greenlock.js/index.js

'use strict';

var DAY = 24 * 60 * 60 * 1000;
//var MIN = 60 * 1000;
var ACME = require('acme-v2/compat').ACME;

var LE = module.exports;
LE.LE = LE;
// in-process cache, shared between all instances
var ipc = {};

function _log(debug) {
  if (debug) {
    var args = Array.prototype.slice.call(arguments);
    args.shift();
    args.unshift("[le/index.js]");
    console.log.apply(console, args);
  }
}

LE.defaults = {
  productionServerUrl: 'https://acme-v02.api.letsencrypt.org/directory'
, stagingServerUrl: 'https://acme-staging-v02.api.letsencrypt.org/directory'

, rsaKeySize: ACME.rsaKeySize || 2048
, challengeType: ACME.challengeType || 'http-01'
, challengeTypes: ACME.challengeTypes || [ 'http-01', 'dns-01' ]

, acmeChallengePrefix: ACME.acmeChallengePrefix
};

// backwards compat
Object.keys(LE.defaults).forEach(function (key) {
  LE[key] = LE.defaults[key];
});

// show all possible options
var u; // undefined
LE._undefined = {
  acme: u
, store: u
, challenge: u
, challenges: u
, sni: u
, tlsOptions: u

, register: u
, check: u

, renewWithin: u // le-auto-sni and core
//, renewBy: u // le-auto-sni
, acmeChallengePrefix: u
, rsaKeySize: u
, challengeType: u
, server: u
, version: u
, agreeToTerms: u
, _ipc: u
, duplicate: u
, _acmeUrls: u
};
LE._undefine = function (le) {
  Object.keys(LE._undefined).forEach(function (key) {
    if (!(key in le)) {
      le[key] = u;
    }
  });

  return le;
};
LE.create = function (le) {
  var PromiseA = require('bluebird');

  le.store = le.store || require('le-store-certbot').create({ debug: le.debug });
  le.core = require('./lib/core');
  var log = le.log || _log;

  if (!le.challenges) {
    le.challenges = {};
  }
  if (!le.challenges['http-01']) {
    le.challenges['http-01'] = require('le-challenge-fs').create({ debug: le.debug });
  }
  /*
  if (!le.challenges['tls-sni-01']) {
    le.challenges['tls-sni-01'] = require('le-challenge-sni').create({ debug: le.debug });
  }
  */
  if (!le.challenges['dns-01']) {
    try {
      le.challenges['dns-01'] = require('le-challenge-ddns').create({ debug: le.debug });
    } catch(e) {
      try {
        le.challenges['dns-01'] = require('le-challenge-dns').create({ debug: le.debug });
      } catch(e) {
        // not yet implemented
      }
    }
  }

  le = LE._undefine(le);
  le.acmeChallengePrefix = LE.acmeChallengePrefix;
  le.rsaKeySize = le.rsaKeySize || LE.rsaKeySize;
  le.challengeType = le.challengeType || LE.challengeType;
  le._ipc = ipc;
  le._communityPackage = le._communityPackage || 'greenlock.js';
  le.agreeToTerms = le.agreeToTerms || function (args, agreeCb) {
    agreeCb(new Error("'agreeToTerms' was not supplied to LE and 'agreeTos' was not supplied to LE.register"));
  };

  if (!le.renewWithin) { le.renewWithin = 14 * DAY; }
  // renewBy has a default in le-sni-auto

  if (!le.server) {
    throw new Error("opts.server must be set to 'staging' or a production url, such as LE.productionServerUrl'");
  }
  if ('staging' === le.server) {
    le.server = LE.stagingServerUrl;
  }
  else if ('production' === le.server) {
    le.server = LE.productionServerUrl;
  }

