update approveDomains function as per #15

2018-11-05 01:10:53 -07:00 · 2018-11-05 01:10:53 -07:00 · 73f2051188
parent a612f4f98b
commit 73f2051188
1 changed files with 72 additions and 49 deletions
--- a/index.js
+++ b/index.js
@ -409,58 +409,81 @@ Greenlock.create = function (gl) {
        log(gl.debug, 'gl.getCertificates called for', domain, 'with certs for', certs && certs.altnames || 'NONE');
        var opts = { domain: domain, domains: certs && certs.altnames || [ domain ] };
-        try {
+        function onApproved(results) {
-          gl.approveDomains(opts, certs, function (_err, results) {
+          var certificate = results.certificate || results.certs;
-            if (_err) {
+          var options = results.options || results;
-              if (false !== gl.logRejectedDomains) {
+          if (results.certificate) {
-                console.error("[Error] approveDomains rejected tls sni '" + domain + "'");
+            results.certificate = null;
-                console.error("[Error] (see https://git.coolaj86.com/coolaj86/greenlock.js/issues/11)");
+          }
-                if ('E_REJECT_SNI' !== _err.code) {
+
-                  console.error("[Error] This is the rejection message:");
+          log(gl.debug, 'gl.approveDomains called with certs for', certificate && certificate.altnames || 'NONE', 'and options:');
-                  console.error(_err.message);
+          log(gl.debug, options);
-                }
+
-                console.error("");
+          if (certificate) {
            log(gl.debug, 'gl renewing');
            return gl.core.certificates.renewAsync(options, certificate).then(
              function (certs) {
                // Workaround for https://github.com/nodejs/node/issues/22389
                gl._updateServernames(certs);
                cb(null, certs);
              }
-              cb(_err);
+            , function (e) {
-              return;
+                console.debug("Error renewing certificate for '" + domain + "':");
                console.debug(e);
                console.error("");
                cb(e);
              }
            );
          }
          else {
            log(gl.debug, 'gl getting from disk or registering new');
            return gl.core.certificates.getAsync(options).then(
              function (certs) {
                // Workaround for https://github.com/nodejs/node/issues/22389
                gl._updateServernames(certs);
                cb(null, certs);
              }
            , function (e) {
                console.debug("Error loading/registering certificate for '" + domain + "':");
                console.debug(e);
                console.error("");
                cb(e);
              }
            );
          }
        }
        function onRejected(_err) {
          if (false !== gl.logRejectedDomains) {
            console.error("[Error] approveDomains rejected tls sni '" + domain + "'");
            console.error("[Error] (see https://git.coolaj86.com/coolaj86/greenlock.js/issues/11)");
            if ('E_REJECT_SNI' !== _err.code) {
              console.error("[Error] This is the rejection message:");
              console.error(_err.message);
            }
            console.error("");
          }
          cb(_err);
        }
        function onMaybe(_err, results) {
          if (_err) { onRejected(_err); return; }
          onApproved(results);
        }
-            log(gl.debug, 'gl.approveDomains called with certs for', results.certs && results.certs.altnames || 'NONE', 'and options:');
+        if (certs) {
-            log(gl.debug, results.options);
+          opts.certificate = certs;
-
+          //opts.subject = certs.subject;
-            if (results.certs) {
+          //opts.altnames = certs.altnames;
-              log(gl.debug, 'gl renewing');
+          opts.servernames = [certs.subject].concat(certs.altnames);
-              return gl.core.certificates.renewAsync(results.options, results.certs).then(
+          opts.servername = opts.domain;
-                function (certs) {
+        }
-                  // Workaround for https://github.com/nodejs/node/issues/22389
+        try {
-                  gl._updateServernames(certs);
+          if (1 === gl.approveDomains.length) {
-                  cb(null, certs);
+            return gl.approveDomains(opts).then(onApproved, onRejected);
-                }
+          } else if (2 === gl.approveDomains.length) {
-              , function (e) {
+            gl.approveDomains(opts, onMaybe);
-                  console.debug("Error renewing certificate for '" + domain + "':");
+          } else {
-                  console.debug(e);
+            gl.approveDomains(opts, certs, onMaybe);
-                  console.error("");
+          }
                  cb(e);
                }
              );
            }
            else {
              log(gl.debug, 'gl getting from disk or registering new');
              return gl.core.certificates.getAsync(results.options).then(
                function (certs) {
                  // Workaround for https://github.com/nodejs/node/issues/22389
                  gl._updateServernames(certs);
                  cb(null, certs);
                }
              , function (e) {
                  console.debug("Error loading/registering certificate for '" + domain + "':");
                  console.debug(e);
                  console.error("");
                  cb(e);
                }
              );
            }
          });
        } catch(e) {
          console.error("[ERROR] Something went wrong in approveDomains:");
          console.error(e);