From 258b5328e49e990e4b40ba51424b1c13a3483d76 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Thu, 19 Dec 2024 11:23:49 -0700 Subject: [PATCH] Upgrade acmez to v3; other dependencies as well --- README.md | 4 ++-- account.go | 2 +- acmeclient.go | 8 +++++--- acmeissuer.go | 6 +++--- certificates.go | 2 +- config.go | 4 ++-- config_test.go | 2 +- go.mod | 7 ++++--- go.sum | 15 ++++++++------- handshake.go | 2 +- httphandlers.go | 2 +- maintain.go | 2 +- solvers.go | 4 ++-- solvers_test.go | 2 +- zerosslissuer.go | 4 ++-- 15 files changed, 35 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index b3bb8db3..4ab1bf5c 100644 --- a/README.md +++ b/README.md @@ -90,7 +90,7 @@ CertMagic - Automatic HTTPS using Let's Encrypt - Exponential backoff with carefully-tuned intervals - Retries with optional test/staging CA endpoint instead of production, to avoid rate limits - Written in Go, a language with memory-safety guarantees -- Powered by [ACMEz](https://github.com/mholt/acmez/v2), _the_ premier ACME client library for Go +- Powered by [ACMEz](https://github.com/mholt/acmez/v3), _the_ premier ACME client library for Go - All [libdns](https://github.com/libdns) DNS providers work out-of-the-box - Pluggable storage backends (default: file system) - Pluggable key sources @@ -567,7 +567,7 @@ We welcome your contributions! Please see our **[contributing guidelines](https: ## Project History -CertMagic is the core of Caddy's advanced TLS automation code, extracted into a library. The underlying ACME client implementation is [ACMEz](https://github.com/mholt/acmez/v2). CertMagic's code was originally a central part of Caddy even before Let's Encrypt entered public beta in 2015. +CertMagic is the core of Caddy's advanced TLS automation code, extracted into a library. The underlying ACME client implementation is [ACMEz](https://github.com/mholt/acmez/v3). CertMagic's code was originally a central part of Caddy even before Let's Encrypt entered public beta in 2015. In the years since then, Caddy's TLS automation techniques have been widely adopted, tried and tested in production, and served millions of sites and secured trillions of connections. diff --git a/account.go b/account.go index 0c43ad63..7b8efa05 100644 --- a/account.go +++ b/account.go @@ -32,7 +32,7 @@ import ( "strings" "sync" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3/acme" "go.uber.org/zap" ) diff --git a/acmeclient.go b/acmeclient.go index c6e1f6ed..40af1337 100644 --- a/acmeclient.go +++ b/acmeclient.go @@ -18,6 +18,7 @@ import ( "context" "crypto/x509" "fmt" + "log/slog" "net" "net/http" "net/url" @@ -26,9 +27,10 @@ import ( "sync" "time" - "github.com/mholt/acmez/v2" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3" + "github.com/mholt/acmez/v3/acme" "go.uber.org/zap" + "go.uber.org/zap/exp/zapslog" ) // acmeClient holds state necessary to perform ACME operations @@ -276,7 +278,7 @@ func (iss *ACMEIssuer) newBasicACMEClient() (*acmez.Client, error) { Directory: caURL, UserAgent: buildUAString(), HTTPClient: iss.httpClient, - Logger: iss.Logger.Named("acme_client"), + Logger: slog.New(zapslog.NewHandler(iss.Logger.Named("acme_client").Core(), nil)), }, }, nil } diff --git a/acmeissuer.go b/acmeissuer.go index e010f087..2a5864ce 100644 --- a/acmeissuer.go +++ b/acmeissuer.go @@ -28,8 +28,8 @@ import ( "sync" "time" - "github.com/mholt/acmez/v2" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3" + "github.com/mholt/acmez/v3/acme" "go.uber.org/zap" ) @@ -482,7 +482,7 @@ func (am *ACMEIssuer) doIssue(ctx context.Context, csr *x509.CertificateRequest, zap.String("account_id", client.account.Location), zap.Strings("account_contact", client.account.Contact), zap.String("key_location", am.storageKeyUserPrivateKey(client.acmeClient.Directory, am.getEmail())), - zap.Object("problem", prob)) + zap.Any("problem", prob)) // the account we have no longer exists on the CA, so we need to create a new one; // we could use the same key pair, but this is a good opportunity to rotate keys diff --git a/certificates.go b/certificates.go index 9ac0185c..eb13f38f 100644 --- a/certificates.go +++ b/certificates.go @@ -26,7 +26,7 @@ import ( "strings" "time" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3/acme" "go.uber.org/zap" "golang.org/x/crypto/ocsp" ) diff --git a/config.go b/config.go index da128192..2d1f07d2 100644 --- a/config.go +++ b/config.go @@ -35,8 +35,8 @@ import ( "strings" "time" - "github.com/mholt/acmez/v2" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3" + "github.com/mholt/acmez/v3/acme" "go.uber.org/zap" "golang.org/x/crypto/ocsp" "golang.org/x/net/idna" diff --git a/config_test.go b/config_test.go index e1e848e4..8084d7d9 100644 --- a/config_test.go +++ b/config_test.go @@ -22,7 +22,7 @@ import ( "reflect" "testing" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3/acme" ) func TestSaveCertResource(t *testing.T) { diff --git a/go.mod b/go.mod index af1d5aae..bb788069 100644 --- a/go.mod +++ b/go.mod @@ -6,14 +6,15 @@ toolchain go1.22.2 require ( github.com/caddyserver/zerossl v0.1.3 - github.com/klauspost/cpuid/v2 v2.2.8 + github.com/klauspost/cpuid/v2 v2.2.9 github.com/libdns/libdns v0.2.2 - github.com/mholt/acmez/v2 v2.0.3 + github.com/mholt/acmez/v3 v3.0.0 github.com/miekg/dns v1.1.62 github.com/zeebo/blake3 v0.2.4 go.uber.org/zap v1.27.0 + go.uber.org/zap/exp v0.3.0 golang.org/x/crypto v0.31.0 - golang.org/x/net v0.29.0 + golang.org/x/net v0.33.0 ) require ( diff --git a/go.sum b/go.sum index fbc5b797..d17b34f0 100644 --- a/go.sum +++ b/go.sum @@ -2,12 +2,12 @@ github.com/caddyserver/zerossl v0.1.3 h1:onS+pxp3M8HnHpN5MMbOMyNjmTheJyWRaZYwn+Y github.com/caddyserver/zerossl v0.1.3/go.mod h1:CxA0acn7oEGO6//4rtrRjYgEoa4MFw/XofZnrYwGqG4= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/klauspost/cpuid/v2 v2.2.8 h1:+StwCXwm9PdpiEkPyzBXIy+M9KUb4ODm0Zarf1kS5BM= -github.com/klauspost/cpuid/v2 v2.2.8/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= +github.com/klauspost/cpuid/v2 v2.2.9 h1:66ze0taIn2H33fBvCkXuv9BmCwDfafmiIVpKV9kKGuY= +github.com/klauspost/cpuid/v2 v2.2.9/go.mod h1:rqkxqrZ1EhYM9G+hXH7YdowN5R5RGN6NK4QwQ3WMXF8= github.com/libdns/libdns v0.2.2 h1:O6ws7bAfRPaBsgAYt8MDe2HcNBGC29hkZ9MX2eUSX3s= github.com/libdns/libdns v0.2.2/go.mod h1:4Bj9+5CQiNMVGf87wjX4CY3HQJypUHRuLvlsfsZqLWQ= -github.com/mholt/acmez/v2 v2.0.3 h1:CgDBlEwg3QBp6s45tPQmFIBrkRIkBT4rW4orMM6p4sw= -github.com/mholt/acmez/v2 v2.0.3/go.mod h1:pQ1ysaDeGrIMvJ9dfJMk5kJNkn7L2sb3UhyrX6Q91cw= +github.com/mholt/acmez/v3 v3.0.0 h1:r1NcjuWR0VaKP2BTjDK9LRFBw/WvURx3jlaEUl9Ht8E= +github.com/mholt/acmez/v3 v3.0.0/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ= github.com/miekg/dns v1.1.62 h1:cN8OuEF1/x5Rq6Np+h1epln8OiyPWV+lROx9LxcGgIQ= github.com/miekg/dns v1.1.62/go.mod h1:mvDlcItzm+br7MToIKqkglaGhlFMHJ9DTNNWONWXbNQ= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -26,15 +26,16 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= +go.uber.org/zap/exp v0.3.0 h1:6JYzdifzYkGmTdRR59oYH+Ng7k49H9qVpWwNSsGJj3U= +go.uber.org/zap/exp v0.3.0/go.mod h1:5I384qq7XGxYyByIhHm6jg5CHkGY0nsTfbDLgDDlgJQ= golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0= golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= -golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= diff --git a/handshake.go b/handshake.go index 201c6c5a..02298c8f 100644 --- a/handshake.go +++ b/handshake.go @@ -25,7 +25,7 @@ import ( "sync" "time" - "github.com/mholt/acmez/v2" + "github.com/mholt/acmez/v3" "go.uber.org/zap" "golang.org/x/crypto/ocsp" ) diff --git a/httphandlers.go b/httphandlers.go index 70dcff02..ffbda834 100644 --- a/httphandlers.go +++ b/httphandlers.go @@ -19,7 +19,7 @@ import ( "net/url" "strings" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3/acme" "go.uber.org/zap" ) diff --git a/maintain.go b/maintain.go index dea2cfdf..9b09da04 100644 --- a/maintain.go +++ b/maintain.go @@ -27,7 +27,7 @@ import ( "strings" "time" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3/acme" "go.uber.org/zap" "golang.org/x/crypto/ocsp" ) diff --git a/solvers.go b/solvers.go index caa11b0b..c2e9e700 100644 --- a/solvers.go +++ b/solvers.go @@ -30,8 +30,8 @@ import ( "time" "github.com/libdns/libdns" - "github.com/mholt/acmez/v2" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3" + "github.com/mholt/acmez/v3/acme" "github.com/miekg/dns" "go.uber.org/zap" ) diff --git a/solvers_test.go b/solvers_test.go index 15308fa7..d30ce66d 100644 --- a/solvers_test.go +++ b/solvers_test.go @@ -17,7 +17,7 @@ package certmagic import ( "testing" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3/acme" ) func Test_challengeKey(t *testing.T) { diff --git a/zerosslissuer.go b/zerosslissuer.go index 754fa283..70618cb2 100644 --- a/zerosslissuer.go +++ b/zerosslissuer.go @@ -26,8 +26,8 @@ import ( "time" "github.com/caddyserver/zerossl" - "github.com/mholt/acmez/v2" - "github.com/mholt/acmez/v2/acme" + "github.com/mholt/acmez/v3" + "github.com/mholt/acmez/v3/acme" "go.uber.org/zap" )