adrian
/
schematics
1
0
Fork 0
Code Issues Pull Requests Releases Activity
A library for writing host-specific, single-binary configuration management and deployment tools
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
91 Commits
1 Branch
0 Tags
810 KiB
Tree: 907a4962c5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '907a4962c5'
${ noResults }
schematics/src/symbols/acme/cert.rs

121 lines
2.6 KiB
Raw Normal View History

New architecture
4 years ago
Update
7 years ago
Update
7 years ago
New architecture
4 years ago
Update
7 years ago
New architecture
4 years ago
Command runner args, Paths and AsRef
5 years ago
New architecture
4 years ago
Update
7 years ago
New architecture
4 years ago
AcmeFactory
5 years ago
New architecture
4 years ago
AcmeFactory
5 years ago
New architecture
4 years ago
Cargo format
5 years ago
AcmeFactory
5 years ago
New architecture
4 years ago
Cargo format
5 years ago
Update
7 years ago
Cargo format
5 years ago
Update
7 years ago
New architecture
4 years ago
Cargo fix
5 years ago
New architecture
4 years ago
Update
7 years ago
Update
7 years ago
New architecture
4 years ago
Cargo format
5 years ago
Command runner args, Paths and AsRef
5 years ago
Cargo format
5 years ago
New architecture
4 years ago
Cargo format
5 years ago
Command runner args, Paths and AsRef
5 years ago
Update rustfmt
5 years ago
Cargo format
5 years ago
Command runner args, Paths and AsRef
5 years ago
Cargo format
5 years ago
New architecture
4 years ago
Cargo format
5 years ago
Command runner args, Paths and AsRef
5 years ago
Cargo format
5 years ago
AcmeFactory
5 years ago
New architecture
4 years ago
Cargo format
5 years ago
Command runner args, Paths and AsRef
5 years ago
Cargo format
5 years ago
Fix expiring ACME certs
7 years ago
Update rustfmt
5 years ago
Update
7 years ago
Cargo fix
5 years ago
New architecture
4 years ago
Cargo format
5 years ago
Command runner args, Paths and AsRef
5 years ago
Cargo format
5 years ago
AcmeFactory
5 years ago
Cargo format
5 years ago
New architecture
4 years ago
Cargo format
5 years ago
AcmeFactory
5 years ago
Update rustfmt
5 years ago
New architecture
4 years ago
Update rustfmt
5 years ago
Update
7 years ago
Cargo format
5 years ago
  1. use crate::command_runner::CommandRunner;
  2. use crate::symbols::Symbol;
  3. use std::borrow::Borrow;
  4. use std::error::Error;
  5. use std::fs::File as FsFile;
  6. use std::io::Write;
  7. use std::marker::PhantomData;
  8. use std::path::Path;
  10. #[derive(Debug)]
  11. pub struct Cert<_C, C, D, P> {
  12. domain: D,
  13. command_runner: C,
  14. root_cert_path: P,
  15. account_key_path: P,
  16. challenges_path: P,
  17. csr_path: P,
  18. cert_path: P,
  19. phantom: PhantomData<_C>,
  20. }
  22. impl<_C, C, D, P> Cert<_C, C, D, P> {
  23. pub fn new(
  24. domain: D,
  25. command_runner: C,
  26. root_cert_path: P,
  27. account_key_path: P,
  28. challenges_path: P,
  29. csr_path: P,
  30. cert_path: P,
  31. ) -> Self {
  32. Self {
  33. domain,
  34. command_runner,
  35. root_cert_path,
  36. account_key_path,
  37. challenges_path,
  38. csr_path,
  39. cert_path,
  40. phantom: PhantomData::default(),
  41. }
  42. }
  43. }
  45. const DAYS_IN_SECONDS: u32 = 24 * 60 * 60;
  47. impl<_C: CommandRunner, C: Borrow<_C>, D: AsRef<str>, P: AsRef<Path>> Symbol for Cert<_C, C, D, P> {
  48. fn target_reached(&self) -> Result<bool, Box<dyn Error>> {
  49. if !self.cert_path.as_ref().exists() {
  50. return Ok(false);
  51. }
  53. let output = self.command_runner.borrow().run_with_args(
  54. "openssl",
  55. args![
  56. "x509",
  57. "-in",
  58. self.cert_path.as_ref(),
  59. "-noout",
  60. "-subject",
  61. "-checkend",
  62. (30 * DAYS_IN_SECONDS).to_string(),
  63. ],
  64. )?;
  65. if output.status.success()
  66. && output.stdout
  67. == format!(
  68. "subject=CN = {}\nCertificate will not expire\n",
  69. self.domain.as_ref()
  70. )
  71. .as_bytes()
  72. {
  73. Ok(
  74. self
  75. .command_runner
  76. .borrow()
  77. .run_successfully(
  78. "openssl",
  79. args![
  80. "verify",
  81. "--untrusted",
  82. self.root_cert_path.as_ref(),
  83. self.cert_path.as_ref(),
  84. ],
  85. )
  86. .is_ok(),
  87. )
  88. } else if output.status.code() == Some(1)
  89. && output.stdout
  90. == format!(
  91. "subject=CN = {}\nCertificate will expire\n",
  92. self.domain.as_ref()
  93. )
  94. .as_bytes()
  95. {
  96. Ok(false)
  97. } else {
  98. Err(String::from_utf8(output.stderr)?.into())
  99. }
  100. }
  102. fn execute(&self) -> Result<(), Box<dyn Error>> {
  103. let output = self.command_runner.borrow().get_output(
  104. "acme-tiny",
  105. args![
  106. "--account-key",
  107. self.account_key_path.as_ref(),
  108. "--csr",
  109. self.csr_path.as_ref(),
  110. "--acme-dir",
  111. self.challenges_path.as_ref(),
  112. ],
  113. )?;
  114. let mut file = FsFile::create(self.cert_path.as_ref())?;
  115. file.write_all(&output)?;
  116. Ok(())
  117. }
  118. }
  120. #[cfg(test)]
  121. mod test {}