From a0e3c80e51804b8c4e190dc8481f98781e8f43f5 Mon Sep 17 00:00:00 2001
From: Rodolphe Breard <rodolphe@what.tf>
Date: Tue, 7 May 2019 16:37:34 +0200
Subject: [PATCH] Add the is_clean_hook variable to challenge hooks

---
 CHANGELOG.md             |  1 +
 acmed/src/acme_proto.rs  |  3 ++-
 acmed/src/certificate.rs |  1 +
 acmed/src/hooks.rs       |  1 +
 man/en/acmed.toml.5      | 21 ++++++++++++++++++---
 5 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 848dc13..e57f85e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -19,6 +19,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Man pages.
 - The project can now be built and installed using `make`.
 - The post-operation hooks now have access to the `is_success` template variable.
+- Challenge hooks now have the `is_clean_hook` template variable.
 
 ### Changed
 - Unknown configuration fields are no longer tolerated.
diff --git a/acmed/src/acme_proto.rs b/acmed/src/acme_proto.rs
index 20274fc..44084a2 100644
--- a/acmed/src/acme_proto.rs
+++ b/acmed/src/acme_proto.rs
@@ -117,7 +117,8 @@ pub fn request_certificate(cert: &Certificate, root_certs: &[String]) -> Result<
                 let domain = auth.identifier.value.to_owned();
 
                 // 7. Call the challenge hook in order to complete it
-                let data = cert.call_challenge_hooks(&file_name, &proof, &domain)?;
+                let mut data = cert.call_challenge_hooks(&file_name, &proof, &domain)?;
+                data.0.is_clean_hook = true;
                 hook_datas.push(data);
 
                 // 8. Tell the server the challenge has been completed
diff --git a/acmed/src/certificate.rs b/acmed/src/certificate.rs
index 9637c3c..047b05d 100644
--- a/acmed/src/certificate.rs
+++ b/acmed/src/certificate.rs
@@ -143,6 +143,7 @@ impl Certificate {
             domain: domain.to_string(),
             file_name: file_name.to_string(),
             proof: proof.to_string(),
+            is_clean_hook: false,
         };
         let hook_type = match challenge {
             Challenge::Http01 => (HookType::ChallengeHttp01, HookType::ChallengeHttp01Clean),
diff --git a/acmed/src/hooks.rs b/acmed/src/hooks.rs
index de067f8..cb906e2 100644
--- a/acmed/src/hooks.rs
+++ b/acmed/src/hooks.rs
@@ -23,6 +23,7 @@ pub struct ChallengeHookData {
     pub challenge: String,
     pub file_name: String,
     pub proof: String,
+    pub is_clean_hook: bool,
 }
 
 #[derive(Serialize)]
diff --git a/man/en/acmed.toml.5 b/man/en/acmed.toml.5
index 72b0bfd..f77e2e0 100644
--- a/man/en/acmed.toml.5
+++ b/man/en/acmed.toml.5
@@ -213,13 +213,18 @@ prefix.
 .It Cm proof Ar string
 The content of the proof that must be written to
 .Em file_name .
+.It Cm is_clean_hook Ar bool
+False
 .El
 .It Ic challenge-http-01-clean
 Invoked once a domain ownership has been proven using the
 .Em http-01
 challenge. This hook is intended to remove the proof since it is no longer required. The template variables are strictly identical to those given in the corresponding
 .Em challenge-http-01
-hook.
+hook, excepted
+.Em is_clean_hook
+which is set to
+.Em true .
 .It Ic challenge-dns-01
 Invoked when the ownership of a domain must be proved using the
 .Em dns-01
@@ -237,13 +242,18 @@ The content of the proof that must be written to a
 entry of the DNS zone for the
 .Ql _acme-challenge
 subdomain.
+.It Cm is_clean_hook Ar bool
+False
 .El
 .It Ic challenge-dns-01-clean
 Invoked once a domain ownership has been proven using the
 .Em dns-01
 challenge. This hook is intended to remove the proof since it is no longer required. The template variables are strictly identical to those given in the corresponding
 .Em challenge-dns-01
-hook.
+hook, excepted
+.Em is_clean_hook
+which is set to
+.Em true .
 .It Ic challenge-tls-alpn-01
 Invoked when the ownership of a domain must be proved using the
 .Em tls-alpn-01
@@ -264,13 +274,18 @@ ALPN extension value.
 .Xr acmed 8
 will not generate the certificate itself since it can be done using
 .Xr tacd 8 .
+.It Cm is_clean_hook Ar bool
+False
 .El
 .It Ic challenge-tls-alpn-01-clean
 Invoked once a domain ownership has been proven using the
 .Em tls-alpn-01
 challenge. This hook is intended to remove the proof since it is no longer required. The template variables are strictly identical to those given in the corresponding
 .Em challenge-tls-alpn-01
-hook.
+hook, excepted
+.Em is_clean_hook
+which is set to
+.Em true .
 .It Ic file-pre-create
 Invoked
 .Em before