Skip to content

Commit

Permalink
* making a md_result_t object to carry all interesting information a…
Browse files Browse the repository at this point in the history 
…bout success and failures of renewals.
  • Loading branch information
Stefan Eissing committed May 29, 2019
1 parent 97b7c04 commit 69d546f
Show file tree
Hide file tree
Showing 28 changed files with 554 additions and 326 deletions.
2 changes: 1 addition & 1 deletion configure.ac
View file
Expand Up @@ -14,7 +14,7 @@
#

AC_PREREQ([2.69])
AC_INIT([mod_md], [2.0.1], [stefan.eissing@greenbytes.de])
AC_INIT([mod_md], [2.0.2], [stefan.eissing@greenbytes.de])

LT_PREREQ([2.2.6])
LT_INIT()
Expand Down
21 changes: 18 additions & 3 deletions mod_md.xcodeproj/project.pbxproj
View file
Expand Up @@ -99,6 +99,9 @@
B292B2731F2F7C0000FA0E35 /* test_md_util.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = test_md_util.c; sourceTree = "<group>"; };
B298D5C2229BE6FC00245316 /* md_status.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = md_status.h; sourceTree = "<group>"; };
B298D5C3229BE6FC00245316 /* md_status.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = md_status.c; sourceTree = "<group>"; };
B298D5C4229E7BF000245316 /* md_result.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = md_result.h; sourceTree = "<group>"; };
B298D5C5229E7BF000245316 /* md_result.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = md_result.c; sourceTree = "<group>"; };
B298D5CC229E8AA600245316 /* main.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = main.c; sourceTree = "<group>"; };
B2A93D122292D7A400BC6339 /* httpd.conf.in */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = httpd.conf.in; sourceTree = "<group>"; };
B2A93D132297E14600BC6339 /* test_0910_cleanups.py */ = {isa = PBXFileReference; lastKnownFileType = text.script.python; path = test_0910_cleanups.py; sourceTree = "<group>"; };
B2B330051F39E1D300579179 /* md_acme_acct.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = md_acme_acct.c; sourceTree = "<group>"; };
Expand Down Expand Up @@ -310,6 +313,15 @@
path = test_drive;
sourceTree = "<group>";
};
B298D5CB229E8AA600245316 /* mod_md_lib */ = {
isa = PBXGroup;
children = (
B298D5CC229E8AA600245316 /* main.c */,
);
name = mod_md_lib;
path = ../../mod_md/mod_md_lib;
sourceTree = "<group>";
};
B2B81EC81F13830600E35CA3 /* ssl */ = {
isa = PBXGroup;
children = (
Expand Down Expand Up @@ -347,6 +359,7 @@
B2D31B061EC33CBE007BECC8 /* src */,
B2D309EF1EC1AD26007BECC8 /* test */,
B2FC60761F59894A005B7D9E /* TODO.md */,
B298D5CB229E8AA600245316 /* mod_md_lib */,
);
path = /Users/sei/projects/mod_cert/mod_cert.xcodeproj;
sourceTree = "<absolute>";
Expand Down Expand Up @@ -444,6 +457,8 @@
B240521F1EF9145000E36701 /* md_log.h */,
B24052211EF9145000E36701 /* md_reg.c */,
B24052221EF9145000E36701 /* md_reg.h */,
B298D5C5229E7BF000245316 /* md_result.c */,
B298D5C4229E7BF000245316 /* md_result.h */,
B298D5C3229BE6FC00245316 /* md_status.c */,
B298D5C2229BE6FC00245316 /* md_status.h */,
B2B81EBE1F0F981C00E35CA3 /* md_store_fs.c */,
Expand Down Expand Up @@ -593,7 +608,7 @@
buildPhases = (
);
buildToolPath = /usr/bin/make;
buildWorkingDirectory = /Users/sei/projects/mod_md;
buildWorkingDirectory = /Users/sei/projects/mod_md/src;
dependencies = (
);
name = all;
Expand All @@ -616,11 +631,11 @@
};
buildConfigurationList = B27BBD231A65757700C58A41 /* Build configuration list for PBXProject "mod_md" */;
compatibilityVersion = "Xcode 3.2";
developmentRegion = English;
developmentRegion = en;
hasScannedForEncodings = 0;
knownRegions = (
English,
en,
Base,
);
mainGroup = B2D3099E1EBA227F007BECC8 /* /Users/sei/projects/mod_cert/mod_cert.xcodeproj */;
productRefGroup = B2D3099E1EBA227F007BECC8 /* /Users/sei/projects/mod_cert/mod_cert.xcodeproj */;
Expand Down
14 changes: 14 additions & 0 deletions mod_md_lib/main.c
View file
@@ -0,0 +1,14 @@
//
// main.c
// mod_md_lib
//
// Created by Stefan Eissing on 29.05.19.
//

