Don't try appending /directory to caURL (spec doesn't require it)
Also improved some comments/docs and fixed a test
This commit is contained in:
parent
f2389fda58
commit
974f2fa929
2 changed files with 16 additions and 18 deletions
|
@ -52,13 +52,14 @@ type Client struct {
|
|||
solvers map[string]solver
|
||||
}
|
||||
|
||||
// NewClient creates a new client for the set user.
|
||||
// caURL - The root url to the boulder instance you want certificates from
|
||||
// usr - A filled in user struct
|
||||
// keyBits - Size of the key in bits
|
||||
// optPort - The alternative port to listen on for challenges.
|
||||
func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, error) {
|
||||
privKey := usr.GetPrivateKey()
|
||||
// NewClient creates a new ACME client on behalf of user. The client will depend on
|
||||
// the ACME directory located at caDirURL for the rest of its actions. It will
|
||||
// generate private keys for certificates of size keyBits. And, if the challenge
|
||||
// type requires it, the client will open a port at optPort to solve the challenge.
|
||||
// If optPort is blank, the port required by the spec will be used, but you must
|
||||
// forward the required port to optPort for the challenge to succeed.
|
||||
func NewClient(caDirURL string, user User, keyBits int, optPort string) (*Client, error) {
|
||||
privKey := user.GetPrivateKey()
|
||||
if privKey == nil {
|
||||
return nil, errors.New("private key was nil")
|
||||
}
|
||||
|
@ -67,12 +68,9 @@ func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, er
|
|||
return nil, fmt.Errorf("invalid private key: %v", err)
|
||||
}
|
||||
|
||||
if !strings.HasSuffix(caURL, "/directory") {
|
||||
caURL = caURL + "/directory"
|
||||
}
|
||||
dirResp, err := http.Get(caURL)
|
||||
dirResp, err := http.Get(caDirURL)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("get directory at '%s': %v", caURL, err)
|
||||
return nil, fmt.Errorf("get directory at '%s': %v", caDirURL, err)
|
||||
}
|
||||
defer dirResp.Body.Close()
|
||||
|
||||
|
@ -95,7 +93,7 @@ func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, er
|
|||
return nil, errors.New("directory missing revoke certificate URL")
|
||||
}
|
||||
|
||||
jws := &jws{privKey: privKey, directoryURL: caURL}
|
||||
jws := &jws{privKey: privKey, directoryURL: caDirURL}
|
||||
|
||||
// REVIEW: best possibility?
|
||||
// Add all available solvers with the right index as per ACME
|
||||
|
@ -103,7 +101,7 @@ func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, er
|
|||
solvers := make(map[string]solver)
|
||||
solvers["http-01"] = &httpChallenge{jws: jws, optPort: optPort}
|
||||
|
||||
return &Client{directory: dir, user: usr, jws: jws, keyBits: keyBits, solvers: solvers}, nil
|
||||
return &Client{directory: dir, user: user, jws: jws, keyBits: keyBits, solvers: solvers}, nil
|
||||
}
|
||||
|
||||
// Register the current account to the ACME server.
|
||||
|
|
|
@ -43,19 +43,19 @@ func TestNewClient(t *testing.T) {
|
|||
t.Errorf("Expected keyBits to be %d but was %d", keyBits, client.keyBits)
|
||||
}
|
||||
|
||||
if expected, actual := 2, len(client.solvers); actual != expected {
|
||||
if expected, actual := 1, len(client.solvers); actual != expected {
|
||||
t.Fatalf("Expected %d solver(s), got %d", expected, actual)
|
||||
}
|
||||
|
||||
httpSolver, ok := client.solvers["http-01"].(*httpChallenge)
|
||||
if !ok {
|
||||
t.Fatal("Expected simpleHttps solver to be simpleHTTPChallenge type")
|
||||
t.Fatal("Expected http-01 solver to be httpChallenge type")
|
||||
}
|
||||
if httpSolver.jws != client.jws {
|
||||
t.Error("Expected simpleHTTPChallenge to have same jws as client")
|
||||
t.Error("Expected http-01 to have same jws as client")
|
||||
}
|
||||
if httpSolver.optPort != optPort {
|
||||
t.Errorf("Expected simpleHTTPChallenge to have optPort %s but was %s", optPort, httpSolver.optPort)
|
||||
t.Errorf("Expected http-01 to have optPort %s but was %s", optPort, httpSolver.optPort)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue