1berry/haproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MINOR: acme: generate new account

Browse Source 
The new account action in the ACME task use the same function as the
chkaccount, but onlyReturnExisting is not sent in this case!
This commit is contained in:
William Lallemand 2025-04-09 21:32:05 +02:00
parent 7f9bf4d5f7
commit 04d393f661
2 changed files with 28 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/haproxy/acme-t.h
View File

@ -33,6 +33,7 @@ enum acme_st {
ACME_RESSOURCES = 0,
ACME_NEWNONCE,
ACME_CHKACCOUNT,
ACME_NEWACCOUNT,
ACME_END
};

36
src/acme.c
View File

@ -628,7 +628,7 @@ error:
return ret;
}
int acme_res_account(struct task *task, struct acme_ctx *ctx, char **errmsg)
int acme_res_account(struct task *task, struct acme_ctx *ctx, int newaccount, char **errmsg)
{
struct httpclient *hc;
struct http_hdr *hdrs, *hdr;
@ -663,9 +663,11 @@ int acme_res_account(struct task *task, struct acme_ctx *ctx, char **errmsg)
if ((ret = mjson_get_string(hc->res.buf.area, hc->res.buf.data, "$.type", t2->area, t2->size)) > -1)
t2->data = ret;
/* not an error, we only need to create a new account */
if (strcmp("urn:ietf:params:acme:error:accountDoesNotExist", t2->area) == 0)
goto out;
if (!newaccount) {
/* not an error, we only need to create a new account */
if (strcmp("urn:ietf:params:acme:error:accountDoesNotExist", t2->area) == 0)
goto out;
}
if (t2->data && t1->data)
memprintf(errmsg, "invalid HTTP status code %d when getting Account URL: \"%.*s\" (%.*s)", hc->res.status, (int)t1->data, t1->area, (int)t2->data, t2->area);
@ -839,16 +841,32 @@ struct task *acme_process(struct task *task, void *context, unsigned int state)
goto retry;
}
if (http_st == ACME_HTTP_RES) {
if (acme_res_account(task, ctx, &errmsg) != 0) {
if (acme_res_account(task, ctx, 0, &errmsg) != 0) {
http_st = ACME_HTTP_REQ;
goto retry;
}
st = ACME_END;
if (!isttest(ctx->kid)) {
st = ACME_NEWACCOUNT;
http_st = ACME_HTTP_REQ;
task_wakeup(task, TASK_WOKEN_MSG);
}
goto end;
}
break;
case ACME_NEWACCOUNT:
if (http_st == ACME_HTTP_REQ) {
if (acme_req_account(task, ctx, 1, &errmsg) != 0)
goto retry;
}
if (http_st == ACME_HTTP_RES) {
if (acme_res_account(task, ctx, 1, &errmsg) != 0) {
http_st = ACME_HTTP_REQ;
goto retry;
}
goto end;
}
break;
case ACME_END:
goto end;
break;
default:
break;