From 08cd016ed34721693852508d8ab99cf1a575ab67 Mon Sep 17 00:00:00 2001 From: xenolf Date: Mon, 25 Jan 2016 00:23:21 +0100 Subject: [PATCH] Switch DNS-01 challenge over to central validation function --- acme/client.go | 2 +- acme/dns_challenge.go | 46 ++------------------------------------ acme/dns_challenge_test.go | 2 +- 3 files changed, 4 insertions(+), 46 deletions(-) diff --git a/acme/client.go b/acme/client.go index 9ddff186..afb9afb3 100644 --- a/acme/client.go +++ b/acme/client.go @@ -108,7 +108,7 @@ func (c *Client) SetChallengeProvider(challenge Challenge, p ChallengeProvider) case TLSSNI01: c.solvers[challenge] = &tlsSNIChallenge{jws: c.jws, validate: validate, provider: p} case DNS01: - c.solvers[challenge] = &dnsChallenge{jws: c.jws, provider: p} + c.solvers[challenge] = &dnsChallenge{jws: c.jws, validate: validate, provider: p} default: return fmt.Errorf("Unknown challenge %v", challenge) } diff --git a/acme/dns_challenge.go b/acme/dns_challenge.go index 1e000880..8a11cf4f 100644 --- a/acme/dns_challenge.go +++ b/acme/dns_challenge.go @@ -3,11 +3,9 @@ package acme import ( "crypto/sha256" "encoding/base64" - "encoding/json" "errors" "fmt" "log" - "net/http" "strings" "time" @@ -34,6 +32,7 @@ func DNS01Record(domain, keyAuth string) (fqdn string, value string, ttl int) { // dnsChallenge implements the dns-01 challenge according to ACME 7.5 type dnsChallenge struct { jws *jws + validate validateFunc provider ChallengeProvider } @@ -66,48 +65,7 @@ func (s *dnsChallenge) Solve(chlng challenge, domain string) error { preCheckDNS(domain, fqdn) - jsonBytes, err := json.Marshal(challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth}) - if err != nil { - return errors.New("Failed to marshal network message...") - } - - // Tell the server we handle DNS-01 - resp, err := s.jws.post(chlng.URI, jsonBytes) - if err != nil { - return fmt.Errorf("Failed to post JWS message. -> %v", err) - } - - // Repeatedly check the server for an updated status on our request. - var challengeResponse challenge -Loop: - for { - if resp.StatusCode >= http.StatusBadRequest { - return handleHTTPError(resp) - } - - err = json.NewDecoder(resp.Body).Decode(&challengeResponse) - resp.Body.Close() - if err != nil { - return err - } - - switch challengeResponse.Status { - case "valid": - logf("The server validated our request") - break Loop - case "pending": - break - case "invalid": - return errors.New("The server could not validate our request.") - default: - return errors.New("The server returned an unexpected state.") - } - - time.Sleep(1 * time.Second) - resp, err = http.Get(chlng.URI) - } - - return nil + return s.validate(s.jws, domain, chlng.URI, chlng) } func checkDNS(domain, fqdn string) bool { diff --git a/acme/dns_challenge_test.go b/acme/dns_challenge_test.go index 6a76cf8f..3137f2e2 100644 --- a/acme/dns_challenge_test.go +++ b/acme/dns_challenge_test.go @@ -23,7 +23,7 @@ func TestDNSValidServerResponse(t *testing.T) { manualProvider, _ := NewDNSProviderManual() jws := &jws{privKey: privKey.(*rsa.PrivateKey), directoryURL: ts.URL} - solver := &dnsChallenge{jws: jws, provider: manualProvider} + solver := &dnsChallenge{jws: jws, validate: validate, provider: manualProvider} clientChallenge := challenge{Type: "dns01", Status: "pending", URI: ts.URL, Token: "http8"} go func() {