From 71f254d19e52b4a1b41330830bfc23ad0ae80ebb Mon Sep 17 00:00:00 2001 From: Fernandez Ludovic Date: Fri, 6 Feb 2026 02:49:28 +0100 Subject: [PATCH] refactor: move some functions to setup --- cmd/cmd_run.go | 34 -------------- cmd/setup.go | 120 ++++++++++++++++++++++++++++++++++-------------- cmd/storages.go | 23 ---------- 3 files changed, 86 insertions(+), 91 deletions(-) delete mode 100644 cmd/storages.go diff --git a/cmd/cmd_run.go b/cmd/cmd_run.go index 75e36c4c8..b283a1836 100644 --- a/cmd/cmd_run.go +++ b/cmd/cmd_run.go @@ -2,7 +2,6 @@ package cmd import ( "context" - "crypto/x509" "fmt" "github.com/go-acme/lego/v5/certcrypto" @@ -150,36 +149,3 @@ func obtainCertificate(ctx context.Context, cmd *cli.Command, client *lego.Clien return client.Certificate.ObtainForCSR(ctx, request) } - -func newObtainRequest(cmd *cli.Command, domains []string) certificate.ObtainRequest { - return certificate.ObtainRequest{ - Domains: domains, - MustStaple: cmd.Bool(flgMustStaple), - NotBefore: cmd.Timestamp(flgNotBefore), - NotAfter: cmd.Timestamp(flgNotAfter), - Bundle: !cmd.Bool(flgNoBundle), - PreferredChain: cmd.String(flgPreferredChain), - Profile: cmd.String(flgProfile), - AlwaysDeactivateAuthorizations: cmd.Bool(flgAlwaysDeactivateAuthorizations), - } -} - -func newObtainForCSRRequest(cmd *cli.Command, csr *x509.CertificateRequest) certificate.ObtainForCSRRequest { - return certificate.ObtainForCSRRequest{ - CSR: csr, - NotBefore: cmd.Timestamp(flgNotBefore), - NotAfter: cmd.Timestamp(flgNotAfter), - Bundle: !cmd.Bool(flgNoBundle), - PreferredChain: cmd.String(flgPreferredChain), - Profile: cmd.String(flgProfile), - AlwaysDeactivateAuthorizations: cmd.Bool(flgAlwaysDeactivateAuthorizations), - } -} - -func validateNetworkStack(cmd *cli.Command) error { - if cmd.Bool(flgIPv4Only) && cmd.Bool(flgIPv6Only) { - return fmt.Errorf("cannot specify both --%s and --%s", flgIPv4Only, flgIPv6Only) - } - - return nil -} diff --git a/cmd/setup.go b/cmd/setup.go index 8c685e0d4..2cb72e898 100644 --- a/cmd/setup.go +++ b/cmd/setup.go @@ -15,6 +15,8 @@ import ( "github.com/go-acme/lego/v5/acme" "github.com/go-acme/lego/v5/certcrypto" + "github.com/go-acme/lego/v5/certificate" + "github.com/go-acme/lego/v5/cmd/internal/storage" "github.com/go-acme/lego/v5/lego" "github.com/go-acme/lego/v5/log" "github.com/go-acme/lego/v5/registration" @@ -38,6 +40,7 @@ func newClient(cmd *cli.Command, account registration.User, keyType certcrypto.K func newClientConfig(cmd *cli.Command, account registration.User, keyType certcrypto.KeyType) *lego.Config { config := lego.NewConfig(account) config.CADirURL = cmd.String(flgServer) + config.UserAgent = getUserAgent(cmd) config.Certificate = lego.CertificateConfig{ KeyType: keyType, @@ -45,7 +48,6 @@ func newClientConfig(cmd *cli.Command, account registration.User, keyType certcr OverallRequestLimit: cmd.Int(flgOverallRequestLimit), EnableCommonName: cmd.Bool(flgEnableCommonName), } - config.UserAgent = getUserAgent(cmd) if cmd.IsSet(flgHTTPTimeout) { config.HTTPClient.Timeout = time.Duration(cmd.Int(flgHTTPTimeout)) * time.Second @@ -79,39 +81,6 @@ func getUserAgent(cmd *cli.Command) string { return strings.TrimSpace(fmt.Sprintf("%s lego-cli/%s", cmd.String(flgUserAgent), cmd.Version)) } -func readCSRFile(filename string) (*x509.CertificateRequest, error) { - bytes, err := os.ReadFile(filename) - if err != nil { - return nil, err - } - - raw := bytes - - // see if we can find a PEM-encoded CSR - var p *pem.Block - - rest := bytes - for { - // decode a PEM block - p, rest = pem.Decode(rest) - - // did we fail? - if p == nil { - break - } - - // did we get a CSR? - if p.Type == "CERTIFICATE REQUEST" || p.Type == "NEW CERTIFICATE REQUEST" { - raw = p.Bytes - } - } - - // no PEM-encoded CSR - // assume we were given a DER-encoded ASN.1 CSR - // (if this assumption is wrong, parsing these bytes will fail) - return x509.ParseCertificateRequest(raw) -} - func checkRetry(ctx context.Context, resp *http.Response, err error) (bool, error) { rt, err := retryablehttp.ErrorPropagatedRetryPolicy(ctx, resp, err) if err != nil { @@ -157,3 +126,86 @@ func checkRetry(ctx context.Context, resp *http.Response, err error) (bool, erro return rt, nil } + +func readCSRFile(filename string) (*x509.CertificateRequest, error) { + bytes, err := os.ReadFile(filename) + if err != nil { + return nil, err + } + + raw := bytes + + // see if we can find a PEM-encoded CSR + var p *pem.Block + + rest := bytes + for { + // decode a PEM block + p, rest = pem.Decode(rest) + + // did we fail? + if p == nil { + break + } + + // did we get a CSR? + if p.Type == "CERTIFICATE REQUEST" || p.Type == "NEW CERTIFICATE REQUEST" { + raw = p.Bytes + } + } + + // no PEM-encoded CSR + // assume we were given a DER-encoded ASN.1 CSR + // (if this assumption is wrong, parsing these bytes will fail) + return x509.ParseCertificateRequest(raw) +} + +func newObtainRequest(cmd *cli.Command, domains []string) certificate.ObtainRequest { + return certificate.ObtainRequest{ + Domains: domains, + MustStaple: cmd.Bool(flgMustStaple), + NotBefore: cmd.Timestamp(flgNotBefore), + NotAfter: cmd.Timestamp(flgNotAfter), + Bundle: !cmd.Bool(flgNoBundle), + PreferredChain: cmd.String(flgPreferredChain), + Profile: cmd.String(flgProfile), + AlwaysDeactivateAuthorizations: cmd.Bool(flgAlwaysDeactivateAuthorizations), + } +} + +func newObtainForCSRRequest(cmd *cli.Command, csr *x509.CertificateRequest) certificate.ObtainForCSRRequest { + return certificate.ObtainForCSRRequest{ + CSR: csr, + NotBefore: cmd.Timestamp(flgNotBefore), + NotAfter: cmd.Timestamp(flgNotAfter), + Bundle: !cmd.Bool(flgNoBundle), + PreferredChain: cmd.String(flgPreferredChain), + Profile: cmd.String(flgProfile), + AlwaysDeactivateAuthorizations: cmd.Bool(flgAlwaysDeactivateAuthorizations), + } +} + +func validateNetworkStack(cmd *cli.Command) error { + if cmd.Bool(flgIPv4Only) && cmd.Bool(flgIPv6Only) { + return fmt.Errorf("cannot specify both --%s and --%s", flgIPv4Only, flgIPv6Only) + } + + return nil +} + +func newAccountsStorageConfig(cmd *cli.Command) storage.AccountsStorageConfig { + return storage.AccountsStorageConfig{ + BasePath: cmd.String(flgPath), + Server: cmd.String(flgServer), + UserAgent: getUserAgent(cmd), + } +} + +func newSaveOptions(cmd *cli.Command) *storage.SaveOptions { + return &storage.SaveOptions{ + PEM: cmd.Bool(flgPEM), + PFX: cmd.Bool(flgPFX), + PFXFormat: cmd.String(flgPFXPass), + PFXPassword: cmd.String(flgPFXFormat), + } +} diff --git a/cmd/storages.go b/cmd/storages.go deleted file mode 100644 index 204ab8a3a..000000000 --- a/cmd/storages.go +++ /dev/null @@ -1,23 +0,0 @@ -package cmd - -import ( - "github.com/go-acme/lego/v5/cmd/internal/storage" - "github.com/urfave/cli/v3" -) - -func newAccountsStorageConfig(cmd *cli.Command) storage.AccountsStorageConfig { - return storage.AccountsStorageConfig{ - BasePath: cmd.String(flgPath), - Server: cmd.String(flgServer), - UserAgent: getUserAgent(cmd), - } -} - -func newSaveOptions(cmd *cli.Command) *storage.SaveOptions { - return &storage.SaveOptions{ - PEM: cmd.Bool(flgPEM), - PFX: cmd.Bool(flgPFX), - PFXFormat: cmd.String(flgPFXPass), - PFXPassword: cmd.String(flgPFXFormat), - } -}