paulbsd/pki
1
0
Fork 0
Code Issues Pull Requests Releases 5 Wiki Activity

fixed multiple bugs
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details

Browse Source
This commit is contained in:
Paul 2021-04-07 12:00:53 +02:00
parent fc3b68316e
commit 8898e975e8
3 changed files with 20 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/cert/main.go
View File

@ -4,13 +4,13 @@ import "time"
// Entry is the main struct for stored certificates // Entry is the main struct for stored certificates
type Entry struct { type Entry struct {
ID int `xorm:"pk autoincr"` ID int `xorm:"pk autoincr"`
Domains string `xorm:"notnull"` Domains string `xorm:"notnull"`
Certificate string `xorm:"text notnull"` Certificate string `xorm:"text notnull"`
PrivateKey string `xorm:"text notnull"` PrivateKey string `xorm:"text notnull"`
AuthURL string AuthURL string `xorm:"notnull"`
ValidityBegin time.Time ValidityBegin time.Time `xorm:"notnull"`
ValidityEnd time.Time ValidityEnd time.Time `xorm:"notnull"`
Created time.Time `xorm:"created notnull"` Created time.Time `xorm:"created notnull"`
Updated time.Time `xorm:"updated notnull"` Updated time.Time `xorm:"updated notnull"`
} }

6
src/pki/acme.go
View File

@ -81,12 +81,12 @@ func (u *User) RequestNewCert(cfg *config.Config, domains []string) (certificate
client, err := lego.NewClient(legoconfig) client, err := lego.NewClient(legoconfig)
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
} }
err = client.Challenge.SetDNS01Provider(ovhprovider) err = client.Challenge.SetDNS01Provider(ovhprovider)
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
} }
// If PKICtx doesn't exists, get existing of fetch registration // If PKICtx doesn't exists, get existing of fetch registration
@ -104,7 +104,7 @@ func (u *User) RequestNewCert(cfg *config.Config, domains []string) (certificate
certificates, err = client.Certificate.Obtain(request) certificates, err = client.Certificate.Obtain(request)
if err != nil { if err != nil {
log.Fatal(err) log.Println(err)
} }
return return
} }

15
src/pkiws/serverhandle.go
View File

@ -39,7 +39,7 @@ func GetCertificate(cfg *config.Config, user *pki.User, domains []string) (resul
ValidityBegin: NotBefore, ValidityBegin: NotBefore,
ValidityEnd: NotAfter, ValidityEnd: NotAfter,
AuthURL: cfg.ACME.AuthURL} AuthURL: cfg.ACME.AuthURL}
cfg.Db.Insert(entry) cfg.Db.Insert(&entry)
result = convertEntryToResponse(entry) result = convertEntryToResponse(entry)
return result, err return result, err
} }
@ -49,11 +49,16 @@ func GetCertificate(cfg *config.Config, user *pki.User, domains []string) (resul
// CheckDomains check if requested domains are valid // CheckDomains check if requested domains are valid
func CheckDomains(domains []string) (err error) { func CheckDomains(domains []string) (err error) {
domainRegex, err := regexp.Compile(`^[a-z0-9\*]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,6}$`)
if err != nil {
return
}
for _, d := range domains { for _, d := range domains {
res, err := regexp.Match(`^[a-z0-9\*]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,6}$`, []byte(d)) res := domainRegex.Match([]byte(d))
if !res { if !res {
fmt.Println(res, err) return fmt.Errorf(fmt.Sprintf("Domain %s has not a valid syntax %s, please verify", d, err))
return fmt.Errorf(fmt.Sprintf("Domain has not a valid syntax %s, please verify", err))
} }
} }
return return
@ -65,7 +70,7 @@ func GetDates(cert []byte) (NotBefore time.Time, NotAfter time.Time, err error)
if block.Type == "CERTIFICATE" { if block.Type == "CERTIFICATE" {
ce, err := x509.ParseCertificate(block.Bytes) ce, err := x509.ParseCertificate(block.Bytes)
if err != nil { if err != nil {
log.Fatal("Error when parsing certificate") log.Println("Error when parsing certificate")
} }
NotBefore = ce.NotBefore NotBefore = ce.NotBefore
NotAfter = ce.NotAfter NotAfter = ce.NotAfter