v1.2.0: Fix #8 Production API changed to be in-spec

Merge branch 'master' of ssh://git.coolaj86.com:22042/coolaj86/acme-v2.js
add comment on privkey and other useful pem data
2018-07-12 01:50:24 -06:00 · 2018-07-11 22:35:48 -06:00 · 2018-07-11 22:35:38 -06:00 · 2018-07-11 18:07:53 +00:00 · 2018-07-11 18:06:48 +00:00 · 2018-07-07 14:00:22 -06:00
9 changed files with 300 additions and 106 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,32 @@
+*.pem
+letsencrypt.work
+letsencrypt.logs
+letsencrypt.config
+
+# Logs
+logs
+*.log
+
+# Runtime data
+pids
+*.pid
+*.seed
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (http://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directory
+# https://www.npmjs.org/doc/misc/npm-faq.html#should-i-check-my-node_modules-folder-into-git
+node_modules
--- a/.jshintrc
+++ b/.jshintrc
@ -0,0 +1,18 @@
+{ "node": true
+, "browser": true
+, "jquery": true
+, "globals": { "angular": true, "Promise": true }
+
+, "indent": 2
+, "onevar": true
+, "laxcomma": true
+, "laxbreak": true
+, "curly": true
+, "nonbsp": true
+
+, "eqeqeq": true
+, "immed": true
+, "undef": true
+, "unused": true
+, "latedef": true
+}
--- a/41
+++ b/41
@ -0,0 +1,41 @@
+Copyright 2018 AJ ONeal
+
+This is open source software; you can redistribute it and/or modify it under the
+terms of either:
+
+   a) the "MIT License"
+   b) the "Apache-2.0 License"
+
+MIT License
+
+   Permission is hereby granted, free of charge, to any person obtaining a copy
+   of this software and associated documentation files (the "Software"), to deal
+   in the Software without restriction, including without limitation the rights
+   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+   copies of the Software, and to permit persons to whom the Software is
+   furnished to do so, subject to the following conditions:
+
+   The above copyright notice and this permission notice shall be included in all
+   copies or substantial portions of the Software.
+
+   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+   AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+   LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+   SOFTWARE.
+
+Apache-2.0 License Summary
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
--- a/compat.js
+++ b/compat.js
@ -1,4 +1,5 @@
 'use strict';
+/* global Promise */

 var ACME2 = require('./').ACME;

@ -31,13 +32,10 @@ function create(deps) {
    options.agreeToTerms = options.agreeToTerms || function (tos) {
      return Promise.resolve(tos);
    };
-    acme2.certificates.create(options).then(function (chainPem) {
+    acme2.certificates.create(options).then(function (certs) {
      var privkeyPem = acme2.RSA.exportPrivatePem(options.domainKeypair);
-      resolveFn(cb)({
-        cert: chainPem.split(/[\r\n]{2,}/g)[0] + '\r\n'
-      , privkey: privkeyPem 
-      , chain: chainPem.split(/[\r\n]{2,}/g)[1] + '\r\n'
-      });
+      certs.privkey = privkeyPem;
+      resolveFn(cb)(certs);
    }, rejectFn(cb));
  };
  acme2.getAcmeUrls = function (options, cb) {
--- a/node.js
+++ b/node.js
@ -8,6 +8,15 @@

 var ACME = module.exports.ACME = {};

+ACME.formatPemChain = function formatPemChain(str) {
+  return str.trim().replace(/[\r\n]+/g, '\n').replace(/\-\n\-/g, '-\n\n-') + '\n';
+};
+ACME.splitPemChain = function splitPemChain(str) {
+  return str.trim().split(/[\r\n]{2,}/g).map(function (str) {
+    return str + '\n';
+  });
+};
+
 ACME.challengePrefixes = {
  'http-01': '/.well-known/acme-challenge'
 , 'dns-01': '_acme-challenge'
@ -106,7 +115,7 @@ ACME._getNonce = function (me) {
 }
 */
 ACME._registerAccount = function (me, options) {
-  if (me.debug) console.debug('[acme-v2] accounts.create');
+  if (me.debug) { console.debug('[acme-v2] accounts.create'); }