  if (-1 !== [ 'https://acme-v01.api.letsencrypt.org/directory'
    , 'https://acme-staging.api.letsencrypt.org/directory' ].indexOf(le.server)) {
    ACME = require('le-acme-core').ACME;
    console.warn("Let's Encrypt v1 is deprecated. Please update to Let's Encrypt v2 (ACME draft 11)");
  }
  else if (-1 !== [ 'https://acme-v02.api.letsencrypt.org/directory'
    , 'https://acme-staging-v02.api.letsencrypt.org/directory' ].indexOf(le.server)) {
    if ('v02' !== le.version && 'draft-11' !== le.version) {
      ACME = require('le-acme-core').ACME;
      if ('v01' !== le.version) {
        //console.warn("Please specify version: 'v01' (Let's Encrypt v1) or 'draft-11' (Let's Encrypt v2 / ACME draft 11)");
        console.warn("");
        console.warn("");
        console.warn("");
        console.warn("====================================================================");
        console.warn("==                     greenlock.js (v2.2.0+)                     ==");
        console.warn("====================================================================");
        console.warn("");
        console.warn("Please specify 'version' option:");
        console.warn("");
        console.warn("        'v01' for Let's Encrypt v1");
        console.warn("                 or");
        console.warn("        'draft-11' for Let's Encrypt v2 and ACME draft 11");
        console.warn("        ('v02' is an alias of 'draft-11'");
        console.warn("");
        console.warn("====================================================================");
        console.warn("==      this will be required from version v2.3 forward           ==");
        console.warn("====================================================================");
        console.warn("");
        console.warn("");
        console.warn("");
      }
    }
  }

  le.acme = le.acme || ACME.create({ debug: le.debug });
  if (le.acme.create) {
    le.acme = le.acme.create(le);
  }
  le.acme = PromiseA.promisifyAll(le.acme);
  le._acmeOpts = le.acme.getOptions();
  Object.keys(le._acmeOpts).forEach(function (key) {
    if (!(key in le)) {
      le[key] = le._acmeOpts[key];
    }
  });

  if (le.store.create) {
    le.store = le.store.create(le);
  }
  le.store = PromiseA.promisifyAll(le.store);
  le.store.accounts = PromiseA.promisifyAll(le.store.accounts);
  le.store.certificates = PromiseA.promisifyAll(le.store.certificates);
  le._storeOpts = le.store.getOptions();
  Object.keys(le._storeOpts).forEach(function (key) {
    if (!(key in le)) {
      le[key] = le._storeOpts[key];
    }
  });


  //
  // Backwards compat for <= v2.1.7
  //
  if (le.challenge) {
    console.warn("Deprecated use of le.challenge. Use le.challenges['" + LE.challengeType + "'] instead.");
    le.challenges[le.challengeType] = le.challenge;
  }

  LE.challengeTypes.forEach(function (challengeType) {
    var challenger = le.challenges[challengeType];

    if (!challenger) {
      return;
    }

    if (challenger.create) {
      challenger = le.challenges[challengeType] = challenger.create(le);
    }
    challenger = le.challenges[challengeType] = PromiseA.promisifyAll(challenger);
    le['_challengeOpts_' + challengeType] = challenger.getOptions();
    Object.keys(le['_challengeOpts_' + challengeType]).forEach(function (key) {
      if (!(key in le)) {
        le[key] = le['_challengeOpts_' + challengeType][key];
      }
    });

    // TODO wrap these here and now with tplCopy?
    if (!challenger.set || 5 !== challenger.set.length) {
      throw new Error("le.challenges[" + challengeType + "].set receives the wrong number of arguments."
        + " You must define setChallenge as function (opts, domain, token, keyAuthorization, cb) { }");
    }
    if (challenger.get && 4 !== challenger.get.length) {
      throw new Error("le.challenges[" + challengeType + "].get receives the wrong number of arguments."
        + " You must define getChallenge as function (opts, domain, token, cb) { }");
    }
    if (!challenger.remove || 4 !== challenger.remove.length) {
      throw new Error("le.challenges[" + challengeType + "].remove receives the wrong number of arguments."
        + " You must define removeChallenge as function (opts, domain, token, cb) { }");
    }

/*
    if (!le._challengeWarn && (!challenger.loopback || 4 !== challenger.loopback.length)) {
      le._challengeWarn = true;
      console.warn("le.challenges[" + challengeType + "].loopback should be defined as function (opts, domain, token, cb) { ... } and should prove (by external means) that the ACME server challenge '" + challengeType + "' will succeed");
    }
    else if (!le._challengeWarn && (!challenger.test || 5 !== challenger.test.length)) {
      le._challengeWarn = true;
      console.warn("le.challenges[" + challengeType + "].test should be defined as function (opts, domain, token, keyAuthorization, cb) { ... } and should prove (by external means) that the ACME server challenge '" + challengeType + "' will succeed");
    }
*/
  });

