v2.6.10: updates for simpler store plugin

v2.6.9: reduce deps, yet again
prep to add keypairs to replace rsa-compat
2024-11-16 17:29:00 +00:00 · 2019-04-01 00:36:59 -06:00 · 2019-03-31 03:12:08 -06:00 · 2019-03-14 11:15:03 -06:00
6 changed files with 199 additions and 178 deletions
--- a/index.js
+++ b/index.js
@ -14,7 +14,7 @@ var util = require('util');
 function promisifyAllSelf(obj) {
  if (obj.__promisified) { return obj; }
  Object.keys(obj).forEach(function (key) {
-    if ('function' === typeof obj[key]) {
+    if ('function' === typeof obj[key] && !/Async$/.test(key)) {
      obj[key + 'Async'] = util.promisify(obj[key]);
    }
  });
@ -271,13 +271,19 @@ Greenlock.create = function (gl) {
    }
  });

-  if (gl.store.create) {
-    gl.store = gl.store.create(gl);
+  try {
+    if (gl.store.create) { gl.store = gl.store.create(gl); }
+    gl.store = promisifyAllSelf(gl.store);
+    gl.store.accounts = promisifyAllSelf(gl.store.accounts);
+    gl.store.certificates = promisifyAllSelf(gl.store.certificates);
+    gl._storeOpts = gl.store.options || gl.store.getOptions();
+  } catch(e) {
+    console.error(e);
+    console.error("\nPROBABLE CAUSE:\n"
+      + "\tYour le-store module should have a create function and return { options, accounts, certificates }\n");
+    process.exit(18);
+    return;
  }
-  gl.store = promisifyAllSelf(gl.store);
-  gl.store.accounts = promisifyAllSelf(gl.store.accounts);
-  gl.store.certificates = promisifyAllSelf(gl.store.certificates);
-  gl._storeOpts = gl.store.getOptions();
  Object.keys(gl._storeOpts).forEach(function (key) {
    if (!(key in gl)) {
      gl[key] = gl._storeOpts[key];
--- a/lib/core.js
+++ b/lib/core.js
@ -45,6 +45,7 @@ module.exports.create = function (gl) {
        return PromiseA.resolve(gl._ipc.acmeUrls);
      }

+      // TODO acme-v2/nocompat
      return gl.acme.getAcmeUrlsAsync(args.server).then(function (data) {
        gl._ipc.acmeUrlsUpdatedAt = Date.now();
        gl._ipc.acmeUrls = data;
@ -68,6 +69,8 @@ module.exports.create = function (gl) {
        var copy = utils.merge(args, gl);
        var disagreeTos;
        args = utils.tplCopy(copy);
+        if (!args.account) { args.account = {}; }
+        if ('object' === typeof args.account && !args.account.id) { args.account.id = args.accountId || args.email || ''; }

        disagreeTos = (!args.agreeTos && 'undefined' !== typeof args.agreeTos);
        if (!args.email || disagreeTos || (parseInt(args.rsaKeySize, 10) < 2048)) {
@ -80,30 +83,45 @@ module.exports.create = function (gl) {
        }

        return utils.testEmail(args.email).then(function () {
+          if (args.account && args.account.privkey && (args.account.privkey.jwk || args.account.privkey.pem)) {
+            // TODO import jwk or pem and return it here
+            console.warn("TODO: implement accounts.checkKeypairAsync skipping");
+          }
+          var newKeypair = true;
+          var accountKeypair;
          var promise = gl.store.accounts.checkKeypairAsync(args).then(function (keypair) {
            if (keypair) {
-              return RSA.import(keypair);
+              // TODO keypairs
+              newKeypair = false;
+              accountKeypair = RSA.import(keypair);
+              return;
            }

            if (args.accountKeypair) {
-              return gl.store.accounts.setKeypairAsync(args, RSA.import(args.accountKeypair));
+              // TODO keypairs
+              accountKeypair = RSA.import(args.accountKeypair);
+              return;
            }

