mirror of
				https://github.com/therootcompany/greenlock.js.git
				synced 2024-11-16 17:29:00 +00:00 
			
		
		
		
	make Prettier
This commit is contained in:
		
							parent
							
								
									929429f1ef
								
							
						
					
					
						commit
						33e6f800b8
					
				| @ -1,5 +1,4 @@ | ||||
| STOP | ||||
| ==== | ||||
| # STOP | ||||
| 
 | ||||
| **These aren't the droids you're looking for.** | ||||
| 
 | ||||
| @ -7,8 +6,7 @@ You probably don't want to use `greenlock` directly. | ||||
| 
 | ||||
| Instead, look here: | ||||
| 
 | ||||
| Webservers | ||||
| ---------- | ||||
| ## Webservers | ||||
| 
 | ||||
| For any type of webserver (express, hapi, koa, connect, https, spdy, etc), | ||||
| you're going to want to take a look at | ||||
| @ -16,8 +14,7 @@ you're going to want to take a look at | ||||
| 
 | ||||
| <https://git.coolaj86.com/coolaj86/greenlock-express.js> | ||||
| 
 | ||||
| CLIs | ||||
| ---- | ||||
| ## CLIs | ||||
| 
 | ||||
| For any type of CLI (like what you want to use with bash, fish, zsh, cmd.exe, PowerShell, etc), | ||||
| you're going to want to take a look at | ||||
| @ -25,8 +22,7 @@ you're going to want to take a look at | ||||
| 
 | ||||
| <https://git.coolaj86.com/coolaj86/greenlock-cli.js> | ||||
| 
 | ||||
| No, I wanted greenlock | ||||
| ====================== | ||||
| # No, I wanted greenlock | ||||
| 
 | ||||
| Well, take a look at the API in the main README | ||||
| and you can also check out the code in the repos above. | ||||
|  | ||||
| @ -5,55 +5,64 @@ var Greenlock = require('../'); | ||||
| var db = {}; | ||||
| 
 | ||||
| var config = { | ||||
|   server: 'https://acme-v02.api.letsencrypt.org/directory' | ||||
| , version: 'draft-11' | ||||
| 	server: 'https://acme-v02.api.letsencrypt.org/directory', | ||||
| 	version: 'draft-11', | ||||
| 
 | ||||
| , configDir: require('os').homedir() + '/acme/etc'          // or /etc/acme or wherever
 | ||||
| 	configDir: require('os').homedir() + '/acme/etc', // or /etc/acme or wherever
 | ||||
| 
 | ||||
| , privkeyPath: ':config/live/:hostname/privkey.pem'         //
 | ||||
| , fullchainPath: ':config/live/:hostname/fullchain.pem'     // Note: both that :config and :hostname
 | ||||
| , certPath: ':config/live/:hostname/cert.pem'               //       will be templated as expected
 | ||||
| , chainPath: ':config/live/:hostname/chain.pem'             //
 | ||||
| 	privkeyPath: ':config/live/:hostname/privkey.pem', //
 | ||||
| 	fullchainPath: ':config/live/:hostname/fullchain.pem', // Note: both that :config and :hostname
 | ||||
| 	certPath: ':config/live/:hostname/cert.pem', //       will be templated as expected
 | ||||
| 	chainPath: ':config/live/:hostname/chain.pem', //
 | ||||
| 
 | ||||
| , rsaKeySize: 2048 | ||||
| 	rsaKeySize: 2048, | ||||
| 
 | ||||
| , debug: true | ||||
| 	debug: true | ||||
| }; | ||||
| 
 | ||||
| var handlers = { | ||||
|   setChallenge: function (opts, hostname, key, val, cb) {   // called during the ACME server handshake, before validation
 | ||||
| 	setChallenge: function(opts, hostname, key, val, cb) { | ||||