  le.sni = le.sni || null;
  le.tlsOptions = le.tlsOptions || le.httpsOptions || {};
  if (!le.tlsOptions.SNICallback) {
    if (!le.getCertificatesAsync && !le.getCertificates) {
      if (Array.isArray(le.approveDomains)) {
        le.approvedDomains = le.approveDomains;
        le.approveDomains = null;
      }
      if (!le.approveDomains) {
        le.approvedDomains = le.approvedDomains || [];
        le.approveDomains = function (lexOpts, certs, cb) {
          if (!le.email) {
            throw new Error("le-sni-auto is not properly configured. Missing email");
          }
          if (!le.agreeTos) {
            throw new Error("le-sni-auto is not properly configured. Missing agreeTos");
          }
          if (!le.approvedDomains.length) {
            throw new Error("le-sni-auto is not properly configured. Missing approveDomains(domain, certs, callback)");
          }
          if (lexOpts.domains.every(function (domain) {
            return -1 !== le.approvedDomains.indexOf(domain);
          })) {
            lexOpts.domains = le.approvedDomains.slice(0);
            lexOpts.email = le.email;
            lexOpts.agreeTos = le.agreeTos;
            lexOpts.communityMember = lexOpts.communityMember;
            return cb(null, { options: lexOpts, certs: certs });
          }
          log(le.debug, 'unapproved domain', lexOpts.domains, le.approvedDomains);
          cb(new Error("unapproved domain"));
        };
      }

      le.getCertificates = function (domain, certs, cb) {
        // certs come from current in-memory cache, not lookup
        log(le.debug, 'le.getCertificates called for', domain, 'with certs for', certs && certs.altnames || 'NONE');
        var opts = { domain: domain, domains: certs && certs.altnames || [ domain ] };

        le.approveDomains(opts, certs, function (_err, results) {
          if (_err) {
            log(le.debug, 'le.approveDomains called with error', _err);
            cb(_err);
            return;
          }

          log(le.debug, 'le.approveDomains called with certs for', results.certs && results.certs.altnames || 'NONE', 'and options:');
          log(le.debug, results.options);

          var promise;

          if (results.certs) {
            log(le.debug, 'le renewing');
            promise = le.core.certificates.renewAsync(results.options, results.certs);
          }
          else {
            log(le.debug, 'le getting from disk or registering new');
            promise = le.core.certificates.getAsync(results.options);
          }

          return promise.then(function (certs) { cb(null, certs); }, cb);
        });
      };
    }
    le.sni = le.sni || require('le-sni-auto');
    if (le.sni.create) {
      le.sni = le.sni.create(le);
    }
    le.tlsOptions.SNICallback = le.sni.sniCallback;
  }
  if (!le.tlsOptions.key || !le.tlsOptions.cert) {
    le.tlsOptions = require('localhost.daplie.me-certificates').merge(le.tlsOptions);
  }
  // We want to move to using tlsOptions instead of httpsOptions, but we also need to make
  // sure anything that uses this object will still work if looking for httpsOptions.
  le.httpsOptions = le.tlsOptions;

  if (le.core.create) {
    le.core = le.core.create(le);
  }

  le.renew = function (args, certs) {
    return le.core.certificates.renewAsync(args, certs);
  };

  le.register = function (args) {
    return le.core.certificates.getAsync(args);
  };

  le.check = function (args) {
    // TODO must return email, domains, tos, pems
    return le.core.certificates.checkAsync(args);
  };

  le.middleware = le.middleware || require('./lib/middleware');
  if (le.middleware.create) {
    le.middleware = le.middleware.create(le);
  }

  return le;
};
progress 2015-12-11 14:22:46 +00:00			`'use strict';`

change renewWithin defaults to match le-auto-sni 2016-08-16 00:50:55 +00:00			`var DAY = 24 * 60 * 60 * 1000;`
			`//var MIN = 60 * 1000;`
v2.2.0 2018-04-16 01:28:05 +00:00			`var ACME = require('acme-v2/compat').ACME;`
updates 2015-12-12 15:05:45 +00:00
so close... 2015-12-13 01:04:12 +00:00			`var LE = module.exports;`
now passes tests for invalid account 2016-08-08 19:17:09 +00:00			`LE.LE = LE;`
normalize 2016-08-05 22:50:42 +00:00			`// in-process cache, shared between all instances`
			`var ipc = {};`
partial refactor 2016-08-04 22:49:35 +00:00
Allow custom log function. Not only console 2016-08-25 20:09:23 +00:00			`function _log(debug) {`
			`if (debug) {`
			`var args = Array.prototype.slice.call(arguments);`
			`args.shift();`
			`args.unshift("[le/index.js]");`
			`console.log.apply(console, args);`
			`}`
			`}`