            var keypairOpts = { bitlen: args.rsaKeySize, exp: 65537, public: true, pem: true };
-            return RSA.generateKeypairAsync(keypairOpts).then(function (keypair) {
+            // TODO keypairs
+            return (args.generateKeypair||RSA.generateKeypairAsync)(keypairOpts).then(function (keypair) {
              keypair.privateKeyPem = RSA.exportPrivatePem(keypair);
              keypair.publicKeyPem = RSA.exportPublicPem(keypair);
              keypair.privateKeyJwk = RSA.exportPrivateJwk(keypair);
-              return gl.store.accounts.setKeypairAsync(args, keypair);
+              accountKeypair = keypair;
            });
-          });
+          }).then(function () {
+            return accountKeypair;
+         });

          return promise.then(function (keypair) {
            // Note: the ACME urls are always fetched fresh on purpose
-            // TODO is this the right place for this?
+            // TODO acme-v2/nocompat
            return core.getAcmeUrlsAsync(args).then(function (urls) {
              args._acmeUrls = urls;

+              // TODO acme-v2/nocompat
              return gl.acme.registerNewAccountAsync({
                email: args.email
              , newRegUrl: args._acmeUrls.newReg
@ -131,13 +149,18 @@ module.exports.create = function (gl) {
                , newAuthzUrl: args._acmeUrls.newAuthz
                };

+                return gl.store.accounts.setKeypairAsync(args, keypair).then(function () {
                // TODO move templating of arguments to right here?
-                return gl.store.accounts.setAsync(args, reg).then(function (account) {
-                  // should now have account.id and account.accountId
-                  args.account = account;
-                  args.accountId = account.id;
-                  return account;
-                });
+                if (!gl.store.accounts.setAsync) { return PromiseA.resolve({ keypair: keypair }); }
+                  return gl.store.accounts.setAsync(args, reg).then(function (account) {
+                   if (account && 'object' !== typeof account) {
+                      throw new Error("store.accounts.setAsync should either return 'null' or an object with at least a string 'id'");
+                   }
+                    if (!account) { account = {}; }
+                    account.keypair = keypair;
+                    return account;
+                  });
+               });
              });
            });
          });
@ -145,13 +168,20 @@ module.exports.create = function (gl) {
      }

      // Accounts
+      // (only used for keypair)
    , getAsync: function (args) {
        return core.accounts.checkAsync(args).then(function (account) {
-          if (account) {
-            return account;
-          } else {
+          if (!account) { return core.accounts.registerAsync(args); }
+          if (account.keypair) { return account; }
+
+          if (!args.account) { args.account = {}; }
+          if ('object' === typeof args.account && !args.account.id) { args.account.id = args.accountId || args.email || ''; }
+          var copy = utils.merge(args, gl);
+          args = utils.tplCopy(copy);
+          return gl.store.accounts.checkKeypairAsync(args).then(function (keypair) {
+            if (keypair) { return { keypair: keypair }; }
            return core.accounts.registerAsync(args);
-          }
+          });
        });
      }

@ -166,7 +196,12 @@ module.exports.create = function (gl) {

        var copy = utils.merge(args, gl);
        args = utils.tplCopy(copy);
+        if (!args.account) { args.account = {}; }
+        if ('object' === typeof args.account && !args.account.id) { args.account.id = args.accountId || args.email || ''; }

+        // we can re-register the same account until we're blue in the face and it's all the same
+        // of course, we can also skip the lookup if we do store the account, but whatever
+        if (!gl.store.accounts.checkAsync) { return null; }
        return gl.store.accounts.checkAsync(args).then(function (account) {

          if (!account) {
@ -243,22 +278,35 @@ module.exports.create = function (gl) {
        return core.accounts.getAsync(args).then(function (account) {
          args.account = account;

+
+          if (args.certificate && args.certificate.privkey && (args.certificate.privkey.jwk || args.certificate.privkey.pem)) {
+            // TODO import jwk or pem and return it here
+            console.warn("TODO: implement certificates.checkKeypairAsync skipping");
+          }
+          var domainKeypair;
+          // This has been done in the getAsync already, so we skip it here
+          // if approveDomains doesn't set subject, we set it here
+          //args.subject = args.subject || args.domains[0];
          var promise = gl.store.certificates.checkKeypairAsync(args).then(function (keypair) {
            if (keypair) {
-              return RSA.import(keypair);
+              domainKeypair = RSA.import(keypair);
+              return;
            }

            if (args.domainKeypair) {
-              return gl.store.certificates.setKeypairAsync(args, RSA.import(args.domainKeypair));
+              domainKeypair = RSA.import(args.domainKeypair);
+              return;
            }

            var keypairOpts = { bitlen: args.rsaKeySize, exp: 65537, public: true, pem: true };
-            return RSA.generateKeypairAsync(keypairOpts).then(function (keypair) {
+            return (args.generateKeypair||RSA.generateKeypairAsync)(keypairOpts).then(function (keypair) {
              keypair.privateKeyPem = RSA.exportPrivatePem(keypair);
              keypair.publicKeyPem = RSA.exportPublicPem(keypair);
              keypair.privateKeyJwk = RSA.exportPrivateJwk(keypair);
-              return gl.store.certificates.setKeypairAsync(args, keypair);
+              domainKeypair = keypair;
            });
+          }).then(function () {
+            return domainKeypair;
          });

          return promise.then(function (domainKeypair) {
@ -312,17 +360,25 @@ module.exports.create = function (gl) {

              log(args.debug, 'calling greenlock.acme.getCertificateAsync', certReq.domains);

+              // TODO acme-v2/nocompat
              return gl.acme.getCertificateAsync(certReq).then(utils.attachCertInfo);
            });
          }).then(function (results) {
+            //var requested = {};
+            //var issued = {};
            // { cert, chain, privkey /*TODO, subject, altnames, issuedAt, expiresAt */ }

            // args.certs.privkey = RSA.exportPrivatePem(options.domainKeypair);
            args.certs = results;
            // args.pems is deprecated
            args.pems = results;
-            return gl.store.certificates.setAsync(args).then(function () {
-              return results;
+            // This has been done in the getAsync already, so we skip it here
+            // if approveDomains doesn't set subject, we set it here
+            //args.subject = args.subject || args.domains[0];
+            return gl.store.certificates.setKeypairAsync(args, domainKeypair).then(function () {
+              return gl.store.certificates.setAsync(args).then(function () {
+                return results;
+              });
            });
          });
        });
@ -377,13 +433,19 @@ module.exports.create = function (gl) {
      }
    , checkAsync: function (args) {
        var copy = utils.merge(args, gl);
-        utils.tplCopy(copy);
+        // if approveDomains doesn't set subject, we set it here
+        copy.subject = copy.subject || copy.domains[0];
+        args = utils.tplCopy(copy);

        // returns pems
-        return gl.store.certificates.checkAsync(copy).then(function (cert) {
+        return gl.store.certificates.checkAsync(args).then(function (cert) {
          if (cert) {
-            log(args.debug, 'checkAsync found existing certificates');
-            return utils.attachCertInfo(cert);
+            cert = utils.attachCertInfo(cert);
+            if (utils.certHasDomain(cert, args.domain)) {
+              log(args.debug, 'checkAsync found existing certificates');
+              return cert;
+            }
+            log(args.debug, 'checkAsync found mismatched / incomplete certificates');
          }

          log(args.debug, 'checkAsync failed to find certificates');
@ -393,10 +455,17 @@ module.exports.create = function (gl) {
      // Certificates
    , getAsync: function (args) {
        var copy = utils.merge(args, gl);
+        // if approveDomains doesn't set subject, we set it here
+        copy.subject = copy.subject || copy.domains[0];
        args = utils.tplCopy(copy);

