示例#1
0
 public function doExecute(Manager $args) : Generator
 {
     if (posix_geteuid() !== 0) {
         throw new AcmeException("Please run this script as root!");
     }
     $email = $args->get("email");
     (yield resolve($this->checkEmail($email)));
     $server = $args->get("server");
     $protocol = substr($server, 0, strpos("://", $server));
     if (!$protocol || $protocol === $server) {
         $server = "https://" . $server;
     } elseif ($protocol !== "https") {
         throw new \InvalidArgumentException("Invalid server protocol, only HTTPS supported");
     }
     $identity = str_replace(["/", "%"], "-", substr($server, 8));
     $path = __DIR__ . "/../../data/accounts";
     $pathPrivate = "{$path}/{$identity}.private.key";
     $pathPublic = "{$path}/{$identity}.public.key";
     if ((yield exists($pathPrivate)) && (yield exists($pathPublic))) {
         $this->logger->info("Loading existing keys ...");
         $private = file_get_contents($pathPrivate);
         $public = file_get_contents($pathPublic);
         $keyPair = new KeyPair($private, $public);
     } else {
         $this->logger->info("Generating key keys ...");
         $keyPair = (new OpenSSLKeyGenerator())->generate(4096);
         if (!file_exists($path) && !mkdir($path, 0700, true)) {
             throw new AcmeException("Couldn't create account directory");
         }
         file_put_contents($pathPrivate, $keyPair->getPrivate());
         file_put_contents($pathPublic, $keyPair->getPublic());
         chmod($pathPrivate, 600);
         chmod($pathPrivate, 600);
     }
     $acme = new AcmeService(new AcmeClient($server, $keyPair), $keyPair);
     $this->logger->info("Registering with ACME server " . substr($server, 8) . " ...");
     /** @var Registration $registration */
     $registration = (yield $acme->register($email));
     $this->logger->notice("Registration successful with contact " . json_encode($registration->getContact()));
 }
示例#2
0
 private function loadFile(string $filePath) : \Generator
 {
     if (isset($this->loadPromises[$filePath])) {
         (yield $this->loadPromises[$filePath]);
         return $this->dataCache[$filePath];
     }
     $deferred = new Deferred();
     $this->loadPromises[$filePath] = $deferred->promise();
     $this->lockMutexes[$filePath] = new QueuedExclusiveMutex();
     return (yield $this->lockMutexes[$filePath]->withLock(function () use($filePath, $deferred) {
         try {
             // we may have been waiting on a lock and it's been populated by now
             if (!isset($this->dataCache[$filePath])) {
                 $this->dataCache[$filePath] = (yield exists($filePath)) ? json_try_decode((yield get($filePath)), true) : [];
             }
         } catch (\Throwable $e) {
             $this->dataCache[$filePath] = [];
         } finally {
             $deferred->succeed();
             unset($this->loadPromises[$filePath]);
         }
         return $this->dataCache[$filePath];
     }));
 }
示例#3
0
 private function doLoadKeyPair(string $path) : Generator
 {
     $privateExists = (yield exists("{$path}/private.pem"));
     $publicExists = (yield exists("{$path}/public.pem"));
     $lockExists = (yield exists("{$path}/key.lock"));
     if ($privateExists && $publicExists) {
         while ($lockExists) {
             (yield new Pause(500));
             $lockExists = (yield exists("{$path}/key.lock"));
         }
         return new KeyPair((yield get("{$path}/private.pem")), (yield get("{$path}/public.pem")));
     }
     $lock = new Lock("{$path}/key.lock");
     try {
         $lock->acquire();
         $gen = new OpenSSLKeyGenerator();
         $keyPair = $gen->generate(4096);
         (yield put("{$path}/private.pem", $keyPair->getPrivate()));
         (yield put("{$path}/public.pem", $keyPair->getPublic()));
         return $keyPair;
     } catch (Exception $e) {
         do {
             (yield new Pause(500));
             $lockExists = (yield exists("{$path}/key.lock"));
         } while ($lockExists);
         return new KeyPair((yield get("{$path}/private.pem")), (yield get("{$path}/public.pem")));
     } finally {
         $lock->release();
         unlink("{$path}/key.lock");
         // do not yield in finally!
     }
 }