tempfork/acme: update to latest version (#15543)

Pull in https://github.com/tailscale/golang-x-crypto/pull/16

Updates #15542

Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
This commit is contained in:
Andrew Lytvynov
2025-04-04 16:32:12 -07:00
committed by GitHub
parent e2eb6eb870
commit 46505ca338
7 changed files with 52 additions and 13 deletions
+10
View File
@@ -7,6 +7,7 @@ package acme
import (
"context"
"crypto"
"crypto/x509"
"encoding/base64"
"encoding/json"
"encoding/pem"
@@ -205,6 +206,7 @@ func (c *Client) AuthorizeOrder(ctx context.Context, id []AuthzID, opt ...OrderO
Identifiers []wireAuthzID `json:"identifiers"`
NotBefore string `json:"notBefore,omitempty"`
NotAfter string `json:"notAfter,omitempty"`
Replaces string `json:"replaces,omitempty"`
}{}
for _, v := range id {
req.Identifiers = append(req.Identifiers, wireAuthzID{
@@ -218,6 +220,14 @@ func (c *Client) AuthorizeOrder(ctx context.Context, id []AuthzID, opt ...OrderO
req.NotBefore = time.Time(o).Format(time.RFC3339)
case orderNotAfterOpt:
req.NotAfter = time.Time(o).Format(time.RFC3339)
case orderReplacesCert:
req.Replaces = certRenewalIdentifier(o.cert)
case orderReplacesCertDER:
cert, err := x509.ParseCertificate(o)
if err != nil {
return nil, fmt.Errorf("failed to parse certificate being replaced: %w", err)
}
req.Replaces = certRenewalIdentifier(cert)
default:
// Package's fault if we let this happen.
panic(fmt.Sprintf("unsupported order option type %T", o))