add defaults... just for fun 2016-02-13 02:33:50 +00:00			`LE.defaults = {`
v2.2.0 2018-04-16 01:28:05 +00:00			`productionServerUrl: 'https://acme-v02.api.letsencrypt.org/directory'`
			`, stagingServerUrl: 'https://acme-staging-v02.api.letsencrypt.org/directory'`
partial refactor 2016-08-04 22:49:35 +00:00
now passes tests for invalid account 2016-08-08 19:17:09 +00:00			`, rsaKeySize: ACME.rsaKeySize \|\| 2048`
			`, challengeType: ACME.challengeType \|\| 'http-01'`
v2.2.0 2018-04-16 01:28:05 +00:00			`, challengeTypes: ACME.challengeTypes \|\| [ 'http-01', 'dns-01' ]`
update 2016-08-05 22:21:10 +00:00
now passes tests for invalid account 2016-08-08 19:17:09 +00:00			`, acmeChallengePrefix: ACME.acmeChallengePrefix`
add defaults... just for fun 2016-02-13 02:33:50 +00:00			`};`
a special treat 2015-12-20 10:41:17 +00:00
gutting python 2015-12-16 09:11:31 +00:00			`// backwards compat`
partial refactor 2016-08-04 22:49:35 +00:00			`Object.keys(LE.defaults).forEach(function (key) {`
			`LE[key] = LE.defaults[key];`
			`});`
so close... 2015-12-13 01:04:12 +00:00
update 2016-08-05 22:21:10 +00:00			`// show all possible options`
getting pretty close 2016-08-05 22:16:29 +00:00			`var u; // undefined`
			`LE._undefined = {`
make shim of letiny-core possible #37 2016-08-08 15:21:33 +00:00			`acme: u`
			`, store: u`
pass middleware tests 2016-08-09 18:05:47 +00:00			`, challenge: u`
register multiple challenges 2016-08-15 21:33:26 +00:00			`, challenges: u`
			`, sni: u`
aliased httpsOptions as tlsOptions for issue #78 2017-04-10 20:41:54 +00:00			`, tlsOptions: u`
#38 passes create test 2016-08-08 23:14:53 +00:00
getting pretty close 2016-08-05 22:16:29 +00:00			`, register: u`
			`, check: u`
#38 passes create test 2016-08-08 23:14:53 +00:00
change renewWithin defaults to match le-auto-sni 2016-08-16 00:50:55 +00:00			`, renewWithin: u // le-auto-sni and core`
			`//, renewBy: u // le-auto-sni`
getting pretty close 2016-08-05 22:16:29 +00:00			`, acmeChallengePrefix: u`
update 2016-08-05 22:21:10 +00:00			`, rsaKeySize: u`
			`, challengeType: u`
			`, server: u`
v2.2.0 2018-04-16 01:28:05 +00:00			`, version: u`
add agreeToTerms 2016-08-06 05:33:19 +00:00			`, agreeToTerms: u`
normalize 2016-08-05 22:50:42 +00:00			`, _ipc: u`
pass middleware tests 2016-08-09 18:05:47 +00:00			`, duplicate: u`
			`, _acmeUrls: u`
getting pretty close 2016-08-05 22:16:29 +00:00			`};`
			`LE._undefine = function (le) {`
			`Object.keys(LE._undefined).forEach(function (key) {`
			`if (!(key in le)) {`
			`le[key] = u;`
			`}`
			`});`

			`return le;`
			`};`
			`LE.create = function (le) {`
normalize 2016-08-05 22:50:42 +00:00			`var PromiseA = require('bluebird');`

			`le.store = le.store \|\| require('le-store-certbot').create({ debug: le.debug });`
			`le.core = require('./lib/core');`
Allow custom log function. Not only console 2016-08-25 20:09:23 +00:00			`var log = le.log \|\| _log;`
getting pretty close 2016-08-05 22:16:29 +00:00
register multiple challenges 2016-08-15 21:33:26 +00:00			`if (!le.challenges) {`
			`le.challenges = {};`
			`}`
			`if (!le.challenges['http-01']) {`
			`le.challenges['http-01'] = require('le-challenge-fs').create({ debug: le.debug });`
			`}`
v2.2.0 2018-04-16 01:28:05 +00:00			`/*`
register multiple challenges 2016-08-15 21:33:26 +00:00			`if (!le.challenges['tls-sni-01']) {`
use le-challenge-sni for tls-sni-01 challenges 2016-10-08 11:29:17 +00:00			`le.challenges['tls-sni-01'] = require('le-challenge-sni').create({ debug: le.debug });`
register multiple challenges 2016-08-15 21:33:26 +00:00			`}`
v2.2.0 2018-04-16 01:28:05 +00:00			`*/`
register multiple challenges 2016-08-15 21:33:26 +00:00			`if (!le.challenges['dns-01']) {`
			`try {`
			`le.challenges['dns-01'] = require('le-challenge-ddns').create({ debug: le.debug });`
			`} catch(e) {`
			`try {`
			`le.challenges['dns-01'] = require('le-challenge-dns').create({ debug: le.debug });`
			`} catch(e) {`
			`// not yet implemented`
			`}`
			`}`
			`}`

