coolaj86
/
greenlock.js-ARCHIVED
3
3
Fork 0
Code Issues 6 Pull Requests 1 Releases Activity

v2.7.3: update dependencies, cleanup, and forwards compat for v3

This commit is contained in:
AJ ONeal 2019-04-02 22:35:54 -06:00
parent fe44523243
commit 0601df80c6
3 changed files with 88 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
index.js
View File

@ -58,7 +58,7 @@ var u; // undefined
Greenlock._undefined = { Greenlock._undefined = {
acme: u acme: u
, store: u , store: u
, challenge: u //, challenge: u
, challenges: u , challenges: u
, sni: u , sni: u
, tlsOptions: u , tlsOptions: u
@ -297,15 +297,12 @@ Greenlock.create = function (gl) {
if (gl.challenge) { if (gl.challenge) {
console.warn("Deprecated use of gl.challenge. Use gl.challenges['" + Greenlock.challengeType + "'] instead."); console.warn("Deprecated use of gl.challenge. Use gl.challenges['" + Greenlock.challengeType + "'] instead.");
gl.challenges[gl.challengeType] = gl.challenge; gl.challenges[gl.challengeType] = gl.challenge;
gl.challenge = undefined;
} }
Greenlock.challengeTypes.forEach(function (challengeType) { Object.keys(gl.challenges||{}).forEach(function (challengeType) {
var challenger = gl.challenges[challengeType]; var challenger = gl.challenges[challengeType];
if (!challenger) {
return;
}
if (challenger.create) { if (challenger.create) {
challenger = gl.challenges[challengeType] = challenger.create(gl); challenger = gl.challenges[challengeType] = challenger.create(gl);
} }
@ -384,7 +381,7 @@ Greenlock.create = function (gl) {
gl.approveDomains = null; gl.approveDomains = null;
} }
if (!gl.approveDomains) { if (!gl.approveDomains) {
gl.approveDomains = function (lexOpts, certs, cb) { gl.approveDomains = function (lexOpts, cb) {
var err; var err;
var emsg; var emsg;
@ -403,7 +400,7 @@ Greenlock.create = function (gl) {
// The acme-v2 package uses pre-flight test challenges to // The acme-v2 package uses pre-flight test challenges to
// verify that each requested domain is hosted by the server // verify that each requested domain is hosted by the server
// these checks are sufficient for most use cases // these checks are sufficient for most use cases
return cb(null, { options: lexOpts, certs: certs }); return cb(null, lexOpts);
} }
if (lexOpts.domains.every(function (domain) { if (lexOpts.domains.every(function (domain) {
@ -415,7 +412,7 @@ Greenlock.create = function (gl) {
lexOpts.agreeTos = gl.agreeTos; lexOpts.agreeTos = gl.agreeTos;
lexOpts.communityMember = gl.communityMember; lexOpts.communityMember = gl.communityMember;
lexOpts.telemetry = gl.telemetry; lexOpts.telemetry = gl.telemetry;
return cb(null, { options: lexOpts, certs: certs }); return cb(null, lexOpts);
} }
emsg = "tls SNI for '" + lexOpts.domains.join(',') + "' rejected: not in list '" + gl.approvedDomains + "'"; emsg = "tls SNI for '" + lexOpts.domains.join(',') + "' rejected: not in list '" + gl.approvedDomains + "'";
@ -429,60 +426,71 @@ Greenlock.create = function (gl) {
gl.getCertificates = function (domain, certs, cb) { gl.getCertificates = function (domain, certs, cb) {
// certs come from current in-memory cache, not lookup // certs come from current in-memory cache, not lookup
log(gl.debug, 'gl.getCertificates called for', domain, 'with certs for', certs && certs.altnames || 'NONE'); log(gl.debug, 'gl.getCertificates called for', domain, 'with certs for', certs && certs.altnames || 'NONE');
var opts = { domain: domain, domains: certs && certs.altnames || [ domain ] }; var opts = { domain: domain, domains: certs && certs.altnames || [ domain ], certs: certs };
function cb2(results) {
log(gl.debug, 'gl.approveDomains called with certs for', results.certs && results.certs.altnames || 'NONE', 'and options:');
log(gl.debug, results.options);
var options = results.options || results;
if (results.certs) {
log(gl.debug, 'gl renewing');
return gl.core.certificates.renewAsync(options, results.certs).then(
function (certs) {
// Workaround for https://github.com/nodejs/node/issues/22389
gl._updateServernames(certs);
cb(null, certs);
}
, function (e) {
console.debug("Error renewing certificate for '" + domain + "':");
console.debug(e);
console.error("");
cb(e);
}
);
} else {
log(gl.debug, 'gl getting from disk or registering new');
return gl.core.certificates.getAsync(options).then(
function (certs) {
// Workaround for https://github.com/nodejs/node/issues/22389
gl._updateServernames(certs);
cb(null, certs);
}
, function (e) {
console.debug("Error loading/registering certificate for '" + domain + "':");
console.debug(e);
console.error("");
cb(e);
}
);
}
}
function eb2(_err) {
if (false !== gl.logRejectedDomains) {
console.error("[Error] approveDomains rejected tls sni '" + domain + "'");
console.error("[Error] (see https://git.coolaj86.com/coolaj86/greenlock.js/issues/11)");
if ('E_REJECT_SNI' !== _err.code) {
console.error("[Error] This is the rejection message:");
console.error(_err.message);
}
console.error("");
}
cb(_err);
return;
}
function mb2(_err, results) {
if (_err) { eb2(_err); return; }
cb2(results);
}
try { try {
gl.approveDomains(opts, certs, function (_err, results) { if (1 === gl.approveDomains.length) {
if (_err) { gl.approveDomains(opts).then(cb2).catch(eb2);
if (false !== gl.logRejectedDomains) { } else if (2 === gl.approveDomains.length) {
console.error("[Error] approveDomains rejected tls sni '" + domain + "'"); gl.approveDomains(opts, mb2);
console.error("[Error] (see https://git.coolaj86.com/coolaj86/greenlock.js/issues/11)"); } else {
if ('E_REJECT_SNI' !== _err.code) { gl.approveDomains(opts, certs, mb2);
console.error("[Error] This is the rejection message:"); }
console.error(_err.message);
}
console.error("");
}
cb(_err);
return;
}
log(gl.debug, 'gl.approveDomains called with certs for', results.certs && results.certs.altnames || 'NONE', 'and options:');
log(gl.debug, results.options);
if (results.certs) {
log(gl.debug, 'gl renewing');
return gl.core.certificates.renewAsync(results.options, results.certs).then(
function (certs) {
// Workaround for https://github.com/nodejs/node/issues/22389
gl._updateServernames(certs);
cb(null, certs);
}
, function (e) {
console.debug("Error renewing certificate for '" + domain + "':");
console.debug(e);
console.error("");
cb(e);
}
);
}
else {
log(gl.debug, 'gl getting from disk or registering new');
return gl.core.certificates.getAsync(results.options).then(
function (certs) {
// Workaround for https://github.com/nodejs/node/issues/22389
gl._updateServernames(certs);
cb(null, certs);
}
, function (e) {
console.debug("Error loading/registering certificate for '" + domain + "':");
console.debug(e);
console.error("");
cb(e);
}
);
}
});
} catch(e) { } catch(e) {
console.error("[ERROR] Something went wrong in approveDomains:"); console.error("[ERROR] Something went wrong in approveDomains:");
console.error(e); console.error(e);

