a685e3fc98
Vndr has a simpler configuration and allows pointing to forked packages. Additionally other docker projects are now using vndr making vendoring in distribution more consistent. Updates letsencrypt to use fork. No longer uses sub-vendored packages. Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
62 lines
1.5 KiB
Go
62 lines
1.5 KiB
Go
package acme
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"fmt"
|
|
"net"
|
|
"net/http"
|
|
)
|
|
|
|
// TLSProviderServer implements ChallengeProvider for `TLS-SNI-01` challenge
|
|
// It may be instantiated without using the NewTLSProviderServer function if
|
|
// you want only to use the default values.
|
|
type TLSProviderServer struct {
|
|
iface string
|
|
port string
|
|
done chan bool
|
|
listener net.Listener
|
|
}
|
|
|
|
// NewTLSProviderServer creates a new TLSProviderServer on the selected interface and port.
|
|
// Setting iface and / or port to an empty string will make the server fall back to
|
|
// the "any" interface and port 443 respectively.
|
|
func NewTLSProviderServer(iface, port string) *TLSProviderServer {
|
|
return &TLSProviderServer{iface: iface, port: port}
|
|
}
|
|
|
|
// Present makes the keyAuth available as a cert
|
|
func (s *TLSProviderServer) Present(domain, token, keyAuth string) error {
|
|
if s.port == "" {
|
|
s.port = "443"
|
|
}
|
|
|
|
cert, _, err := TLSSNI01ChallengeCert(keyAuth)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
tlsConf := new(tls.Config)
|
|
tlsConf.Certificates = []tls.Certificate{cert}
|
|
|
|
s.listener, err = tls.Listen("tcp", net.JoinHostPort(s.iface, s.port), tlsConf)
|
|
if err != nil {
|
|
return fmt.Errorf("Could not start HTTPS server for challenge -> %v", err)
|
|
}
|
|
|
|
s.done = make(chan bool)
|
|
go func() {
|
|
http.Serve(s.listener, nil)
|
|
s.done <- true
|
|
}()
|
|
return nil
|
|
}
|
|
|
|
// CleanUp closes the HTTP server.
|
|
func (s *TLSProviderServer) CleanUp(domain, token, keyAuth string) error {
|
|
if s.listener == nil {
|
|
return nil
|
|
}
|
|
s.listener.Close()
|
|
<-s.done
|
|
return nil
|
|
}
|