minor bugfixes and lots of whitespace adjustment
This commit is contained in:
AJ ONeal
parent
b5b516a131
commit
e7a36123ca
|
|
@ -8,13 +8,17 @@
|
||||||
|
|
||||||
module.exports.create = function (deps) {
|
module.exports.create = function (deps) {
|
||||||
|
|
||||||
var NOOP=function () {};
|
var NOOP=function () {
|
||||||
|
};
|
||||||
var log=NOOP;
|
var log=NOOP;
|
||||||
var request=require('request');
|
var request=require('request');
|
||||||
var RSA = deps.RSA;
|
var RSA = deps.RSA;
|
||||||
var generateSignature = RSA.signJws;
|
var generateSignature = RSA.signJws;
|
||||||
|
|
||||||
function Acme(keypair) {
|
function Acme(keypair) {
|
||||||
|
if (!keypair) {
|
||||||
|
throw new Error("no keypair given. that's bad");
|
||||||
|
}
|
||||||
if ('string' === typeof keypair) {
|
if ('string' === typeof keypair) {
|
||||||
// backwards compat
|
// backwards compat
|
||||||
keypair = RSA.import({ privateKeyPem: keypair });
|
keypair = RSA.import({ privateKeyPem: keypair });
|
||||||
|
|
@ -59,14 +63,16 @@ module.exports.create = function (deps) {
|
||||||
log('Using nonce: '+this.nonces[0]);
|
log('Using nonce: '+this.nonces[0]);
|
||||||
payload=JSON.stringify(body, null, 2);
|
payload=JSON.stringify(body, null, 2);
|
||||||
jws=generateSignature(
|
jws=generateSignature(
|
||||||
this.keypair, new Buffer(payload), this.nonces.shift()
|
self.keypair, new Buffer(payload), this.nonces.shift()
|
||||||
);
|
);
|
||||||
signed=JSON.stringify(jws, null, 2);
|
signed=JSON.stringify(jws, null, 2);
|
||||||
|
|
||||||
log('Posting to '+url);
|
log('Posting to '+url);
|
||||||
log(signed.green);
|
log(signed);
|
||||||
log('Payload:'+payload.blue);
|
log('Payload:'+payload);
|
||||||
|
|
||||||
|
//process.exit(1);
|
||||||
|
//return;
|
||||||
return request.post({
|
return request.post({
|
||||||
url:url,
|
url:url,
|
||||||
body:signed,
|
body:signed,
|
||||||
|
|
@ -80,22 +86,22 @@ module.exports.create = function (deps) {
|
||||||
return cb(err);
|
return cb(err);
|
||||||
}
|
}
|
||||||
if (res) {
|
if (res) {
|
||||||
log(('HTTP/1.1 '+res.statusCode).yellow);
|
log(('HTTP/1.1 '+res.statusCode));
|
||||||
}
|
}
|
||||||
|
|
||||||
Object.keys(res.headers).forEach(function(key) {
|
Object.keys(res.headers).forEach(function(key) {
|
||||||
var value, upcased;
|
var value, upcased;
|
||||||
value=res.headers[key];
|
value=res.headers[key];
|
||||||
upcased=key.charAt(0).toUpperCase()+key.slice(1);
|
upcased=key.charAt(0).toUpperCase()+key.slice(1);
|
||||||
log((upcased+': '+value).yellow);
|
log((upcased+': '+value));
|
||||||
});
|
});
|
||||||
|
|
||||||
if (body && !body.toString().match(/[^\x00-\x7F]/)) {
|
if (body && !body.toString().match(/[^\x00-\x7F]/)) {
|
||||||
try {
|
try {
|
||||||
parsed=JSON.parse(body);
|
parsed=JSON.parse(body);
|
||||||
log(JSON.stringify(parsed, null, 2).cyan);
|
log(JSON.stringify(parsed, null, 2));
|
||||||
} catch(err) {
|
} catch(err) {
|
||||||
log(body.toString().cyan);
|
log(body.toString());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -101,6 +101,12 @@ module.exports.create = function (deps) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function getReadyToValidate(err, res, body) {
|
function getReadyToValidate(err, res, body) {
|
||||||
|
var links;
|
||||||
|
var authz;
|
||||||
|
var httpChallenges;
|
||||||
|
var challenge;
|
||||||
|
var thumbprint;
|
||||||
|
var keyAuthorization;
|
||||||
|
|
||||||
function challengeDone(err) {
|
function challengeDone(err) {
|
||||||
if (err) {
|
if (err) {
|
||||||
|
|
@ -134,8 +140,6 @@ module.exports.create = function (deps) {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
var links, authz, httpChallenges, challenge, thumbprint, keyAuthorization;
|
|
||||||
|
|
||||||
if (err) {
|
if (err) {
|
||||||
return handleErr(err);
|
return handleErr(err);
|
||||||