  return ACME._getNonce(me).then(function () {
    return new Promise(function (resolve, reject) {
@ -125,7 +134,7 @@ ACME._registerAccount = function (me, options) {
        if (options.contact) {
          contact = options.contact.slice(0);
        } else if (options.email) {
-          contact = [ 'mailto:' + options.email ]
+          contact = [ 'mailto:' + options.email ];
        }
        var body = {
          termsOfServiceAgreed: tosUrl === me._tos
@ -140,7 +149,7 @@ ACME._registerAccount = function (me, options) {
            , kid: options.externalAccount.id
            , url: me._directoryUrls.newAccount
            }
-          , new Buffer(JSON.stringify(jwk))
+          , Buffer.from(JSON.stringify(jwk))
          );
        }
        var payload = JSON.stringify(body);
@ -152,12 +161,12 @@ ACME._registerAccount = function (me, options) {
          , url: me._directoryUrls.newAccount
          , jwk: jwk
          }
-        , new Buffer(payload)
+        , Buffer.from(payload)
        );

        delete jws.header;
-        if (me.debug) console.debug('[acme-v2] accounts.create JSON body:');
-        if (me.debug) console.debug(jws);
+        if (me.debug) { console.debug('[acme-v2] accounts.create JSON body:'); }
+        if (me.debug) { console.debug(jws); }
        me._nonce = null;
        return me._request({
          method: 'POST'
@ -167,34 +176,34 @@ ACME._registerAccount = function (me, options) {
        }).then(function (resp) {
          var account = resp.body;

+          if (2 !== Math.floor(resp.statusCode / 100)) {
+            throw new Error('account error: ' + JSON.stringify(body));
+          }
+
          me._nonce = resp.toJSON().headers['replay-nonce'];
          var location = resp.toJSON().headers.location;
          // the account id url
          me._kid = location;
-          if (me.debug) console.debug('[DEBUG] new account location:');
-          if (me.debug) console.debug(location);
-          if (me.debug) console.debug(resp.toJSON());
+          if (me.debug) { console.debug('[DEBUG] new account location:'); }
+          if (me.debug) { console.debug(location); }
+          if (me.debug) { console.debug(resp.toJSON()); }

          /*
          {
-            id: 5925245,
-            key:
-             { kty: 'RSA',
-               n: 'tBr7m1hVaUNQjUeakznGidnrYyegVUQrsQjNrcipljI9Vxvxd0baHc3vvRZWFyFO5BlS7UDl-KHQdbdqb-MQzfP6T2sNXsOHARQ41pCGY5BYzIPRJF0nD48-CY717is-7BKISv8rf9yx5iSjvK1wZ3Ke3YIpxzK2fWRqccVxXQ92VYioxOfGObACgEUSvdoEttWV2B0Uv4Sdi6zZbk5eo2zALvyGb1P4fKVfQycGLXC41AyhHOAuTqzNCyIkiWEkbfh2lZNcYClP2epS0pHRFXYyjJN6-c8InfM3PISo4k6Qew65HZ-oqUow0tTIgNwuen9q5O6Hc73GvU-2npGJVQ',
-               e: 'AQAB' },
-            contact: [],
-            initialIp: '198.199.82.211',
-            createdAt: '2018-04-16T00:41:00.720584972Z',
+            contact: ["mailto:jon@example.com"],
+            orders: "https://some-url",
            status: 'valid'
          }
          */
          if (!account) { account = { _emptyResponse: true, key: {} }; }
+          // https://git.coolaj86.com/coolaj86/acme-v2.js/issues/8
+          if (!account.key) { account.key = {}; }
          account.key.kid = me._kid;
          return account;
        }).then(resolve, reject);
      }

