Make PHP 5.5 compat
This commit is contained in:
Niklas Keller
@@ -2,11 +2,10 @@
|
||||
|
||||
namespace Kelunik\AcmeClient\Commands;
|
||||
|
||||
use Amp\Promise;
|
||||
use League\CLImate\Argument\Manager;
|
||||
|
||||
interface Command {
|
||||
public function execute(Manager $args): Promise;
|
||||
public function execute(Manager $args);
|
||||
|
||||
public static function getDefinition(): array;
|
||||
public static function getDefinition();
|
||||
}
|
||||
@@ -2,11 +2,8 @@
|
||||
|
||||
namespace Kelunik\AcmeClient\Commands;
|
||||
|
||||
use Amp\Dns as dns;
|
||||
use Amp\Dns\Record;
|
||||
use function Amp\File\put;
|
||||
use Amp\Promise;
|
||||
use Generator;
|
||||
use Exception;
|
||||
use Kelunik\Acme\AcmeClient;
|
||||
use Kelunik\Acme\AcmeException;
|
||||
use Kelunik\Acme\AcmeService;
|
||||
@@ -19,10 +16,6 @@ use League\CLImate\Argument\Manager;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use stdClass;
|
||||
use Throwable;
|
||||
use function Amp\all;
|
||||
use function Amp\any;
|
||||
use function Amp\resolve;
|
||||
use function Kelunik\AcmeClient\getServer;
|
||||
|
||||
class Issue implements Command {
|
||||
private $logger;
|
||||
@@ -31,23 +24,23 @@ class Issue implements Command {
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
public function execute(Manager $args): Promise {
|
||||
return resolve($this->doExecute($args));
|
||||
public function execute(Manager $args) {
|
||||
return \Amp\resolve($this->doExecute($args));
|
||||
}
|
||||
|
||||
private function doExecute(Manager $args): Generator {
|
||||
private function doExecute(Manager $args) {
|
||||
$domains = array_map("trim", explode(",", $args->get("domains")));
|
||||
yield resolve($this->checkDnsRecords($domains));
|
||||
yield \Amp\resolve($this->checkDnsRecords($domains));
|
||||
|
||||
$user = $args->get("user") ?? "www-data";
|
||||
$user = $args->get("user") ?: "www-data";
|
||||
|
||||
$keyStore = new KeyStore(dirname(dirname(__DIR__)) . "/data");
|
||||
|
||||
$keyPair = yield $keyStore->get("account/key.pem");
|
||||
$acme = new AcmeService(new AcmeClient(getServer(), $keyPair), $keyPair);
|
||||
$keyPair = (yield $keyStore->get("account/key.pem"));
|
||||
$acme = new AcmeService(new AcmeClient(\Kelunik\AcmeClient\getServer(), $keyPair), $keyPair);
|
||||
|
||||
foreach ($domains as $domain) {
|
||||
list($location, $challenges) = yield $acme->requestChallenges($domain);
|
||||
list($location, $challenges) = (yield $acme->requestChallenges($domain));
|
||||
$goodChallenges = $this->findSuitableCombination($challenges);
|
||||
|
||||
if (empty($goodChallenges)) {
|
||||
@@ -82,6 +75,10 @@ class Issue implements Command {
|
||||
$this->logger->info("Challenge successful. {$domain} is now authorized.");
|
||||
|
||||
yield $challengeStore->delete($token);
|
||||
} catch (Exception $e) {
|
||||
// no finally because generators...
|
||||
yield $challengeStore->delete($token);
|
||||
throw $e;
|
||||
} catch (Throwable $e) {
|
||||
// no finally because generators...