| 		// called during the ACME server handshake, before validation
 | ||||
| 		db[key] = { | ||||
|       hostname: hostname | ||||
|     , key: key | ||||
|     , val: val | ||||
| 			hostname: hostname, | ||||
| 			key: key, | ||||
| 			val: val | ||||
| 		}; | ||||
| 
 | ||||
| 		cb(null); | ||||
|   } | ||||
| , removeChallenge: function (opts, hostname, key, cb) {     // called after validation on both success and failure
 | ||||
| 	}, | ||||
| 	removeChallenge: function(opts, hostname, key, cb) { | ||||
| 		// called after validation on both success and failure
 | ||||
| 		db[key] = null; | ||||
| 		cb(null); | ||||
|   } | ||||
| , getChallenge: function (opts, hostname, key, cb) {        // this is special because it is called by the webserver
 | ||||
| 	}, | ||||
| 	getChallenge: function(opts, hostname, key, cb) { | ||||
| 		// this is special because it is called by the webserver
 | ||||
| 		cb(null, db[key].val); // (see greenlock-cli/bin & greenlock-express/standalone),
 | ||||
| 		// not by the library itself
 | ||||
|   } | ||||
| , agreeToTerms: function (tosUrl, cb) {                     // gives you an async way to expose the legal agreement
 | ||||
| 	}, | ||||
| 	agreeToTerms: function(tosUrl, cb) { | ||||
| 		// gives you an async way to expose the legal agreement
 | ||||
| 		cb(null, tosUrl); // (terms of use) to your users before accepting
 | ||||
| 	} | ||||
| }; | ||||
| 
 | ||||
| var greenlock = Greenlock.create(config, handlers); | ||||
| console.error("CHANGE THE EMAIL, DOMAINS, AND AGREE TOS IN THE EXAMPLE BEFORE RUNNING IT"); | ||||
| console.error( | ||||
| 	'CHANGE THE EMAIL, DOMAINS, AND AGREE TOS IN THE EXAMPLE BEFORE RUNNING IT' | ||||
| ); | ||||
| process.exit(1); | ||||
|                                                             // checks :conf/renewal/:hostname.conf
 | ||||
| greenlock.register({                                        // and either renews or registers
 | ||||
|   domains: ['example.com']                                  // CHANGE TO YOUR DOMAIN
 | ||||
| , email: 'user@email.com'                                   // CHANGE TO YOUR EMAIL
 | ||||
| , agreeTos: false                                           // set to true to automatically accept an agreement
 | ||||
| // checks :conf/renewal/:hostname.conf
 | ||||
| greenlock.register( | ||||
| 	{ | ||||
| 		// and either renews or registers
 | ||||
| 		domains: ['example.com'], // CHANGE TO YOUR DOMAIN
 | ||||
| 		email: 'user@email.com', // CHANGE TO YOUR EMAIL
 | ||||
| 		agreeTos: false, // set to true to automatically accept an agreement
 | ||||
| 		// which you have pre-approved (not recommended)
 | ||||
| , rsaKeySize: 2048 | ||||
| }, function (err) { | ||||
| 		rsaKeySize: 2048 | ||||
| 	}, | ||||
| 	function(err) { | ||||
| 		if (err) { | ||||
| 			// Note: you must have a webserver running
 | ||||
| 			// and expose handlers.getChallenge to it
 | ||||
| @ -64,4 +73,5 @@ greenlock.register({                                        // and either renews | ||||
| 		} else { | ||||
| 			console.log('success'); | ||||
| 		} | ||||
| }); | ||||
| 	} | ||||
| ); | ||||
|  | ||||
							
								
								
									
										374
									
								
								index.js
									
									
									
									
									
								
							
							
						
						
									
										374
									
								
								index.js
									
									
									
									
									
								
							| @ -1,6 +1,6 @@ | ||||
| "use strict"; | ||||
| 'use strict'; | ||||
| /*global Promise*/ | ||||
| require("./lib/compat.js"); | ||||
| require('./lib/compat.js'); | ||||
| 
 | ||||
| // I hate this code so much.
 | ||||
| // Soooo many shims for backwards compatibility (some stuff dating back to v1)
 | ||||
| @ -8,17 +8,17 @@ require("./lib/compat.js"); | ||||
| 
 | ||||
| var DAY = 24 * 60 * 60 * 1000; | ||||
| //var MIN = 60 * 1000;
 | ||||
| var ACME = require("acme-v2/compat").ACME; | ||||
| var pkg = require("./package.json"); | ||||
| var util = require("util"); | ||||
| var ACME = require('acme-v2/compat').ACME; | ||||
| var pkg = require('./package.json'); | ||||
| var util = require('util'); | ||||
| 
 | ||||
| function promisifyAllSelf(obj) { | ||||
| 	if (obj.__promisified) { | ||||
| 		return obj; | ||||
| 	} | ||||
| 	Object.keys(obj).forEach(function(key) { | ||||
| 		if ("function" === typeof obj[key] && !/Async$/.test(key)) { | ||||
| 			obj[key + "Async"] = util.promisify(obj[key]); | ||||
| 		if ('function' === typeof obj[key] && !/Async$/.test(key)) { | ||||
| 			obj[key + 'Async'] = util.promisify(obj[key]); | ||||
| 		} | ||||
| 	}); | ||||
| 	obj.__promisified = true; | ||||
| @ -26,7 +26,7 @@ function promisifyAllSelf(obj) { | ||||
| } | ||||
| function promisifyAllStore(obj) { | ||||
| 	Object.keys(obj).forEach(function(key) { | ||||
| 		if ("function" !== typeof obj[key] || /Async$/.test(key)) { | ||||
| 		if ('function' !== typeof obj[key] || /Async$/.test(key)) { | ||||
| 			return; | ||||
| 		} | ||||
| 
 | ||||
| @ -42,7 +42,7 @@ function promisifyAllStore(obj) { | ||||
| 			p = util.promisify(obj[key]); | ||||
| 		} | ||||
| 		// internal backwards compat
 | ||||
| 		obj[key + "Async"] = p; | ||||
| 		obj[key + 'Async'] = p; | ||||
| 	}); | ||||
| 	obj.__promisified = true; | ||||
| 	return obj; | ||||
| @ -58,18 +58,18 @@ function _log(debug) { | ||||
| 	if (debug) { | ||||
| 		var args = Array.prototype.slice.call(arguments); | ||||
| 		args.shift(); | ||||
| 		args.unshift("[gl/index.js]"); | ||||
| 		args.unshift('[gl/index.js]'); | ||||
| 		console.log.apply(console, args); | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| Greenlock.defaults = { | ||||
| 	productionServerUrl: "https://acme-v01.api.letsencrypt.org/directory", | ||||
| 	stagingServerUrl: "https://acme-staging.api.letsencrypt.org/directory", | ||||
| 	productionServerUrl: 'https://acme-v01.api.letsencrypt.org/directory', | ||||
| 	stagingServerUrl: 'https://acme-staging.api.letsencrypt.org/directory', | ||||
| 
 | ||||
| 	rsaKeySize: ACME.rsaKeySize || 2048, | ||||
| 	challengeType: ACME.challengeType || "http-01", | ||||
| 	challengeTypes: ACME.challengeTypes || ["http-01", "dns-01"], | ||||
| 	challengeType: ACME.challengeType || 'http-01', | ||||
| 	challengeTypes: ACME.challengeTypes || ['http-01', 'dns-01'], | ||||
| 
 | ||||
| 	acmeChallengePrefix: ACME.acmeChallengePrefix | ||||
| }; | ||||
| @ -120,33 +120,33 @@ Greenlock.create = function(gl) { | ||||
| 				" The old default is 'le-store-certbot', but the new default will be 'greenlock-store-fs'." + | ||||
| 				" Please `npm install greenlock-store-fs@3` and explicitly set `{ store: require('greenlock-store-fs') }`." | ||||
| 		); | ||||
| 		gl.store = require("le-store-certbot").create({ | ||||
| 		gl.store = require('le-store-certbot').create({ | ||||
| 			debug: gl.debug, | ||||
| 			configDir: gl.configDir, | ||||
| 			logsDir: gl.logsDir, | ||||
| 			webrootPath: gl.webrootPath | ||||
| 		}); | ||||
| 	} | ||||
| 	gl.core = require("./lib/core"); | ||||
| 	gl.core = require('./lib/core'); | ||||
| 	var log = gl.log || _log; | ||||
| 
 | ||||
| 	if (!gl.challenges) { | ||||
| 		gl.challenges = {}; | ||||
| 	} | ||||
| 	if (!gl.challenges["http-01"]) { | ||||
| 		gl.challenges["http-01"] = require("le-challenge-fs").create({ | ||||
| 	if (!gl.challenges['http-01']) { | ||||