#include <stdio.h>

int main(int argc, const char * argv[]) {
// insert code here...
printf("Hello, World!\n");
return 0;
}
2 changes: 2 additions & 0 deletions src/Makefile.am
View file
Expand Up @@ -40,6 +40,7 @@ A2LIB_OBJECTS = \
md_json.c \
md_jws.c \
md_log.c \
md_result.c \
md_reg.c \
md_status.c \
md_store.c \
Expand All @@ -60,6 +61,7 @@ A2LIB_HFILES = \
md_json.h \
md_jws.h \
md_log.h \
md_result.h \
md_reg.h \
md_status.h \
md_store.h \
Expand Down
4 changes: 3 additions & 1 deletion src/md.h
View file
Expand Up @@ -119,6 +119,7 @@ struct md_t {

#define MD_KEY_ACCOUNT "account"
#define MD_KEY_ACME_TLS_1 "acme-tls/1"
#define MD_KEY_ACTIVITY "activity"
#define MD_KEY_AGREEMENT "agreement"
#define MD_KEY_AUTHORIZATIONS "authorizations"
#define MD_KEY_BITS "bits"
Expand Down Expand Up @@ -159,6 +160,7 @@ struct md_t {
#define MD_KEY_ORDERS "orders"
#define MD_KEY_PERMANENT "permanent"
#define MD_KEY_PKEY "privkey"
#define MD_KEY_PROBLEM "problem"
#define MD_KEY_PROTO "proto"
#define MD_KEY_REGISTRATION "registration"
#define MD_KEY_RENEW "renew"
Expand Down Expand Up @@ -246,7 +248,7 @@ md_t *md_get_by_dns_overlap(struct apr_array_header_t *mds, const md_t *md);
* Find the managed domain in the list that, for the given md,
* has the same name, or the most number of overlaps in domains
*/
md_t *md_find_closest_match(apr_array_header_t *mds, const md_t *md);
md_t *md_find_closest_match(struct apr_array_header_t *mds, const md_t *md);

/**
* Create and empty md record, structures initialized.
Expand Down
106 changes: 52 additions & 54 deletions src/md_acme.c
View file
Expand Up @@ -30,6 +30,7 @@
#include "md_http.h"
#include "md_log.h"
#include "md_store.h"
#include "md_result.h"
#include "md_util.h"
#include "md_version.h"

Expand Down Expand Up @@ -327,24 +328,24 @@ static apr_status_t md_acme_req_send(md_acme_req_t *req)
{
apr_status_t rv;
md_acme_t *acme = req->acme;
const char *body = NULL, *error;
const char *body = NULL;
md_result_t *result;

assert(acme->url);

md_log_perror(MD_LOG_MARK, MD_LOG_DEBUG, 0, req->p,
"sending req: %s %s", req->method, req->url);
result = md_result_make(req->p, APR_SUCCESS);

if (strcmp("GET", req->method) && strcmp("HEAD", req->method)) {
if (acme->version == MD_ACME_VERSION_UNKNOWN) {
if (APR_SUCCESS != (rv = md_acme_setup(acme, &error))) {
return rv;
}
rv = md_acme_setup(acme, result);
if (APR_SUCCESS != rv) goto leave;
}
if (!acme->nonce) {
if (APR_SUCCESS != (rv = acme->new_nonce_fn(acme))) {
md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, rv, req->p,
"error retrieving new nonce from ACME server");
return rv;
}
if (!acme->nonce && (APR_SUCCESS != (rv = acme->new_nonce_fn(acme)))) {
md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, rv, req->p,
"error retrieving new nonce from ACME server");
goto leave;
}

apr_table_set(req->prot_hdrs, "nonce", acme->nonce);
Expand All @@ -355,51 +356,49 @@ static apr_status_t md_acme_req_send(md_acme_req_t *req)
}

rv = req->on_init? req->on_init(req, req->baton) : APR_SUCCESS;
if (APR_SUCCESS != rv) goto leave;

if ((rv == APR_SUCCESS) && req->req_json) {
if (req->req_json) {
body = md_json_writep(req->req_json, req->p, MD_JSON_FMT_INDENT);
if (!body) {
rv = APR_EINVAL;
rv = APR_EINVAL; goto leave;
}
}

if (rv == APR_SUCCESS) {
if (body && md_log_is_level(req->p, MD_LOG_TRACE2)) {
md_log_perror(MD_LOG_MARK, MD_LOG_TRACE2, 0, req->p,
"req: %s %s, body:\n%s", req->method, req->url, body);
}
else {
md_log_perror(MD_LOG_MARK, MD_LOG_DEBUG, 0, req->p,
"req: %s %s", req->method, req->url);
}

