kassisol · eiraelr · Jun 5, 2019 · Jul 10, 2019 · Dec 6, 2022 · Dec 6, 2022
diff --git a/Dockerfile.dapper b/Dockerfile.dapper
@@ -34,7 +34,7 @@ ENV DOCKER_URL=${DOCKER_URL_amd64} \
 	DAPPER_HOST_ARCH=${DAPPER_HOST_ARCH} \
 	GOPATH=/go \
 	GOARCH=$ARCH \
-	GO_VERSION=1.8.3
+	GO_VERSION=1.19.3
 
 ENV PATH=/go/bin:/usr/local/go/bin:$PATH
 

diff --git a/Dockerfile.dev b/Dockerfile.dev
@@ -38,7 +38,7 @@ ENV ARCH=${ARCH} \
 ENV DAPPER_HOST_ARCH=${DAPPER_HOST_ARCH} \
 	GOPATH=/go \
 	GOARCH=$ARCH \
-	GO_VERSION=1.8.3
+	GO_VERSION=1.19.3
 
 ENV PATH=$PATH:/usr/local/go/bin:/go/bin
 

diff --git a/cli/command/cert/renew.go b/cli/command/cert/renew.go
@@ -1,10 +1,16 @@
 package cert
 
 import (
-	"fmt"
 	"os"
 
-	"github.com/juliengk/go-utils"
+	log "github.com/Sirupsen/logrus"
+	"github.com/juliengk/go-utils/readinput"
+	"github.com/juliengk/go-cert/helpers"
+	"github.com/juliengk/go-cert/pkix"
+	"github.com/kassisol/tsa/client"
+	"github.com/kassisol/tsa/pkg/adf"
+	"github.com/kassisol/twic/storage"
+	"github.com/kassisol/twic/storage/driver"
 	"github.com/spf13/cobra"
 )
 
@@ -16,6 +22,11 @@ func newRenewCommand() *cobra.Command {
 		Run:   runRenew,
 	}
 
+	flags := cmd.Flags()
+
+	flags.StringVarP(&tsaToken, "token", "t", "", "Token")
+	flags.StringVarP(&tsaPassword, "password", "p", "", "Password")
+
 	return cmd
 }
 
@@ -25,7 +36,97 @@ func runRenew(cmd *cobra.Command, args []string) {
 		os.Exit(-1)
 	}
 
-	utils.Exit(fmt.Errorf("Not implemented yet"))
+	name := args[0]
+
+	cfg := adf.NewClient()
+	if err := cfg.Init(); err != nil {
+		log.Fatal(err)
+	}
+
+	cfg.SetName(name)
+
+	s, err := storage.NewDriver("sqlite", cfg.App.Dir.Root)
+	if err != nil {
+		log.Fatal(err)
+	}
+	defer s.End()
+
+	crt := s.GetCert(name)
+	if crt == (driver.CertResult{}) {
+		log.Fatal("Name, ", name, ", does not exist")
+	}
+
+	clt, err := client.New(crt.TSAURL)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	err = clt.GetDirectory()
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	oldcert, err := pkix.NewCertificateFromPEMFile(cfg.TLS.CrtFile)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	key, err := pkix.NewKey(4096)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	keyBytes, err := key.ToPEM()
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	csr, err := helpers.CreateCSR(oldcert.Crt.Subject.Country[0], oldcert.Crt.Subject.Province[0], oldcert.Crt.Subject.Locality[0], oldcert.Crt.Subject.Organization[0], oldcert.Crt.Subject.OrganizationalUnit[0], oldcert.Crt.Subject.CommonName, "", []string{}, key)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	token := tsaToken
+	if len(tsaToken) == 0 {
+		password := tsaPassword
+		if len(tsaPassword) == 0 {
+			password = readinput.ReadPassword("Password")
+		}
+		token, err = clt.GetToken(crt.CN, password, 0)
+		if err != nil {
+			log.Fatal(err)
+		}
+	}
+
+	err = clt.RevokeCertificate(token, int(oldcert.Crt.SerialNumber.Int64()))
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	newcert, err := clt.GetCertificate(token, "client", csr.Bytes, 12)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	err = os.Remove(cfg.TLS.CrtFile)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	err = os.Remove(cfg.TLS.KeyFile)
+	if err != nil && !os.IsNotExist(err) {
+		log.Fatal(err)
+	}
+
+	err = pkix.ToPEMFile(cfg.TLS.CrtFile, []byte(newcert), 0444)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	err = pkix.ToPEMFile(cfg.TLS.KeyFile, keyBytes, 0400)
+	if err != nil {
+		log.Fatal(err)
+	}
 }
 