-      if (me.debug) console.debug('[acme-v2] agreeToTerms');
+      if (me.debug) { console.debug('[acme-v2] agreeToTerms'); }
      if (1 === options.agreeToTerms.length) {
        // newer promise API
        return options.agreeToTerms(me._tos).then(agree, reject);
@ -234,7 +243,7 @@ ACME._registerAccount = function (me, options) {
 }
 */
 ACME._getChallenges = function (me, options, auth) {
-  if (me.debug) console.debug('\n[DEBUG] getChallenges\n');
+  if (me.debug) { console.debug('\n[DEBUG] getChallenges\n'); }
  return me._request({ method: 'GET', url: auth, json: true }).then(function (resp) {
    return resp.body;
  });
@ -288,7 +297,7 @@ ACME._postChallenge = function (me, options, identifier, ch) {
        options.accountKeypair
      , undefined
      , { nonce: me._nonce, alg: 'RS256', url: ch.url, kid: me._kid }
-      , new Buffer(JSON.stringify({ "status": "deactivated" }))
+      , Buffer.from(JSON.stringify({ "status": "deactivated" }))
      );
      me._nonce = null;
      return me._request({
@ -297,14 +306,14 @@ ACME._postChallenge = function (me, options, identifier, ch) {
      , headers: { 'Content-Type': 'application/jose+json' }
      , json: jws
      }).then(function (resp) {
-        if (me.debug) console.debug('[acme-v2.js] deactivate:');
-        if (me.debug) console.debug(resp.headers);
-        if (me.debug) console.debug(resp.body);
-        if (me.debug) console.debug();
+        if (me.debug) { console.debug('[acme-v2.js] deactivate:'); }
+        if (me.debug) { console.debug(resp.headers); }
+        if (me.debug) { console.debug(resp.body); }
+        if (me.debug) { console.debug(); }

        me._nonce = resp.toJSON().headers['replay-nonce'];
-        if (me.debug) console.debug('deactivate challenge: resp.body:');
-        if (me.debug) console.debug(resp.body);
+        if (me.debug) { console.debug('deactivate challenge: resp.body:'); }
+        if (me.debug) { console.debug(resp.body); }
        return ACME._wait(10 * 1000);
      });
    }
@ -316,11 +325,11 @@ ACME._postChallenge = function (me, options, identifier, ch) {

      count += 1;

-      if (me.debug) console.debug('\n[DEBUG] statusChallenge\n');
+      if (me.debug) { console.debug('\n[DEBUG] statusChallenge\n'); }
      return me._request({ method: 'GET', url: ch.url, json: true }).then(function (resp) {

        if ('processing' === resp.body.status) {
-          if (me.debug) console.debug('poll: again');
+          if (me.debug) { console.debug('poll: again'); }
          return ACME._wait(1 * 1000).then(pollStatus);
        }

@ -329,12 +338,12 @@ ACME._postChallenge = function (me, options, identifier, ch) {
          if (count >= 4) {
            return ACME._wait(1 * 1000).then(deactivate).then(testChallenge);
          }
-          if (me.debug) console.debug('poll: again');
+          if (me.debug) { console.debug('poll: again'); }
          return ACME._wait(1 * 1000).then(testChallenge);
        }

        if ('valid' === resp.body.status) {
-          if (me.debug) console.debug('poll: valid');
+          if (me.debug) { console.debug('poll: valid'); }

          try {
            if (1 === options.removeChallenge.length) {
@ -367,7 +376,7 @@ ACME._postChallenge = function (me, options, identifier, ch) {
        options.accountKeypair
      , undefined
      , { nonce: me._nonce, alg: 'RS256', url: ch.url, kid: me._kid }
-      , new Buffer(JSON.stringify({ }))
+      , Buffer.from(JSON.stringify({ }))
      );
      me._nonce = null;
      return me._request({
@ -376,23 +385,18 @@ ACME._postChallenge = function (me, options, identifier, ch) {
      , headers: { 'Content-Type': 'application/jose+json' }
      , json: jws
      }).then(function (resp) {
-        if (me.debug) console.debug('[acme-v2.js] challenge accepted!');
-        if (me.debug) console.debug(resp.headers);
-        if (me.debug) console.debug(resp.body);
-        if (me.debug) console.debug();
+        if (me.debug) { console.debug('[acme-v2.js] challenge accepted!'); }
+        if (me.debug) { console.debug(resp.headers); }
+        if (me.debug) { console.debug(resp.body); }
+        if (me.debug) { console.debug(); }

        me._nonce = resp.toJSON().headers['replay-nonce'];
-        if (me.debug) console.debug('respond to challenge: resp.body:');
-        if (me.debug) console.debug(resp.body);
-        return ACME._wait(1 * 1000).then(pollStatus).then(resolve, reject);
+        if (me.debug) { console.debug('respond to challenge: resp.body:'); }
+        if (me.debug) { console.debug(resp.body); }
+        return ACME._wait(1 * 1000).then(pollStatus);
      });
    }