normalize 2016-08-05 22:50:42 +00:00			`le = LE._undefine(le);`
getting pretty close 2016-08-05 22:16:29 +00:00			`le.acmeChallengePrefix = LE.acmeChallengePrefix;`
update 2016-08-05 22:21:10 +00:00			`le.rsaKeySize = le.rsaKeySize \|\| LE.rsaKeySize;`
			`le.challengeType = le.challengeType \|\| LE.challengeType;`
normalize 2016-08-05 22:50:42 +00:00			`le._ipc = ipc;`
update community member option 2018-05-10 08:31:24 +00:00			`le._communityPackage = le._communityPackage \|\| 'greenlock.js';`
#38 passes create test 2016-08-08 23:14:53 +00:00			`le.agreeToTerms = le.agreeToTerms \|\| function (args, agreeCb) {`
			`agreeCb(new Error("'agreeToTerms' was not supplied to LE and 'agreeTos' was not supplied to LE.register"));`
			`};`
getting pretty close 2016-08-05 22:16:29 +00:00
use better renewWithin/By defaults, document access 2018-04-19 19:37:27 +00:00			`if (!le.renewWithin) { le.renewWithin = 14 * DAY; }`
change renewWithin defaults to match le-auto-sni 2016-08-16 00:50:55 +00:00			`// renewBy has a default in le-sni-auto`
getting pretty close 2016-08-05 22:16:29 +00:00
			`if (!le.server) {`
			`throw new Error("opts.server must be set to 'staging' or a production url, such as LE.productionServerUrl'");`
			`}`
			`if ('staging' === le.server) {`
			`le.server = LE.stagingServerUrl;`
			`}`
			`else if ('production' === le.server) {`
			`le.server = LE.productionServerUrl;`
standalone complete! (I think?) 2015-12-13 05:03:48 +00:00			`}`
updates for letsencrypt-express 2015-12-17 08:46:40 +00:00
v2.2.0 2018-04-16 01:28:05 +00:00			`if (-1 !== [ 'https://acme-v01.api.letsencrypt.org/directory'`
			`, 'https://acme-staging.api.letsencrypt.org/directory' ].indexOf(le.server)) {`
			`ACME = require('le-acme-core').ACME;`
			`console.warn("Let's Encrypt v1 is deprecated. Please update to Let's Encrypt v2 (ACME draft 11)");`
			`}`
fix 'SyntaxError: Unexpected token =' 2018-04-16 05:29:12 +00:00			`else if (-1 !== [ 'https://acme-v02.api.letsencrypt.org/directory'`
v2.2.0 2018-04-16 01:28:05 +00:00			`, 'https://acme-staging-v02.api.letsencrypt.org/directory' ].indexOf(le.server)) {`
			`if ('v02' !== le.version && 'draft-11' !== le.version) {`
			`ACME = require('le-acme-core').ACME;`
			`if ('v01' !== le.version) {`
			`//console.warn("Please specify version: 'v01' (Let's Encrypt v1) or 'draft-11' (Let's Encrypt v2 / ACME draft 11)");`
			`console.warn("");`
			`console.warn("");`
			`console.warn("");`
			`console.warn("====================================================================");`
			`console.warn("== greenlock.js (v2.2.0+) ==");`
			`console.warn("====================================================================");`
			`console.warn("");`
			`console.warn("Please specify 'version' option:");`
			`console.warn("");`
			`console.warn(" 'v01' for Let's Encrypt v1");`
			`console.warn(" or");`
			`console.warn(" 'draft-11' for Let's Encrypt v2 and ACME draft 11");`
			`console.warn(" ('v02' is an alias of 'draft-11'");`
			`console.warn("");`
			`console.warn("====================================================================");`
			`console.warn("== this will be required from version v2.3 forward ==");`
			`console.warn("====================================================================");`
			`console.warn("");`
			`console.warn("");`
			`console.warn("");`
			`}`
			`}`
			`}`

