From 8f992218b98268743bf29b2d6ec86758c011a295 Mon Sep 17 00:00:00 2001
From: xenolf <xenolf@users.noreply.github.com>
Date: Sat, 13 Jun 2015 00:16:49 +0200
Subject: [PATCH] Allow the user to override the challenge port. Enables
 running as non-root.

---
 acme/client.go   | 2 +-
 cli.go           | 8 ++++----
 cli_handlers.go  | 2 +-
 configuration.go | 4 ++++
 4 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/acme/client.go b/acme/client.go
index d339a772..2d31cb56 100644
--- a/acme/client.go
+++ b/acme/client.go
@@ -46,7 +46,7 @@ type Client struct {
 }
 
 // NewClient creates a new client for the set user.
-func NewClient(caURL string, usr User) *Client {
+func NewClient(caURL string, usr User, optPort string) *Client {
 	if err := usr.GetPrivateKey().Validate(); err != nil {
 		logger().Fatalf("Could not validate the private account key of %s -> %v", usr.GetEmail(), err)
 	}
diff --git a/cli.go b/cli.go
index 2314634a..11ef2801 100644
--- a/cli.go
+++ b/cli.go
@@ -94,10 +94,6 @@ func main() {
 			Value: "https://www.letsencrypt-demo.org/acme/new-reg",
 			Usage: "CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client.",
 		},
-		cli.StringFlag{
-			Name:  "authkey, k",
-			Usage: "Path to the authorized key file",
-		},
 		cli.StringFlag{
 			Name:  "email, m",
 			Usage: "Email used for registration and recovery contact.",
@@ -120,6 +116,10 @@ func main() {
 			Usage: "Directory to use for storing the data",
 			Value: defaultPath,
 		},
+		cli.StringFlag{
+			Name:  "port",
+			Usage: "Challenges will use this port to listen on. Please make sure to forward port 443 to this port on your machine. Otherwise use setcap on the binary",
+		},
 	}
 
 	app.Run(os.Args)
diff --git a/cli_handlers.go b/cli_handlers.go
index a07db368..14e6030d 100644
--- a/cli_handlers.go
+++ b/cli_handlers.go
@@ -30,7 +30,7 @@ func run(c *cli.Context) {
 	}
 
 	acc := NewAccount(c.GlobalString("email"), conf)
-	client := acme.NewClient(c.GlobalString("server"), acc)
+	client := acme.NewClient(c.GlobalString("server"), acc, conf.OptPort())
 	if acc.Registration == nil {
 		reg, err := client.Register()
 		if err != nil {
diff --git a/configuration.go b/configuration.go
index b22a2ae2..3d4186ed 100644
--- a/configuration.go
+++ b/configuration.go
@@ -24,6 +24,10 @@ func (c *Configuration) RsaBits() int {
 	return c.context.GlobalInt("rsa-key-size")
 }
 
+func (c *Configuration) OptPort() string {
+	return c.context.GlobalString("port")
+}
+
 // ServerPath returns the OS dependent path to the data for a specific CA
 func (c *Configuration) ServerPath() string {
 	srv, _ := url.Parse(c.context.GlobalString("server"))