+        if (args.certificate && args.certificate.privkey && args.certificate.cert && args.certificate.chain) {
+          // TODO skip fetching a certificate if it's fetched during approveDomains
+          console.warn("TODO: implement certificates.checkAsync skipping");
+        }
        return core.certificates.checkAsync(args).then(function (certs) {
-          if (!certs) {
+          if (certs) { certs = utils.attachCertInfo(certs); }
+          if (!certs || !utils.certHasDomain(certs, args.domain)) {
            // There is no cert available
            if (false !== args.securityUpdates && !args._communityMemberAdded) {
              try {
--- a/lib/utils-test.js
+++ b/lib/utils-test.js
@ -0,0 +1,24 @@
+'use strict';
+
+var utils = require('./utils.js')
+var cert = { subject: 'example.com', altnames: ['*.bar.com','foo.net'] };
+if (utils.certHasDomain(cert, 'bad.com')) {
+  throw new Error("allowed bad domain");
+}
+if (!utils.certHasDomain(cert, 'example.com')) {
+  throw new Error("missed subject");
+}
+if (utils.certHasDomain(cert, 'bar.com')) {
+  throw new Error("allowed bad (missing) sub");
+}
+if (!utils.certHasDomain(cert, 'foo.bar.com')) {
+  throw new Error("didn't allow valid wildcarded-domain");
+}
+if (utils.certHasDomain(cert, 'dub.foo.bar.com')) {
+  throw new Error("allowed sub-sub domain");
+}
+if (!utils.certHasDomain(cert, 'foo.net')) {
+  throw new Error("missed altname");
+}
+
+console.info("PASSED");
--- a/lib/utils.js
+++ b/lib/utils.js
@ -9,9 +9,7 @@ var promisify = (require('util').promisify || require('bluebird').promisify);
 var dnsResolveMxAsync = promisify(require('dns').resolveMx);

 module.exports.attachCertInfo = function (results) {
-  // XXX Note: Parsing the certificate info comes at a great cost (~500kb)
-  var getCertInfo = require('cert-info').info;
-  var certInfo = getCertInfo(results.cert);
+  var certInfo = require('cert-info').info(results.cert);

  // subject, altnames, issuedAt, expiresAt
  Object.keys(certInfo).forEach(function (key) {
@ -21,6 +19,20 @@ module.exports.attachCertInfo = function (results) {
  return results;
 };

+module.exports.certHasDomain = function (certInfo, _domain) {
+  var names = (certInfo.altnames || []).slice(0);
+  names.push(certInfo.subject);
+  return names.some(function (name) {
+    var domain = _domain.toLowerCase();
+    name = name.toLowerCase();
+    if ('*.' === name.substr(0, 2)) {
+      name = name.substr(2);
+      domain = domain.split('.').slice(1).join('.');
+    }
+    return name === domain;
+  });
+};
+
 module.exports.isValidDomain = function (domain) {
  if (re.test(domain)) {
    return domain;
@ -58,7 +70,7 @@ module.exports.tplCopy = function (copy) {
  var tplKeys;

  copy.hostnameGet = function (copy) {
-    return (copy.domains || [])[0] || copy.domain;
+    return copy.subject || (copy.domains || [])[0] || copy.domain;
  };