|
||||
yield $challengeStore->delete($token);
|
||||
@@ -90,42 +87,42 @@ class Issue implements Command {
|
||||
}
|
||||
|
||||
$path = "certs/" . reset($domains) . "/key.pem";
|
||||
$bits = $args->get("bits") ?? 2048;
|
||||
$bits = $args->get("bits") ?: 2048;
|
||||
|
||||
try {
|
||||
$keyPair = yield $keyStore->get($path);
|
||||
$keyPair = (yield $keyStore->get($path));
|
||||
} catch (KeyStoreException $e) {
|
||||
$keyPair = (new OpenSSLKeyGenerator)->generate($bits);
|
||||
$keyPair = yield $keyStore->put($path, $keyPair);
|
||||
$keyPair = (yield $keyStore->put($path, $keyPair));
|
||||
}
|
||||
|
||||
$this->logger->info("Requesting certificate ...");
|
||||
|
||||
$location = yield $acme->requestCertificate($keyPair, $domains);
|
||||
$certificates = yield $acme->pollForCertificate($location);
|
||||
$location = (yield $acme->requestCertificate($keyPair, $domains));
|
||||
$certificates = (yield $acme->pollForCertificate($location));
|
||||
|
||||
$path = dirname(dirname(__DIR__)) . "/data/certs";
|
||||
$certificateStore = new CertificateStore($path);
|
||||
yield $certificateStore->put($certificates);
|
||||
|
||||
yield put($path . "/" . reset($domains) . "/config.json", json_encode([
|
||||
"domains" => $domains, "path" => $args->get("path"), "user" => $user, "bits" => $bits
|
||||
], JSON_PRETTY_PRINT) . "\n");
|
||||
yield \Amp\File\put($path . "/" . reset($domains) . "/config.json", json_encode([
|
||||
"domains" => $domains, "path" => $args->get("path"), "user" => $user, "bits" => $bits,
|
||||
], JSON_PRETTY_PRINT) . "\n");
|
||||
|
||||
$this->logger->info("Successfully issued certificate, see {$path}/" . reset($domains));
|
||||
}
|
||||
|
||||
private function checkDnsRecords($domains): Generator {
|
||||
private function checkDnsRecords($domains) {
|
||||
$promises = [];
|
||||
|
||||
foreach ($domains as $domain) {
|
||||
$promises[$domain] = dns\resolve($domain, [
|
||||
$promises[$domain] = \Amp\Dns\resolve($domain, [
|
||||
"types" => [Record::A],
|
||||
"hosts" => false,
|
||||
]);
|
||||
}
|
||||
|
||||
list($errors) = yield any($promises);
|
||||
list($errors) = (yield \Amp\any($promises));
|
||||
|
||||
if (!empty($errors)) {
|
||||
throw new AcmeException("Couldn't resolve the following domains to an IPv4 record: " . implode(array_keys($errors)));
|
||||
@@ -134,9 +131,9 @@ class Issue implements Command {
|
||||
$this->logger->info("Checked DNS records, all fine.");
|
||||
}
|
||||
|
||||
private function findSuitableCombination(stdClass $response): array {
|
||||
$challenges = $response->challenges ?? [];
|
||||
$combinations = $response->combinations ?? [];
|
||||
private function findSuitableCombination(stdClass $response) {
|
||||
$challenges = isset($response->challenges) ? $response->challenges : [];
|
||||
$combinations = isset($response->combinations) ? $response->combinations : [];
|
||||
$goodChallenges = [];
|
||||
|
||||
foreach ($challenges as $i => $challenge) {
|
||||
@@ -154,7 +151,7 @@ class Issue implements Command {
|
||||
return $goodChallenges;
|
||||
}
|
||||
|
||||
public static function getDefinition(): array {
|
||||
public static function getDefinition() {
|
||||
return [
|
||||
"domains" => [
|
||||
"prefix" => "d",
|
||||
|
||||
@@ -3,16 +3,9 @@
|
||||
namespace Kelunik\AcmeClient\Commands;
|
||||
|
||||
use Amp\Process;
|
||||
use Amp\Promise;
|
||||
use Generator;
|
||||
use Kelunik\Certificate\Certificate;
|
||||
use League\CLImate\Argument\Manager;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use function Amp\all;
|
||||
use function Amp\File\get;
|
||||
use function Amp\File\scandir;
|
||||
use function Amp\pipe;
|
||||
use function Amp\resolve;
|
||||
|
||||
class Renew implements Command {
|
||||
private $logger;
|
||||
@@ -21,22 +14,22 @@ class Renew implements Command {
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
public function execute(Manager $args): Promise {
|
||||
return resolve($this->doExecute($args));
|
||||
public function execute(Manager $args) {
|
||||
return \Amp\resolve($this->doExecute($args));
