forked from TrueCloudLab/lego
Simplify httpChallenge code.
Solve is blocking, so no need to run initialization code in a separate goroutine. Removes the need for s.start. Once the listener is closed, all I/O resources have been returned. No need to wait for http.Serve to return. Removes the need for s.end.
This commit is contained in:
parent
58a2fd2267
commit
5dc33c8c08
1 changed files with 5 additions and 34 deletions
|
@ -10,45 +10,18 @@ import (
|
||||||
type httpChallenge struct {
|
type httpChallenge struct {
|
||||||
jws *jws
|
jws *jws
|
||||||
optPort string
|
optPort string
|
||||||
start chan net.Listener
|
|
||||||
end chan error
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *httpChallenge) Solve(chlng challenge, domain string) error {
|
func (s *httpChallenge) Solve(chlng challenge, domain string) error {
|
||||||
|
|
||||||
logf("[INFO] acme: Trying to solve HTTP-01")
|
logf("[INFO] acme: Trying to solve HTTP-01")
|
||||||
|
|
||||||
s.start = make(chan net.Listener)
|
|
||||||
s.end = make(chan error)
|
|
||||||
|
|
||||||
// Generate the Key Authorization for the challenge
|
// Generate the Key Authorization for the challenge
|
||||||
keyAuth, err := getKeyAuthorization(chlng.Token, &s.jws.privKey.PublicKey)
|
keyAuth, err := getKeyAuthorization(chlng.Token, &s.jws.privKey.PublicKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
go s.startHTTPServer(domain, chlng.Token, keyAuth)
|
|
||||||
var listener net.Listener
|
|
||||||
select {
|
|
||||||
case listener = <-s.start:
|
|
||||||
break
|
|
||||||
case err := <-s.end:
|
|
||||||
return fmt.Errorf("Could not start HTTP server for challenge -> %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Make sure we properly close the HTTP server before we return
|
|
||||||
defer func() {
|
|
||||||
listener.Close()
|
|
||||||
err = <-s.end
|
|
||||||
close(s.start)
|
|
||||||
close(s.end)
|
|
||||||
}()
|
|
||||||
|
|
||||||
return validate(s.jws, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *httpChallenge) startHTTPServer(domain string, token string, keyAuth string) {
|
|
||||||
|
|
||||||
// Allow for CLI port override
|
// Allow for CLI port override
|
||||||
port := ":80"
|
port := ":80"
|
||||||
if s.optPort != "" {
|
if s.optPort != "" {
|
||||||
|
@ -60,13 +33,12 @@ func (s *httpChallenge) startHTTPServer(domain string, token string, keyAuth str
|
||||||
// if the domain:port bind failed, fall back to :port bind and try that instead.
|
// if the domain:port bind failed, fall back to :port bind and try that instead.
|
||||||
listener, err = net.Listen("tcp", port)
|
listener, err = net.Listen("tcp", port)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.end <- err
|
return fmt.Errorf("Could not start HTTP server for challenge -> %v", err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Signal successfull start
|
defer listener.Close()
|
||||||
s.start <- listener
|
|
||||||
|
|
||||||
path := "/.well-known/acme-challenge/" + token
|
path := "/.well-known/acme-challenge/" + chlng.Token
|
||||||
|
|
||||||
// The handler validates the HOST header and request type.
|
// The handler validates the HOST header and request type.
|
||||||
// For validation it then writes the token the server returned with the challenge
|
// For validation it then writes the token the server returned with the challenge
|
||||||
|
@ -81,8 +53,7 @@ func (s *httpChallenge) startHTTPServer(domain string, token string, keyAuth str
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
http.Serve(listener, nil)
|
go http.Serve(listener, nil)
|
||||||
|
|
||||||
// Signal that the server was shut down
|
return validate(s.jws, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
|
||||||
s.end <- nil
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue