add acme package, refactor acme as resuable API

Signed-off-by: Emile Vauge <emile@vauge.com>
2016-03-21 11:10:18 +01:00 · 2016-03-21 11:10:18 +01:00 · d9ffc39075
commit d9ffc39075
parent 87e8393b07
8 changed files with 577 additions and 383 deletions
--- a/acme/challengeProvider.go
+++ b/acme/challengeProvider.go
@ -0,0 +1,56 @@
+package acme
+
+import (
+	"crypto/tls"
+	"sync"
+
+	"crypto/x509"
+	"github.com/xenolf/lego/acme"
+)
+
+type wrapperChallengeProvider struct {
+	challengeCerts map[string]*tls.Certificate
+	lock           sync.RWMutex
+}
+
+func newWrapperChallengeProvider() *wrapperChallengeProvider {
+	return &wrapperChallengeProvider{
+		challengeCerts: map[string]*tls.Certificate{},
+	}
+}
+
+func (c *wrapperChallengeProvider) getCertificate(domain string) (cert *tls.Certificate, exists bool) {
+	c.lock.RLock()
+	defer c.lock.RUnlock()
+	if cert, ok := c.challengeCerts[domain]; ok {
+		return cert, true
+	}
+	return nil, false
+}
+
+func (c *wrapperChallengeProvider) Present(domain, token, keyAuth string) error {
+	cert, err := acme.TLSSNI01ChallengeCert(keyAuth)
+	if err != nil {
+		return err
+	}
+	cert.Leaf, err = x509.ParseCertificate(cert.Certificate[0])
+	if err != nil {
+		return err
+	}
+
+	c.lock.Lock()
+	defer c.lock.Unlock()
+	for i := range cert.Leaf.DNSNames {
+		c.challengeCerts[cert.Leaf.DNSNames[i]] = &cert
+	}
+
+	return nil
+
+}
+
+func (c *wrapperChallengeProvider) CleanUp(domain, token, keyAuth string) error {
+	c.lock.Lock()
+	defer c.lock.Unlock()
+	delete(c.challengeCerts, domain)
+	return nil
+}