if (!strcmp("GET", req->method)) {
rv = md_http_GET(req->acme->http, req->url, NULL, on_response, req);
}
else if (!strcmp("POST", req->method)) {
rv = md_http_POSTd(req->acme->http, req->url, NULL, "application/jose+json",
body, body? strlen(body) : 0, on_response, req);
}
else if (!strcmp("HEAD", req->method)) {
rv = md_http_HEAD(req->acme->http, req->url, NULL, on_response, req);
}
else {
md_log_perror(MD_LOG_MARK, MD_LOG_ERR, 0, req->p,
"HTTP method %s against: %s", req->method, req->url);
rv = APR_ENOTIMPL;
}
md_log_perror(MD_LOG_MARK, MD_LOG_DEBUG, rv, req->p, "req sent");

if (APR_EAGAIN == rv && req->max_retries > 0) {
--req->max_retries;
return md_acme_req_send(req);
}
req = NULL;
if (body && md_log_is_level(req->p, MD_LOG_TRACE2)) {
md_log_perror(MD_LOG_MARK, MD_LOG_TRACE2, 0, req->p,
"req: %s %s, body:\n%s", req->method, req->url, body);
}

if (req) {
md_acme_req_done(req);
else {
md_log_perror(MD_LOG_MARK, MD_LOG_DEBUG, 0, req->p,
"req: %s %s", req->method, req->url);
}

if (!strcmp("GET", req->method)) {
rv = md_http_GET(req->acme->http, req->url, NULL, on_response, req);
}
else if (!strcmp("POST", req->method)) {
rv = md_http_POSTd(req->acme->http, req->url, NULL, "application/jose+json",
body, body? strlen(body) : 0, on_response, req);
}
else if (!strcmp("HEAD", req->method)) {
rv = md_http_HEAD(req->acme->http, req->url, NULL, on_response, req);
}
else {
md_log_perror(MD_LOG_MARK, MD_LOG_ERR, 0, req->p,
"HTTP method %s against: %s", req->method, req->url);
rv = APR_ENOTIMPL;
}
md_log_perror(MD_LOG_MARK, MD_LOG_DEBUG, rv, req->p, "req sent");

if (APR_EAGAIN == rv && req->max_retries > 0) {
--req->max_retries;
rv = md_acme_req_send(req);
}
req = NULL;

leave:
if (req) md_acme_req_done(req);
return rv;
}

Expand Down Expand Up @@ -599,14 +598,13 @@ apr_status_t md_acme_create(md_acme_t **pacme, apr_pool_t *p, const char *url,
}


apr_status_t md_acme_setup(md_acme_t *acme, const char **perror)
apr_status_t md_acme_setup(md_acme_t *acme, md_result_t *result)
{
apr_status_t rv;
md_json_t *json;
const char *s;

assert(acme->url);
*perror = NULL;
acme->version = MD_ACME_VERSION_UNKNOWN;

if (!acme->http && APR_SUCCESS != (rv = md_http_create(&acme->http, acme->p,
Expand All @@ -619,15 +617,15 @@ apr_status_t md_acme_setup(md_acme_t *acme, const char **perror)

rv = md_acme_get_json(&json, acme, acme->url, acme->p);
if (APR_SUCCESS != rv) {
*perror = apr_psprintf(acme->p,
md_result_printf(result, rv,
"Unsuccessful in contacting ACME server at <%s>. If this problem persists, "
"please check your network connectivity from your Apache server to the "
"ACME server. Also, older servers might have trouble verifying the certificates "
"of the ACME server. You can check if you are able to contact it manually via the "
"curl command. Sometimes, the ACME server might be down for maintenance, "
"so failing to contact it is not an immediate problem. Apache will "
"continue retrying this.", acme->url);
md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, 0, acme->p, "%s", *perror);
md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, rv, acme->p, "%s", result->detail);
goto out;
}

Expand Down Expand Up @@ -663,11 +661,11 @@ apr_status_t md_acme_setup(md_acme_t *acme, const char **perror)
}

if (MD_ACME_VERSION_UNKNOWN == acme->version) {
*perror = apr_psprintf(acme->p,
md_result_printf(result, APR_EINVAL,
"Unable to understand ACME server response from <%s>. "
"Wrong ACME protocol version or link?", acme->url);
md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, 0, acme->p, "%s", *perror);
rv = APR_EINVAL;
md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, 0, acme->p, "%s", result->detail);
rv = result->status;
}
out:
return rv;
Expand Down
3 changes: 2 additions & 1 deletion src/md_acme.h
View file
Expand Up @@ -29,6 +29,7 @@ struct md_acme_acct_t;
struct md_acmev2_acct_t;
struct md_proto_t;
struct md_store_t;
struct md_result_t;

#define MD_PROTO_ACME "ACME"

Expand Down Expand Up @@ -147,7 +148,7 @@ apr_status_t md_acme_create(md_acme_t **pacme, apr_pool_t *p, const char *url,
*
* @param acme the ACME server to contact
*/
apr_status_t md_acme_setup(md_acme_t *acme, const char **perror);
apr_status_t md_acme_setup(md_acme_t *acme, struct md_result_t *result);

/**************************************************************************************************/
/* account handling */
Expand Down

0 comments on commit 69d546f

Please sign in to comment.