From 95bc9823d7474c8759921a71a6043f4b9b3a2e86 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Sat, 19 Dec 2015 17:43:02 -0800 Subject: [PATCH] fix bug with pyconf.writeFileAsync, pull code into function --- lib/core.js | 238 +++++++++++++++++++++++++++------------------------- 1 file changed, 124 insertions(+), 114 deletions(-) diff --git a/lib/core.js b/lib/core.js index dbe49e2..ec6800f 100644 --- a/lib/core.js +++ b/lib/core.js @@ -32,12 +32,134 @@ function getAcmeUrls(args) { } +function writeCertificateAsync(result, args, defaults, handlers) { + if (args.debug) { + console.log("got certificate!"); + } + + result.fullchain = result.cert + '\n' + result.ca; + + var pyconf = PromiseA.promisifyAll(require('pyconf')); + + return pyconf.readFileAsync(args.renewalPath).then(function (obj) { + return obj; + }, function () { + return pyconf.readFileAsync(path.join(__dirname, 'lib', 'renewal.conf.tpl')).then(function (obj) { + return obj; + }); + }).then(function (obj) { + obj.checkpoint = parseInt(obj.checkpoint, 10) || 0; + + var liveDir = args.liveDir || path.join(args.configDir, 'live', args.domains[0]); + + var certPath = args.certPath || obj.cert || path.join(liveDir, 'cert.pem'); + var fullchainPath = args.fullchainPath || obj.fullchain || path.join(liveDir, 'fullchain.pem'); + var chainPath = args.chainPath || obj.chain || path.join(liveDir, 'chain.pem'); + var privkeyPath = args.domainPrivateKeyPath || args.domainKeyPath + || obj.privkey || obj.keyPath + || path.join(liveDir, 'privkey.pem'); + + var archiveDir = args.archiveDir || path.join(args.configDir, 'archive', args.domains[0]); + + var checkpoint = obj.checkpoint.toString(); + var certArchive = path.join(archiveDir, 'cert' + checkpoint + '.pem'); + var fullchainArchive = path.join(archiveDir, 'fullchain' + checkpoint + '.pem'); + var chainArchive = path.join(archiveDir, 'chain'+ checkpoint + '.pem'); + var privkeyArchive = path.join(archiveDir, 'privkey' + checkpoint + '.pem'); + + return mkdirpAsync(archiveDir).then(function () { + return PromiseA.all([ + sfs.writeFileAsync(certArchive, result.cert, 'ascii') + , sfs.writeFileAsync(chainArchive, result.ca || result.chain, 'ascii') + , sfs.writeFileAsync(fullchainArchive, result.fullchain, 'ascii') + , sfs.writeFileAsync(privkeyArchive, result.key || result.privkey || args.domainPrivateKeyPem, 'ascii') + ]); + }).then(function () { + return mkdirpAsync(liveDir); + }).then(function () { + return PromiseA.all([ + sfs.writeFileAsync(certPath, result.cert, 'ascii') + , sfs.writeFileAsync(chainPath, result.ca || result.chain, 'ascii') + , sfs.writeFileAsync(fullchainPath, result.fullchain, 'ascii') + , sfs.writeFileAsync(privkeyPath, result.key || result.privkey || args.domainPrivateKeyPem, 'ascii') + ]); + }).then(function () { + obj.checkpoint += 1; + + var updates = { + cert: certPath + , privkey: privkeyPath + , chain: chainPath + , fullchain: fullchainPath + , configDir: args.configDir + , workDir: args.workDir + , tos: args.agreeTos && true + , http01Port: args.http01Port + , keyPath: args.domainPrivateKeyPath || args.privkeyPath + , email: args.email + , domains: args.domains + , rsaKeySize: args.rsaKeySize + , checkpoints: obj.checkpoint + // TODO XXX what's the deal with these? they don't make sense + // are they just old junk? or do they have a meaning that I don't know about? + , fullchainPath: path.join(args.configDir, 'chain.pem') + , certPath: path.join(args.configDir, 'cert.pem') + , chainPath: path.join(args.configDir, 'chain.pem') + // TODO XXX end + // yes, it's an array. weird, right? + , webrootPath: args.webrootPath && [args.webrootPath] || [] + , account: args.account.accountId + , server: args.server || args.acmeDiscoveryUrl + , logsDir: args.logsDir + }; + + // final section is completely dynamic + // :hostname = :webroot_path + args.domains.forEach(function (hostname) { + updates[hostname] = args.webrootPath; + }); + + // must write back to the original object or + // annotations will be lost + Object.keys(updates).forEach(function (key) { + obj[key] = updates[key]; + }); + + return mkdirpAsync(path.dirname(args.renewalPath)).then(function () { + return pyconf.writeFileAsync(args.renewalPath, obj); + }); + }).then(function () { + + return { + certPath: certPath + , chainPath: chainPath + , fullchainPath: fullchainPath + , privkeyPath: privkeyPath + + // some ambiguity here... + , privkey: result.key || result.privkey || args.domainPrivateKeyPem + , fullchain: result.fullchain || result.cert + , chain: result.ca || result.chain + // especially this one... might be cert only, might be fullchain + , cert: result.cert + + , issuedAt: Date.now() + , lifetime: defaults.lifetime || handlers.lifetime + }; + }); + }); +} function getCertificateAsync(account, args, defaults, handlers) { return leCrypto.generateRsaKeypairAsync(args.rsaKeySize, 65537).then(function (domainKey) { if (args.debug) { console.log("get certificate"); } + + args.domainPrivateKeyPem = domainKey.privateKeyPem; + args.account = account; + //args.registration = domainKey; + return LeCore.getCertificateAsync({ debug: args.debug @@ -86,120 +208,8 @@ function getCertificateAsync(account, args, defaults, handlers) { done(new Error("handlers.removeChallenge receives the wrong number of arguments")); } } - }).then(function (result) { - if (args.debug) { - console.log("got certificate!"); - } - - result.fullchain = result.cert + '\n' + result.ca; - - var pyconf = PromiseA.promisifyAll(require('pyconf')); - - return pyconf.readFileAsync(args.renewalPath).then(function (obj) { - return obj; - }, function () { - return pyconf.readFileAsync(path.join(__dirname, 'lib', 'renewal.conf.tpl')).then(function (obj) { - return obj; - }); - }).then(function (obj) { - obj.checkpoint = parseInt(obj.checkpoint, 10) || 0; - - var liveDir = args.liveDir || path.join(args.configDir, 'live', args.domains[0]); - - var certPath = args.certPath || obj.cert || path.join(liveDir, 'cert.pem'); - var fullchainPath = args.fullchainPath || obj.fullchain || path.join(liveDir, 'fullchain.pem'); - var chainPath = args.chainPath || obj.chain || path.join(liveDir, 'chain.pem'); - var privkeyPath = args.domainPrivateKeyPath || args.domainKeyPath - || obj.privkey || obj.keyPath - || path.join(liveDir, 'privkey.pem'); - - var archiveDir = args.archiveDir || path.join(args.configDir, 'archive', args.domains[0]); - - var checkpoint = obj.checkpoint.toString(); - var certArchive = path.join(archiveDir, 'cert' + checkpoint + '.pem'); - var fullchainArchive = path.join(archiveDir, 'fullchain' + checkpoint + '.pem'); - var chainArchive = path.join(archiveDir, 'chain'+ checkpoint + '.pem'); - var privkeyArchive = path.join(archiveDir, 'privkey' + checkpoint + '.pem'); - - return mkdirpAsync(archiveDir).then(function () { - return PromiseA.all([ - sfs.writeFileAsync(certArchive, result.cert, 'ascii') - , sfs.writeFileAsync(chainArchive, result.ca || result.chain, 'ascii') - , sfs.writeFileAsync(fullchainArchive, result.fullchain, 'ascii') - , sfs.writeFileAsync(privkeyArchive, result.key || result.privkey, 'ascii') - ]); - }).then(function () { - return mkdirpAsync(liveDir); - }).then(function () { - return PromiseA.all([ - sfs.writeFileAsync(certPath, result.cert, 'ascii') - , sfs.writeFileAsync(chainPath, result.ca || result.chain, 'ascii') - , sfs.writeFileAsync(fullchainPath, result.fullchain, 'ascii') - , sfs.writeFileAsync(privkeyPath, result.key || result.privkey, 'ascii') - ]); - }).then(function () { - obj.checkpoint += 1; - - var updates = { - cert: certPath - , privkey: privkeyPath - , chain: chainPath - , fullchain: fullchainPath - , configDir: args.configDir - , workDir: args.workDir - , tos: args.agreeTos && true - , http01Port: args.http01Port - , keyPath: args.domainPrivateKeyPath || args.privkeyPath - , email: args.email - , domains: args.domains - , rsaKeySize: args.rsaKeySize - , checkpoints: obj.checkpoint - // TODO XXX what's the deal with these? they don't make sense - // are they just old junk? or do they have a meaning that I don't know about? - , fullchainPath: path.join(args.configDir, 'chain.pem') - , certPath: path.join(args.configDir, 'cert.pem') - , chainPath: path.join(args.configDir, 'chain.pem') - // TODO XXX end - // yes, it's an array. weird, right? - , webrootPath: args.webrootPath && [args.webrootPath] || [] - , account: account.accountId - , server: args.server || args.acmeDiscoveryUrl - , logsDir: args.logsDir - }; - - // final section is completely dynamic - // :hostname = :webroot_path - args.domains.forEach(function (hostname) { - updates[hostname] = args.webrootPath; - }); - - // must write back to the original object or - // annotations will be lost - Object.keys(updates).forEach(function (key) { - obj[key] = updates[key]; - }); - - return pyconf.writeFile(args.renewalPath, obj); - }).then(function () { - - return { - certPath: certPath - , chainPath: chainPath - , fullchainPath: fullchainPath - , privkeyPath: privkeyPath - - // some ambiguity here... - , privkey: result.key || result.privkey - , fullchain: result.fullchain || result.cert - , chain: result.ca || result.chain - // especially this one... might be cert only, might be fullchain - , cert: result.cert - - , issuedAt: Date.now() - , lifetime: defaults.lifetime || handlers.lifetime - }; - }); - }); + }).then(function (results) { + writeCertificateAsync(results, args, defaults, handlers); }); }); }