-*- coding: utf-8 -*-
Changes with Apache 2.5.1
- *) mod_md: v1.0.2, fix staging reset when MDCertificateAgreemen was initially missing.
- [Stefan Eissing]
+ *) mod_md: v1.0.3, fixed various bugs in persisting job properties, so that status is
+ persisted accross child process changes and staging is reset on reloads. Changed
+ MDCertificateAgreement url checks. As long as the CA reports that the account has
+ an agreement, no further checking is done. Existing accounts need no changes when
+ a new agreement comes out. [Stefan Eissing]
*) mod_watchdog: Correct some log messages. [Rainer Jung]
static int agreement_required(md_acme_acct_t *acct)
{
- return (!acct->agreement
- || (acct->tos_required && strcmp(acct->tos_required, acct->agreement)));
+ /* We used to really check if the account agreement and the one
+ * indicated as valid are the very same:
+ * return (!acct->agreement
+ * || (acct->tos_required && strcmp(acct->tos_required, acct->agreement)));
+ * However, LE is happy if the account has agreed to a ToS in the past and
+ * does not required a renewed acceptance.
+ */
+ return !acct->agreement;
}
apr_status_t md_acme_check_agreement(md_acme_t *acme, apr_pool_t *p,
if (APR_SUCCESS == rv) {
const char *agreement = md_acme_get_agreement(ad->acme);
/* Persist the account chosen at the md so we use the same on future runs */
- if (agreement && (!md->ca_agreement || strcmp(agreement, md->ca_agreement))) {
+ if (agreement && !md->ca_agreement) {
md->ca_agreement = agreement;
update = 1;
}
* @macro
* Version number of the md module as c string
*/
-#define MOD_MD_VERSION "1.0.2"
+#define MOD_MD_VERSION "1.0.3"
/**
* @macro
* release. This is a 24 bit number with 8 bits for major number, 8 bits
* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
*/
-#define MOD_MD_VERSION_NUM 0x010002
+#define MOD_MD_VERSION_NUM 0x010003
#define MD_EXPERIMENTAL 0
#define MD_ACME_DEF_URL "https://acme-v01.api.letsencrypt.org/directory"
apr_status_t rv;
rv = md_store_load_json(store, MD_SG_STAGING, job->md->name, MD_FN_JOB, &jprops, p);
+ if (APR_STATUS_IS_ENOENT(rv)) {
+ jprops = md_json_create(p);
+ rv = APR_SUCCESS;
+ }
if (APR_SUCCESS == rv) {
md_json_setb(job->restart_processed, jprops, MD_KEY_PROCESSED, NULL);
- md_json_setl(job->error_runs, jprops, MD_KEY_PROCESSED, NULL);
+ md_json_setl(job->error_runs, jprops, MD_KEY_ERRORS, NULL);
rv = md_store_save_json(store, p, MD_SG_STAGING, job->md->name,
MD_FN_JOB, jprops, 0);
}
if (job->stalled) {
/* Missing information, this will not change until configuration
* is changed and server restarted */
- rv = APR_INCOMPLETE;
- goto out;
+ rv = APR_INCOMPLETE;
+ ++job->error_runs;
+ goto out;
}
else if (job->renewed) {
assess_renewal(wd, job, ptemp);
out:
if (error_runs != job->error_runs) {
- save_job_props(wd->reg, job, ptemp);
+ apr_status_t rv2 = save_job_props(wd->reg, job, ptemp);
+ ap_log_error(APLOG_MARK, APLOG_TRACE1, rv2, wd->s, "%s: saving job props", job->md->name);
}
job->last_rv = rv;
projects / apache / commitdiff