-    function failChallenge(err) {
-      if (err) { reject(err); return; }
-      return testChallenge();
-    }
-
    function testChallenge() {
      // TODO put check dns / http checks here?
      // http-01: GET https://example.org/.well-known/acme-challenge/{{token}} => {{keyAuth}}
@ -410,11 +414,27 @@ ACME._postChallenge = function (me, options, identifier, ch) {

    try {
      if (1 === options.setChallenge.length) {
-        options.setChallenge(auth).then(testChallenge, reject);
+        options.setChallenge(auth).then(testChallenge).then(resolve, reject);
      } else if (2 === options.setChallenge.length) {
-        options.setChallenge(auth, failChallenge);
+        options.setChallenge(auth, function (err) {
+          if(err) {
+            reject(err);
          } else {
-        options.setChallenge(identifier.value, ch.token, keyAuthorization, failChallenge);
+            testChallenge().then(resolve, reject);
+          }
+        });
+      } else {
+        var challengeCb = function(err) {
+          if(err) {
+            reject(err);
+          } else {
+            testChallenge().then(resolve, reject);
+          }
+        };
+        Object.keys(auth).forEach(function (key) {
+          challengeCb[key] = auth[key];
+        });
+        options.setChallenge(identifier.value, ch.token, keyAuthorization, challengeCb);
      }
    } catch(e) {
      reject(e);
@ -422,7 +442,7 @@ ACME._postChallenge = function (me, options, identifier, ch) {
  });
 };
 ACME._finalizeOrder = function (me, options, validatedDomains) {
-  if (me.debug) console.debug('finalizeOrder:');
+  if (me.debug) { console.debug('finalizeOrder:'); }
  var csr = me.RSA.generateCsrWeb64(options.domainKeypair, validatedDomains);
  var body = { csr: csr };
  var payload = JSON.stringify(body);
@ -432,10 +452,10 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
      options.accountKeypair
    , undefined
    , { nonce: me._nonce, alg: 'RS256', url: me._finalize, kid: me._kid }
-    , new Buffer(payload)
+    , Buffer.from(payload)
    );

-    if (me.debug) console.debug('finalize:', me._finalize);
+    if (me.debug) { console.debug('finalize:', me._finalize); }
    me._nonce = null;
    return me._request({
      method: 'POST'
@ -447,21 +467,21 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
      // Possible values are: "pending" => ("invalid" || "ready") => "processing" => "valid"
      me._nonce = resp.toJSON().headers['replay-nonce'];

-      if (me.debug) console.debug('order finalized: resp.body:');
-      if (me.debug) console.debug(resp.body);
+      if (me.debug) { console.debug('order finalized: resp.body:'); }
+      if (me.debug) { console.debug(resp.body); }

      if ('valid' === resp.body.status) {
        me._expires = resp.body.expires;
        me._certificate = resp.body.certificate;

-        return resp.body;
+        return resp.body; // return order
      }

      if ('processing' === resp.body.status) {
        return ACME._wait().then(pollCert);
      }

-      if (me.debug) console.debug("Error: bad status:\n" + JSON.stringify(resp.body, null, 2));
+      if (me.debug) { console.debug("Error: bad status:\n" + JSON.stringify(resp.body, null, 2)); }

      if ('pending' === resp.body.status) {
        return Promise.reject(new Error(
@ -502,7 +522,7 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
  return pollCert();
 };
 ACME._getCertificate = function (me, options) {
-  if (me.debug) console.debug('[acme-v2] DEBUG get cert 1');
+  if (me.debug) { console.debug('[acme-v2] DEBUG get cert 1'); }

  if (!options.challengeTypes) {
    if (!options.challengeType) {
@ -522,7 +542,7 @@ ACME._getCertificate = function (me, options) {
    }
  }

-  if (me.debug) console.debug('[acme-v2] certificates.create');
+  if (me.debug) { console.debug('[acme-v2] certificates.create'); }
  return ACME._getNonce(me).then(function () {
    var body = {
      identifiers: options.domains.map(function (hostname) {
@ -537,10 +557,10 @@ ACME._getCertificate = function (me, options) {
      options.accountKeypair
    , undefined
    , { nonce: me._nonce, alg: 'RS256', url: me._directoryUrls.newOrder, kid: me._kid }
-    , new Buffer(payload)
+    , Buffer.from(payload)
    );

