42941ccea6
- Packages - Isolate code used by the CLI into the package `cmd` - (experimental) Add e2e tests for HTTP01, TLS-ALPN-01 and DNS-01, use [Pebble](https://github.com/letsencrypt/pebble) and [challtestsrv](https://github.com/letsencrypt/boulder/tree/master/test/challtestsrv) - Support non-ascii domain name (punnycode) - Check all challenges in a predictable order - No more global exported variables - Archive revoked certificates - Fixes revocation for subdomains and non-ascii domains - Disable pending authorizations - use pointer for RemoteError/ProblemDetails - Poll authz URL instead of challenge URL - The ability for a DNS provider to solve the challenge sequentially - Check all nameservers in a predictable order - Option to disable the complete propagation Requirement - CLI, support for renew with CSR - CLI, add SAN on renew - Add command to list certificates. - Logs every iteration of waiting for the propagation - update DNSimple client - update github.com/miekg/dns
44 lines
1.2 KiB
Go
44 lines
1.2 KiB
Go
package challenge
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/xenolf/lego/acme"
|
|
)
|
|
|
|
// Type is a string that identifies a particular challenge type and version of ACME challenge.
|
|
type Type string
|
|
|
|
const (
|
|
// HTTP01 is the "http-01" ACME challenge https://tools.ietf.org/html/draft-ietf-acme-acme-16#section-8.3
|
|
// Note: ChallengePath returns the URL path to fulfill this challenge
|
|
HTTP01 = Type("http-01")
|
|
|
|
// DNS01 is the "dns-01" ACME challenge https://tools.ietf.org/html/draft-ietf-acme-acme-16#section-8.4
|
|
// Note: GetRecord returns a DNS record which will fulfill this challenge
|
|
DNS01 = Type("dns-01")
|
|
|
|
// TLSALPN01 is the "tls-alpn-01" ACME challenge https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-05
|
|
TLSALPN01 = Type("tls-alpn-01")
|
|
)
|
|
|
|
func (t Type) String() string {
|
|
return string(t)
|
|
}
|
|
|
|
func FindChallenge(chlgType Type, authz acme.Authorization) (acme.Challenge, error) {
|
|
for _, chlg := range authz.Challenges {
|
|
if chlg.Type == string(chlgType) {
|
|
return chlg, nil
|
|
}
|
|
}
|
|
|
|
return acme.Challenge{}, fmt.Errorf("[%s] acme: unable to find challenge %s", GetTargetedDomain(authz), chlgType)
|
|
}
|
|
|
|
func GetTargetedDomain(authz acme.Authorization) string {
|
|
if authz.Wildcard {
|
|
return "*." + authz.Identifier.Value
|
|
}
|
|
return authz.Identifier.Value
|
|
}
|