hydrar/mistserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Switched hook order in certbot integration so it does not detect RENEWED_LINEAGE as CERTBOT_VALIDATION hook.

Browse source
This commit is contained in:
Thulinma 2020-03-05 15:06:46 +01:00
parent 27a2e596fd
commit 58276b8fbe
1 changed files with 48 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

96
src/utils/util_certbot.cpp
View file

@ -55,6 +55,54 @@ int main(int argc, char **argv){
Util::Config conf(argv[0]);
conf.parseArgs(argc, argv);
//Handle --deploy-hook
if (getenv("RENEWED_LINEAGE")){
INFO_MSG("Detected '--deploy-hook' calling. Installing certificate.");
std::string cbPath = getenv("RENEWED_LINEAGE");
std::string cbCert = cbPath + "/fullchain.pem";
std::string cbKey = cbPath + "/privkey.pem";
Socket::UDPConnection uSock;
uSock.SetDestination(UDP_API_HOST, UDP_API_PORT);
Util::DTSCShmReader rProto(SHM_PROTO);
DTSC::Scan prtcls = rProto.getScan();
unsigned int pro_cnt = prtcls.getSize();
bool found = false;
for (unsigned int i = 0; i < pro_cnt; ++i){
std::string ctor = prtcls.getIndice(i).getMember("connector").asString();
if (ctor == "HTTPS"){
found = true;
JSON::Value currConf = prtcls.getIndice(i).asJSON();
JSON::Value cmd;
cmd["updateprotocol"].append(currConf);
cmd["updateprotocol"].append(currConf);
cmd["updateprotocol"][1u]["cert"] = cbCert;
cmd["updateprotocol"][1u]["key"] = cbKey;
INFO_MSG("Executing: %s", cmd.toString().c_str());
uSock.SendNow(cmd.toString());
Util::wait(500);
uSock.SendNow(cmd.toString());
Util::wait(500);
uSock.SendNow(cmd.toString());
}
}
if (!found){
INFO_MSG("No HTTPS active; enabling on port 443");
JSON::Value cmd;
cmd["addprotocol"]["connector"] = "HTTPS";
cmd["addprotocol"]["port"] = 443;
cmd["addprotocol"]["cert"] = cbCert;
cmd["addprotocol"]["key"] = cbKey;
INFO_MSG("Executing: %s", cmd.toString().c_str());
uSock.SendNow(cmd.toString());
Util::wait(500);
uSock.SendNow(cmd.toString());
Util::wait(500);
uSock.SendNow(cmd.toString());
}
Util::wait(5000);
return 0;
}
//Handle --manual-auth-hook
if (getenv("CERTBOT_VALIDATION") && getenv("CERTBOT_TOKEN")){
INFO_MSG("Detected '--manual-auth-hook' calling. Performing authentication.");
@ -118,54 +166,6 @@ int main(int argc, char **argv){
return 0;
}
//Handle --deploy-hook
if (getenv("RENEWED_LINEAGE")){
INFO_MSG("Detected '--deploy-hook' calling. Installing certificate.");
std::string cbPath = getenv("RENEWED_LINEAGE");
std::string cbCert = cbPath + "/fullchain.pem";
std::string cbKey = cbPath + "/privkey.pem";
Socket::UDPConnection uSock;
uSock.SetDestination(UDP_API_HOST, UDP_API_PORT);
Util::DTSCShmReader rProto(SHM_PROTO);
DTSC::Scan prtcls = rProto.getScan();
unsigned int pro_cnt = prtcls.getSize();
bool found = false;
for (unsigned int i = 0; i < pro_cnt; ++i){
std::string ctor = prtcls.getIndice(i).getMember("connector").asString();
if (ctor == "HTTPS"){
found = true;
JSON::Value currConf = prtcls.getIndice(i).asJSON();
JSON::Value cmd;
cmd["updateprotocol"].append(currConf);
cmd["updateprotocol"].append(currConf);
cmd["updateprotocol"][1u]["cert"] = cbCert;
cmd["updateprotocol"][1u]["key"] = cbKey;
INFO_MSG("Executing: %s", cmd.toString().c_str());
uSock.SendNow(cmd.toString());
Util::wait(500);
uSock.SendNow(cmd.toString());
Util::wait(500);
uSock.SendNow(cmd.toString());
}
}
if (!found){
INFO_MSG("No HTTPS active; enabling on port 443");
JSON::Value cmd;
cmd["addprotocol"]["connector"] = "HTTPS";
cmd["addprotocol"]["port"] = 443;
cmd["addprotocol"]["cert"] = cbCert;
cmd["addprotocol"]["key"] = cbKey;
INFO_MSG("Executing: %s", cmd.toString().c_str());
uSock.SendNow(cmd.toString());
Util::wait(500);
uSock.SendNow(cmd.toString());
Util::wait(500);
uSock.SendNow(cmd.toString());
}
Util::wait(5000);
return 0;
}
//Print usage message to help point users in the right direction
FAIL_MSG("This utility is meant to be ran by certbot, not by hand.");
FAIL_MSG("Sample usage: certbot certonly --manual --preferred-challenges=http --manual-auth-hook MistUtilCertbot --deploy-hook MistUtilCertbot -d yourdomain.example.com");