			`le.acme = le.acme \|\| ACME.create({ debug: le.debug });`
make shim of letiny-core possible #37 2016-08-08 15:21:33 +00:00			`if (le.acme.create) {`
			`le.acme = le.acme.create(le);`
			`}`
			`le.acme = PromiseA.promisifyAll(le.acme);`
			`le._acmeOpts = le.acme.getOptions();`
			`Object.keys(le._acmeOpts).forEach(function (key) {`
			`if (!(key in le)) {`
			`le[key] = le._acmeOpts[key];`
			`}`
			`});`

normalize 2016-08-05 22:50:42 +00:00			`if (le.store.create) {`
			`le.store = le.store.create(le);`
Certificate registration completes successfully! :-) 2015-12-15 15:40:44 +00:00			`}`
normalize 2016-08-05 22:50:42 +00:00			`le.store = PromiseA.promisifyAll(le.store);`
promisify all of le-store- 2016-08-13 19:54:07 +00:00			`le.store.accounts = PromiseA.promisifyAll(le.store.accounts);`
			`le.store.certificates = PromiseA.promisifyAll(le.store.certificates);`
normalize 2016-08-05 22:50:42 +00:00			`le._storeOpts = le.store.getOptions();`
getting pretty close 2016-08-05 22:16:29 +00:00			`Object.keys(le._storeOpts).forEach(function (key) {`
make shim of letiny-core possible #37 2016-08-08 15:21:33 +00:00			`if (!(key in le)) {`
getting pretty close 2016-08-05 22:16:29 +00:00			`le[key] = le._storeOpts[key];`
updates 2015-12-12 14:20:12 +00:00			`}`
getting pretty close 2016-08-05 22:16:29 +00:00			`});`

update backwards / forwards compat for le.challenges 2016-09-21 23:30:47 +00:00
			`//`
			`// Backwards compat for <= v2.1.7`
			`//`
			`if (le.challenge) {`
			`console.warn("Deprecated use of le.challenge. Use le.challenges['" + LE.challengeType + "'] instead.");`
			`le.challenges[le.challengeType] = le.challenge;`
			`}`

register multiple challenges 2016-08-15 21:33:26 +00:00			`LE.challengeTypes.forEach(function (challengeType) {`
update backwards / forwards compat for le.challenges 2016-09-21 23:30:47 +00:00			`var challenger = le.challenges[challengeType];`