  Object.keys(copy).forEach(function (key) {
--- a/package-lock.json
+++ b/package-lock.json
@ -1,6 +1,6 @@
 {
  "name": "greenlock",
-  "version": "2.6.8",
+  "version": "2.6.9",
  "lockfileVersion": 1,
  "requires": true,
  "dependencies": {
@ -10,71 +10,39 @@
      "integrity": "sha512-9rBXLFSb5D19opGeXdD/WuiFJsA4Pk2r8VUGEAeUZUxB1a2zB47K85BKAx3Gy9i4nZwg22ejlJA+q9DVrpQlbA=="
    },
    "acme": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/acme/-/acme-1.2.0.tgz",
-      "integrity": "sha512-lG9Wq0Ol2OLpVrusq5OQ+KCT06rXaGjbHcDhKtNO6Hr3J3swISaCYi0slwLpEA9DGV+QhDkAnZ6qsXAo86SM5Q==",
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/acme/-/acme-1.3.0.tgz",
+      "integrity": "sha512-Ny8aXnGdtlEVBZLpzNyVp7gff/3zFYrbfbiY93lx5jdrG4BrraA6P8RkRFP7NbFwh1rBgQkdHEsMxTp3f2r8dA==",
      "requires": {
-        "acme-v2": "^1.3.1"
+        "acme-v2": "^1.6.0"
      }
    },
    "acme-v2": {
-      "version": "1.5.2",
-      "resolved": "https://registry.npmjs.org/acme-v2/-/acme-v2-1.5.2.tgz",
-      "integrity": "sha512-Ux0cFCxHeaGGeGyPGMLHBLIGF05OYaxuh4TvaVzwkVVRib/gPpioa50CGj2pnQimH/MRkg0VtWCEdfE45MV/0g==",
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/acme-v2/-/acme-v2-1.6.0.tgz",
+      "integrity": "sha512-+vCD+j87eEQhdiqSVA9KT97+EGYbkVTgSqxQ37y9aM/3uExi2U+UM4EQEAIRSV/DWZ6oqeRPe+dha8h+PtNdwQ==",
      "requires": {
        "@coolaj86/urequest": "^1.3.6",
-        "rsa-compat": "^1.9.2"
-      },
-      "dependencies": {
-        "rsa-compat": {
-          "version": "1.9.2",
-          "resolved": "https://registry.npmjs.org/rsa-compat/-/rsa-compat-1.9.2.tgz",
-          "integrity": "sha512-XY4I/74W+QENMd99zVsyHQcxYxWTXd0EihVXsI4oeb1bz7DYxEKasQrjyzYPnR1tZT7fTPu5HP/vTKfs9lzdGA==",
-          "requires": {
-            "node-forge": "^0.7.6",
-            "ursa-optional": "^0.9.10"
-          }
-        }
+        "rsa-compat": "^2.0.6"
      }
    },
-    "any-promise": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz",
-      "integrity": "sha1-q8av7tzqUugJzcA3au0845Y10X8="
-    },
-    "bindings": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz",
-      "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==",
-      "optional": true,
-      "requires": {
-        "file-uri-to-path": "1.0.0"
-      }
-    },
-    "bluebird": {
-      "version": "3.5.1",
-      "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.1.tgz",
-      "integrity": "sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA=="
-    },
    "cert-info": {
      "version": "1.5.1",
      "resolved": "https://registry.npmjs.org/cert-info/-/cert-info-1.5.1.tgz",
      "integrity": "sha512-eoQC/yAgW3gKTKxjzyClvi+UzuY97YCjcl+lSqbsGIy7HeGaWxCPOQFivhUYm27hgsBMhsJJFya3kGvK6PMIcQ=="
    },
-    "file-uri-to-path": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz",
-      "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==",
-      "optional": true
+    "eckles": {
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/eckles/-/eckles-1.4.1.tgz",
+      "integrity": "sha512-auWyk/k8oSkVHaD4RxkPadKsLUcIwKgr/h8F7UZEueFDBO7BsE4y+H6IMUDbfqKIFPg/9MxV6KcBdJCmVVcxSA=="
    },
-    "fs-symlink": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/fs-symlink/-/fs-symlink-1.2.1.tgz",
-      "integrity": "sha1-G+uoPqncqBI2AOPwuaUbGGQLvEA=",
+    "keypairs": {
