diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2017-02-19 13:21:38 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2017-02-19 13:21:38 +0100 |
commit | fc117d6513dfa1e6287927a9b95ac0558eaea951 (patch) | |
tree | 0bca89edde9bb026227669222f2edd652a669dbc | |
parent | 05aafaa0c740d7a17e6e3f17634ae6990187f22d (diff) |
config-cert: import the default section of files already read.
-rw-r--r-- | Changelog | 7 | ||||
-rwxr-xr-x | lacme | 12 |
2 files changed, 16 insertions, 3 deletions
@@ -1,3 +1,10 @@ +lacme (0.3) upstream; + + - When parsing config-cert files and directories (default "lacme-certs.conf + lacme-certs.conf.d"), import the default section of files read earlier. + + -- Guilhem Moulin <guilhem@guilhem.org> Sun, 19 Feb 2017 13:08:41 +0100 + lacme (0.2) upstream; + Honor Retry-After headers for certificate issuance and challenge @@ -562,7 +562,7 @@ elsif ($COMMAND eq 'new-cert') { my $conffiles = defined $OPTS{'config-certs'} ? $OPTS{'config-certs'} : defined $CONFIG->{_}->{'config-certs'} ? [ split(/\s+/, $CONFIG->{_}->{'config-certs'}) ] : [ "$NAME-certs.conf", "$NAME-certs.conf.d/" ]; - my $conf; + my ($conf, %defaults); foreach my $conffile (@$conffiles) { $conffile = ($CONFFILENAME =~ s#[^/]+\z##r).$conffile unless $conffile =~ /\A\//; my @filenames; @@ -582,13 +582,14 @@ elsif ($COMMAND eq 'new-cert') { foreach my $filename (sort @filenames) { print STDERR "Reading $filename\n" if $OPTS{debug}; my $h = Config::Tiny::->read($filename) or die Config::Tiny::->errstr()."\n"; - my $defaults = delete $h->{_} // {}; + my $def = delete $h->{_} // {}; + $defaults{$_} = $def->{$_} foreach keys %$def; my @valid = qw/certificate certificate-chain certificate-key min-days CAfile hash keyUsage subject subjectAltName chown chmod notify/; foreach my $s (keys %$h) { $conf->{$s} = { map { $_ => delete $h->{$s}->{$_} } @valid }; die "Unknown option(s) in [$s]: ".join(', ', keys %{$h->{$s}})."\n" if %{$h->{$s}}; - $conf->{$s}->{$_} //= $defaults->{$_} foreach keys %$defaults; + $conf->{$s}->{$_} //= $defaults{$_} foreach keys %defaults; } } } @@ -602,6 +603,11 @@ elsif ($COMMAND eq 'new-cert') { next; }; + if ($OPTS{debug}) { + print STDERR "Configuration option for $s:\n"; + print " $_ = $conf->{$_}\n" foreach grep { defined $conf->{$_} } (sort keys %$conf); + } + my $certtype = first { defined $conf->{$_} } qw/certificate certificate-chain/; unless (defined $certtype) { print STDERR "[$s] Warning: Missing 'certificate' and 'certificate-chain', skipping\n"; |