From e803385a6e688a4e5c75e95c9600aa9eda98ff31 Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Mon, 19 May 2025 15:56:54 +0200 Subject: [PATCH] MINOR: acme: renewal notification over the dpapi sink Output a sink message when the certificate was renewed by the ACME client. The message is emitted on the "dpapi" sink, and ends by \n\0. Since the message contains this binary character, the right -0 parameter must be used when consulting the sink over the CLI: Example: $ echo "show events dpapi -nw -0" | socat -t9999 /tmp/haproxy.sock - <0>2025-05-19T15:56:23.059755+02:00 acme newcert foobar.pem.rsa\n\0 When used with the master CLI, @@1 should be used instead of @1 in order to keep the connection to the worker. Example: $ echo "@@1 show events dpapi -nw -0" | socat -t9999 /tmp/master.sock - <0>2025-05-19T15:56:23.059755+02:00 acme newcert foobar.pem.rsa\n\0 --- src/acme.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/acme.c b/src/acme.c index 2700adf5f..70bd95e8e 100644 --- a/src/acme.c +++ b/src/acme.c @@ -29,6 +29,7 @@ #include #include #include +#include #include #include #include @@ -846,6 +847,8 @@ int acme_update_certificate(struct task *task, struct acme_ctx *ctx, char **errm int ret = 1; struct ckch_store *old_ckchs, *new_ckchs; struct ckch_inst *ckchi; + struct sink *dpapi; + struct ist line[3]; new_ckchs = ctx->store; @@ -878,6 +881,15 @@ int acme_update_certificate(struct task *task, struct acme_ctx *ctx, char **errm send_log(NULL, LOG_NOTICE,"acme: %s: Successful update of the certificate.\n", ctx->store->path); + + line[0] = ist("acme newcert "); + line[1] = ist(ctx->store->path); + line[2] = ist("\n\0"); + + dpapi = sink_find("dpapi"); + if (dpapi) + sink_write(dpapi, LOG_HEADER_NONE, 0, line, 3); + ctx->store = NULL; ret = 0;