+      "version": "1.2.14",
+      "resolved": "https://registry.npmjs.org/keypairs/-/keypairs-1.2.14.tgz",
+      "integrity": "sha512-ZoZfZMygyB0QcjSlz7Rh6wT2CJasYEHBPETtmHZEfxuJd7bnsOG5AdtPZqHZBT+hoHvuWCp/4y8VmvTvH0Y9uA==",
      "requires": {
-        "mkdirp": "^0.5.0",
-        "mkdirp-then": "1",
-        "mz": "^2.0.0"
+        "eckles": "^1.4.1",
+        "rasha": "^1.2.4"
      }
    },
    "le-challenge-fs": {
@ -86,22 +54,18 @@
      }
    },
    "le-sni-auto": {
-      "version": "2.1.3",
-      "resolved": "https://registry.npmjs.org/le-sni-auto/-/le-sni-auto-2.1.3.tgz",
-      "integrity": "sha512-ojGwizoh2o6OM2dQFzryd8YCS7wITaw5LBoSo1qi/Tzj3D54aB9M9QUqy26t2K4M78t+Ctlw0x+L5GhIJkRlVg==",
-      "requires": {
-        "bluebird": "^3.4.1"
-      }
+      "version": "2.1.8",
+      "resolved": "https://registry.npmjs.org/le-sni-auto/-/le-sni-auto-2.1.8.tgz",
+      "integrity": "sha512-aEUP+DB5mfHi4kHY37nJdtVr+DIF5vxiXKdiZBPOLNgF7pK3iD0wJU6fiwDRtZRz2KOahX+VBxlgTN2r24nKhw=="
    },
    "le-store-certbot": {
-      "version": "2.1.7",
-      "resolved": "https://registry.npmjs.org/le-store-certbot/-/le-store-certbot-2.1.7.tgz",
-      "integrity": "sha512-grw74qysH+MfpIEyF41vh0vxvirMBkpEEITB9Wv6QM0O/11Pwk3ZZ9C8p2tx4yXkdbLEQ+7viTgU8XmWl3t27Q==",
+      "version": "2.2.1",
+      "resolved": "https://registry.npmjs.org/le-store-certbot/-/le-store-certbot-2.2.1.tgz",
+      "integrity": "sha512-BhljZjTULhbNBAT6RBiv4TeZegFraMxURYEvh3WRUI048zmXf4ZfC8gwbdu5fnD2tTCsS9fbsCOAQyrFBl4jlA==",
      "requires": {
-        "fs-symlink": "^1.2.1",
        "mkdirp": "^0.5.1",
-        "pyconf": "^1.1.2",
-        "safe-replace": "^1.0.2"
+        "pyconf": "^1.1.5",
+        "safe-replace": "^1.0.3"
      }
    },
    "minimist": {
@ -117,85 +81,31 @@
        "minimist": "0.0.8"
      }
    },
-    "mkdirp-then": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/mkdirp-then/-/mkdirp-then-1.2.0.tgz",
-      "integrity": "sha1-pJLIecpNhz9e5FAI+PVf0BUN48U=",
-      "requires": {
-        "any-promise": "^1.1.0",
-        "mkdirp": "^0.5.0"
-      }
-    },
-    "mz": {
-      "version": "2.7.0",
-      "resolved": "https://registry.npmjs.org/mz/-/mz-2.7.0.tgz",
-      "integrity": "sha512-z81GNO7nnYMEhrGh9LeymoE4+Yr0Wn5McHIZMK5cfQCl+NDX08sCZgUc9/6MHni9IWuFLm1Z3HTCXu2z9fN62Q==",
-      "requires": {
-        "any-promise": "^1.0.0",
-        "object-assign": "^4.0.1",
-        "thenify-all": "^1.0.0"
-      }
-    },
-    "nan": {
-      "version": "2.12.1",
-      "resolved": "https://registry.npmjs.org/nan/-/nan-2.12.1.tgz",
-      "integrity": "sha512-JY7V6lRkStKcKTvHO5NVSQRv+RV+FIL5pvDoLiAtSL9pKlC5x9PKQcZDsq7m4FO4d57mkhC6Z+QhAh3Jdk5JFw==",
-      "optional": true
-    },
-    "node-forge": {
-      "version": "0.7.6",
-      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.7.6.tgz",
-      "integrity": "sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw==",
-      "optional": true
-    },
-    "object-assign": {
-      "version": "4.1.1",
-      "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
-      "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM="
-    },
    "pyconf": {
-      "version": "1.1.5",
-      "resolved": "https://registry.npmjs.org/pyconf/-/pyconf-1.1.5.tgz",
-      "integrity": "sha512-zXEg0oUJ4mY6azqVvRy6rePTIHZGhDQG3z9PVkE60uUabS9uILiIkHobU2Jzcs3tBltMBqyEATZZezRR/UFjkg==",