|
||||
}
|
||||
|
||||
private function doExecute(Manager $args): Generator {
|
||||
private function doExecute(Manager $args) {
|
||||
$path = dirname(dirname(__DIR__)) . "/data/certs";
|
||||
|
||||
if (!realpath($path)) {
|
||||
throw new \RuntimeException("Certificate path doesn't exist: '{$path}'");
|
||||
}
|
||||
|
||||
$domains = yield scandir($path);
|
||||
$domains = (yield \Amp\File\scandir($path));
|
||||
$promises = [];
|
||||
|
||||
foreach ($domains as $domain) {
|
||||
$pem = yield get($path . "/" . $domain . "/cert.pem");
|
||||
$pem = (yield \Amp\File\get($path . "/" . $domain . "/cert.pem"));
|
||||
$cert = new Certificate($pem);
|
||||
|
||||
if ($cert->getValidTo() > time() + 30 * 24 * 60 * 60) {
|
||||
@@ -45,7 +38,7 @@ class Renew implements Command {
|
||||
continue;
|
||||
}
|
||||
|
||||
$json = yield get($path . "/" . $domain . "/config.json");
|
||||
$json = (yield \Amp\File\get($path . "/" . $domain . "/config.json"));
|
||||
$config = json_decode($json);
|
||||
|
||||
$command = [
|
||||
@@ -63,7 +56,7 @@ class Renew implements Command {
|
||||
$command = array_map("escapeshellarg", $command);
|
||||
$command = implode(" ", $command);
|
||||
|
||||
$promises[] = pipe((new Process($command))->exec()->watch(function ($update) {
|
||||
$promises[] = \Amp\pipe((new Process($command))->exec()->watch(function ($update) {
|
||||
list($type, $data) = $update;
|
||||
|
||||
if ($type === "err") {
|
||||
@@ -78,7 +71,7 @@ class Renew implements Command {
|
||||
});
|
||||
}
|
||||
|
||||
$results = yield all($promises);
|
||||
$results = (yield \Amp\all($promises));
|
||||
|
||||
foreach ($results as $result) {
|
||||
if ($result->exit !== 0) {
|
||||
@@ -87,7 +80,7 @@ class Renew implements Command {
|
||||
}
|
||||
}
|
||||
|
||||
public static function getDefinition(): array {
|
||||
public static function getDefinition() {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
@@ -8,16 +8,11 @@ use Generator;
|
||||
use Kelunik\Acme\AcmeClient;
|
||||
use Kelunik\Acme\AcmeException;
|
||||
use Kelunik\Acme\AcmeService;
|
||||
use Kelunik\Acme\KeyPair;
|
||||
use function Kelunik\AcmeClient\getServer;
|
||||
use Kelunik\AcmeClient\Stores\CertificateStore;
|
||||
use Kelunik\AcmeClient\Stores\KeyStore;
|
||||
use Kelunik\Certificate\Certificate;
|
||||
use League\CLImate\Argument\Manager;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use function Amp\File\exists;
|
||||
use function Amp\File\get;
|
||||
use function Amp\resolve;
|
||||
|
||||
class Revoke implements Command {
|
||||
private $logger;
|
||||
@@ -26,24 +21,24 @@ class Revoke implements Command {
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
public function execute(Manager $args): Promise {
|
||||
return resolve($this->doExecute($args));
|
||||
public function execute(Manager $args) {
|
||||
return \Amp\resolve($this->doExecute($args));
|
||||
}
|
||||
|
||||
private function doExecute(Manager $args): Generator {
|
||||
private function doExecute(Manager $args) {
|
||||
if (posix_geteuid() !== 0) {
|
||||
throw new AcmeException("Please run this script as root!");
|
||||
}
|
||||
|
||||
$keyStore = new KeyStore(dirname(dirname(__DIR__)) . "/data");
|
||||
|
||||
$keyPair = yield $keyStore->get("account/key.pem");
|
||||
$acme = new AcmeService(new AcmeClient(getServer(), $keyPair), $keyPair);
|
||||
$keyPair = (yield $keyStore->get("account/key.pem"));
|
||||
$acme = new AcmeService(new AcmeClient(\Kelunik\AcmeClient\getServer(), $keyPair), $keyPair);
|
||||
|
||||
$this->logger->info("Revoking certificate ...");
|
||||
|
||||
try {
|
||||
$pem = yield get(dirname(dirname(__DIR__)) . "/data/certs/" . $args->get("name") . "/cert.pem");
|
||||
$pem = (yield \Amp\File\get(dirname(dirname(__DIR__)) . "/data/certs/" . $args->get("name") . "/cert.pem"));
|
||||
$cert = new Certificate($pem);
|
||||
} catch (FilesystemException $e) {
|
||||
throw new \RuntimeException("There's no such certificate!");
|
||||
@@ -60,7 +55,7 @@ class Revoke implements Command {
|
||||
