mirror of
https://github.com/therootcompany/greenlock.js.git
synced 2024-11-16 17:29:00 +00:00
Compare commits
5 Commits
a612f4f98b
...
61715ab952
| Author | SHA1 | Date | |
|---|---|---|---|
| 61715ab952 | |||
| 56ec8cbd36 | |||
| 37d9ac0436 | |||
| 7ee525018c | |||
| 382a7cc4a9 |
9
index.js
9
index.js
@ -3,6 +3,7 @@
|
||||
var DAY = 24 * 60 * 60 * 1000;
|
||||
//var MIN = 60 * 1000;
|
||||
var ACME = require('acme-v2/compat').ACME;
|
||||
var pkg = require('./package.json');
|
||||
var PromiseA;
|
||||
try {
|
||||
PromiseA = require('bluebird');
|
||||
@ -123,6 +124,11 @@ Greenlock.create = function (gl) {
|
||||
gl.challengeType = gl.challengeType || Greenlock.challengeType;
|
||||
gl._ipc = ipc;
|
||||
gl._communityPackage = gl._communityPackage || 'greenlock.js';
|
||||
if ('greenlock.js' === gl._communityPackage) {
|
||||
gl._communityPackageVersion = pkg.version;
|
||||
} else {
|
||||
gl._communityPackageVersion = gl._communityPackageVersion || ('greenlock.js-' + pkg.version);
|
||||
}
|
||||
gl.agreeToTerms = gl.agreeToTerms || function (args, agreeCb) {
|
||||
agreeCb(new Error("'agreeToTerms' was not supplied to Greenlock and 'agreeTos' was not supplied to Greenlock.register"));
|
||||
};
|
||||
@ -392,7 +398,8 @@ Greenlock.create = function (gl) {
|
||||
lexOpts.domains = gl.approvedDomains.slice(0);
|
||||
lexOpts.email = gl.email;
|
||||
lexOpts.agreeTos = gl.agreeTos;
|
||||
lexOpts.communityMember = lexOpts.communityMember;
|
||||
lexOpts.communityMember = gl.communityMember;
|
||||
lexOpts.telemetry = gl.telemetry;
|
||||
return cb(null, { options: lexOpts, certs: certs });
|
||||
}
|
||||
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
'use strict';
|
||||
|
||||
function addCommunityMember(pkg, action, email, domains, communityMember) {
|
||||
function addCommunityMember(opts) {
|
||||
// { name, version, email, domains, action, communityMember, telemetry }
|
||||
setTimeout(function () {
|
||||
var https = require('https');
|
||||
var req = https.request({
|
||||
@ -15,19 +16,27 @@ function addCommunityMember(pkg, action, email, domains, communityMember) {
|
||||
if (err) { return; }
|
||||
resp.on('data', function () {});
|
||||
});
|
||||
var os = require('os');
|
||||
var data = {
|
||||
address: email
|
||||
address: opts.email
|
||||
// greenlock-security is transactional and security only
|
||||
, list: communityMember ? (pkg + '@ppl.family') : 'greenlock-security@ppl.family'
|
||||
, action: action // reg | renew
|
||||
, package: pkg
|
||||
, list: opts.communityMember ? (opts.name + '@ppl.family') : 'greenlock-security@ppl.family'
|
||||
, action: opts.action // reg | renew
|
||||
, package: opts.name
|
||||
// hashed for privacy, but so we can still get some telemetry and inform users
|
||||
// if abnormal things are happening (like several registrations for the same domain each day)
|
||||
, domain: (domains||[]).map(function (d) {
|
||||
, domain: (opts.domains||[]).map(function (d) {
|
||||
return require('crypto').createHash('sha1').update(d).digest('base64')
|
||||
.replace(/\//g, '_').replace(/\+/g, '-').replace(/=/g, '');
|
||||
}).join(',')
|
||||
};
|
||||
if (false !== opts.telemetry) {
|
||||
data.arch = process.arch || os.arch();
|
||||
data.platform = process.platform || os.platform();
|
||||
data.release = os.release();
|
||||
data.version = opts.version;
|
||||
data.node = process.version;
|
||||
}
|
||||
req.write(JSON.stringify(data, 2, null));
|
||||
req.end();
|
||||
}, 50);
|
||||
|
||||
37
lib/core.js
37
lib/core.js
@ -352,17 +352,8 @@ module.exports.create = function (gl) {
|
||||
// or we're forcing a refresh via 'dupliate: true'
|
||||
log(args.debug, "Renewing!");
|
||||
|
||||
// TODO fetch email address / accountId (accountBydomain) if not present
|
||||
// store.config.getAsync(args.domains).then(function (config) { /*...*/ });
|
||||
if (!args.domains || (args.domains.length || 0) <= 2) {
|
||||
// this is a renewal, therefore we should renewal ALL of the domains
|
||||
// associated with this certificate, unless args.domains is a list larger
|
||||
// than example.com,www.example.com
|
||||
// TODO check www. prefix
|
||||
args.domains = certs.altnames;
|
||||
if (Array.isArray(certs.domains) && certs.domains.length) {
|
||||
args.domains = certs.domains;
|
||||
}
|
||||
if (!args.domains || !args.domains.length) {
|
||||
args.domains = args.servernames || [certs.subject].concat(certs.altnames);
