');
defaults.serverKeyType = defaults.domainKeyType; defaults.serverKeyType = defaults.domainKeyType;
} else {
defaults.serverKeyType = 'RSA-2048';
} }
defaults.serverKeyType = 'RSA-2048';
} }
if (defaults.domainKeypair) { if (defaults.domainKeypair) {
console.warn('use serverKeypair instead of domainKeypair'); console.warn('use serverKeypair instead of domainKeypair');

View File

@ -9,7 +9,7 @@ var subject = process.env.BASE_DOMAIN;
var altnames = [subject, '*.' + subject, 'foo.bar.' + subject]; var altnames = [subject, '*.' + subject, 'foo.bar.' + subject];
var email = process.env.SUBSCRIBER_EMAIL; var email = process.env.SUBSCRIBER_EMAIL;
var challenge = JSON.parse(process.env.CHALLENGE_OPTIONS); var challenge = JSON.parse(process.env.CHALLENGE_OPTIONS);
challenge.module = process.env.CHALLENGE_MODULE; challenge.module = process.env.CHALLENGE_PLUGIN;
var greenlock = Greenlock.create({ var greenlock = Greenlock.create({
agreeTos: true, agreeTos: true,
@ -33,7 +33,9 @@ greenlock
subscriberEmail: email subscriberEmail: email
}) })
.then(function() { .then(function() {
return greenlock.renew(); return greenlock.renew().then(function (pems) {
console.info(pems);
});
}) })
.catch(function(e) { .catch(function(e) {
console.error('yo', e.code); console.error('yo', e.code);

View File

@ -174,8 +174,8 @@ U._importKeypair = function(keypair) {
throw new Error('missing private key'); throw new Error('missing private key');
} }
return Keypairs.import({ pem: keypair.privateKeyPem }).then(function(pair) { return Keypairs.import({ pem: keypair.privateKeyPem }).then(function(priv) {
return U._jwkToSet(pair.private); return U._jwkToSet(priv);
}); });
}; };