| 		gl.challenges['http-01'] = require('le-challenge-fs').create({ | ||||
| 			debug: gl.debug, | ||||
| 			webrootPath: gl.webrootPath | ||||
| 		}); | ||||
| 	} | ||||
| 	if (!gl.challenges["dns-01"]) { | ||||
| 	if (!gl.challenges['dns-01']) { | ||||
| 		try { | ||||
| 			gl.challenges["dns-01"] = require("le-challenge-ddns").create({ | ||||
| 			gl.challenges['dns-01'] = require('le-challenge-ddns').create({ | ||||
| 				debug: gl.debug | ||||
| 			}); | ||||
| 		} catch (e) { | ||||
| 			try { | ||||
| 				gl.challenges["dns-01"] = require("le-challenge-dns").create({ | ||||
| 				gl.challenges['dns-01'] = require('le-challenge-dns').create({ | ||||
| 					debug: gl.debug | ||||
| 				}); | ||||
| 			} catch (e) { | ||||
| @ -160,12 +160,12 @@ Greenlock.create = function(gl) { | ||||
| 	gl.rsaKeySize = gl.rsaKeySize || Greenlock.rsaKeySize; | ||||
| 	gl.challengeType = gl.challengeType || Greenlock.challengeType; | ||||
| 	gl._ipc = ipc; | ||||
| 	gl._communityPackage = gl._communityPackage || "greenlock.js"; | ||||
| 	if ("greenlock.js" === gl._communityPackage) { | ||||
| 	gl._communityPackage = gl._communityPackage || 'greenlock.js'; | ||||
| 	if ('greenlock.js' === gl._communityPackage) { | ||||
| 		gl._communityPackageVersion = pkg.version; | ||||
| 	} else { | ||||
| 		gl._communityPackageVersion = | ||||
| 			gl._communityPackageVersion || "greenlock.js-" + pkg.version; | ||||
| 			gl._communityPackageVersion || 'greenlock.js-' + pkg.version; | ||||
| 	} | ||||
| 	gl.agreeToTerms = | ||||
| 		gl.agreeToTerms || | ||||
| @ -186,39 +186,47 @@ Greenlock.create = function(gl) { | ||||
| 	// BEGIN VERSION MADNESS //
 | ||||
| 	///////////////////////////
 | ||||
| 
 | ||||
| 	gl.version = gl.version || "draft-11"; | ||||
| 	gl.server = gl.server || "https://acme-v02.api.letsencrypt.org/directory"; | ||||
| 	gl.version = gl.version || 'draft-11'; | ||||
| 	gl.server = gl.server || 'https://acme-v02.api.letsencrypt.org/directory'; | ||||
| 	if (!gl.version) { | ||||
| 		//console.warn("Please specify version: 'v01' (Let's Encrypt v1) or 'draft-12' (Let's Encrypt v2 / ACME draft 12)");
 | ||||
| 		console.warn(""); | ||||
| 		console.warn(""); | ||||
| 		console.warn(""); | ||||
| 		console.warn("=========================================================="); | ||||
| 		console.warn("==                greenlock.js (v2.2.0+)                =="); | ||||
| 		console.warn("=========================================================="); | ||||
| 		console.warn(""); | ||||
| 		console.warn(''); | ||||
| 		console.warn(''); | ||||
| 		console.warn(''); | ||||
| 		console.warn( | ||||
| 			'==========================================================' | ||||
| 		); | ||||
| 		console.warn( | ||||
| 			'==                greenlock.js (v2.2.0+)                ==' | ||||
| 		); | ||||
| 		console.warn( | ||||
| 			'==========================================================' | ||||
| 		); | ||||
| 		console.warn(''); | ||||
| 		console.warn("Please specify 'version' option:"); | ||||
| 		console.warn(""); | ||||
| 		console.warn("        'draft-12' for Let's Encrypt v2 and ACME draft 12"); | ||||
| 		console.warn(''); | ||||
| 		console.warn( | ||||
| 			"        'draft-12' for Let's Encrypt v2 and ACME draft 12" | ||||
| 		); | ||||
| 		console.warn("        ('v02' is an alias of 'draft-12'"); | ||||
| 		console.warn(""); | ||||
| 		console.warn("or"); | ||||
| 		console.warn(""); | ||||
| 		console.warn(''); | ||||
| 		console.warn('or'); | ||||
| 		console.warn(''); | ||||
| 		console.warn("        'v01' for Let's Encrypt v1 (deprecated)"); | ||||
| 		console.warn( | ||||
| 			"         (also 'npm install --save le-acme-core' as this legacy dependency will soon be removed)" | ||||
| 		); | ||||
| 		console.warn(""); | ||||
| 		console.warn("This will be required in versions v2.3+"); | ||||
| 		console.warn(""); | ||||
| 		console.warn(""); | ||||
| 	} else if ("v02" === gl.version) { | ||||
| 		gl.version = "draft-11"; | ||||
| 	} else if ("draft-12" === gl.version) { | ||||
| 		gl.version = "draft-11"; | ||||
| 	} else if ("draft-11" === gl.version) { | ||||
| 		console.warn(''); | ||||
| 		console.warn('This will be required in versions v2.3+'); | ||||
| 		console.warn(''); | ||||
| 		console.warn(''); | ||||
