Open
Conversation
It was previously not possible to reliably use the -delayed switch and expect DNS challenge tokens to be remembered for a second run. This commit adds logic to save and load the needed state - %callback_data in le.pl and select attributes in LE.PM. In the script it is done directly. In the module it is done using two new methods. _save_state and _load_state. Data is saved to disk using the Storable package. A new command line parameter, -resume, has been added to facilitate the use of the stored data for a second pass. Additionally, the DNS challenge tokens are now saved to disk for easier integration with external registration methods. Previously, this could only be done by enabling file logging and extracting the tokens using regex. Additionally, the OpenSSL option use_pkcs1_padding in LE::_set_key was removed, as the use is discouraged (https://github.com/tomato42/marvin-toolkit/blob/master/README.md) and causes a fatal error. Removal rather than changing the method is likely good, as we can rely on OpenSSL using the most reasonable default.
Owner
|
Thanks. will take a closer look. And thanks for correcting a typo there in the list of options :) |
|
👍 - Was just searching for a solution to this. We've been running into this with our usage where the challenges would change when using Any timeline for this getting reviewed / released? We rely on the packaged executable so not sure where to get that from to test it out :) Thanks! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Hello, as per the description in my first commit, this is a suggestion on an implementation of an improved two pass functionality in Crypt-LE, enabling data persistence between the first -delayed pass and a second pass, now dubbed -resume.
I have not added in any error handling, as I think that is best for the author to decide what is necessary, but I can it add upon request following the general style of the project.
Also, I have not updated the version number.
This version of Crypt LE can be easily tested using a wrapper script plus a few extra files that I have collected in Crypt-LE-helper
Best regards
Alexander