From d06d0e79f839a26ab2cf81b00ba2d180623c57a9 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Fri, 25 Mar 2022 11:28:54 -0600 Subject: go.mod: Upgrade CertMagic to v0.16.0 Includes several breaking changes; code base updated accordingly. - Added lots of context arguments - Use fs.ErrNotExist - Rename ACMEManager -> ACMEIssuer; CertificateManager -> Manager --- modules/caddypki/ca.go | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) (limited to 'modules/caddypki') diff --git a/modules/caddypki/ca.go b/modules/caddypki/ca.go index 7fefee6..c9bdeee 100644 --- a/modules/caddypki/ca.go +++ b/modules/caddypki/ca.go @@ -18,7 +18,9 @@ import ( "crypto" "crypto/x509" "encoding/json" + "errors" "fmt" + "io/fs" "path" "sync" "time" @@ -76,12 +78,14 @@ type CA struct { rootCertPath string // mainly used for logging purposes if trusting log *zap.Logger + ctx caddy.Context } // Provision sets up the CA. func (ca *CA) Provision(ctx caddy.Context, id string, log *zap.Logger) error { ca.mu = new(sync.RWMutex) ca.log = log.Named("ca." + id) + ca.ctx = ctx if id == "" { return fmt.Errorf("CA ID is required (use 'local' for the default CA)") @@ -215,9 +219,9 @@ func (ca CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authority } func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey interface{}, err error) { - rootCertPEM, err := ca.storage.Load(ca.storageKeyRootCert()) + rootCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyRootCert()) if err != nil { - if _, ok := err.(certmagic.ErrNotExist); !ok { + if !errors.Is(err, fs.ErrNotExist) { return nil, nil, fmt.Errorf("loading root cert: %v", err) } @@ -235,7 +239,7 @@ func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey interface{}, e } } if rootKey == nil { - rootKeyPEM, err := ca.storage.Load(ca.storageKeyRootKey()) + rootKeyPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyRootKey()) if err != nil { return nil, nil, fmt.Errorf("loading root key: %v", err) } @@ -259,7 +263,7 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey interface{}, err err if err != nil { return nil, nil, fmt.Errorf("encoding root certificate: %v", err) } - err = ca.storage.Store(ca.storageKeyRootCert(), rootCertPEM) + err = ca.storage.Store(ca.ctx, ca.storageKeyRootCert(), rootCertPEM) if err != nil { return nil, nil, fmt.Errorf("saving root certificate: %v", err) } @@ -267,7 +271,7 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey interface{}, err err if err != nil { return nil, nil, fmt.Errorf("encoding root key: %v", err) } - err = ca.storage.Store(ca.storageKeyRootKey(), rootKeyPEM) + err = ca.storage.Store(ca.ctx, ca.storageKeyRootKey(), rootKeyPEM) if err != nil { return nil, nil, fmt.Errorf("saving root key: %v", err) } @@ -276,9 +280,9 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey interface{}, err err } func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateKey) (interCert *x509.Certificate, interKey crypto.PrivateKey, err error) { - interCertPEM, err := ca.storage.Load(ca.storageKeyIntermediateCert()) + interCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyIntermediateCert()) if err != nil { - if _, ok := err.(certmagic.ErrNotExist); !ok { + if !errors.Is(err, fs.ErrNotExist) { return nil, nil, fmt.Errorf("loading intermediate cert: %v", err) } @@ -297,7 +301,7 @@ func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.Pr } if interKey == nil { - interKeyPEM, err := ca.storage.Load(ca.storageKeyIntermediateKey()) + interKeyPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyIntermediateKey()) if err != nil { return nil, nil, fmt.Errorf("loading intermediate key: %v", err) } @@ -321,7 +325,7 @@ func (ca CA) genIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateK if err != nil { return nil, nil, fmt.Errorf("encoding intermediate certificate: %v", err) } - err = ca.storage.Store(ca.storageKeyIntermediateCert(), interCertPEM) + err = ca.storage.Store(ca.ctx, ca.storageKeyIntermediateCert(), interCertPEM) if err != nil { return nil, nil, fmt.Errorf("saving intermediate certificate: %v", err) } @@ -329,7 +333,7 @@ func (ca CA) genIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateK if err != nil { return nil, nil, fmt.Errorf("encoding intermediate key: %v", err) } - err = ca.storage.Store(ca.storageKeyIntermediateKey(), interKeyPEM) + err = ca.storage.Store(ca.ctx, ca.storageKeyIntermediateKey(), interKeyPEM) if err != nil { return nil, nil, fmt.Errorf("saving intermediate key: %v", err) } -- cgit v1.2.3