From fc117d6513dfa1e6287927a9b95ac0558eaea951 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 19 Feb 2017 13:21:38 +0100 Subject: config-cert: import the default section of files already read. --- Changelog | 7 +++++++ lacme | 12 +++++++++--- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/Changelog b/Changelog index 6f212b0..0336e5b 100644 --- a/Changelog +++ b/Changelog @@ -1,3 +1,10 @@ +lacme (0.3) upstream; + + - When parsing config-cert files and directories (default "lacme-certs.conf + lacme-certs.conf.d"), import the default section of files read earlier. + + -- Guilhem Moulin Sun, 19 Feb 2017 13:08:41 +0100 + lacme (0.2) upstream; + Honor Retry-After headers for certificate issuance and challenge diff --git a/lacme b/lacme index 1951ed7..6c7f48d 100755 --- a/lacme +++ b/lacme @@ -562,7 +562,7 @@ elsif ($COMMAND eq 'new-cert') { my $conffiles = defined $OPTS{'config-certs'} ? $OPTS{'config-certs'} : defined $CONFIG->{_}->{'config-certs'} ? [ split(/\s+/, $CONFIG->{_}->{'config-certs'}) ] : [ "$NAME-certs.conf", "$NAME-certs.conf.d/" ]; - my $conf; + my ($conf, %defaults); foreach my $conffile (@$conffiles) { $conffile = ($CONFFILENAME =~ s#[^/]+\z##r).$conffile unless $conffile =~ /\A\//; my @filenames; @@ -582,13 +582,14 @@ elsif ($COMMAND eq 'new-cert') { foreach my $filename (sort @filenames) { print STDERR "Reading $filename\n" if $OPTS{debug}; my $h = Config::Tiny::->read($filename) or die Config::Tiny::->errstr()."\n"; - my $defaults = delete $h->{_} // {}; + my $def = delete $h->{_} // {}; + $defaults{$_} = $def->{$_} foreach keys %$def; my @valid = qw/certificate certificate-chain certificate-key min-days CAfile hash keyUsage subject subjectAltName chown chmod notify/; foreach my $s (keys %$h) { $conf->{$s} = { map { $_ => delete $h->{$s}->{$_} } @valid }; die "Unknown option(s) in [$s]: ".join(', ', keys %{$h->{$s}})."\n" if %{$h->{$s}}; - $conf->{$s}->{$_} //= $defaults->{$_} foreach keys %$defaults; + $conf->{$s}->{$_} //= $defaults{$_} foreach keys %defaults; } } } @@ -602,6 +603,11 @@ elsif ($COMMAND eq 'new-cert') { next; }; + if ($OPTS{debug}) { + print STDERR "Configuration option for $s:\n"; + print " $_ = $conf->{$_}\n" foreach grep { defined $conf->{$_} } (sort keys %$conf); + } + my $certtype = first { defined $conf->{$_} } qw/certificate certificate-chain/; unless (defined $certtype) { print STDERR "[$s] Warning: Missing 'certificate' and 'certificate-chain', skipping\n"; -- cgit v1.2.3