aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2017-02-19 13:21:38 +0100
committerGuilhem Moulin <guilhem@fripost.org>2017-02-19 13:21:38 +0100
commitfc117d6513dfa1e6287927a9b95ac0558eaea951 (patch)
tree0bca89edde9bb026227669222f2edd652a669dbc
parent05aafaa0c740d7a17e6e3f17634ae6990187f22d (diff)
config-cert: import the default section of files already read.
-rw-r--r--Changelog7
-rwxr-xr-xlacme12
2 files changed, 16 insertions, 3 deletions
diff --git a/Changelog b/Changelog
index 6f212b0..0336e5b 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,10 @@
+lacme (0.3) upstream;
+
+ - When parsing config-cert files and directories (default "lacme-certs.conf
+ lacme-certs.conf.d"), import the default section of files read earlier.
+
+ -- Guilhem Moulin <guilhem@guilhem.org> Sun, 19 Feb 2017 13:08:41 +0100
+
lacme (0.2) upstream;
+ Honor Retry-After headers for certificate issuance and challenge
diff --git a/lacme b/lacme
index 1951ed7..6c7f48d 100755
--- a/lacme
+++ b/lacme
@@ -562,7 +562,7 @@ elsif ($COMMAND eq 'new-cert') {
my $conffiles = defined $OPTS{'config-certs'} ? $OPTS{'config-certs'}
: defined $CONFIG->{_}->{'config-certs'} ? [ split(/\s+/, $CONFIG->{_}->{'config-certs'}) ]
: [ "$NAME-certs.conf", "$NAME-certs.conf.d/" ];
- my $conf;
+ my ($conf, %defaults);
foreach my $conffile (@$conffiles) {
$conffile = ($CONFFILENAME =~ s#[^/]+\z##r).$conffile unless $conffile =~ /\A\//;
my @filenames;
@@ -582,13 +582,14 @@ elsif ($COMMAND eq 'new-cert') {
foreach my $filename (sort @filenames) {
print STDERR "Reading $filename\n" if $OPTS{debug};
my $h = Config::Tiny::->read($filename) or die Config::Tiny::->errstr()."\n";
- my $defaults = delete $h->{_} // {};
+ my $def = delete $h->{_} // {};
+ $defaults{$_} = $def->{$_} foreach keys %$def;
my @valid = qw/certificate certificate-chain certificate-key min-days CAfile
hash keyUsage subject subjectAltName chown chmod notify/;
foreach my $s (keys %$h) {
$conf->{$s} = { map { $_ => delete $h->{$s}->{$_} } @valid };
die "Unknown option(s) in [$s]: ".join(', ', keys %{$h->{$s}})."\n" if %{$h->{$s}};
- $conf->{$s}->{$_} //= $defaults->{$_} foreach keys %$defaults;
+ $conf->{$s}->{$_} //= $defaults{$_} foreach keys %defaults;
}
}
}
@@ -602,6 +603,11 @@ elsif ($COMMAND eq 'new-cert') {
next;
};
+ if ($OPTS{debug}) {
+ print STDERR "Configuration option for $s:\n";
+ print " $_ = $conf->{$_}\n" foreach grep { defined $conf->{$_} } (sort keys %$conf);
+ }
+
my $certtype = first { defined $conf->{$_} } qw/certificate certificate-chain/;
unless (defined $certtype) {
print STDERR "[$s] Warning: Missing 'certificate' and 'certificate-chain', skipping\n";