Ver código fonte

make polling faster, enable status updates

master
AJ ONeal 3 anos atrás
pai
commit
21d01a326c
  1. 6
      app/index.html
  2. 95
      app/js/bluecrypt-acme.js
  3. 6
      app/js/greenlock.js

6
app/index.html

@ -249,6 +249,12 @@
<!-- Step 4 Process Challanges -->
<form class="js-acme-form js-acme-form-poll">
Verifying Domains... (give us 5 seconds or so...)
<div class="js-challenge-responses" hidden>
Checking
<span class="js-challenge-response-altname">&nbsp;</span>
using <span class="js-challenge-response-type">&nbsp;</span>
: <span class="js-challenge-response-status">&nbsp;</span>
</div>
<!--
<table class="js-acme-table-verifying">

95
app/js/bluecrypt-acme.js

@ -2119,7 +2119,7 @@ ACME._untame = function (name, wild) {
// https://tools.ietf.org/html/draft-ietf-acme-acme-10#section-7.5.1
ACME._postChallenge = function (me, options, auth) {
var RETRY_INTERVAL = me.retryInterval || 1000;
var RETRY_INTERVAL = me.retryInterval || 5000;
var DEAUTH_INTERVAL = me.deauthWait || 10 * 1000;
var MAX_POLL = me.retryPoll || 8;
var MAX_PEND = me.retryPending || 4;
@ -2161,9 +2161,11 @@ ACME._postChallenge = function (me, options, auth) {
function pollStatus() {
if (count >= MAX_POLL) {
return Promise.reject(new Error(
var err = new Error(
"[acme-v2] stuck in bad pending/processing state for '" + altname + "'"
));
);
err.detail = "Too many attempts to validate challenge.";
return Promise.reject();
}
count += 1;
@ -2175,47 +2177,62 @@ ACME._postChallenge = function (me, options, auth) {
, url: auth.url
, protected: { kid: options._kid }
, payload: Enc.binToBuf('')
}).then(function (resp) {
if ('processing' === resp.body.status) {
//#console.debug('poll: again');
return ACME._wait(RETRY_INTERVAL).then(pollStatus);
}
}).then(checkResult).catch(transformError);
}
// This state should never occur
if ('pending' === resp.body.status) {
if (count >= MAX_PEND) {
return ACME._wait(RETRY_INTERVAL).then(deactivate).then(respondToChallenge);
}
//#console.debug('poll: again');
return ACME._wait(RETRY_INTERVAL).then(respondToChallenge);
function checkResult(resp) {
if (options.onChallengeStatus) {
try {
options.onChallengeStatus({
altname: altname, type: auth.type, status: resp.body.status, wildcard: auth.wildcard
});
} catch(e) {
console.warn('options.onChallengeStatus Error:');
console.warn(e);
}
}
if ('valid' === resp.body.status) {
//#console.debug('poll: valid');
if ('processing' === resp.body.status) {
//#console.debug('poll: again');
return ACME._wait(RETRY_INTERVAL).then(pollStatus);
}
try {
ACME._removeChallenge(me, options, auth);
} catch(e) {}
return resp.body;
// This state should never occur
if ('pending' === resp.body.status) {
if (count >= MAX_PEND) {
return ACME._wait(RETRY_INTERVAL).then(deactivate).then(respondToChallenge);
}
//#console.debug('poll: again');
return ACME._wait(RETRY_INTERVAL).then(pollStatus);
}
var code = 'E_ACME_UNKNOWN';
var err = new Error("[acme-v2] " + auth.altname + " (" + code + "): " + JSON.stringify(resp.body, null, 2));
err.code = code;
if ('valid' === resp.body.status) {
//#console.debug('poll: valid');
return Promise.reject(err);
}).catch(function (e) {
var err = e;
if (err.urn) {
err = new Error("[acme-v2] " + auth.altname + " status:" + e.status + " " + e.detail);
err.auth = auth;
err.altname = auth.altname;
err.type = auth.type;
err.code = ('invalid' === e.status) ? 'E_ACME_CHALLENGE' : 'E_ACME_UNKNOWN';
}
try {
ACME._removeChallenge(me, options, auth);
} catch(e) {}
return resp.body;
}
throw err;
});
var code = 'E_ACME_UNKNOWN';
var err = new Error("[acme-v2] " + auth.altname + " (" + code + "): " + JSON.stringify(resp.body, null, 2));
err.code = code;
return Promise.reject(err);
}
function transformError(e) {
var err = e;
if (err.urn) {
err = new Error("[acme-v2] " + auth.altname + " status:" + e.status + " " + e.detail);
err.auth = auth;
err.altname = auth.altname;
err.type = auth.type;
err.code = ('invalid' === e.status) ? 'E_ACME_CHALLENGE' : 'E_ACME_UNKNOWN';
}
throw err;
}
function respondToChallenge() {
@ -2226,11 +2243,7 @@ ACME._postChallenge = function (me, options, auth) {
, url: auth.url
, protected: { kid: options._kid }
, payload: Enc.binToBuf(JSON.stringify({}))
}).then(function (/*#resp*/) {
//#console.debug('respond to challenge: resp.body:');
//#console.debug(resp.body);
return ACME._wait(RETRY_INTERVAL).then(pollStatus);
});
}).then(checkResult).catch(transformError);
}
return respondToChallenge();

6
app/js/greenlock.js

@ -404,6 +404,12 @@
, domainKeypair: { privateKeyJwk: serverJwk }
, challengePriority: challengePriority
, challenges: false
, onChallengeStatus: function (details) {
$qs('.js-challenge-responses').hidden = false;
$qs('.js-challenge-response-type').innerText = details.type;
$qs('.js-challenge-response-status').innerText = details.status;
$qs('.js-challenge-response-altname').innerText = details.altname;
}
}).then(function (certs) {
return Keypairs.export({ jwk: serverJwk }).then(function (keyPem) {
console.info('WINNING!');

Carregando…
Cancelar
Salvar