-    if (me.debug) console.debug('\n[DEBUG] newOrder\n');
+    if (me.debug) { console.debug('\n[DEBUG] newOrder\n'); }
    me._nonce = null;
    return me._request({
      method: 'POST'
@ -551,8 +571,8 @@ ACME._getCertificate = function (me, options) {
      me._nonce = resp.toJSON().headers['replay-nonce'];
      var location = resp.toJSON().headers.location;
      var auths;
-      if (me.debug) console.debug(location); // the account id url
-      if (me.debug) console.debug(resp.toJSON());
+      if (me.debug) { console.debug(location); } // the account id url
+      if (me.debug) { console.debug(resp.toJSON()); }
      me._authorizations = resp.body.authorizations;
      me._order = location;
      me._finalize = resp.body.finalize;
@ -563,7 +583,7 @@ ACME._getCertificate = function (me, options) {
        console.error(resp.body);
        return Promise.reject(new Error("authorizations were not fetched"));
      }
-      if (me.debug) console.debug("47 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&");
+      if (me.debug) { console.debug("[acme-v2] POST newOrder has authorizations"); }

      //return resp.body;
      auths = me._authorizations.slice(0);
@ -597,18 +617,29 @@ ACME._getCertificate = function (me, options) {
      }

      return next().then(function () {
-        if (me.debug) console.debug("37 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&");
+        if (me.debug) { console.debug("[getCertificate] next.then"); }
        var validatedDomains = body.identifiers.map(function (ident) {
          return ident.value;
        });

        return ACME._finalizeOrder(me, options, validatedDomains);
-      }).then(function () {
-        if (me.debug) console.debug('acme-v2: order was finalized');
+      }).then(function (order) {
+        if (me.debug) { console.debug('acme-v2: order was finalized'); }
        return me._request({ method: 'GET', url: me._certificate, json: true }).then(function (resp) {
-          if (me.debug) console.debug('acme-v2: csr submitted and cert received:');
-          if (me.debug) console.debug(resp.body);
-          return resp.body;
+          if (me.debug) { console.debug('acme-v2: csr submitted and cert received:'); }
+          // https://github.com/certbot/certbot/issues/5721
+          var certsarr = ACME.splitPemChain(ACME.formatPemChain((resp.body||'')));
+          //  cert, chain, fullchain, privkey, /*TODO, subject, altnames, issuedAt, expiresAt */
+          var certs = {
+            expires: order.expires
+          , identifiers: order.identifiers
+          //, authorizations: order.authorizations
+          , cert: certsarr.shift()
+          //, privkey: privkeyPem
+          , chain: certsarr.join('\n')
+          };
+          if (me.debug) { console.debug(certs); }
+          return certs;
        });
      });
    });
@ -620,7 +651,7 @@ ACME.create = function create(me) {
  // me.debug = true;
  me.challengePrefixes = ACME.challengePrefixes;
  me.RSA = me.RSA || require('rsa-compat').RSA;
-  me.request = me.request || require('request');
+  me.request = me.request || require('@coolaj86/urequest');
  me._dig = function (query) {
    // TODO use digd.js
    return new Promise(function (resolve, reject) {
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "acme-v2",
-  "version": "1.0.7",
+  "version": "1.2.0",
  "description": "Free SSL. A framework for building Let's Encrypt v2 clients, and other ACME v2 (draft 11) clients. Successor to le-acme-core.js",
  "homepage": "https://git.coolaj86.com/coolaj86/acme-v2.js",
  "main": "node.js",
@ -12,37 +12,21 @@
    "url": "ssh://gitea@git.coolaj86.com:22042/coolaj86/acme-v2.js.git"
  },
  "keywords": [
-    "acmev2",
-    "acmev02",
-    "acme-v2",
-    "acme-v02",
-    "acme",
-    "acme2",
-    "acme11",
-    "acme-draft11",
-    "acme-draft-11",
-    "draft",
-    "11",
-    "ssl",
-    "tls",
-    "https",
    "Let's Encrypt",
-    "letsencrypt",
-    "letsencrypt-v2",
-    "letsencrypt-v02",
-    "letsencryptv2",
-    "letsencryptv02",
-    "letsencrypt2",
-    "greenlock",
-    "greenlock2"
+    "ACME",
+    "v02",
+    "v2",
+    "draft-11",
+    "draft-12",
+    "free ssl",
+    "tls",
+    "automated https",
+    "letsencrypt"
  ],
  "author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
  "license": "(MIT OR Apache-2.0)",
  "dependencies": {
-    "request": "^2.85.0",
+    "@coolaj86/urequest": "^1.1.1",
    "rsa-compat": "^1.3.0"
-  },
-  "optionalDependencies": {
-    "bluebird": "^3.5.1"
  }
 }
--- a/tests/compat.js
+++ b/tests/compat.js
@ -12,10 +12,23 @@ module.exports.run = function (directoryUrl, RSA, web, chType, email, accountKey
        agree(null, tosUrl);
      }
    , setChallenge: function (hostname, token, val, cb) {
-        var pathname = hostname + acme2.acmeChallengePrefix + token;
-        console.log("Put the string '" + val + "' into a file at '" + pathname + "'");
-        console.log("echo '" + val + "' > '" + pathname + "'");
+        var pathname;
+
+        if ('http-01' === cb.type) {
+          pathname = hostname + acme2.acmeChallengePrefix + token;
+          console.log("Put the string '" + val /*keyAuthorization*/ + "' into a file at '" + pathname + "'");
+          console.log("echo '" + val /*keyAuthorization*/ + "' > '" + pathname + "'");
          console.log("\nThen hit the 'any' key to continue...");
+        } else if ('dns-01' === cb.type) {
+          // forwards-backwards compat
+          pathname = acme2.challengePrefixes['dns-01'] + "." + hostname.replace(/^\*\./, '');
+          console.log("Put the string '" + cb.dnsAuthorization + "' into the TXT record '" + pathname + "'");
+          console.log("dig TXT " + pathname + " '" + cb.dnsAuthorization + "'");
+          console.log("\nThen hit the 'any' key to continue...");
+        } else {
+          cb(new Error("[acme-v2] unrecognized challenge type: " + cb.type));
+          return;
+        }

