TrueCloudLab/certificates
17
0
Fork 2
Code Issues 1 Pull requests 1 Releases Activity Actions

Make logic for which challenge types to use clearer

Browse source
This commit is contained in:
Herman Slatman 2021-05-29 00:37:22 +02:00
parent 3e36522329
commit 6486e6016b
No known key found for this signature in database
GPG key ID: F4D8A44EA0A75A4F
1 changed files with 12 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
acme/api/order.go
View file

@ -273,17 +273,20 @@ func (h *Handler) FinalizeOrder(w http.ResponseWriter, r *http.Request) {
// challengeTypes determines the types of challenges that should be used // challengeTypes determines the types of challenges that should be used
// for the ACME authorization request. // for the ACME authorization request.
func challengeTypes(az *acme.Authorization) []string { func challengeTypes(az *acme.Authorization) []string {
chTypes := []string{} var chTypes []string
// DNS challenge can only be used for identifiers with type dns
if az.Identifier.Type == "dns" {
chTypes = append(chTypes, "dns-01") // TODO: make these types consts/enum?
}
switch az.Identifier.Type {
case "ip": // TODO: make these types consts/enum?
chTypes = []string{"http-01", "tls-alpn-01"}
case "dns":
chTypes = []string{"dns-01"}
// HTTP and TLS challenges can only be used for identifiers without wildcards. // HTTP and TLS challenges can only be used for identifiers without wildcards.
if !az.Wildcard { if !az.Wildcard {
chTypes = append(chTypes, []string{"http-01", "tls-alpn-01"}...) chTypes = append(chTypes, []string{"http-01", "tls-alpn-01"}...)
} }
default:
chTypes = []string{}
}
return chTypes return chTypes
} }