From 1f0c69adc5f8408352159c3f971963ddeb8a5cd9 Mon Sep 17 00:00:00 2001
From: Fernandez Ludovic <lfernandez.dev@gmail.com>
Date: Mon, 28 May 2018 13:29:40 +0200
Subject: [PATCH] refactor: clean residual TLS challenge data.

---
 README.md           |  8 +++-----
 acme/client_test.go | 14 --------------
 cli.go              |  2 +-
 3 files changed, 4 insertions(+), 20 deletions(-)

diff --git a/README.md b/README.md
index 9ec7e1f3..0caaebc8 100644
--- a/README.md
+++ b/README.md
@@ -37,7 +37,6 @@ yaourt -S lego-git
 - Revoke certificates
 - Robust implementation of all ACME challenges
   - HTTP (http-01)
-  - TLS with Server Name Indication (tls-sni-01)
   - DNS (dns-01)
 - SAN certificate support
 - Comes with multiple optional [DNS providers](https://github.com/xenolf/lego/tree/master/providers/dns)
@@ -100,15 +99,14 @@ GLOBAL OPTIONS:
    --accept-tos, -a            By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service.
    --key-type value, -k value  Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384 (default: "rsa2048")
    --path value                Directory to use for storing the data (default: "/.lego")
-   --exclude value, -x value   Explicitly disallow solvers by name from being used. Solvers: "http-01", "tls-sni-01".
+   --exclude value, -x value   Explicitly disallow solvers by name from being used. Solvers: "http-01", "dns-01",.
    --webroot value             Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge
    --memcached-host value      Set the memcached host(s) to use for HTTP based challenges. Challenges will be written to all specified hosts.
    --http value                Set the port and interface to use for HTTP based challenges to listen on. Supported: interface:port or :port
-   --tls value                 Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port
    --dns value                 Solve a DNS challenge using the specified provider. Disables all other challenges. Run 'lego dnshelp' for help on usage.
    --http-timeout value        Set the HTTP timeout value to a specific value in seconds. The default is 10 seconds. (default: 0)
    --dns-timeout value         Set the DNS timeout value to a specific value in seconds. The default is 10 seconds. (default: 0)
-   --dns-resolvers value       Set the resolvers to use for performing recursive DNS queries. Supported: host:port. The default is to use Google's DNS resolvers.
+   --dns-resolvers value       Set the resolvers to use for performing recursive DNS queries. Supported: host:port. The default is to use the system resolvers, or Google's DNS resolvers if the system's cannot be determined.
    --pem                       Generate a .pem file by concatanating the .key and .crt files together.
    --help, -h                  show help
    --version, -v               print the version
@@ -145,7 +143,7 @@ Obtain a certificate using the DNS challenge and AWS Route 53:
 $ AWS_REGION=us-east-1 AWS_ACCESS_KEY_ID=my_id AWS_SECRET_ACCESS_KEY=my_key lego --email="foo@bar.com" --domains="example.com" --dns="route53" run
 ```
 
-Note that `--dns=foo` implies `--exclude=http-01` and `--exclude=tls-sni-01`. lego will not attempt other challenges if you've told it to use DNS instead.
+Note that `--dns=foo` implies `--exclude=http-01`. lego will not attempt other challenges if you've told it to use DNS instead.
 
 Obtain a certificate given a certificate signing request (CSR) generated by something else:
 
diff --git a/acme/client_test.go b/acme/client_test.go
index d30dd3ba..1e51b9a6 100644
--- a/acme/client_test.go
+++ b/acme/client_test.go
@@ -103,20 +103,6 @@ func TestClientOptPort(t *testing.T) {
 		t.Errorf("Expected http-01 to have iface %s but was %s", optHost, got)
 	}
 
-	/* httpsSolver, ok := client.solvers[TLSSNI01].(*tlsSNIChallenge)
-	if !ok {
-		t.Fatal("Expected tls-sni-01 solver to be httpChallenge type")
-	}
-	if httpsSolver.jws != client.jws {
-		t.Error("Expected tls-sni-01 to have same jws as client")
-	}
-	if got := httpsSolver.provider.(*TLSProviderServer).port; got != optPort {
-		t.Errorf("Expected tls-sni-01 to have port %s but was %s", optPort, got)
-	}
-	if got := httpsSolver.provider.(*TLSProviderServer).iface; got != optHost {
-		t.Errorf("Expected tls-sni-01 to have port %s but was %s", optHost, got)
-	} */
-
 	// test setting different host
 	optHost = "127.0.0.1"
 	client.SetHTTPAddress(net.JoinHostPort(optHost, optPort))
diff --git a/cli.go b/cli.go
index a11da2c0..323396bf 100644
--- a/cli.go
+++ b/cli.go
@@ -141,7 +141,7 @@ func main() {
 		},
 		cli.StringSliceFlag{
 			Name:  "exclude, x",
-			Usage: "Explicitly disallow solvers by name from being used. Solvers: \"http-01\", \"tls-sni-01\", \"dns-01\",.",
+			Usage: "Explicitly disallow solvers by name from being used. Solvers: \"http-01\", \"dns-01\".",
 		},
 		cli.StringFlag{
 			Name:  "webroot",