| 	} else if ('v02' === gl.version) { | ||||
| 		gl.version = 'draft-11'; | ||||
| 	} else if ('draft-12' === gl.version) { | ||||
| 		gl.version = 'draft-11'; | ||||
| 	} else if ('draft-11' === gl.version) { | ||||
| 		// no-op
 | ||||
| 	} else if ("v01" !== gl.version) { | ||||
| 	} else if ('v01' !== gl.version) { | ||||
| 		throw new Error("Unrecognized version '" + gl.version + "'"); | ||||
| 	} | ||||
| 
 | ||||
| @ -227,62 +235,62 @@ Greenlock.create = function(gl) { | ||||
| 			"opts.server must specify an ACME directory URL, such as 'https://acme-staging-v02.api.letsencrypt.org/directory'" | ||||
| 		); | ||||
| 	} | ||||
| 	if ("staging" === gl.server || "production" === gl.server) { | ||||
| 		if ("staging" === gl.server) { | ||||
| 			gl.server = "https://acme-staging.api.letsencrypt.org/directory"; | ||||
| 			gl.version = "v01"; | ||||
| 			gl._deprecatedServerName = "staging"; | ||||
| 		} else if ("production" === gl.server) { | ||||
| 			gl.server = "https://acme-v01.api.letsencrypt.org/directory"; | ||||
| 			gl.version = "v01"; | ||||
| 			gl._deprecatedServerName = "production"; | ||||
| 	if ('staging' === gl.server || 'production' === gl.server) { | ||||
| 		if ('staging' === gl.server) { | ||||
| 			gl.server = 'https://acme-staging.api.letsencrypt.org/directory'; | ||||
| 			gl.version = 'v01'; | ||||
| 			gl._deprecatedServerName = 'staging'; | ||||
| 		} else if ('production' === gl.server) { | ||||
| 			gl.server = 'https://acme-v01.api.letsencrypt.org/directory'; | ||||
| 			gl.version = 'v01'; | ||||
| 			gl._deprecatedServerName = 'production'; | ||||
| 		} | ||||
| 		console.warn(""); | ||||
| 		console.warn(""); | ||||
| 		console.warn("=== WARNING ==="); | ||||
| 		console.warn(""); | ||||
| 		console.warn(''); | ||||
| 		console.warn(''); | ||||
| 		console.warn('=== WARNING ==='); | ||||
| 		console.warn(''); | ||||
| 		console.warn( | ||||
| 			"Due to versioning issues the '" + | ||||
| 				gl._deprecatedServerName + | ||||
| 				"' option is deprecated." | ||||
| 		); | ||||
| 		console.warn("Please specify the full url and version."); | ||||
| 		console.warn(""); | ||||
| 		console.warn("For APIs add:"); | ||||
| 		console.warn('Please specify the full url and version.'); | ||||
| 		console.warn(''); | ||||
| 		console.warn('For APIs add:'); | ||||
| 		console.warn('\t, "version": "' + gl.version + '"'); | ||||
| 		console.warn('\t, "server": "' + gl.server + '"'); | ||||
| 		console.warn(""); | ||||
| 		console.warn("For the CLI add:"); | ||||
| 		console.warn(''); | ||||
| 		console.warn('For the CLI add:'); | ||||
| 		console.warn("\t--acme-url '" + gl.server + "' \\"); | ||||
| 		console.warn("\t--acme-version '" + gl.version + "' \\"); | ||||
| 		console.warn(""); | ||||
| 		console.warn(""); | ||||
| 		console.warn(''); | ||||
| 		console.warn(''); | ||||
| 	} | ||||
| 
 | ||||
| 	function loadLeV01() { | ||||
| 		console.warn(""); | ||||
| 		console.warn("=== WARNING ==="); | ||||
| 		console.warn(""); | ||||
| 		console.warn(''); | ||||
| 		console.warn('=== WARNING ==='); | ||||
| 		console.warn(''); | ||||
| 		console.warn("Let's Encrypt v1 is deprecated."); | ||||
| 		console.warn("Please update to Let's Encrypt v2 (ACME draft 12)"); | ||||
| 		console.warn(""); | ||||
| 		console.warn(''); | ||||
| 		try { | ||||
| 			return require("le-acme-core").ACME; | ||||
| 			return require('le-acme-core').ACME; | ||||
| 		} catch (e) { | ||||
| 			console.error(""); | ||||
| 			console.error("=== Error (easy-to-fix) ==="); | ||||
| 			console.error(""); | ||||
| 			console.error(''); | ||||
| 			console.error('=== Error (easy-to-fix) ==='); | ||||
| 			console.error(''); | ||||
| 			console.error( | ||||
| 				"Hey, this isn't a big deal, but you need to manually add v1 support:" | ||||
| 			); | ||||
| 			console.error(""); | ||||
| 			console.error("        npm install --save le-acme-core"); | ||||
| 			console.error(""); | ||||
| 			console.error(''); | ||||
| 			console.error('        npm install --save le-acme-core'); | ||||
| 			console.error(''); | ||||
| 			console.error( | ||||
| 				"Just run that real quick, restart, and everything will work great." | ||||
| 				'Just run that real quick, restart, and everything will work great.' | ||||