+      "version": "1.1.6",
+      "resolved": "https://registry.npmjs.org/pyconf/-/pyconf-1.1.6.tgz",
+      "integrity": "sha512-4ujjwqch6nViWduSLc3/QFrDdJJAvAE7NRBarSGLANwh0tNW0MbXeJE8ZziJZvzRnUEN5scYwsS+ItYU1uj6dQ==",
      "requires": {
        "safe-replace": "^1.0.2"
      }
    },
+    "rasha": {
+      "version": "1.2.5",
+      "resolved": "https://registry.npmjs.org/rasha/-/rasha-1.2.5.tgz",
+      "integrity": "sha512-KxtX+/fBk+wM7O3CNgwjSh5elwFilLvqWajhr6wFr2Hd63JnKTTi43Tw+Jb1hxJQWOwoya+NZWR2xztn3hCrTw=="
+    },
    "rsa-compat": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/rsa-compat/-/rsa-compat-2.0.3.tgz",
-      "integrity": "sha512-oMEiSfk8KTKleNO7OEahZtrZTcjV+fzBm8jpt2bXBgyhbgO3bJdwawm4BkJe+2LfdK8kaKqMIO8pHZ/UmybQ7w=="
+      "version": "2.0.6",
+      "resolved": "https://registry.npmjs.org/rsa-compat/-/rsa-compat-2.0.6.tgz",
+      "integrity": "sha512-bQmpscAQec9442RaghDybrHMy1twQ3nUZOgTlqntio1yru+rMnDV64uGRzKp7dJ4VVhNv3mLh3X4MNON+YM0dA==",
+      "requires": {
+        "keypairs": "^1.2.14"
+      }
    },
    "safe-replace": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/safe-replace/-/safe-replace-1.0.2.tgz",
-      "integrity": "sha1-sYGrQJWs32qwqPhAUXSRyoqZIro="
-    },
-    "thenify": {
-      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/thenify/-/thenify-3.3.0.tgz",
-      "integrity": "sha1-5p44obq+lpsBCCB5eLn2K4hgSDk=",
-      "requires": {
-        "any-promise": "^1.0.0"
-      }
-    },
-    "thenify-all": {
-      "version": "1.6.0",
-      "resolved": "https://registry.npmjs.org/thenify-all/-/thenify-all-1.6.0.tgz",
-      "integrity": "sha1-GhkY1ALY/D+Y+/I02wvMjMEOlyY=",
-      "requires": {
-        "thenify": ">= 3.1.0 < 4"
-      }
-    },
-    "ursa-optional": {
-      "version": "0.9.10",
-      "resolved": "https://registry.npmjs.org/ursa-optional/-/ursa-optional-0.9.10.tgz",
-      "integrity": "sha512-RvEbhnxlggX4MXon7KQulTFiJQtLJZpSb9ZSa7ZTkOW0AzqiVTaLjI4vxaSzJBDH9dwZ3ltZadFiBaZslp6haA==",
-      "optional": true,
-      "requires": {
-        "bindings": "^1.3.0",
-        "nan": "^2.11.1"
-      }
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/safe-replace/-/safe-replace-1.1.0.tgz",
+      "integrity": "sha512-9/V2E0CDsKs9DWOOwJH7jYpSl9S3N05uyevNjvsnDauBqRowBPOyot1fIvV5N2IuZAbYyvrTXrYFVG0RZInfFw=="
    }
  }
 }
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "greenlock",
-  "version": "2.6.8",
+  "version": "2.6.10",
  "description": "Let's Encrypt for node.js on npm",
  "main": "index.js",
  "files": [
@ -38,13 +38,13 @@
    "le-acme-core": "^2.1.3"
  },
  "dependencies": {
-    "acme": "^1.2.0",
-    "acme-v2": "^1.5.0",
+    "acme": "^1.3.0",
    "cert-info": "^1.5.1",
+    "keypairs": "^1.2.14",
    "le-challenge-fs": "^2.0.2",
-    "le-sni-auto": "^2.1.3",
-    "le-store-certbot": "^2.1.7",
-    "rsa-compat": "^2.0.3"
+    "le-sni-auto": "^2.1.8",
+    "le-store-certbot": "^2.2.1",
+    "rsa-compat": "^2.0.6"
  },
  "engines": {
    "node": ">=4.5"
Author	SHA1	Message	Date
AJ ONeal	4960604440	v2.6.10: updates for simpler store plugin	2019-04-01 00:36:59 -06:00
AJ ONeal	eb86d4444b	v2.6.9: reduce deps, yet again	2019-03-31 03:12:08 -06:00
AJ ONeal	5d82ea60c5	prep to add keypairs to replace rsa-compat	2019-03-14 11:15:03 -06:00