yield (new CertificateStore(dirname(dirname(__DIR__)) . "/data/certs"))->delete($args->get("name"));
|
||||
}
|
||||
|
||||
public static function getDefinition(): array {
|
||||
public static function getDefinition() {
|
||||
return [
|
||||
"name" => [
|
||||
"longPrefix" => "name",
|
||||
|
||||
@@ -6,6 +6,7 @@ use Amp\Dns\Record;
|
||||
use Amp\Dns\ResolutionException;
|
||||
use Amp\Promise;
|
||||
use Generator;
|
||||
use InvalidArgumentException;
|
||||
use Kelunik\Acme\AcmeClient;
|
||||
use Kelunik\Acme\AcmeException;
|
||||
use Kelunik\Acme\AcmeService;
|
||||
@@ -16,10 +17,6 @@ use Kelunik\AcmeClient\Stores\KeyStoreException;
|
||||
use League\CLImate\Argument\Manager;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use RuntimeException;
|
||||
use function Amp\File\exists;
|
||||
use function Amp\File\put;
|
||||
use function Amp\resolve;
|
||||
use function Kelunik\AcmeClient\serverToIdentity;
|
||||
|
||||
class Setup implements Command {
|
||||
private $logger;
|
||||
@@ -28,13 +25,13 @@ class Setup implements Command {
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
public function execute(Manager $args): Promise {
|
||||
return resolve($this->doExecute($args));
|
||||
public function execute(Manager $args) {
|
||||
return \Amp\resolve($this->doExecute($args));
|
||||
}
|
||||
|
||||
public function doExecute(Manager $args): Generator {
|
||||
public function doExecute(Manager $args) {
|
||||
$email = $args->get("email");
|
||||
yield resolve($this->checkEmail($email));
|
||||
yield \Amp\resolve($this->checkEmail($email));
|
||||
|
||||
$server = $args->get("server");
|
||||
$protocol = substr($server, 0, strpos("://", $server));
|
||||
@@ -52,7 +49,7 @@ class Setup implements Command {
|
||||
|
||||
try {
|
||||
$this->logger->info("Loading private key ...");
|
||||
$keyPair = yield $keyStore->get($path);
|
||||
$keyPair = (yield $keyStore->get($path));
|
||||
$this->logger->info("Existing private key successfully loaded.");
|
||||
} catch (KeyStoreException $e) {
|
||||
$this->logger->info("No existing private key found, generating new one ...");
|
||||
@@ -60,11 +57,11 @@ class Setup implements Command {
|
||||
$this->logger->info("Generated new private key with {$bits} bits.");
|
||||
|
||||
$this->logger->info("Saving new private key ...");
|
||||
$keyPair = yield $keyStore->put($path, $keyPair);
|
||||
$keyPair = (yield $keyStore->put($path, $keyPair));
|
||||
$this->logger->info("New private key successfully saved.");
|
||||
}
|
||||
|
||||
$user = $args->get("user") ?? "www-data";
|
||||
$user = $args->get("user") ?: "www-data";
|
||||
$userInfo = posix_getpwnam($user);
|
||||
|
||||
if (!$userInfo) {
|
||||
@@ -75,17 +72,21 @@ class Setup implements Command {
|
||||
|
||||
$this->logger->info("Registering with ACME server " . substr($server, 8) . " ...");
|
||||
/** @var Registration $registration */
|
||||
$registration = yield $acme->register($email);
|
||||
$registration = (yield $acme->register($email));
|
||||
$this->logger->notice("Registration successful with the following contact information: " . implode(", ", $registration->getContact()));
|
||||
|
||||
yield put(dirname(dirname(__DIR__)) . "/data/account/config.json", json_encode([
|
||||
yield \Amp\File\put(dirname(dirname(__DIR__)) . "/data/account/config.json", json_encode([
|
||||
"version" => 1,
|
||||
"server" => $server,
|
||||
"email" => $email,
|
||||
], JSON_PRETTY_PRINT) . "\n");
|
||||
}
|
||||
|
||||
private function checkEmail(string $email): Generator {
|
||||
private function checkEmail($email) {
|
||||
if (!is_string($email)) {
|
||||
throw new InvalidArgumentException(sprintf("\$email must be of type string, %s given.", gettype($email)));
|
||||
}
|
||||
|
||||
$host = substr($email, strrpos($email, "@") + 1);
|
||||
|
||||
if (!$host) {
|
||||
@@ -99,7 +100,7 @@ class Setup implements Command {
|
||||
}
|
||||
}
|
||||
|
||||
public static function getDefinition(): array {
|
||||
public static function getDefinition() {
|
||||
return [
|
||||
"server" => [
|
||||
"prefix" => "s",
|
||||
|
||||
Reference in New Issue
Block a user