forked from TrueCloudLab/lego
Extract validateFunc from httpChallenge and tlsSNIChallenge
This commit is contained in:
parent
6b750198f2
commit
466af28672
3 changed files with 11 additions and 9 deletions
|
@ -44,6 +44,8 @@ type solver interface {
|
||||||
Solve(challenge challenge, domain string) error
|
Solve(challenge challenge, domain string) error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type validateFunc func(j *jws, domain, uri string, chlng challenge) error
|
||||||
|
|
||||||
// Client is the user-friendy way to ACME
|
// Client is the user-friendy way to ACME
|
||||||
type Client struct {
|
type Client struct {
|
||||||
directory directory
|
directory directory
|
||||||
|
@ -97,8 +99,8 @@ func NewClient(caDirURL string, user User, keyBits int) (*Client, error) {
|
||||||
// Add all available solvers with the right index as per ACME
|
// Add all available solvers with the right index as per ACME
|
||||||
// spec to this map. Otherwise they won`t be found.
|
// spec to this map. Otherwise they won`t be found.
|
||||||
solvers := make(map[string]solver)
|
solvers := make(map[string]solver)
|
||||||
solvers["http-01"] = &httpChallenge{jws: jws}
|
solvers["http-01"] = &httpChallenge{jws: jws, validate: validate}
|
||||||
solvers["tls-sni-01"] = &tlsSNIChallenge{jws: jws}
|
solvers["tls-sni-01"] = &tlsSNIChallenge{jws: jws, validate: validate}
|
||||||
|
|
||||||
return &Client{directory: dir, user: user, jws: jws, keyBits: keyBits, solvers: solvers}, nil
|
return &Client{directory: dir, user: user, jws: jws, keyBits: keyBits, solvers: solvers}, nil
|
||||||
}
|
}
|
||||||
|
@ -548,7 +550,7 @@ func parseLinks(links []string) map[string]string {
|
||||||
|
|
||||||
// validate makes the ACME server start validating a
|
// validate makes the ACME server start validating a
|
||||||
// challenge response, only returning once it is done.
|
// challenge response, only returning once it is done.
|
||||||
func validate(j *jws, uri string, chlng challenge) error {
|
func validate(j *jws, domain, uri string, chlng challenge) error {
|
||||||
var challengeResponse challenge
|
var challengeResponse challenge
|
||||||
|
|
||||||
hdr, err := postJSON(j, uri, chlng, &challengeResponse)
|
hdr, err := postJSON(j, uri, chlng, &challengeResponse)
|
||||||
|
@ -561,12 +563,12 @@ func validate(j *jws, uri string, chlng challenge) error {
|
||||||
for {
|
for {
|
||||||
switch challengeResponse.Status {
|
switch challengeResponse.Status {
|
||||||
case "valid":
|
case "valid":
|
||||||
logf("The server validated our request")
|
logf("[INFO][%s] The server validated our request", domain)
|
||||||
return nil
|
return nil
|
||||||
case "pending":
|
case "pending":
|
||||||
break
|
break
|
||||||
case "invalid":
|
case "invalid":
|
||||||
return errors.New("The server could not validate our request.")
|
return handleChallengeError(challengeResponse)
|
||||||
default:
|
default:
|
||||||
return errors.New("The server returned an unexpected state.")
|
return errors.New("The server returned an unexpected state.")
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
|
|
||||||
type httpChallenge struct {
|
type httpChallenge struct {
|
||||||
jws *jws
|
jws *jws
|
||||||
validate func(j *jws, uri string, chlng challenge) error
|
validate validateFunc
|
||||||
optPort string
|
optPort string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -57,5 +57,5 @@ func (s *httpChallenge) Solve(chlng challenge, domain string) error {
|
||||||
|
|
||||||
go http.Serve(listener, mux)
|
go http.Serve(listener, mux)
|
||||||
|
|
||||||
return s.validate(s.jws, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
|
return s.validate(s.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,7 +11,7 @@ import (
|
||||||
|
|
||||||
type tlsSNIChallenge struct {
|
type tlsSNIChallenge struct {
|
||||||
jws *jws
|
jws *jws
|
||||||
validate func(j *jws, uri string, chlng challenge) error
|
validate validateFunc
|
||||||
optPort string
|
optPort string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -49,7 +49,7 @@ func (t *tlsSNIChallenge) Solve(chlng challenge, domain string) error {
|
||||||
|
|
||||||
go http.Serve(listener, nil)
|
go http.Serve(listener, nil)
|
||||||
|
|
||||||
return t.validate(t.jws, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
|
return t.validate(t.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (t *tlsSNIChallenge) generateCertificate(keyAuth string) (tls.Certificate, error) {
|
func (t *tlsSNIChallenge) generateCertificate(keyAuth string) (tls.Certificate, error) {
|
||||||
|
|
Loading…
Reference in a new issue