| 			); | ||||
| 			console.error(""); | ||||
| 			console.error(""); | ||||
| 			console.error(''); | ||||
| 			console.error(''); | ||||
| 			process.exit(e.code || 13); | ||||
| 		} | ||||
| 	} | ||||
| @ -290,32 +298,32 @@ Greenlock.create = function(gl) { | ||||
| 	if ( | ||||
| 		-1 !== | ||||
| 		[ | ||||
| 			"https://acme-v02.api.letsencrypt.org/directory", | ||||
| 			"https://acme-staging-v02.api.letsencrypt.org/directory" | ||||
| 			'https://acme-v02.api.letsencrypt.org/directory', | ||||
| 			'https://acme-staging-v02.api.letsencrypt.org/directory' | ||||
| 		].indexOf(gl.server) | ||||
| 	) { | ||||
| 		if ("draft-11" !== gl.version) { | ||||
| 		if ('draft-11' !== gl.version) { | ||||
| 			console.warn( | ||||
| 				"Detected Let's Encrypt v02 URL. Changing version to draft-12." | ||||
| 			); | ||||
| 			gl.version = "draft-11"; | ||||
| 			gl.version = 'draft-11'; | ||||
| 		} | ||||
| 	} else if ( | ||||
| 		-1 !== | ||||
| 			[ | ||||
| 				"https://acme-v01.api.letsencrypt.org/directory", | ||||
| 				"https://acme-staging.api.letsencrypt.org/directory" | ||||
| 				'https://acme-v01.api.letsencrypt.org/directory', | ||||
| 				'https://acme-staging.api.letsencrypt.org/directory' | ||||
| 			].indexOf(gl.server) || | ||||
| 		"v01" === gl.version | ||||
| 		'v01' === gl.version | ||||
| 	) { | ||||
| 		if ("v01" !== gl.version) { | ||||
| 		if ('v01' !== gl.version) { | ||||
| 			console.warn( | ||||
| 				"Detected Let's Encrypt v01 URL (deprecated). Changing version to v01." | ||||
| 			); | ||||
| 			gl.version = "v01"; | ||||
| 			gl.version = 'v01'; | ||||
| 		} | ||||
| 	} | ||||
| 	if ("v01" === gl.version) { | ||||
| 	if ('v01' === gl.version) { | ||||
| 		ACME = loadLeV01(); | ||||
| 	} | ||||
| 	/////////////////////////
 | ||||
| @ -349,12 +357,14 @@ Greenlock.create = function(gl) { | ||||
| 		gl.store.accounts = promisifyAllStore(gl.store.accounts); | ||||
| 		gl.store.certificates = promisifyAllStore(gl.store.certificates); | ||||
| 		gl._storeOpts = | ||||
| 			(gl.store.getOptions && gl.store.getOptions()) || gl.store.options || {}; | ||||
| 			(gl.store.getOptions && gl.store.getOptions()) || | ||||
| 			gl.store.options || | ||||
| 			{}; | ||||
| 	} catch (e) { | ||||
| 		console.error(e); | ||||
| 		console.error( | ||||
| 			"\nPROBABLE CAUSE:\n" + | ||||
| 				"\tYour greenlock-store module should have a create function and return { options, accounts, certificates }\n" | ||||
| 			'\nPROBABLE CAUSE:\n' + | ||||
| 				'\tYour greenlock-store module should have a create function and return { options, accounts, certificates }\n' | ||||
| 		); | ||||
| 		process.exit(18); | ||||
| 		return; | ||||
| @ -384,40 +394,47 @@ Greenlock.create = function(gl) { | ||||
| 		if (challenger.create) { | ||||
| 			challenger = gl.challenges[challengeType] = challenger.create(gl); | ||||
| 		} | ||||
| 		challenger = gl.challenges[challengeType] = promisifyAllSelf(challenger); | ||||
| 		gl["_challengeOpts_" + challengeType] = | ||||
| 		challenger = gl.challenges[challengeType] = promisifyAllSelf( | ||||
| 			challenger | ||||
| 		); | ||||
| 		gl['_challengeOpts_' + challengeType] = | ||||
| 			(challenger.getOptions && challenger.getOptions()) || | ||||
| 			challenger.options || | ||||
| 			{}; | ||||
| 		Object.keys(gl["_challengeOpts_" + challengeType]).forEach(function(key) { | ||||
| 		Object.keys(gl['_challengeOpts_' + challengeType]).forEach(function( | ||||
| 			key | ||||
| 		) { | ||||
| 			if (!(key in gl)) { | ||||
| 				gl[key] = gl["_challengeOpts_" + challengeType][key]; | ||||
| 				gl[key] = gl['_challengeOpts_' + challengeType][key]; | ||||
| 			} | ||||
| 		}); | ||||
| 
 | ||||
| 		// TODO wrap these here and now with tplCopy?
 | ||||
| 		if (!challenger.set || ![5, 2, 1].includes(challenger.set.length)) { | ||||
| 			throw new Error( | ||||
| 				"gl.challenges[" + | ||||
| 				'gl.challenges[' + | ||||
| 					challengeType + | ||||
| 					"].set receives the wrong number of arguments." + | ||||
| 					" You must define setChallenge as function (opts) { return Promise.resolve(); }" | ||||
| 					'].set receives the wrong number of arguments.' + | ||||