}
|
}
|
||||||
|
|
@ -155,7 +159,7 @@ module.exports.create = function (deps) {
|
||||||
authz = body;
|
authz = body;
|
||||||
|
|
||||||
httpChallenges = authz.challenges.filter(function(x) {
|
httpChallenges = authz.challenges.filter(function(x) {
|
||||||
return x.type==='http-01';
|
return x.type === options.challengeType;
|
||||||
});
|
});
|
||||||
if (httpChallenges.length === 0) {
|
if (httpChallenges.length === 0) {
|
||||||
return handleErr(null, 'Server didn\'t offer any challenge we can handle.');
|
return handleErr(null, 'Server didn\'t offer any challenge we can handle.');
|
||||||
|
|
@ -164,10 +168,10 @@ module.exports.create = function (deps) {
|
||||||
|
|
||||||
thumbprint = RSA.thumbprint(state.accountKeypair);
|
thumbprint = RSA.thumbprint(state.accountKeypair);
|
||||||
keyAuthorization = challenge.token + '.' + thumbprint;
|
keyAuthorization = challenge.token + '.' + thumbprint;
|
||||||
|
|
||||||
state.responseUrl = challenge.uri;
|
state.responseUrl = challenge.uri;
|
||||||
|
|
||||||
options.setChallenge(state.domain, challenge.token, keyAuthorization, challengeDone);
|
options.setChallenge(state.domain, challenge.token, keyAuthorization, challengeDone);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function ensureValidation(err, res, body, unlink) {
|
function ensureValidation(err, res, body, unlink) {
|
||||||
|
|
@ -224,7 +228,7 @@ module.exports.create = function (deps) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function getCertificate() {
|
function getCertificate() {
|
||||||
var csr=RSA.generateCsrWeb64(RSA.exportPrivateKeyPem(state.certKeypair), state.validatedDomains);
|
var csr=RSA.generateCsrWeb64(state.certKeypair, state.validatedDomains);
|
||||||
log('Requesting certificate...');
|
log('Requesting certificate...');
|
||||||
state.acme.post(state.newCertUrl, {
|
state.acme.post(state.newCertUrl, {
|
||||||
resource:'new-cert',
|
resource:'new-cert',
|
||||||
|
|
@ -332,7 +336,7 @@ module.exports.create = function (deps) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
privkeyPem = RSA.exportPrivateKeyPem(state.certKeypair);
|
privkeyPem = RSA.exportPrivatePem(state.certKeypair);
|
||||||
cb(null, {
|
cb(null, {
|
||||||
cert: certPem
|
cert: certPem
|
||||||
// TODO privkey isn't necessary
|
// TODO privkey isn't necessary
|
||||||
|
|
@ -358,6 +362,12 @@ module.exports.create = function (deps) {
|
||||||
, newCertUrl: options.newCertUrl
|
, newCertUrl: options.newCertUrl
|
||||||
};
|
};
|
||||||
|
|
||||||
|
if (!options.challengeType) {
|
||||||
|
options.challengeType = 'http-01';
|
||||||
|
}
|
||||||
|
if (-1 === [ 'http-01', 'tls-sni-01', 'dns-01' ].indexOf(options.challengeType)) {
|
||||||
|
return handleErr(new Error("options.challengeType '" + options.challengeType + "' is not yet supported"));
|
||||||
|
}
|
||||||
if (!options.newAuthzUrl) {
|
if (!options.newAuthzUrl) {
|
||||||
return handleErr(new Error("options.newAuthzUrl must be the authorization url"));
|
return handleErr(new Error("options.newAuthzUrl must be the authorization url"));
|
||||||
}
|
}
|
||||||
|
|
@ -390,9 +400,9 @@ module.exports.create = function (deps) {
|
||||||
|
|
||||||
state.domains = options.domains.slice(0); // copy array
|
state.domains = options.domains.slice(0); // copy array
|
||||||
try {
|
try {
|
||||||
state.acme = new Acme(state.accountKeypair);
|
|
||||||
state.accountKeypair = options.accountKeypair;
|
state.accountKeypair = options.accountKeypair;
|
||||||
state.certKeypair = options.domainKeypair;
|
state.certKeypair = options.domainKeypair;
|
||||||
|
state.acme = new Acme(state.accountKeypair);
|
||||||
} catch(err) {
|
} catch(err) {
|
||||||
return handleErr(err, 'Failed to parse privateKey');
|
return handleErr(err, 'Failed to parse privateKey');
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue