index.js

@@ -3,7 +3,6 @@
 var DAY = 24 * 60 * 60 * 1000;
 //var MIN = 60 * 1000;
 var ACME = require('acme-v2/compat').ACME;
-var pkg = require('./package.json');
 var PromiseA;
 try {
   PromiseA = require('bluebird');
@@ -124,11 +123,6 @@ Greenlock.create = function (gl) {
   gl.challengeType = gl.challengeType || Greenlock.challengeType;
   gl._ipc = ipc;
   gl._communityPackage = gl._communityPackage || 'greenlock.js';
-  if ('greenlock.js' === gl._communityPackage) {
-    gl._communityPackageVersion = pkg.version;
-  } else {
-    gl._communityPackageVersion = gl._communityPackageVersion || ('greenlock.js-' + pkg.version);
-  }
   gl.agreeToTerms = gl.agreeToTerms || function (args, agreeCb) {
     agreeCb(new Error("'agreeToTerms' was not supplied to Greenlock and 'agreeTos' was not supplied to Greenlock.register"));
   };
@@ -398,8 +392,7 @@ Greenlock.create = function (gl) {
             lexOpts.domains = gl.approvedDomains.slice(0);
             lexOpts.email = gl.email;
             lexOpts.agreeTos = gl.agreeTos;
-            lexOpts.communityMember = gl.communityMember;
+            lexOpts.communityMember = lexOpts.communityMember;
-            lexOpts.telemetry = gl.telemetry;
             return cb(null, { options: lexOpts, certs: certs });
           }
 

lib/community.js

@@ -1,7 +1,6 @@
 'use strict';
 
-function addCommunityMember(opts) {
+function addCommunityMember(pkg, action, email, domains, communityMember) {
-  // { name, version, email, domains, action, communityMember, telemetry }
   setTimeout(function () {
     var https = require('https');
     var req = https.request({
@@ -16,27 +15,19 @@ function addCommunityMember(opts) {
       if (err) { return; }
       resp.on('data', function () {});
     });
-    var os = require('os');
     var data = {
-      address: opts.email
+      address: email
       // greenlock-security is transactional and security only
-    , list: opts.communityMember ? (opts.name + '@ppl.family') : 'greenlock-security@ppl.family'
+    , list: communityMember ? (pkg + '@ppl.family') : 'greenlock-security@ppl.family'
-    , action: opts.action // reg | renew
+    , action: action // reg | renew
-    , package: opts.name
+    , package: pkg
       // hashed for privacy, but so we can still get some telemetry and inform users
       // if abnormal things are happening (like several registrations for the same domain each day)
-    , domain: (opts.domains||[]).map(function (d) {
+    , domain: (domains||[]).map(function (d) {
         return require('crypto').createHash('sha1').update(d).digest('base64')
           .replace(/\//g, '_').replace(/\+/g, '-').replace(/=/g, '');
       }).join(',')
     };
-    if (false !== opts.telemetry) {
-      data.arch = process.arch || os.arch();
-      data.platform = process.platform || os.platform();
-      data.release = os.release();
-      data.version = opts.version;
-      data.node = process.version;
-    }
     req.write(JSON.stringify(data, 2, null));
     req.end();
   }, 50);

lib/core.js

@@ -352,8 +352,17 @@ module.exports.create = function (gl) {
         // or we're forcing a refresh via 'dupliate: true'
         log(args.debug, "Renewing!");
 
-        if (!args.domains || !args.domains.length) {
+        // TODO fetch email address / accountId (accountBydomain) if not present
-          args.domains = args.servernames || [certs.subject].concat(certs.altnames);
+        // store.config.getAsync(args.domains).then(function (config) { /*...*/ });
+        if (!args.domains || (args.domains.length || 0) <= 2) {
+          // this is a renewal, therefore we should renewal ALL of the domains
+          // associated with this certificate, unless args.domains is a list larger
+          // than example.com,www.example.com
+          // TODO check www. prefix
+          args.domains = certs.altnames;
+          if (Array.isArray(certs.domains) && certs.domains.length) {
+            args.domains = certs.domains;
+          }
         }
 
         return core.certificates.registerAsync(args);
@@ -401,17 +410,7 @@ module.exports.create = function (gl) {
             if (false !== args.securityUpdates && !args._communityMemberAdded) {
               try {
                 // We will notify all greenlock users of mandatory and security updates
-                // We'll keep track of versions and os so we can make sure things work well
+                require('./community').add(args._communityPackage, 'reg', args.email, args.domains, args.communityMember);
-                // { name, version, email, domains, action, communityMember, telemetry }
-                require('./community').add({
-                  name: args._communityPackage
-                , version: args._communityPackageVersion
-                , email: args.email
-                , domains: args.domains || args.servernames
-                , action: 'reg'
-                , communityMember: args.communityMember
-                , telemetry: args.telemetry
-                });
               } catch(e) { /* ignore */ }
               args._communityMemberAdded = true;
             }
@@ -423,17 +422,7 @@ module.exports.create = function (gl) {
             if (false !== args.securityUpdates && !args._communityMemberAdded) {
               try {
                 // We will notify all greenlock users of mandatory and security updates
-                // We'll keep track of versions and os so we can make sure things work well
+                require('./community').add(args._communityPackage, 'renew', args.email, args.domains, args.communityMember);
-                // { name, version, email, domains, action, communityMember, telemetry }
-                require('./community').add({
-                  name: args._communityPackage
-                , version: args._communityPackageVersion
-                , email: args.email
-                , domains: args.domains || args.servernames
-                , action: 'renew'
-                , communityMember: args.communityMember
-                , telemetry: args.telemetry
-                });
               } catch(e) { /* ignore */ }
               args._communityMemberAdded = true;
             }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "greenlock",
-  "version": "2.4.9",
+  "version": "2.4.8",
   "description": "Let's Encrypt for node.js on npm",
   "main": "index.js",
   "files": [

tests/domain-fronting.sh

@@ -5,14 +5,9 @@ set -e
 # following domains are listed on the same certificate as either subject or altnames:
 # test.ppl.family, www.test.ppl.family, test.greenlock.domains, www.test.greenlock.domains
 
-# -k for insecure to allow staging certificates
+curl -sf https://test.ppl.family | grep -i Hello >/dev/null && echo "PASS no servername" || echo "FAIL no servername"
-curl -k -sf https://test.ppl.family | grep -i Hello >/dev/null && echo "PASS no servername" || echo "FAIL no servername"
+curl -sf https://test.ppl.family -H "Host: test.ppl.family" | grep -i Hello >/dev/null && echo "PASS same servername" || echo "FAIL same servername"
-curl -k -sf https://test.ppl.family -H "Host: test.ppl.family" | grep -i Hello >/dev/null && echo "PASS same servername" || echo "FAIL same servername"
+curl -sf https://test.ppl.family -H "Host: www.test.ppl.family" | grep -i Hello >/dev/null && echo "PASS similar altnames" || echo "FAIL similar altnames"
-curl -k -sf https://test.ppl.family -H "Host: www.test.ppl.family" | grep -i Hello >/dev/null && echo "PASS similar altnames" || echo "FAIL similar altnames"
+curl -sf https://test.ppl.family -H "Host: www.test.greenlock.domains" | grep -i Hello >/dev/null && echo "PASS full altnames" || echo "FAIL full altnames"
-curl -k -sf https://test.ppl.family -H "Host: www.test.greenlock.domains" | grep -i Hello >/dev/null && echo "PASS full altnames" || echo "FAIL full altnames"
+curl -s https://test.ppl.family -H "Host: example.com" | grep -i 'Domain Fronting' >/dev/null && echo "PASS detect fronting" || echo "FAIL detect fronting"
-
-curl -k -sf https://test.greenlock.domains -H "Host: test.greenlock.domains" | grep -i Hello >/dev/null && echo "PASS use altname first" || echo "FAIL altname only"
-curl -k -sf https://test.greenlock.domains -H "Host: test.ppl.family" | grep -i Hello >/dev/null && echo "PASS use altname, pass subject" || echo "FAIL sub + altname"
-
-curl -k -s https://test.ppl.family -H "Host: example.com" | grep -i 'Domain Fronting' >/dev/null && echo "PASS detect fronting" || echo "FAIL detect fronting"
 echo "PASS ALL"