| 					' You must define setChallenge as function (opts) { return Promise.resolve(); }' | ||||
| 			); | ||||
| 		} | ||||
| 		if (challenger.get && ![4, 2, 1].includes(challenger.get.length)) { | ||||
| 			throw new Error( | ||||
| 				"gl.challenges[" + | ||||
| 				'gl.challenges[' + | ||||
| 					challengeType + | ||||
| 					"].get receives the wrong number of arguments." + | ||||
| 					" You must define getChallenge as function (opts) { return Promise.resolve(); }" | ||||
| 					'].get receives the wrong number of arguments.' + | ||||
| 					' You must define getChallenge as function (opts) { return Promise.resolve(); }' | ||||
| 			); | ||||
| 		} | ||||
| 		if (!challenger.remove || ![4, 2, 1].includes(challenger.remove.length)) { | ||||
| 		if ( | ||||
| 			!challenger.remove || | ||||
| 			![4, 2, 1].includes(challenger.remove.length) | ||||
| 		) { | ||||
| 			throw new Error( | ||||
| 				"gl.challenges[" + | ||||
| 				'gl.challenges[' + | ||||
| 					challengeType + | ||||
| 					"].remove receives the wrong number of arguments." + | ||||
| 					" You must define removeChallenge as function (opts) { return Promise.resolve(); }" | ||||
| 					'].remove receives the wrong number of arguments.' + | ||||
| 					' You must define removeChallenge as function (opts) { return Promise.resolve(); }' | ||||
| 			); | ||||
| 		} | ||||
| 
 | ||||
| @ -486,16 +503,20 @@ Greenlock.create = function(gl) { | ||||
| 
 | ||||
| 					if (!gl.email) { | ||||
| 						throw new Error( | ||||
| 							"le-sni-auto is not properly configured. Missing email" | ||||
| 							'le-sni-auto is not properly configured. Missing email' | ||||
| 						); | ||||
| 					} | ||||
| 					if (!gl.agreeTos) { | ||||
| 						throw new Error( | ||||
| 							"le-sni-auto is not properly configured. Missing agreeTos" | ||||
| 							'le-sni-auto is not properly configured. Missing agreeTos' | ||||
| 						); | ||||
| 					} | ||||
| 					if (!/[a-z]/i.test(lexOpts.domain)) { | ||||
| 						cb(new Error("le-sni-auto does not allow IP addresses in SNI")); | ||||
| 						cb( | ||||
| 							new Error( | ||||
| 								'le-sni-auto does not allow IP addresses in SNI' | ||||
| 							) | ||||
| 						); | ||||
| 						return; | ||||
| 					} | ||||
| 
 | ||||
| @ -522,13 +543,13 @@ Greenlock.create = function(gl) { | ||||
| 
 | ||||
| 					emsg = | ||||
| 						"tls SNI for '" + | ||||
| 						lexOpts.domains.join(",") + | ||||
| 						lexOpts.domains.join(',') + | ||||
| 						"' rejected: not in list '" + | ||||
| 						gl.approvedDomains + | ||||
| 						"'"; | ||||
| 					log(gl.debug, emsg, lexOpts.domains, gl.approvedDomains); | ||||
| 					err = new Error(emsg); | ||||
| 					err.code = "E_REJECT_SNI"; | ||||
| 					err.code = 'E_REJECT_SNI'; | ||||
| 					cb(err); | ||||
| 				}; | ||||
| 			} | ||||
| @ -537,10 +558,10 @@ Greenlock.create = function(gl) { | ||||
| 				// certs come from current in-memory cache, not lookup
 | ||||
| 				log( | ||||
| 					gl.debug, | ||||
| 					"gl.getCertificates called for", | ||||
| 					'gl.getCertificates called for', | ||||
| 					domain, | ||||
| 					"with certs for", | ||||
| 					(certs && certs.altnames) || "NONE" | ||||
| 					'with certs for', | ||||
| 					(certs && certs.altnames) || 'NONE' | ||||
| 				); | ||||
| 				var opts = { | ||||
| 					domain: domain, | ||||
| @ -550,24 +571,24 @@ Greenlock.create = function(gl) { | ||||
| 					account: {} | ||||
| 				}; | ||||
| 				opts.wildname = | ||||
| 					"*." + | ||||
| 					(domain || "") | ||||
| 						.split(".") | ||||
| 					'*.' + | ||||
| 					(domain || '') | ||||
| 						.split('.') | ||||
| 						.slice(1) | ||||
| 						.join("."); | ||||
| 						.join('.'); | ||||
| 
 | ||||
| 				function cb2(results) { | ||||
| 					log( | ||||
| 						gl.debug, | ||||
| 						"gl.approveDomains called with certs for", | ||||
| 						(results.certs && results.certs.altnames) || "NONE", | ||||
| 						"and options:" | ||||
| 						'gl.approveDomains called with certs for', | ||||
| 						(results.certs && results.certs.altnames) || 'NONE', | ||||
| 						'and options:' | ||||
| 					); | ||||
| 					log(gl.debug, results.options || results); | ||||
| 					var err; | ||||
| 					if (!results) { | ||||