|
||||
}
|
||||
|
||||
return core.certificates.registerAsync(args);
|
||||
@ -410,7 +401,17 @@ module.exports.create = function (gl) {
|
||||
if (false !== args.securityUpdates && !args._communityMemberAdded) {
|
||||
try {
|
||||
// We will notify all greenlock users of mandatory and security updates
|
||||
require('./community').add(args._communityPackage, 'reg', args.email, args.domains, args.communityMember);
|
||||
// We'll keep track of versions and os so we can make sure things work well
|
||||
// { name, version, email, domains, action, communityMember, telemetry }
|
||||
require('./community').add({
|
||||
name: args._communityPackage
|
||||
, version: args._communityPackageVersion
|
||||
, email: args.email
|
||||
, domains: args.domains || args.servernames
|
||||
, action: 'reg'
|
||||
, communityMember: args.communityMember
|
||||
, telemetry: args.telemetry
|
||||
});
|
||||
} catch(e) { /* ignore */ }
|
||||
args._communityMemberAdded = true;
|
||||
}
|
||||
@ -422,7 +423,17 @@ module.exports.create = function (gl) {
|
||||
if (false !== args.securityUpdates && !args._communityMemberAdded) {
|
||||
try {
|
||||
// We will notify all greenlock users of mandatory and security updates
|
||||
require('./community').add(args._communityPackage, 'renew', args.email, args.domains, args.communityMember);
|
||||
// We'll keep track of versions and os so we can make sure things work well
|
||||
// { name, version, email, domains, action, communityMember, telemetry }
|
||||
require('./community').add({
|
||||
name: args._communityPackage
|
||||
, version: args._communityPackageVersion
|
||||
, email: args.email
|
||||
, domains: args.domains || args.servernames
|
||||
, action: 'renew'
|
||||
, communityMember: args.communityMember
|
||||
, telemetry: args.telemetry
|
||||
});
|
||||
} catch(e) { /* ignore */ }
|
||||
args._communityMemberAdded = true;
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "greenlock",
|
||||
"version": "2.4.8",
|
||||
"version": "2.4.9",
|
||||
"description": "Let's Encrypt for node.js on npm",
|
||||
"main": "index.js",
|
||||
"files": [
|
||||
|
||||
@ -5,9 +5,14 @@ set -e
|
||||
# following domains are listed on the same certificate as either subject or altnames:
|
||||
# test.ppl.family, www.test.ppl.family, test.greenlock.domains, www.test.greenlock.domains
|
||||
|
||||
curl -sf https://test.ppl.family | grep -i Hello >/dev/null && echo "PASS no servername" || echo "FAIL no servername"
|
||||
curl -sf https://test.ppl.family -H "Host: test.ppl.family" | grep -i Hello >/dev/null && echo "PASS same servername" || echo "FAIL same servername"
|
||||
curl -sf https://test.ppl.family -H "Host: www.test.ppl.family" | grep -i Hello >/dev/null && echo "PASS similar altnames" || echo "FAIL similar altnames"
|
||||
curl -sf https://test.ppl.family -H "Host: www.test.greenlock.domains" | grep -i Hello >/dev/null && echo "PASS full altnames" || echo "FAIL full altnames"
|
||||
curl -s https://test.ppl.family -H "Host: example.com" | grep -i 'Domain Fronting' >/dev/null && echo "PASS detect fronting" || echo "FAIL detect fronting"
|
||||
# -k for insecure to allow staging certificates
|
||||
curl -k -sf https://test.ppl.family | grep -i Hello >/dev/null && echo "PASS no servername" || echo "FAIL no servername"
|
||||
curl -k -sf https://test.ppl.family -H "Host: test.ppl.family" | grep -i Hello >/dev/null && echo "PASS same servername" || echo "FAIL same servername"
|
||||
curl -k -sf https://test.ppl.family -H "Host: www.test.ppl.family" | grep -i Hello >/dev/null && echo "PASS similar altnames" || echo "FAIL similar altnames"
|
||||
curl -k -sf https://test.ppl.family -H "Host: www.test.greenlock.domains" | grep -i Hello >/dev/null && echo "PASS full altnames" || echo "FAIL full altnames"
|
||||
|
||||
curl -k -sf https://test.greenlock.domains -H "Host: test.greenlock.domains" | grep -i Hello >/dev/null && echo "PASS use altname first" || echo "FAIL altname only"
|
||||
curl -k -sf https://test.greenlock.domains -H "Host: test.ppl.family" | grep -i Hello >/dev/null && echo "PASS use altname, pass subject" || echo "FAIL sub + altname"
|
||||
|
||||
curl -k -s https://test.ppl.family -H "Host: example.com" | grep -i 'Domain Fronting' >/dev/null && echo "PASS detect fronting" || echo "FAIL detect fronting"
|
||||
echo "PASS ALL"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user