			`if (!challenger) {`
testing the latest and fixing stuff 2016-08-16 16:35:18 +00:00			`return;`
			`}`
update backwards / forwards compat for le.challenges 2016-09-21 23:30:47 +00:00
			`if (challenger.create) {`
			`challenger = le.challenges[challengeType] = challenger.create(le);`
a special treat 2015-12-20 10:41:17 +00:00			`}`
update backwards / forwards compat for le.challenges 2016-09-21 23:30:47 +00:00			`challenger = le.challenges[challengeType] = PromiseA.promisifyAll(challenger);`
			`le['_challengeOpts_' + challengeType] = challenger.getOptions();`
testing the latest and fixing stuff 2016-08-16 16:35:18 +00:00			`Object.keys(le['_challengeOpts_' + challengeType]).forEach(function (key) {`
register multiple challenges 2016-08-15 21:33:26 +00:00			`if (!(key in le)) {`
testing the latest and fixing stuff 2016-08-16 16:35:18 +00:00			`le[key] = le['_challengeOpts_' + challengeType][key];`
register multiple challenges 2016-08-15 21:33:26 +00:00			`}`
			`});`
add le-sni-auto 2016-08-12 21:24:28 +00:00
update backwards / forwards compat for le.challenges 2016-09-21 23:30:47 +00:00			`// TODO wrap these here and now with tplCopy?`
			`if (!challenger.set \|\| 5 !== challenger.set.length) {`
			`throw new Error("le.challenges[" + challengeType + "].set receives the wrong number of arguments."`
			`+ " You must define setChallenge as function (opts, domain, token, keyAuthorization, cb) { }");`
register multiple challenges 2016-08-15 21:33:26 +00:00			`}`
update backwards / forwards compat for le.challenges 2016-09-21 23:30:47 +00:00			`if (challenger.get && 4 !== challenger.get.length) {`
			`throw new Error("le.challenges[" + challengeType + "].get receives the wrong number of arguments."`
			`+ " You must define getChallenge as function (opts, domain, token, cb) { }");`
			`}`
			`if (!challenger.remove \|\| 4 !== challenger.remove.length) {`
			`throw new Error("le.challenges[" + challengeType + "].remove receives the wrong number of arguments."`
			`+ " You must define removeChallenge as function (opts, domain, token, cb) { }");`
			`}`
proper check for .loopback and .test on challenges 2016-10-12 23:25:05 +00:00
v2.2.0 2018-04-16 01:28:05 +00:00			`/*`
proper check for .loopback and .test on challenges 2016-10-12 23:25:05 +00:00			`if (!le._challengeWarn && (!challenger.loopback \|\| 4 !== challenger.loopback.length)) {`
			`le._challengeWarn = true;`
			`console.warn("le.challenges[" + challengeType + "].loopback should be defined as function (opts, domain, token, cb) { ... } and should prove (by external means) that the ACME server challenge '" + challengeType + "' will succeed");`
			`}`
			`else if (!le._challengeWarn && (!challenger.test \|\| 5 !== challenger.test.length)) {`
			`le._challengeWarn = true;`
			`console.warn("le.challenges[" + challengeType + "].test should be defined as function (opts, domain, token, keyAuthorization, cb) { ... } and should prove (by external means) that the ACME server challenge '" + challengeType + "' will succeed");`
update backwards / forwards compat for le.challenges 2016-09-21 23:30:47 +00:00			`}`
v2.2.0 2018-04-16 01:28:05 +00:00			`*/`
update backwards / forwards compat for le.challenges 2016-09-21 23:30:47 +00:00			`});`
register multiple challenges 2016-08-15 21:33:26 +00:00
add le.httpsOptions with le.sni.sniCallback 2016-08-15 20:36:58 +00:00			`le.sni = le.sni \|\| null;`
aliased httpsOptions as tlsOptions for issue #78 2017-04-10 20:41:54 +00:00			`le.tlsOptions = le.tlsOptions \|\| le.httpsOptions \|\| {};`
			`if (!le.tlsOptions.SNICallback) {`
better sni defaults 2016-08-16 00:42:11 +00:00			`if (!le.getCertificatesAsync && !le.getCertificates) {`
allow approveDomains to be an array or function 2016-08-17 15:19:52 +00:00			`if (Array.isArray(le.approveDomains)) {`
			`le.approvedDomains = le.approveDomains;`
			`le.approveDomains = null;`
			`}`
better sni defaults 2016-08-16 00:42:11 +00:00			`if (!le.approveDomains) {`
#21 workaround unconfigured le-sni-auto plugin 2016-08-16 19:03:15 +00:00			`le.approvedDomains = le.approvedDomains \|\| [];`
better sni defaults 2016-08-16 00:42:11 +00:00			`le.approveDomains = function (lexOpts, certs, cb) {`
Be more specific with missing property error message 2017-04-18 21:42:47 +00:00			`if (!le.email) {`
			`throw new Error("le-sni-auto is not properly configured. Missing email");`
			`}`
			`if (!le.agreeTos) {`
			`throw new Error("le-sni-auto is not properly configured. Missing agreeTos");`
			`}`
			`if (!le.approvedDomains.length) {`
			`throw new Error("le-sni-auto is not properly configured. Missing approveDomains(domain, certs, callback)");`
#21 workaround unconfigured le-sni-auto plugin 2016-08-16 19:03:15 +00:00			`}`
better sni defaults 2016-08-16 00:42:11 +00:00			`if (lexOpts.domains.every(function (domain) {`
testing the latest and fixing stuff 2016-08-16 16:35:18 +00:00			`return -1 !== le.approvedDomains.indexOf(domain);`
better sni defaults 2016-08-16 00:42:11 +00:00			`})) {`
			`lexOpts.domains = le.approvedDomains.slice(0);`
			`lexOpts.email = le.email;`
			`lexOpts.agreeTos = le.agreeTos;`
add community member option 2018-05-10 08:08:20 +00:00			`lexOpts.communityMember = lexOpts.communityMember;`
testing the latest and fixing stuff 2016-08-16 16:35:18 +00:00			`return cb(null, { options: lexOpts, certs: certs });`
			`}`
Allow custom log function. Not only console 2016-08-25 20:09:23 +00:00			`log(le.debug, 'unapproved domain', lexOpts.domains, le.approvedDomains);`
better sni defaults 2016-08-16 00:42:11 +00:00			`cb(new Error("unapproved domain"));`
			`};`
			`}`