        function onAny() {
          console.log("'any' key was hit");
--- a/tests/fullchain-formats.js
+++ b/tests/fullchain-formats.js
@ -0,0 +1,77 @@
+'use strict';
+
+/*
+-----BEGIN CERTIFICATE-----LF
+xxxLF
+yyyLF
+-----END CERTIFICATE-----LF
+LF
+-----BEGIN CERTIFICATE-----LF
+xxxLF
+yyyLF
+-----END CERTIFICATE-----LF
+
+Rules
+  * Only Unix LF (\n) Line endings
+  * Each PEM's lines are separated with \n
+  * Each PEM ends with \n
+  * Each PEM is separated with a \n (just like commas separating an array)
+*/
+
+// https://github.com/certbot/certbot/issues/5721#issuecomment-402362709
+var expected = "----\nxxxx\nyyyy\n----\n\n----\nxxxx\nyyyy\n----\n";
+var tests = [
+  "----\r\nxxxx\r\nyyyy\r\n----\r\n\r\n----\r\nxxxx\r\nyyyy\r\n----\r\n"
+, "----\r\nxxxx\r\nyyyy\r\n----\r\n----\r\nxxxx\r\nyyyy\r\n----\r\n"
+, "----\nxxxx\nyyyy\n----\n\n----\r\nxxxx\r\nyyyy\r\n----"
+, "----\nxxxx\nyyyy\n----\n----\r\nxxxx\r\nyyyy\r\n----"
+, "----\nxxxx\nyyyy\n----\n----\nxxxx\nyyyy\n----"
+, "----\nxxxx\nyyyy\n----\n----\nxxxx\nyyyy\n----\n"
+, "----\nxxxx\nyyyy\n----\n\n----\nxxxx\nyyyy\n----\n"
+, "----\nxxxx\nyyyy\n----\r\n----\nxxxx\ryyyy\n----\n"
+];
+
+function formatPemChain(str) {
+  return str.trim().replace(/[\r\n]+/g, '\n').replace(/\-\n\-/g, '-\n\n-') + '\n';
+}
+function splitPemChain(str) {
+  return str.trim().split(/[\r\n]{2,}/g).map(function (str) {
+    return str + '\n';
+  });
+}
+
+tests.forEach(function (str) {
+  var actual = formatPemChain(str);
+  if (expected !== actual) {
+    console.error('input:   ', JSON.stringify(str));
+    console.error('expected:', JSON.stringify(expected));
+    console.error('actual:  ', JSON.stringify(actual));
+    throw new Error("did not pass");
+  }
+});
+
+if (
+  "----\nxxxx\nyyyy\n----\n"
+  !==
+  formatPemChain("\n\n----\r\nxxxx\r\nyyyy\r\n----\n\n")
+) {
+  throw new Error("Not proper for single cert in chain");
+}
+
+if (
+  "--B--\nxxxx\nyyyy\n--E--\n\n--B--\nxxxx\nyyyy\n--E--\n\n--B--\nxxxx\nyyyy\n--E--\n"
+  !==
+  formatPemChain("\n\n\n--B--\nxxxx\nyyyy\n--E--\n\n\n\n--B--\nxxxx\nyyyy\n--E--\n\n\n--B--\nxxxx\nyyyy\n--E--\n\n\n")
+) {
+  throw new Error("Not proper for three certs in chain");
+}
+
+splitPemChain(
+  "--B--\nxxxx\nyyyy\n--E--\n\n--B--\nxxxx\nyyyy\n--E--\n\n--B--\nxxxx\nyyyy\n--E--\n"
+).forEach(function (str) {
+  if ("--B--\nxxxx\nyyyy\n--E--\n" !== str) {
+    throw new Error("bad thingy");
+  }
+});
+
