From 0601df80c6619e651f8cadc3eae2694b60b706c6 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 2 Apr 2019 22:35:54 -0600 Subject: [PATCH] v2.7.3: update dependencies, cleanup, and forwards compat for v3 --- index.js | 130 ++++++++++++++++++++++++---------------------- package-lock.json | 16 +++++- package.json | 5 +- 3 files changed, 88 insertions(+), 63 deletions(-) diff --git a/index.js b/index.js index 0c77af8..bbf2bc6 100644 --- a/index.js +++ b/index.js @@ -58,7 +58,7 @@ var u; // undefined Greenlock._undefined = { acme: u , store: u -, challenge: u +//, challenge: u , challenges: u , sni: u , tlsOptions: u @@ -297,15 +297,12 @@ Greenlock.create = function (gl) { if (gl.challenge) { console.warn("Deprecated use of gl.challenge. Use gl.challenges['" + Greenlock.challengeType + "'] instead."); gl.challenges[gl.challengeType] = gl.challenge; + gl.challenge = undefined; } - Greenlock.challengeTypes.forEach(function (challengeType) { + Object.keys(gl.challenges||{}).forEach(function (challengeType) { var challenger = gl.challenges[challengeType]; - if (!challenger) { - return; - } - if (challenger.create) { challenger = gl.challenges[challengeType] = challenger.create(gl); } @@ -384,7 +381,7 @@ Greenlock.create = function (gl) { gl.approveDomains = null; } if (!gl.approveDomains) { - gl.approveDomains = function (lexOpts, certs, cb) { + gl.approveDomains = function (lexOpts, cb) { var err; var emsg; @@ -403,7 +400,7 @@ Greenlock.create = function (gl) { // The acme-v2 package uses pre-flight test challenges to // verify that each requested domain is hosted by the server // these checks are sufficient for most use cases - return cb(null, { options: lexOpts, certs: certs }); + return cb(null, lexOpts); } if (lexOpts.domains.every(function (domain) { @@ -415,7 +412,7 @@ Greenlock.create = function (gl) { lexOpts.agreeTos = gl.agreeTos; lexOpts.communityMember = gl.communityMember; lexOpts.telemetry = gl.telemetry; - return cb(null, { options: lexOpts, certs: certs }); + return cb(null, lexOpts); } emsg = "tls SNI for '" + lexOpts.domains.join(',') + "' rejected: not in list '" + gl.approvedDomains + "'"; @@ -429,60 +426,71 @@ Greenlock.create = function (gl) { gl.getCertificates = function (domain, certs, cb) { // certs come from current in-memory cache, not lookup log(gl.debug, 'gl.getCertificates called for', domain, 'with certs for', certs && certs.altnames || 'NONE'); - var opts = { domain: domain, domains: certs && certs.altnames || [ domain ] }; + var opts = { domain: domain, domains: certs && certs.altnames || [ domain ], certs: certs }; + + function cb2(results) { + log(gl.debug, 'gl.approveDomains called with certs for', results.certs && results.certs.altnames || 'NONE', 'and options:'); + log(gl.debug, results.options); + + var options = results.options || results; + if (results.certs) { + log(gl.debug, 'gl renewing'); + return gl.core.certificates.renewAsync(options, results.certs).then( + function (certs) { + // Workaround for https://github.com/nodejs/node/issues/22389 + gl._updateServernames(certs); + cb(null, certs); + } + , function (e) { + console.debug("Error renewing certificate for '" + domain + "':"); + console.debug(e); + console.error(""); + cb(e); + } + ); + } else { + log(gl.debug, 'gl getting from disk or registering new'); + return gl.core.certificates.getAsync(options).then( + function (certs) { + // Workaround for https://github.com/nodejs/node/issues/22389 + gl._updateServernames(certs); + cb(null, certs); + } + , function (e) { + console.debug("Error loading/registering certificate for '" + domain + "':"); + console.debug(e); + console.error(""); + cb(e); + } + ); + } + } + function eb2(_err) { + if (false !== gl.logRejectedDomains) { + console.error("[Error] approveDomains rejected tls sni '" + domain + "'"); + console.error("[Error] (see https://git.coolaj86.com/coolaj86/greenlock.js/issues/11)"); + if ('E_REJECT_SNI' !