Mirror
/
acmed
mirror of https://github.com/breard-r/acmed.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
467 Commits
12 Branches
27 Tags
2.1 MiB
Tree: 1afc6dc27e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1afc6dc27e'
${ noResults }
acmed/tacd/src/main.rs

221 lines
7.2 KiB
Raw Normal View History

Add the `openssl_vendored` feature rel #4
4 years ago
Add a dummy tacd standalone server Even if the tacd server might be one of the last thing implemented using ring, it should not block the compilation.
5 years ago
Add the `openssl_vendored` feature rel #4
4 years ago
Remove the standalone feature As discussed in #2, ring is not mature enough to replace OpenSSL. Hence, the standalone mode which has been made to implement such a replacement has to be removed until ring becomes usable.
5 years ago
Improve the binary's long version
4 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Improve the CLI Some default values were missing. Some descriptions has been rephrased.
4 years ago
Remove the PID file after exit Fix #25
4 years ago
Upgrade to clap 4.0
2 years ago
Fix the flags
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Move the account and certificate default directories Those directories were located in /etc/acmed/, which is not the best choice. According to the Filesystem Hierarchy Standard, they should be located in /var/lib/acmed/. Because systems may have different conventions, those values are now configuration at build time. https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
3 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Add partial EdDSA support Currently, OpenSSL does not have the required `EVP_PKEY_get1_ED(25519|448)` functions, hence EdDSA has been partially implemented and disabled. Once OpenSSL 3.0.0 is out and the `openssl` crates implements the bindings to those functions, full EdDSA implementation could be done and activated. Conditional compilation has been implemented using `rustc-cfg` instructions rather than features so it can be activated from the build script depending on whether or not the cryptographic library supports Ed25519 and Ed448. https://github.com/openssl/openssl/commit/7c664b1f1b5f60bf896f5fdea5c08c401c541dfe
4 years ago
Add the `--crt-digest` option in tacd
4 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 4.0
2 years ago
Indent with tabs instead of spaces https://adamtuttle.codes/blog/2021/tabs-vs-spaces-its-an-accessibility-issue/
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Indent with tabs instead of spaces https://adamtuttle.codes/blog/2021/tabs-vs-spaces-its-an-accessibility-issue/
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Indent with tabs instead of spaces https://adamtuttle.codes/blog/2021/tabs-vs-spaces-its-an-accessibility-issue/
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Indent with tabs instead of spaces https://adamtuttle.codes/blog/2021/tabs-vs-spaces-its-an-accessibility-issue/
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Remove useless references
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Improve the CLI Some default values were missing. Some descriptions has been rephrased.
4 years ago
Upgrade to clap 4.0
2 years ago
Improve the CLI Some default values were missing. Some descriptions has been rephrased.
4 years ago
Remove unnecessary references
3 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 4.0
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Add missing commas
4 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 4.0
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Add missing commas
4 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 4.0
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Add missing commas
4 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 4.0
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Add missing commas
4 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Add the `--crt-signature-alg` option in tacd
4 years ago
Upgrade to clap 3
2 years ago
Add the `--crt-signature-alg` option in tacd
4 years ago
Upgrade to clap 4.0
2 years ago
Add the `--crt-signature-alg` option in tacd
4 years ago
Upgrade to clap 4.0
2 years ago
Remove useless references
1 year ago
Add the `--crt-signature-alg` option in tacd
4 years ago
Add the `--crt-digest` option in tacd
4 years ago
Upgrade to clap 3
2 years ago
Add the `--crt-digest` option in tacd
4 years ago
Upgrade to clap 4.0
2 years ago
Add the `--crt-digest` option in tacd
4 years ago
Upgrade to clap 4.0
2 years ago
Remove useless references
1 year ago
Add the `--crt-digest` option in tacd
4 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 4.0
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 4.0
2 years ago
Remove useless references
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Fix the flags
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Fix the flags
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Fix the "foregroung" typo I made the typo once and then copy/pasted it everywhere.
5 years ago
Upgrade to clap 3
2 years ago
Fix the flags
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Upgrade to clap 3
2 years ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Improve the CLI Some default values were missing. Some descriptions has been rephrased.
4 years ago
Upgrade to clap 4.0
2 years ago
Improve the CLI Some default values were missing. Some descriptions has been rephrased.
4 years ago
Add the `--no-pid-file` argument Fixes #60
2 years ago
Upgrade to clap 4.0
2 years ago
Add the `--no-pid-file` argument Fixes #60
2 years ago
Fix the flags
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Indent with tabs instead of spaces https://adamtuttle.codes/blog/2021/tabs-vs-spaces-its-an-accessibility-issue/
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
Indent with tabs instead of spaces https://adamtuttle.codes/blog/2021/tabs-vs-spaces-its-an-accessibility-issue/
1 year ago
Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.
