Add fallback to SimpleHTTP bind in case domain:port is not bindable.

This commit is contained in:
xenolf 2015-11-09 18:41:27 +01:00
parent 5ace5e130b
commit 7717294d9e
2 changed files with 7 additions and 3 deletions

View file

@ -125,9 +125,13 @@ func (s *simpleHTTPChallenge) startHTTPSServer(domain string, token string) (net
} }
tlsListener, err := tls.Listen("tcp", domain+port, tlsConf) tlsListener, err := tls.Listen("tcp", domain+port, tlsConf)
if err != nil {
// if the domain:port bind failed, fall back to :port bind and try that instead.
tlsListener, err = tls.Listen("tcp", port, tlsConf)
if err != nil { if err != nil {
return nil, err return nil, err
} }
}
jsonBytes, err := json.Marshal(challenge{Type: "simpleHttp", Token: token, TLS: true}) jsonBytes, err := json.Marshal(challenge{Type: "simpleHttp", Token: token, TLS: true})
if err != nil { if err != nil {

View file

@ -24,9 +24,9 @@ func TestSimpleHTTPNonRootBind(t *testing.T) {
if err := solver.Solve(clientChallenge, "127.0.0.1"); err == nil { if err := solver.Solve(clientChallenge, "127.0.0.1"); err == nil {
t.Error("BIND: Expected Solve to return an error but the error was nil.") t.Error("BIND: Expected Solve to return an error but the error was nil.")
} else { } else {
expectedError := "Could not start HTTPS server for challenge -> listen tcp 127.0.0.1:443: bind: permission denied" expectedError := "Could not start HTTPS server for challenge -> listen tcp :443: bind: permission denied"
if err.Error() != expectedError { if err.Error() != expectedError {
t.Errorf("Expected error %s but instead got %s", expectedError, err.Error()) t.Errorf("Expected error \"%s\" but instead got \"%s\"", expectedError, err.Error())
} }
} }
} }