go.mod: Update direct dependencies

3 files changed, 17 insertions, 14 deletions

diff --git a/modules/caddyhttp/celmatcher.go b/modules/caddyhttp/celmatcher.go
index bab0a07..d7d55d8 100644
--- a/modules/caddyhttp/celmatcher.go
+++ b/modules/caddyhttp/celmatcher.go
@@ -35,7 +35,6 @@ import (
 	"github.com/google/cel-go/interpreter/functions"
 	exprpb "google.golang.org/genproto/googleapis/api/expr/v1alpha1"
 	"google.golang.org/protobuf/proto"
-	timestamp "google.golang.org/protobuf/types/known/timestamppb"
 )
 
 func init() {
@@ -231,8 +230,7 @@ func (celTypeAdapter) NativeToValue(value interface{}) ref.Val {
 	case pkix.Name:
 		return celPkixName{&v}
 	case time.Time:
-		// TODO: eliminate direct protobuf dependency, sigh -- just wrap stdlib time.Time instead...
-		return types.Timestamp{Timestamp: &timestamp.Timestamp{Seconds: v.Unix(), Nanos: int32(v.Nanosecond())}}
+		return types.Timestamp{Time: v}
 	case error:
 		types.NewErr(v.Error())
 	}
diff --git a/modules/caddypki/acmeserver/acmeserver.go b/modules/caddypki/acmeserver/acmeserver.go
index f5c013b..e6399ea 100644
--- a/modules/caddypki/acmeserver/acmeserver.go
+++ b/modules/caddypki/acmeserver/acmeserver.go
@@ -29,6 +29,7 @@ import (
 	"github.com/go-chi/chi"
 	"github.com/smallstep/certificates/acme"
 	acmeAPI "github.com/smallstep/certificates/acme/api"
+	acmeNoSQL "github.com/smallstep/certificates/acme/db/nosql"
 	"github.com/smallstep/certificates/authority"
 	"github.com/smallstep/certificates/authority/provisioner"
 	"github.com/smallstep/certificates/db"
@@ -138,17 +139,23 @@ func (ash *Handler) Provision(ctx caddy.Context) error {
 		return err
 	}
 
-	acmeAuth, err := acme.New(auth, acme.AuthorityOptions{
-		DB:     auth.GetDatabase().(nosql.DB),     // stores all the server state
-		DNS:    ash.Host,                          // used for directory links; TODO: not needed
-		Prefix: strings.Trim(ash.PathPrefix, "/"), // used for directory links
-	})
-	if err != nil {
-		return err
+	var acmeDB acme.DB
+	if authorityConfig.DB != nil {
+		acmeDB, err = acmeNoSQL.New(auth.GetDatabase().(nosql.DB))
+		if err != nil {
+			return fmt.Errorf("configuring ACME DB: %v", err)
+		}
 	}
 
 	// create the router for the ACME endpoints
-	acmeRouterHandler := acmeAPI.New(acmeAuth)
+	acmeRouterHandler := acmeAPI.NewHandler(acmeAPI.HandlerOptions{
+		CA:     auth,
+		DB:     acmeDB,         // stores all the server state
+		DNS:    ash.Host,       // used for directory links; TODO: not needed (follow-up upstream with step-ca)
+		Prefix: ash.PathPrefix, // used for directory links
+	})
+
+	// extract its http.Handler so we can use it directly
 	r := chi.NewRouter()
 	r.Route(ash.PathPrefix, func(r chi.Router) {
 		acmeRouterHandler.Route(r)
diff --git a/modules/caddytls/internalissuer.go b/modules/caddytls/internalissuer.go
index a6ae587..7a25f6d 100644
--- a/modules/caddytls/internalissuer.go
+++ b/modules/caddytls/internalissuer.go
@@ -175,9 +175,7 @@ func (d customCertLifetime) Modify(cert *x509.Certificate, _ provisioner.SignOpt
 	return nil
 }
 
-const (
-	defaultInternalCertLifetime = 12 * time.Hour
-)
+const defaultInternalCertLifetime = 12 * time.Hour
 
 // Interface guards
 var (