lego/acme/http_challenge.go

package acme

import (
	"fmt"
	"net"
	"net/http"
	"strings"
)

type httpChallenge struct {
	jws      *jws
	validate validateFunc
	iface    string
	port     string
	done     chan bool
}

func (s *httpChallenge) Solve(chlng challenge, domain string) error {

	logf("[INFO][%s] acme: Trying to solve HTTP-01", domain)

	s.done = make(chan bool)

	// Generate the Key Authorization for the challenge
	keyAuth, err := getKeyAuthorization(chlng.Token, &s.jws.privKey.PublicKey)
	if err != nil {
		return err
	}

	// Allow for CLI port override
	port := "80"
	if s.port != "" {
		port = s.port
	}

	iface := ""
	if s.iface != "" {
		iface = s.iface
	}

	listener, err := net.Listen("tcp", net.JoinHostPort(iface, port))
	if err != nil {
		return fmt.Errorf("Could not start HTTP server for challenge -> %v", err)
	}

	path := "/.well-known/acme-challenge/" + chlng.Token

	go s.serve(listener, path, keyAuth, domain)

	err = s.validate(s.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
	listener.Close()
	<-s.done

	return err
}

func (s *httpChallenge) serve(listener net.Listener, path, keyAuth, domain string) {
	// The handler validates the HOST header and request type.
	// For validation it then writes the token the server returned with the challenge
	mux := http.NewServeMux()
	mux.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) {
		if strings.HasPrefix(r.Host, domain) && r.Method == "GET" {
			w.Header().Add("Content-Type", "text/plain")
			w.Write([]byte(keyAuth))
			logf("[INFO][%s] Served key authentication", domain)
		} else {
			logf("[INFO] Received request for domain %s with method %s", r.Host, r.Method)
			w.Write([]byte("TEST"))
		}
	})

	http.Serve(listener, mux)
	s.done <- true
}
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`package acme`

			`import (`
			`"fmt"`
			`"net"`
			`"net/http"`
			`"strings"`
			`)`

			`type httpChallenge struct {`
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests. 2015-12-05 14:53:53 +00:00			`jws *jws`
Extract validateFunc from httpChallenge and tlsSNIChallenge 2015-12-27 18:08:17 +00:00			`validate validateFunc`
Add interface:port override to HTTP-01 and TLS-01 instead of only port 2016-01-08 07:04:38 +00:00			`iface string`
			`port string`
Fix a race for socket in HTTP-01 2016-01-11 21:04:04 +00:00			`done chan bool`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`}`

			`func (s *httpChallenge) Solve(chlng challenge, domain string) error {`

tweak log messages a bit 2015-12-15 20:13:40 +00:00			`logf("[INFO][%s] acme: Trying to solve HTTP-01", domain)`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00
Fix a race for socket in HTTP-01 2016-01-11 21:04:04 +00:00			`s.done = make(chan bool)`

Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`// Generate the Key Authorization for the challenge`
Update README & Extract KeyAuthorizations from HTTP-01 2015-11-16 22:57:04 +00:00			`keyAuth, err := getKeyAuthorization(chlng.Token, &s.jws.privKey.PublicKey)`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`if err != nil {`
			`return err`
			`}`

			`// Allow for CLI port override`
Add interface:port override to HTTP-01 and TLS-01 instead of only port 2016-01-08 07:04:38 +00:00			`port := "80"`
			`if s.port != "" {`
			`port = s.port`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`}`

Add interface:port override to HTTP-01 and TLS-01 instead of only port 2016-01-08 07:04:38 +00:00			`iface := ""`
			`if s.iface != "" {`
			`iface = s.iface`
			`}`

			`listener, err := net.Listen("tcp", net.JoinHostPort(iface, port))`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`if err != nil {`
Add interface:port override to HTTP-01 and TLS-01 instead of only port 2016-01-08 07:04:38 +00:00			`return fmt.Errorf("Could not start HTTP server for challenge -> %v", err)`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`}`

Simplify httpChallenge code. Solve is blocking, so no need to run initialization code in a separate goroutine. Removes the need for s.start. Once the listener is closed, all I/O resources have been returned. No need to wait for http.Serve to return. Removes the need for s.end. 2015-12-05 11:58:08 +00:00			`path := "/.well-known/acme-challenge/" + chlng.Token`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00
Fix a race for socket in HTTP-01 2016-01-11 21:04:04 +00:00			`go s.serve(listener, path, keyAuth, domain)`

			`err = s.validate(s.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})`
			`listener.Close()`
			`<-s.done`

			`return err`
			`}`

			`func (s *httpChallenge) serve(listener net.Listener, path, keyAuth, domain string) {`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`// The handler validates the HOST header and request type.`
			`// For validation it then writes the token the server returned with the challenge`
Use a local ServeMux in httpChallenge.Solve. Avoids modifying global state. 2015-12-05 12:05:40 +00:00			`mux := http.NewServeMux()`
			`mux.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) {`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`if strings.HasPrefix(r.Host, domain) && r.Method == "GET" {`
			`w.Header().Add("Content-Type", "text/plain")`
			`w.Write([]byte(keyAuth))`
Adjust logging output for http-01 2015-12-27 18:18:38 +00:00			`logf("[INFO][%s] Served key authentication", domain)`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`} else {`
Cleaned up a couple log lines 2015-12-02 19:33:37 +00:00			`logf("[INFO] Received request for domain %s with method %s", r.Host, r.Method)`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`w.Write([]byte("TEST"))`
			`}`
			`})`

Fix a race for socket in HTTP-01 2016-01-11 21:04:04 +00:00			`http.Serve(listener, mux)`
			`s.done <- true`
Initial work on HTTP-01 2015-11-12 01:08:52 +00:00			`}`