TrueCloudLab/lego
14
0
Fork 4
Code Issues 1 Pull requests 2 Projects Releases Packages Wiki Activity

Extract validateFunc from httpChallenge and tlsSNIChallenge

Browse source
This commit is contained in:
xenolf 2015-12-27 19:08:17 +01:00
parent 6b750198f2
commit 466af28672
3 changed files with 11 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
acme/client.go
View file

@ -44,6 +44,8 @@ type solver interface {
Solve(challenge challenge, domain string) error Solve(challenge challenge, domain string) error
} }
type validateFunc func(j *jws, domain, uri string, chlng challenge) error
// Client is the user-friendy way to ACME // Client is the user-friendy way to ACME
type Client struct { type Client struct {
directory directory directory directory
@ -97,8 +99,8 @@ func NewClient(caDirURL string, user User, keyBits int) (*Client, error) {
// Add all available solvers with the right index as per ACME // Add all available solvers with the right index as per ACME
// spec to this map. Otherwise they won`t be found. // spec to this map. Otherwise they won`t be found.
solvers := make(map[string]solver) solvers := make(map[string]solver)
solvers["http-01"] = &httpChallenge{jws: jws} solvers["http-01"] = &httpChallenge{jws: jws, validate: validate}
solvers["tls-sni-01"] = &tlsSNIChallenge{jws: jws} solvers["tls-sni-01"] = &tlsSNIChallenge{jws: jws, validate: validate}
return &Client{directory: dir, user: user, jws: jws, keyBits: keyBits, solvers: solvers}, nil return &Client{directory: dir, user: user, jws: jws, keyBits: keyBits, solvers: solvers}, nil
} }
@ -548,7 +550,7 @@ func parseLinks(links []string) map[string]string {
// validate makes the ACME server start validating a // validate makes the ACME server start validating a
// challenge response, only returning once it is done. // challenge response, only returning once it is done.
func validate(j *jws, uri string, chlng challenge) error { func validate(j *jws, domain, uri string, chlng challenge) error {
var challengeResponse challenge var challengeResponse challenge
hdr, err := postJSON(j, uri, chlng, &challengeResponse) hdr, err := postJSON(j, uri, chlng, &challengeResponse)
@ -561,12 +563,12 @@ func validate(j *jws, uri string, chlng challenge) error {
for { for {
switch challengeResponse.Status { switch challengeResponse.Status {
case "valid": case "valid":
logf("The server validated our request") logf("[INFO][%s] The server validated our request", domain)
return nil return nil
case "pending": case "pending":
break break
case "invalid": case "invalid":
return errors.New("The server could not validate our request.") return handleChallengeError(challengeResponse)
default: default:
return errors.New("The server returned an unexpected state.") return errors.New("The server returned an unexpected state.")
} }

4
acme/http_challenge.go
View file

@ -9,7 +9,7 @@ import (
type httpChallenge struct { type httpChallenge struct {
jws *jws jws *jws
validate func(j *jws, uri string, chlng challenge) error validate validateFunc
optPort string optPort string
} }
@ -57,5 +57,5 @@ func (s *httpChallenge) Solve(chlng challenge, domain string) error {
go http.Serve(listener, mux) go http.Serve(listener, mux)
return s.validate(s.jws, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth}) return s.validate(s.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
} }

4
acme/tls_sni_challenge.go
View file

@ -11,7 +11,7 @@ import (
type tlsSNIChallenge struct { type tlsSNIChallenge struct {
jws *jws jws *jws
validate func(j *jws, uri string, chlng challenge) error validate validateFunc
optPort string optPort string
} }
@ -49,7 +49,7 @@ func (t *tlsSNIChallenge) Solve(chlng challenge, domain string) error {
go http.Serve(listener, nil) go http.Serve(listener, nil)
return t.validate(t.jws, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth}) return t.validate(t.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
} }
func (t *tlsSNIChallenge) generateCertificate(keyAuth string) (tls.Certificate, error) { func (t *tlsSNIChallenge) generateCertificate(keyAuth string) (tls.Certificate, error) {