 var renewDescription = `

diff --git a/cli/command/engine/cmd.go b/cli/command/engine/cmd.go
@@ -8,6 +8,7 @@ var (
 	certType     string
 	certCN       string
 	certAltNames string
+	duration     int
 
 	tsaURL      string
 	tsaToken    string

diff --git a/cli/command/engine/create.go b/cli/command/engine/create.go
@@ -29,6 +29,7 @@ func newCreateCommand() *cobra.Command {
 
 	flags.StringVarP(&certCN, "common-name", "n", "", "Certificate Common Name")
 	flags.StringVarP(&certAltNames, "alt-names", "a", "", "Certificate Alternative Names")
+	flags.IntVarP(&duration, "duration", "d", 12, "Certificate duration (in months)")
 
 	flags.StringVarP(&tsaURL, "tsa-url", "c", "", "TSA URL")
 	flags.StringVarP(&tsaToken, "token", "t", "", "Token")
@@ -188,7 +189,7 @@ func runCreate(cmd *cobra.Command, args []string) {
 	}
 
 	// Send CSR
-	cert, err := clt.GetCertificate(token, certtype, csr.Bytes, 12)
+	cert, err := clt.GetCertificate(token, certtype, csr.Bytes, duration)
 	if err != nil {
 		panic(err)
 	}

diff --git a/scripts/build-target b/scripts/build-target
@@ -14,7 +14,7 @@ fi
 
 CONST="-X github.com/kassisol/twic/version.Version=${VERSION} -X github.com/kassisol/twic/version.GitCommit=${COMMIT} -X github.com/kassisol/twic/version.GitState=${GITSTATE} -X github.com/kassisol/twic/version.BuildDate=$(date +%s)"
 
-LDFLAGS=${LDFLAGS:-"-linkmode external -extldflags -static -s -w"}
+LDFLAGS=${LDFLAGS:-"-linkmode external -extldflags -s -w"}
 
 cd $(dirname $0)/..
 
@@ -30,6 +30,7 @@ if [ "$CROSS" = 1 ]; then
 
 	echo Built ${OUTPUT}-Linux-x86_64
 else
+	export GO111MODULE=auto
 	go build -ldflags "${CONST} ${LDFLAGS}" -o ${OUTPUT}
 
 	strip --strip-all ${OUTPUT}

diff --git a/scripts/packages/centos6/Dockerfile b/scripts/packages/centos6/Dockerfile
diff --git a/scripts/packages/centos6/entrypoint.sh b/scripts/packages/centos6/entrypoint.sh
diff --git a/scripts/packages/centos6/prebuild.sh b/scripts/packages/centos6/prebuild.sh
diff --git a/scripts/packages/centos6/twic.spec b/scripts/packages/centos6/twic.spec
diff --git a/scripts/packages/centos7/prebuild.sh b/scripts/packages/centos7/prebuild.sh
@@ -10,6 +10,7 @@ mkdir -p build
 
 cp ${ROOTDIR}/bin/twic build/
 
+export GO111MODULE=auto
 go run ${ROOTDIR}/gen/man/genman.go
 cp -r /tmp/twic/man build/