== _err.code) { + console.error("[Error] This is the rejection message:"); + console.error(_err.message); + } + console.error(""); + } + cb(_err); + return; + } + function mb2(_err, results) { + if (_err) { eb2(_err); return; } + cb2(results); + } try { - gl.approveDomains(opts, certs, function (_err, results) { - if (_err) { - if (false !== gl.logRejectedDomains) { - console.error("[Error] approveDomains rejected tls sni '" + domain + "'"); - console.error("[Error] (see https://git.coolaj86.com/coolaj86/greenlock.js/issues/11)"); - if ('E_REJECT_SNI' !== _err.code) { - console.error("[Error] This is the rejection message:"); - console.error(_err.message); - } - console.error(""); - } - cb(_err); - return; - } - - log(gl.debug, 'gl.approveDomains called with certs for', results.certs && results.certs.altnames || 'NONE', 'and options:'); - log(gl.debug, results.options); - - if (results.certs) { - log(gl.debug, 'gl renewing'); - return gl.core.certificates.renewAsync(results.options, results.certs).then( - function (certs) { - // Workaround for https://github.com/nodejs/node/issues/22389 - gl._updateServernames(certs); - cb(null, certs); - } - , function (e) { - console.debug("Error renewing certificate for '" + domain + "':"); - console.debug(e); - console.error(""); - cb(e); - } - ); - } - else { - log(gl.debug, 'gl getting from disk or registering new'); - return gl.core.certificates.getAsync(results.options).then( - function (certs) { - // Workaround for https://github.com/nodejs/node/issues/22389 - gl._updateServernames(certs); - cb(null, certs); - } - , function (e) { - console.debug("Error loading/registering certificate for '" + domain + "':"); - console.debug(e); - console.error(""); - cb(e); - } - ); - } - }); + if (1 === gl.approveDomains.length) { + gl.approveDomains(opts).then(cb2).catch(eb2); + } else if (2 === gl.approveDomains.length) { + gl.approveDomains(opts, mb2); + } else { + gl.approveDomains(opts, certs, mb2); + } } catch(e) { console.error("[ERROR] Something went wrong in approveDomains:"); console.error(e); diff --git a/package-lock.json b/package-lock.json index a17dc7b..e059233 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "greenlock", - "version": "2.6.9", + "version": "2.7.2", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -45,6 +45,11 @@ "rasha": "^1.2.4" } }, + "le-challenge-dns": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/le-challenge-dns/-/le-challenge-dns-2.3.2.tgz", + "integrity": "sha512-3BcmK+gELGpt1heyXRcIOciaUnuN7Yh0aFIBsAof1Lqm9LnQ4CnWRjYXtOsAtXlmhDhtNMs+AytGj6fwYBTr1A==" + }, "le-challenge-fs": { "version": "2.0.8", "resolved": "https://registry.npmjs.org/le-challenge-fs/-/le-challenge-fs-2.0.8.tgz", @@ -68,6 +73,15 @@ "safe-replace": "^1.0.3" } }, + "le-store-fs": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/le-store-fs/-/le-store-fs-1.0.0.tgz", + "integrity": "sha512-UVGFYwZO/kzkeoIbnbuPyUCB2HMWHAoKJQhsIeunyFakIa4J1ozqy136h3uV3GulSN+99ZJfQBT5aoqVZsmfzw==", + "requires": { + "mkdirp": "^0.5.1", + "safe-replace": "^1.1.0" + } + }, "minimist": { "version": "0.0.8", "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz", diff --git a/package.json b/package.json index a68582b..39a5149 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "greenlock", - "version": "2.7.2", + "version": "2.7.3", "description": "Let's Encrypt for node.js on npm", "main": "index.js", "files": [ @@ -39,11 +39,14 @@ }, "dependencies": { "acme": "^1.3.0", + "acme-v2": "^1.6.0", "cert-info": "^1.5.1", "keypairs": "^1.2.14", + "le-challenge-dns": "^2.3.2", "le-challenge-fs": "^2.0.2", "le-sni-auto": "^2.1.8", "le-store-certbot": "^2.2.1", + "le-store-fs": "^1.0.0", "rsa-compat": "^2.0.6" }, "engines": {