16
package-lock.json generated
View File

@ -1,6 +1,6 @@
{ {
"name": "greenlock", "name": "greenlock",
"version": "2.6.9", "version": "2.7.2",
"lockfileVersion": 1, "lockfileVersion": 1,
"requires": true, "requires": true,
"dependencies": { "dependencies": {
@ -45,6 +45,11 @@
"rasha": "^1.2.4" "rasha": "^1.2.4"
} }
}, },
"le-challenge-dns": {
"version": "2.3.2",
"resolved": "https://registry.npmjs.org/le-challenge-dns/-/le-challenge-dns-2.3.2.tgz",
"integrity": "sha512-3BcmK+gELGpt1heyXRcIOciaUnuN7Yh0aFIBsAof1Lqm9LnQ4CnWRjYXtOsAtXlmhDhtNMs+AytGj6fwYBTr1A=="
},
"le-challenge-fs": { "le-challenge-fs": {
"version": "2.0.8", "version": "2.0.8",
"resolved": "https://registry.npmjs.org/le-challenge-fs/-/le-challenge-fs-2.0.8.tgz", "resolved": "https://registry.npmjs.org/le-challenge-fs/-/le-challenge-fs-2.0.8.tgz",
@ -68,6 +73,15 @@
"safe-replace": "^1.0.3" "safe-replace": "^1.0.3"
} }
}, },
"le-store-fs": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/le-store-fs/-/le-store-fs-1.0.0.tgz",
"integrity": "sha512-UVGFYwZO/kzkeoIbnbuPyUCB2HMWHAoKJQhsIeunyFakIa4J1ozqy136h3uV3GulSN+99ZJfQBT5aoqVZsmfzw==",
"requires": {
"mkdirp": "^0.5.1",
"safe-replace": "^1.1.0"
}
},
"minimist": { "minimist": {
"version": "0.0.8", "version": "0.0.8",
"resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz", "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz",

5
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "greenlock", "name": "greenlock",
"version": "2.7.2", "version": "2.7.3",
"description": "Let's Encrypt for node.js on npm", "description": "Let's Encrypt for node.js on npm",
"main": "index.js", "main": "index.js",
"files": [ "files": [
@ -39,11 +39,14 @@
}, },
"dependencies": { "dependencies": {
"acme": "^1.3.0", "acme": "^1.3.0",
"acme-v2": "^1.6.0",
"cert-info": "^1.5.1", "cert-info": "^1.5.1",
"keypairs": "^1.2.14", "keypairs": "^1.2.14",
"le-challenge-dns": "^2.3.2",
"le-challenge-fs": "^2.0.2", "le-challenge-fs": "^2.0.2",
"le-sni-auto": "^2.1.8", "le-sni-auto": "^2.1.8",
"le-store-certbot": "^2.2.1", "le-store-certbot": "^2.2.1",
"le-store-fs": "^1.0.0",
"rsa-compat": "^2.0.6" "rsa-compat": "^2.0.6"
}, },
"engines": { "engines": {