forked from TrueCloudLab/lego
Fix file descriptor leaks
This commit is contained in:
parent
01c629d834
commit
5efb56a1d4
3 changed files with 22 additions and 8 deletions
|
@ -73,6 +73,8 @@ func NewClient(caURL string, usr User, keyBits int, optPort string, devMode bool
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Could not get directory from CA URL. Please check the URL.\n\t%v", err)
|
logger().Fatalf("Could not get directory from CA URL. Please check the URL.\n\t%v", err)
|
||||||
}
|
}
|
||||||
|
defer dirResp.Body.Close()
|
||||||
|
|
||||||
var dir directory
|
var dir directory
|
||||||
decoder := json.NewDecoder(dirResp.Body)
|
decoder := json.NewDecoder(dirResp.Body)
|
||||||
err = decoder.Decode(&dir)
|
err = decoder.Decode(&dir)
|
||||||
|
@ -98,6 +100,7 @@ func (c *Client) Register() (*RegistrationResource, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
if resp.StatusCode == http.StatusConflict {
|
if resp.StatusCode == http.StatusConflict {
|
||||||
// REVIEW: should this return an error?
|
// REVIEW: should this return an error?
|
||||||
|
@ -142,6 +145,7 @@ func (c *Client) AgreeToTos() error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
if resp.StatusCode != http.StatusAccepted {
|
if resp.StatusCode != http.StatusAccepted {
|
||||||
return fmt.Errorf("The server returned %d but we expected %d", resp.StatusCode, http.StatusAccepted)
|
return fmt.Errorf("The server returned %d but we expected %d", resp.StatusCode, http.StatusAccepted)
|
||||||
|
@ -184,6 +188,7 @@ func (c *Client) RevokeCertificate(certificate []byte) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
if resp.StatusCode != 200 {
|
if resp.StatusCode != 200 {
|
||||||
body, _ := ioutil.ReadAll(resp.Body)
|
body, _ := ioutil.ReadAll(resp.Body)
|
||||||
|
@ -213,6 +218,10 @@ func (c *Client) RenewCertificate(cert CertificateResource, revokeOld bool) (Cer
|
||||||
// The first step of renewal is to check if we get a renewed cert
|
// The first step of renewal is to check if we get a renewed cert
|
||||||
// directly from the cert URL.
|
// directly from the cert URL.
|
||||||
resp, err := http.Get(cert.CertURL)
|
resp, err := http.Get(cert.CertURL)
|
||||||
|
if err != nil {
|
||||||
|
return CertificateResource{}, err
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
serverCertBytes, err := ioutil.ReadAll(resp.Body)
|
serverCertBytes, err := ioutil.ReadAll(resp.Body)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return CertificateResource{}, err
|
return CertificateResource{}, err
|
||||||
|
@ -323,9 +332,9 @@ func (c *Client) getChallenges(domains []string) []*authorizationResource {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
errc <- err
|
errc <- err
|
||||||
}
|
}
|
||||||
|
resp.Body.Close()
|
||||||
|
|
||||||
resc <- &authorizationResource{Body: authz, NewCertURL: links["next"], AuthURL: resp.Header.Get("Location"), Domain: domain}
|
resc <- &authorizationResource{Body: authz, NewCertURL: links["next"], AuthURL: resp.Header.Get("Location"), Domain: domain}
|
||||||
|
|
||||||
}(domain)
|
}(domain)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -409,6 +418,7 @@ func (c *Client) requestCertificate(authz *authorizationResource, result chan Ce
|
||||||
case 201:
|
case 201:
|
||||||
|
|
||||||
cert, err := ioutil.ReadAll(resp.Body)
|
cert, err := ioutil.ReadAll(resp.Body)
|
||||||
|
resp.Body.Close()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
errc <- err
|
errc <- err
|
||||||
return
|
return
|
||||||
|
|
|
@ -29,6 +29,7 @@ func (s *simpleHTTPChallenge) CanSolve(domain string) bool {
|
||||||
logger().Printf("Could not get public IP -> %v", err)
|
logger().Printf("Could not get public IP -> %v", err)
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
ip, err := ioutil.ReadAll(resp.Body)
|
ip, err := ioutil.ReadAll(resp.Body)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -66,6 +67,7 @@ func (s *simpleHTTPChallenge) Solve(chlng challenge, domain string) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("Could not start HTTPS server for challenge -> %v", err)
|
return fmt.Errorf("Could not start HTTPS server for challenge -> %v", err)
|
||||||
}
|
}
|
||||||
|
defer listener.Close()
|
||||||
|
|
||||||
// Tell the server about the generated random path
|
// Tell the server about the generated random path
|
||||||
jsonBytes, err := json.Marshal(challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token})
|
jsonBytes, err := json.Marshal(challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token})
|
||||||
|
@ -81,24 +83,24 @@ func (s *simpleHTTPChallenge) Solve(chlng challenge, domain string) error {
|
||||||
// After the path is sent, the ACME server will access our server.
|
// After the path is sent, the ACME server will access our server.
|
||||||
// Repeatedly check the server for an updated status on our request.
|
// Repeatedly check the server for an updated status on our request.
|
||||||
var challengeResponse challenge
|
var challengeResponse challenge
|
||||||
loop:
|
Loop:
|
||||||
for {
|
for {
|
||||||
decoder := json.NewDecoder(resp.Body)
|
err = json.NewDecoder(resp.Body).Decode(&challengeResponse)
|
||||||
decoder.Decode(&challengeResponse)
|
resp.Body.Close()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
switch challengeResponse.Status {
|
switch challengeResponse.Status {
|
||||||
case "valid":
|
case "valid":
|
||||||
logger().Print("The server validated our request")
|
logger().Print("The server validated our request")
|
||||||
listener.Close()
|
break Loop
|
||||||
break loop
|
|
||||||
case "pending":
|
case "pending":
|
||||||
break
|
break
|
||||||
case "invalid":
|
case "invalid":
|
||||||
listener.Close()
|
|
||||||
logger().Print("The server could not validate our request.")
|
logger().Print("The server could not validate our request.")
|
||||||
return errors.New("The server could not validate our request.")
|
return errors.New("The server could not validate our request.")
|
||||||
default:
|
default:
|
||||||
listener.Close()
|
|
||||||
logger().Print("The server returned an unexpected state.")
|
logger().Print("The server returned an unexpected state.")
|
||||||
return errors.New("The server returned an unexpected state.")
|
return errors.New("The server returned an unexpected state.")
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,6 +20,7 @@ func TestSimpleHTTPCanSolve(t *testing.T) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Could not get public IP -> %v", err)
|
t.Errorf("Could not get public IP -> %v", err)
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
ip, err := ioutil.ReadAll(resp.Body)
|
ip, err := ioutil.ReadAll(resp.Body)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -119,6 +120,7 @@ func TestSimpleHTTP(t *testing.T) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Expected the solver to listen on port 23456 -> %v", err)
|
t.Errorf("Expected the solver to listen on port 23456 -> %v", err)
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
body, _ := ioutil.ReadAll(resp.Body)
|
body, _ := ioutil.ReadAll(resp.Body)
|
||||||
bodyStr := string(body)
|
bodyStr := string(body)
|
||||||
|
|
Loading…
Reference in a new issue