5 years ago
  1. #[cfg(feature = "crypto_openssl")]
  2. mod openssl_server;
  4. #[cfg(feature = "crypto_openssl")]
  5. use crate::openssl_server::start as server_start;
  6. use acme_common::crypto::{get_lib_name, get_lib_version, HashFunction, KeyType, X509Certificate};
  7. use acme_common::error::Error;
  8. use acme_common::logs::{set_log_system, DEFAULT_LOG_LEVEL};
  9. use acme_common::{clean_pid_file, to_idna};
  10. use clap::builder::PossibleValuesParser;
  11. use clap::{Arg, ArgAction, ArgMatches, Command};
  12. use log::{debug, error, info};
  13. use std::fs::File;
  14. use std::io::{self, Read};
  16. const APP_NAME: &str = env!("CARGO_PKG_NAME");
  17. const APP_VERSION: &str = env!("CARGO_PKG_VERSION");
  18. const DEFAULT_PID_FILE: &str = env!("TACD_DEFAULT_PID_FILE");
  19. const DEFAULT_LISTEN_ADDR: &str = "127.0.0.1:5001";
  20. const DEFAULT_CRT_KEY_TYPE: KeyType = KeyType::EcdsaP256;
  21. const DEFAULT_CRT_DIGEST: HashFunction = HashFunction::Sha256;
  22. const ALPN_ACME_PROTO_NAME: &[u8] = b"\x0aacme-tls/1";
  24. fn read_line(path: Option<&String>) -> Result<String, Error> {
  25. let mut input = String::new();
  26. match path {
  27. Some(p) => File::open(p)?.read_to_string(&mut input)?,
  28. None => io::stdin().read_line(&mut input)?,
  29. };
  30. let line = input.trim().to_string();
  31. Ok(line)
  32. }
  34. fn get_acme_value(cnf: &ArgMatches, opt: &str, opt_file: &str) -> Result<String, Error> {
  35. match cnf.get_one::<String>(opt) {
  36. Some(v) => Ok(v.to_string()),
  37. None => {
  38. debug!(
  39. "reading {} from {}",
  40. opt,
  41. cnf.get_one::<String>(opt_file)
  42. .map(|e| e.as_str())
  43. .unwrap_or("stdin")
  44. );
  45. read_line(cnf.get_one::<String>(opt_file))
  46. }
  47. }
  48. }
  50. fn init(cnf: &ArgMatches) -> Result<(), Error> {
  51. acme_common::init_server(
  52. cnf.get_flag("foreground"),
  53. cnf.get_one::<String>("pid-file").map(|e| e.as_str()),
  54. );
  55. let domain = get_acme_value(cnf, "domain", "domain-file")?;
  56. let domain = to_idna(&domain)?;
  57. let ext = get_acme_value(cnf, "acme-ext", "acme-ext-file")?;
  58. let listen_addr = cnf
  59. .get_one::<String>("listen")
  60. .map(|e| e.as_str())
  61. .unwrap_or(DEFAULT_LISTEN_ADDR);
  62. let crt_signature_alg = match cnf.get_one::<&str>("crt-signature-alg") {
  63. Some(alg) => alg.parse()?,
  64. None => DEFAULT_CRT_KEY_TYPE,
  65. };
  66. let crt_digest = match cnf.get_one::<&str>("crt-digest") {
  67. Some(alg) => alg.parse()?,
  68. None => DEFAULT_CRT_DIGEST,
  69. };
  70. let (pk, cert) = X509Certificate::from_acme_ext(&domain, &ext, crt_signature_alg, crt_digest)?;
  71. info!("starting {} on {} for {}", APP_NAME, listen_addr, domain);
  72. server_start(listen_addr, &cert, &pk)?;
  73. Ok(())
  74. }
  76. fn main() {
  77. let full_version = format!(
  78. "{} built for {}\n\nCryptographic library:\n - {} {}",
  79. APP_VERSION,
  80. env!("TACD_TARGET"),
  81. get_lib_name(),
  82. get_lib_version(),
  83. );
  84. let default_crt_key_type = DEFAULT_CRT_KEY_TYPE.to_string();
  85. let default_crt_digest = DEFAULT_CRT_DIGEST.to_string();
  86. let default_log_level = DEFAULT_LOG_LEVEL.to_string().to_lowercase();
  87. let matches = Command::new(APP_NAME)
  88. .version(APP_VERSION)
  89. .long_version(full_version)
  90. .arg(
  91. Arg::new("listen")
  92. .long("listen")
  93. .short('l')
  94. .help("Host and port to listen on")
  95. .num_args(1)
  96. .value_name("host:port|unix:path")
  97. .default_value(DEFAULT_LISTEN_ADDR),
  98. )
  99. .arg(
