lego/acme/http_challenge.go

62 lines
1.6 KiB
Go
Raw Normal View History

2015-11-12 01:08:52 +00:00
package acme
import (
"fmt"
"net"
"net/http"
"strings"
)
type httpChallenge struct {
jws *jws
validate validateFunc
optPort string
2015-11-12 01:08:52 +00:00
}
func (s *httpChallenge) Solve(chlng challenge, domain string) error {
2015-12-15 20:13:40 +00:00
logf("[INFO][%s] acme: Trying to solve HTTP-01", domain)
2015-11-12 01:08:52 +00:00
// Generate the Key Authorization for the challenge
keyAuth, err := getKeyAuthorization(chlng.Token, &s.jws.privKey.PublicKey)
2015-11-12 01:08:52 +00:00
if err != nil {
return err
}
// Allow for CLI port override
port := ":80"
if s.optPort != "" {
port = ":" + s.optPort
}
listener, err := net.Listen("tcp", domain+port)
if err != nil {
// if the domain:port bind failed, fall back to :port bind and try that instead.
listener, err = net.Listen("tcp", port)
if err != nil {
return fmt.Errorf("Could not start HTTP server for challenge -> %v", err)
2015-11-12 01:08:52 +00:00
}
}
defer listener.Close()
2015-11-12 01:08:52 +00:00
path := "/.well-known/acme-challenge/" + chlng.Token
2015-11-12 01:08:52 +00:00
// The handler validates the HOST header and request type.
// For validation it then writes the token the server returned with the challenge
mux := http.NewServeMux()
mux.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) {
2015-11-12 01:08:52 +00:00
if strings.HasPrefix(r.Host, domain) && r.Method == "GET" {
w.Header().Add("Content-Type", "text/plain")
w.Write([]byte(keyAuth))
2015-12-27 18:18:38 +00:00
logf("[INFO][%s] Served key authentication", domain)
2015-11-12 01:08:52 +00:00
} else {
2015-12-02 19:33:37 +00:00
logf("[INFO] Received request for domain %s with method %s", r.Host, r.Method)
2015-11-12 01:08:52 +00:00
w.Write([]byte("TEST"))
}
})
go http.Serve(listener, mux)
2015-11-12 01:08:52 +00:00
return s.validate(s.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
2015-11-12 01:08:52 +00:00
}