2015-11-12 01:08:52 +00:00
|
|
|
package acme
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
|
|
|
)
|
|
|
|
|
|
|
|
type httpChallenge struct {
|
2015-12-05 14:53:53 +00:00
|
|
|
jws *jws
|
2015-12-27 18:08:17 +00:00
|
|
|
validate validateFunc
|
2016-01-08 07:04:38 +00:00
|
|
|
iface string
|
|
|
|
port string
|
2016-01-11 21:04:04 +00:00
|
|
|
done chan bool
|
2015-11-12 01:08:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *httpChallenge) Solve(chlng challenge, domain string) error {
|
|
|
|
|
2015-12-15 20:13:40 +00:00
|
|
|
logf("[INFO][%s] acme: Trying to solve HTTP-01", domain)
|
2015-11-12 01:08:52 +00:00
|
|
|
|
2016-01-11 21:04:04 +00:00
|
|
|
s.done = make(chan bool)
|
|
|
|
|
2015-11-12 01:08:52 +00:00
|
|
|
// Generate the Key Authorization for the challenge
|
2015-11-16 22:57:04 +00:00
|
|
|
keyAuth, err := getKeyAuthorization(chlng.Token, &s.jws.privKey.PublicKey)
|
2015-11-12 01:08:52 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Allow for CLI port override
|
2016-01-08 07:04:38 +00:00
|
|
|
port := "80"
|
|
|
|
if s.port != "" {
|
|
|
|
port = s.port
|
2015-11-12 01:08:52 +00:00
|
|
|
}
|
|
|
|
|
2016-01-08 07:04:38 +00:00
|
|
|
iface := ""
|
|
|
|
if s.iface != "" {
|
|
|
|
iface = s.iface
|
|
|
|
}
|
|
|
|
|
|
|
|
listener, err := net.Listen("tcp", net.JoinHostPort(iface, port))
|
2015-11-12 01:08:52 +00:00
|
|
|
if err != nil {
|
2016-01-08 07:04:38 +00:00
|
|
|
return fmt.Errorf("Could not start HTTP server for challenge -> %v", err)
|
2015-11-12 01:08:52 +00:00
|
|
|
}
|
|
|
|
|
2015-12-05 11:58:08 +00:00
|
|
|
path := "/.well-known/acme-challenge/" + chlng.Token
|
2015-11-12 01:08:52 +00:00
|
|
|
|
2016-01-11 21:04:04 +00:00
|
|
|
go s.serve(listener, path, keyAuth, domain)
|
|
|
|
|
|
|
|
err = s.validate(s.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
|
|
|
|
listener.Close()
|
|
|
|
<-s.done
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *httpChallenge) serve(listener net.Listener, path, keyAuth, domain string) {
|
2015-11-12 01:08:52 +00:00
|
|
|
// The handler validates the HOST header and request type.
|
|
|
|
// For validation it then writes the token the server returned with the challenge
|
2015-12-05 12:05:40 +00:00
|
|
|
mux := http.NewServeMux()
|
|
|
|
mux.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) {
|
2015-11-12 01:08:52 +00:00
|
|
|
if strings.HasPrefix(r.Host, domain) && r.Method == "GET" {
|
|
|
|
w.Header().Add("Content-Type", "text/plain")
|
|
|
|
w.Write([]byte(keyAuth))
|
2015-12-27 18:18:38 +00:00
|
|
|
logf("[INFO][%s] Served key authentication", domain)
|
2015-11-12 01:08:52 +00:00
|
|
|
} else {
|
2015-12-02 19:33:37 +00:00
|
|
|
logf("[INFO] Received request for domain %s with method %s", r.Host, r.Method)
|
2015-11-12 01:08:52 +00:00
|
|
|
w.Write([]byte("TEST"))
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
2016-01-11 21:04:04 +00:00
|
|
|
http.Serve(listener, mux)
|
|
|
|
s.done <- true
|
2015-11-12 01:08:52 +00:00
|
|
|
}
|