  100. Arg::new("domain")
  101. .long("domain")
  102. .short('d')
  103. .help("The domain that is being validated")
  104. .num_args(1)
  105. .value_name("STRING")
  106. .conflicts_with("domain-file"),
  107. )
  108. .arg(
  109. Arg::new("domain-file")
  110. .long("domain-file")
  111. .help("File from which is read the domain that is being validated")
  112. .num_args(1)
  113. .value_name("FILE")
  114. .conflicts_with("domain"),
  115. )
  116. .arg(
  117. Arg::new("acme-ext")
  118. .long("acme-ext")
  119. .short('e')
  120. .help("The acmeIdentifier extension to set in the self-signed certificate")
  121. .num_args(1)
  122. .value_name("STRING")
  123. .conflicts_with("acme-ext-file"),
  124. )
  125. .arg(
  126. Arg::new("acme-ext-file")
  127. .long("acme-ext-file")
  128. .help("File from which is read the acmeIdentifier extension to set in the self-signed certificate")
  129. .num_args(1)
  130. .value_name("FILE")
  131. .conflicts_with("acme-ext"),
  132. )
  133. .arg(
  134. Arg::new("crt-signature-alg")
  135. .long("crt-signature-alg")
  136. .help("The certificate's signature algorithm")
  137. .num_args(1)
  138. .value_name("STRING")
  139. .value_parser(PossibleValuesParser::new(KeyType::list_possible_values()))
  140. .default_value(default_crt_key_type),
  141. )
  142. .arg(
  143. Arg::new("crt-digest")
  144. .long("crt-digest")
  145. .help("The certificate's digest algorithm")
  146. .num_args(1)
  147. .value_name("STRING")
  148. .value_parser(PossibleValuesParser::new(HashFunction::list_possible_values()))
  149. .default_value(default_crt_digest),
  150. )
  151. .arg(
  152. Arg::new("log-level")
  153. .long("log-level")
  154. .help("Specify the log level")
  155. .num_args(1)
  156. .value_name("LEVEL")
  157. .value_parser(["error", "warn", "info", "debug", "trace"])
  158. .default_value(default_log_level),
  159. )
  160. .arg(
  161. Arg::new("to-syslog")
  162. .long("log-syslog")
  163. .help("Sends log messages via syslog")
  164. .conflicts_with("to-stderr")
  165. .action(ArgAction::SetTrue),
  166. )
  167. .arg(
  168. Arg::new("to-stderr")
  169. .long("log-stderr")
  170. .help("Prints log messages to the standard error output")
  171. .conflicts_with("to-syslog")
  172. .action(ArgAction::SetTrue),
  173. )
  174. .arg(
  175. Arg::new("foreground")
  176. .long("foreground")
  177. .short('f')
  178. .help("Runs in the foreground")
  179. .action(ArgAction::SetTrue),
  180. )
  181. .arg(
  182. Arg::new("pid-file")
  183. .long("pid-file")
  184. .help("Path to the PID file")
  185. .num_args(1)
  186. .value_name("FILE")
  187. .default_value(DEFAULT_PID_FILE)
  188. .default_value_if("no-pid-file", clap::builder::ArgPredicate::IsPresent, None)
  189. .conflicts_with("no-pid-file"),
  190. )
  191. .arg(
  192. Arg::new("no-pid-file")
  193. .long("no-pid-file")
  194. .help("Do not create any PID file")
  195. .conflicts_with("pid-file")
  196. .action(ArgAction::SetTrue),
  197. )
  198. .get_matches();
  200. match set_log_system(
  201. matches.get_one::<String>("log-level").map(|e| e.as_str()),
  202. matches.get_flag("to-syslog"),
  203. matches.get_flag("to-stderr"),
  204. ) {
  205. Ok(_) => {}
  206. Err(e) => {
  207. eprintln!("Error: {}", e);
  208. std::process::exit(2);
  209. }
  210. };
  212. match init(&matches) {
  213. Ok(_) => {}
  214. Err(e) => {
  215. error!("{}", e);
  216. let pid_file = matches.get_one::<String>("pid-file").map(|e| e.as_str());
  217. let _ = clean_pid_file(pid_file);
  218. std::process::exit(1);
  219. }
  220. };
  221. }