			`le.getCertificates = function (domain, certs, cb) {`
better debugging when debug flag is set 2016-08-16 17:02:14 +00:00			`// certs come from current in-memory cache, not lookup`
Allow custom log function. Not only console 2016-08-25 20:09:23 +00:00			`log(le.debug, 'le.getCertificates called for', domain, 'with certs for', certs && certs.altnames \|\| 'NONE');`
better sni defaults 2016-08-16 00:42:11 +00:00			`var opts = { domain: domain, domains: certs && certs.altnames \|\| [ domain ] };`

			`le.approveDomains(opts, certs, function (_err, results) {`
			`if (_err) {`
fix #52 handle error / empty cert in approveDomains callback 2016-08-30 14:21:42 +00:00			`log(le.debug, 'le.approveDomains called with error', _err);`
better sni defaults 2016-08-16 00:42:11 +00:00			`cb(_err);`
			`return;`
			`}`

fix #52 handle error / empty cert in approveDomains callback 2016-08-30 14:21:42 +00:00			`log(le.debug, 'le.approveDomains called with certs for', results.certs && results.certs.altnames \|\| 'NONE', 'and options:');`
			`log(le.debug, results.options);`

better sni defaults 2016-08-16 00:42:11 +00:00			`var promise;`

			`if (results.certs) {`
Allow custom log function. Not only console 2016-08-25 20:09:23 +00:00			`log(le.debug, 'le renewing');`
better sni defaults 2016-08-16 00:42:11 +00:00			`promise = le.core.certificates.renewAsync(results.options, results.certs);`
			`}`
			`else {`
Allow custom log function. Not only console 2016-08-25 20:09:23 +00:00			`log(le.debug, 'le getting from disk or registering new');`
better debugging when debug flag is set 2016-08-16 17:02:14 +00:00			`promise = le.core.certificates.getAsync(results.options);`
better sni defaults 2016-08-16 00:42:11 +00:00			`}`

			`return promise.then(function (certs) { cb(null, certs); }, cb);`
			`});`
			`};`
			`}`
add le.httpsOptions with le.sni.sniCallback 2016-08-15 20:36:58 +00:00			`le.sni = le.sni \|\| require('le-sni-auto');`
			`if (le.sni.create) {`
			`le.sni = le.sni.create(le);`
			`}`
aliased httpsOptions as tlsOptions for issue #78 2017-04-10 20:41:54 +00:00			`le.tlsOptions.SNICallback = le.sni.sniCallback;`
add le.httpsOptions with le.sni.sniCallback 2016-08-15 20:36:58 +00:00			`}`
aliased httpsOptions as tlsOptions for issue #78 2017-04-10 20:41:54 +00:00			`if (!le.tlsOptions.key \|\| !le.tlsOptions.cert) {`
			`le.tlsOptions = require('localhost.daplie.me-certificates').merge(le.tlsOptions);`
add le-sni-auto 2016-08-12 21:24:28 +00:00			`}`
aliased httpsOptions as tlsOptions for issue #78 2017-04-10 20:41:54 +00:00			`// We want to move to using tlsOptions instead of httpsOptions, but we also need to make`
			`// sure anything that uses this object will still work if looking for httpsOptions.`
			`le.httpsOptions = le.tlsOptions;`
add le-sni-auto 2016-08-12 21:24:28 +00:00
normalize 2016-08-05 22:50:42 +00:00			`if (le.core.create) {`
			`le.core = le.core.create(le);`
			`}`
getting pretty close 2016-08-05 22:16:29 +00:00
testing the latest and fixing stuff 2016-08-16 16:35:18 +00:00			`le.renew = function (args, certs) {`
			`return le.core.certificates.renewAsync(args, certs);`
			`};`

getting pretty close 2016-08-05 22:16:29 +00:00			`le.register = function (args) {`
just a little more... 2016-08-07 06:02:02 +00:00			`return le.core.certificates.getAsync(args);`
updates 2015-12-12 14:20:12 +00:00			`};`
progress 2015-12-11 14:22:46 +00:00
getting pretty close 2016-08-05 22:16:29 +00:00			`le.check = function (args) {`
			`// TODO must return email, domains, tos, pems`
just a little more... 2016-08-07 06:02:02 +00:00			`return le.core.certificates.checkAsync(args);`
getting pretty close 2016-08-05 22:16:29 +00:00			`};`

pass middleware tests 2016-08-09 18:05:47 +00:00			`le.middleware = le.middleware \|\| require('./lib/middleware');`
			`if (le.middleware.create) {`
			`le.middleware = le.middleware.create(le);`
			`}`
partial updates 2016-08-05 08:14:40 +00:00
updates 2015-12-12 14:20:12 +00:00			`return le;`
progress 2015-12-11 14:22:46 +00:00			`};`