From 7c60c45e2cf7a0d7fbe1d281baca19f747ccb0d7 Mon Sep 17 00:00:00 2001
From: xenolf <xenolf@users.noreply.github.com>
Date: Sun, 27 Dec 2015 20:34:30 +0100
Subject: [PATCH] Adapt README and CHANGELOG to latest changes

---
 CHANGELOG.md | 16 +++++++++++++++-
 README.md    | 30 ++++++++++++++++++++----------
 2 files changed, 35 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 66bd1d83..306b6e64 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,8 +2,22 @@
 
 ## [Unreleased]
 
+### Added:
+- CLI: The `--exclude` or `-x` switch. To exclude a challenge from being solved.
+- CLI: The `--httpPort`. To set the listen port of HTTP based challenges.
+- CLI: The `--tlsPort`. To set the listen port of TLS based challenges.
+- lib: ExcludeChallenges function. Pass an array of challenge identifiers to exclude them from solving.
+- lib: SetHTTPPort function. Pass a port to set the listen port for HTTP based challenges.
+- lib: SetTLSPort function. Pass a port to set the listen port of TLS based challenges.
+
+### Changed:
+- lib: NewClient does no longer accept the optPort parameter
+
+### Removed:
+- CLI: The `--port` switch was removed.
+
 ### Fixed:
-- CLI: Fix logic using the --days parameter
+- CLI: Fix logic using the `--days` parameter for renew
 
 ## [0.1.1] - 2015-12-18
 
diff --git a/README.md b/README.md
index 36d9ee3d..d1a4d136 100644
--- a/README.md
+++ b/README.md
@@ -45,15 +45,19 @@ The CLI does not require root permissions but needs to bind to port 80 and 443 f
 To run the CLI without sudo, you have two options:
 
 - Use setcap 'cap_net_bind_service=+ep' /path/to/program
-- Pass the `--port` option and specify a custom port to bind to. In this case you have to forward port 443 to this custom port.
+- Pass the `--httpPort` or/and the `--tlsPort` option and specify a custom port to bind to. In this case you have to forward port 80/443 to these custom ports (see [Port Usage](#port-usage)).
 
 #### Port Usage
 By default lego assumes it is able to bind to ports 80 and 443 to solve challenges.
-If this is not possible in your environment, you can use the `--port` option to instruct
+If this is not possible in your environment, you can use the `--httpPort` and `--tlsPort` options to instruct
 lego to listen on that port for any incoming challenges.
 
-If you are using this option, make sure you proxy all of the following traffic to that port:
+If you are using this option, make sure you proxy all of the following traffic to these ports.
+
+HTTP Port:
 - All plaintext HTTP requests to port 80 which begin with a request path of `/.well-known/acme-challenge/` for the HTTP-01 challenge.
+
+TLS Port:
 - All TLS handshakes on port 443 for TLS-SNI-01.
 
 This traffic redirection is only needed as long as lego solves challenges. As soon as you have received your certificates you can deactivate the forwarding.
@@ -68,7 +72,7 @@ USAGE:
    ./lego [global options] command [command options] [arguments...]
    
 VERSION:
-   0.1.0
+   0.2.0
    
 COMMANDS:
    run		Register an account, then create and install a certificate
@@ -81,8 +85,10 @@ GLOBAL OPTIONS:
    --server, -s "https://acme-v01.api.letsencrypt.org/directory"	CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client.
    --email, -m 								Email used for registration and recovery contact.
    --rsa-key-size, -B "2048"						Size of the RSA key.
-   --path "${CWD}"							Directory to use for storing the data
-   --port 								Challenges will use this port to listen on. Please make sure to forward port 443 to this port on your machine. Otherwise use setcap on the binary
+   --path "${CWD}"	Directory to use for storing the data
+   --exclude, -x [--exclude option --exclude option]			Explicitly disallow solvers by name from being used. Solvers: "http-01", "tls-sni-01".
+   --httpPort 								Set the port to use for HTTP based challenges to listen on.
+   --tlsPort 								Set the port to use for TLS based challenges to listen on.
    --help, -h								show help
    --version, -v							print the version
 
@@ -141,14 +147,18 @@ myUser := MyUser{
 
 // A client facilitates communication with the CA server. This CA URL is
 // configured for a local dev instance of Boulder running in Docker in a VM.
-// We specify an optPort of 5001 because we aren't running as root and can't
-// bind a listener to port 80 or 443 (used later when we attempt to pass challenges).
-// Keep in mind that we still need to proxy challenge traffic to port 5001.
-client, err := acme.NewClient("http://192.168.99.100:4000", &myUser, rsaKeySize, "5001")
+client, err := acme.NewClient("http://192.168.99.100:4000", &myUser, rsaKeySize)
 if err != nil {
   log.Fatal(err)
 }
 
+// We specify an httpPort of 5002 and an tlsPort of 5001 because we aren't running as
+// root and can't bind a listener to port 80 and 443 
+// (used later when we attempt to pass challenges).
+// Keep in mind that we still need to proxy challenge traffic to port 5002 and 5001.
+client.SetHTTPPort("5002")
+client.SetTLSPort("5001")
+
 // New users will need to register; be sure to save it
 reg, err := client.Register()
 if err != nil {