diff --git a/Cargo.lock b/Cargo.lock index f6343ff..83c79c1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4,7 +4,7 @@ version = 3 [[package]] name = "acme-client" -version = "1.2.0" +version = "1.3.0" dependencies = [ "acme-lib", "aliyun-openapi-core-rust-sdk", diff --git a/Cargo.toml b/Cargo.toml index 3923059..82c2893 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "acme-client" -version = "1.2.0" +version = "1.3.0" authors = ["Hatter Jiang "] edition = "2018" description = "Acme auto challenge client, acme-client can issue certificates from Let's encrypt" diff --git a/src/acme.rs b/src/acme.rs index cbacbd4..2a95778 100644 --- a/src/acme.rs +++ b/src/acme.rs @@ -1,7 +1,7 @@ use std::fs; use std::sync::RwLock; use std::collections::BTreeMap; -use acme_lib::{Directory, create_p256_key, create_p384_key, create_rsa_key}; +use acme_lib::{Directory, create_p256_key, create_p384_key, create_rsa_key, DirectoryUrl}; use acme_lib::persist::FilePersist; use rust_util::XResult; use crate::util::parse_dns_record; @@ -26,6 +26,7 @@ pub struct AcmeRequest<'a> { pub alt_names: &'a [&'a str], pub algo: X509PublicKeyAlgo, pub mode: AcmeMode, + pub directory_url: Option, pub account_dir: &'a str, pub timeout: u64, pub local_public_ip: Option<&'a str>, @@ -58,7 +59,12 @@ pub fn request_acme_certificate(acme_request: AcmeRequest, dns_cleaned_domains: } information!("Acme mode: {:?}", acme_request.mode); - let url = acme_request.mode.directory_url(); + let url = if let Some(directory_url) = &acme_request.directory_url { + DirectoryUrl::Other(directory_url) + } else { + acme_request.mode.directory_url() + }; + debugging!("Directory URL: {:?}", url); let persist = FilePersist::new(acme_request.account_dir); let dir = opt_result!(Directory::from_url(persist, url), "Create directory from url failed: {}"); let acc = opt_result!(dir.account(acme_request.contract_email), "Directory set account failed: {}"); diff --git a/src/config.rs b/src/config.rs index 72c1278..68774b3 100644 --- a/src/config.rs +++ b/src/config.rs @@ -84,6 +84,7 @@ pub struct CertConfig { pub cert_items: Vec, pub trigger_after_update: Option>, pub notify_token: Option, + pub directory_url: Option, } impl CertConfig { @@ -133,6 +134,7 @@ impl CertConfig { cert_items: filtered_cert_items, trigger_after_update: self.trigger_after_update, notify_token: self.notify_token, + directory_url: self.directory_url, } } diff --git a/src/main.rs b/src/main.rs index 63c471a..316e049 100644 --- a/src/main.rs +++ b/src/main.rs @@ -50,6 +50,7 @@ async fn main() -> tide::Result<()> { .arg(Arg::with_name("algo").short("a").long("algo").takes_value(true).default_value("ec384").help("Pki algo")) .arg(Arg::with_name("timeout").long("timeout").takes_value(true).default_value("5000").help("Timeout (ms)")) .arg(Arg::with_name("mode").short("m").long("mode").takes_value(true).default_value("prod").help("Mode")) + .arg(Arg::with_name("directory-url").long("directory-url").takes_value(true).help("ACME directory URL")) .arg(Arg::with_name("dir").long("dir").takes_value(true).default_value("acme_dir").help("Account key dir")) .arg(Arg::with_name("cert-dir").long("cert-dir").takes_value(true).help("Certificate dir")) .arg(Arg::with_name("config").short("c").long("config").takes_value(true).help("Cert config")) @@ -222,6 +223,7 @@ async fn main() -> tide::Result<()> { alt_names: &alt_names, algo, mode, + directory_url: matches.value_of("directory-url").map(|u| u.to_string()), account_dir, timeout, local_public_ip: local_public_ip.as_deref(), @@ -279,6 +281,7 @@ async fn main() -> tide::Result<()> { alt_names: &alt_names, algo, mode, + directory_url: matches.value_of("directory-url").map(|u| u.to_string()).or(filtered_cert_config.directory_url.clone()), account_dir, timeout, local_public_ip: local_public_ip.as_deref(),