+console.info('PASS');
--- a/tests/promise.js
+++ b/tests/promise.js
@ -35,9 +35,9 @@ module.exports.run = function run(directoryUrl, RSA, web, chType, email, account
            console.log("Put the string '" + opts.keyAuthorization + "' into a file at '" + pathname + "'");
            console.log("echo '" + opts.keyAuthorization + "' > '" + pathname + "'");
          } else if ('dns-01' === opts.type) {
-            pathname = acme2.challengePrefixes['dns-01'] + "." + opts.hostname.replace(/^\*\./, '');;
+            pathname = acme2.challengePrefixes['dns-01'] + "." + opts.hostname.replace(/^\*\./, '');
            console.log("Put the string '" + opts.dnsAuthorization + "' into the TXT record '" + pathname + "'");
-            console.log("ddig TXT " + pathname + " '" + opts.dnsAuthorization + "'");
+            console.log("dig TXT " + pathname + " '" + opts.dnsAuthorization + "'");
          } else {
            reject(new Error("[acme-v2] unrecognized challenge type"));
            return;
Author	SHA1	Message	Date
AJ ONeal	098e05f3ef	v1.2.0: Fix #8 Production API changed to be in-spec	2018-07-12 01:50:24 -06:00
AJ ONeal	7364fdd6f5	Merge branch 'master' of ssh://git.coolaj86.com:22042/coolaj86/acme-v2.js	2018-07-11 22:35:48 -06:00
AJ ONeal	b99c6e4b4e	add comment on privkey and other useful pem data	2018-07-11 22:35:38 -06:00
AJ ONeal	7776113210	Add '.jshintrc'	2018-07-11 18:07:53 +00:00
AJ ONeal	65ff626716	Delete '.jshintrc'	2018-07-11 18:06:48 +00:00
AJ ONeal	91f90d5689	simplify keywords, add draft-12	2018-07-07 14:00:22 -06:00
AJ ONeal	125d31b2c4	* the other callback	2018-07-04 00:36:33 -06:00
AJ ONeal	97e39aaeb0	add .gitignore	2018-07-04 00:29:28 -06:00
AJ ONeal	63284386eb	update compat to allow testing dns	2018-07-04 00:28:00 -06:00
AJ ONeal	a67256e8a9	add .jshintrc	2018-07-04 00:11:20 -06:00
AJ ONeal	bbeea080f6	update line endings (and add brackets to logs...)	2018-07-04 00:10:48 -06:00
AJ ONeal	700f400df6	v1.1.0	2018-06-19 01:28:24 -06:00
AJ ONeal	1dd07715db	request => @coolaj86/urequest	2018-06-19 01:28:03 -06:00
John Shaver	08088acd1f	1.0.9	2018-06-06 12:34:23 -07:00
jshaver	b3e1409394	Merge branch 'master' of jshaver/acme-v2.js into master	2018-06-06 19:27:39 +00:00
John Shaver	08aa9bcdeb	Fixed error handling for non promise setChallenge.	2018-06-05 16:07:54 -07:00
AJ ONeal	80b54a5a87	v1.0.8	2018-05-23 03:09:41 -06:00
AJ ONeal	e909c0fff0	update LICENSE	2018-05-23 03:08:58 -06:00