| 						err = new Error("E_REJECT_SNI"); | ||||
| 						err.code = "E_REJECT_SNI"; | ||||
| 						err = new Error('E_REJECT_SNI'); | ||||
| 						err.code = 'E_REJECT_SNI'; | ||||
| 						eb2(err); | ||||
| 						return; | ||||
| 					} | ||||
| @ -575,13 +596,19 @@ Greenlock.create = function(gl) { | ||||
| 					var options = results.options || results; | ||||
| 					if (opts !== options) { | ||||
| 						Object.keys(options).forEach(function(key) { | ||||
| 							if ("undefined" !== typeof options[key] && "domain" !== key) { | ||||
| 							if ( | ||||
| 								'undefined' !== typeof options[key] && | ||||
| 								'domain' !== key | ||||
| 							) { | ||||
| 								opts[key] = options[key]; | ||||
| 							} | ||||
| 						}); | ||||
| 						options = opts; | ||||
| 					} | ||||
| 					if (Array.isArray(options.altnames) && options.altnames.length) { | ||||
| 					if ( | ||||
| 						Array.isArray(options.altnames) && | ||||
| 						options.altnames.length | ||||
| 					) { | ||||
| 						options.domains = options.altnames; | ||||
| 					} | ||||
| 					options.altnames = options.domains; | ||||
| @ -593,8 +620,10 @@ Greenlock.create = function(gl) { | ||||
| 						options.certificate = {}; | ||||
| 					} | ||||
| 					if (results.certs) { | ||||
| 						log(gl.debug, "gl renewing"); | ||||
| 						return gl.core.certificates.renewAsync(options, results.certs).then( | ||||
| 						log(gl.debug, 'gl renewing'); | ||||
| 						return gl.core.certificates | ||||
| 							.renewAsync(options, results.certs) | ||||
| 							.then( | ||||
| 								function(certs) { | ||||
| 									// Workaround for https://github.com/nodejs/node/issues/22389
 | ||||
| 									gl._updateServernames(certs); | ||||
| @ -602,15 +631,20 @@ Greenlock.create = function(gl) { | ||||
| 								}, | ||||
| 								function(e) { | ||||
| 									console.debug( | ||||
| 									"Error renewing certificate for '" + domain + "':" | ||||
| 										"Error renewing certificate for '" + | ||||
| 											domain + | ||||
| 											"':" | ||||
| 									); | ||||
| 									console.debug(e); | ||||
| 								console.error(""); | ||||
| 									console.error(''); | ||||
| 									cb(e); | ||||
| 								} | ||||
| 							); | ||||
| 					} else { | ||||
| 						log(gl.debug, "gl getting from disk or registering new"); | ||||
| 						log( | ||||
| 							gl.debug, | ||||
| 							'gl getting from disk or registering new' | ||||
| 						); | ||||
| 						return gl.core.certificates.getAsync(options).then( | ||||
| 							function(certs) { | ||||
| 								// Workaround for https://github.com/nodejs/node/issues/22389
 | ||||
| @ -619,10 +653,12 @@ Greenlock.create = function(gl) { | ||||
| 							}, | ||||
| 							function(e) { | ||||
| 								console.debug( | ||||
| 									"Error loading/registering certificate for '" + domain + "':" | ||||
| 									"Error loading/registering certificate for '" + | ||||
| 										domain + | ||||
| 										"':" | ||||
| 								); | ||||
| 								console.debug(e); | ||||
| 								console.error(""); | ||||
| 								console.error(''); | ||||
| 								cb(e); | ||||
| 							} | ||||
| 						); | ||||
| @ -631,16 +667,20 @@ Greenlock.create = function(gl) { | ||||
| 				function eb2(_err) { | ||||
| 					if (false !== gl.logRejectedDomains) { | ||||
| 						console.error( | ||||
| 							"[Error] approveDomains rejected tls sni '" + domain + "'" | ||||
| 							"[Error] approveDomains rejected tls sni '" + | ||||
| 								domain + | ||||
| 								"'" | ||||
| 						); | ||||
| 						console.error( | ||||
| 							"[Error] (see https://git.coolaj86.com/coolaj86/greenlock.js/issues/11)" | ||||
| 							'[Error] (see https://git.coolaj86.com/coolaj86/greenlock.js/issues/11)' | ||||
| 						); | ||||
| 						if ('E_REJECT_SNI' !== _err.code) { | ||||
| 							console.error( | ||||
| 								'[Error] This is the rejection message:' | ||||
| 							); | ||||
| 						if ("E_REJECT_SNI" !== _err.code) { | ||||
| 							console.error("[Error] This is the rejection message:"); | ||||
| 							console.error(_err.message); | ||||
| 						} | ||||
| 						console.error(""); | ||||
| 						console.error(''); | ||||
| 					} | ||||
| 					cb(_err); | ||||
| 					return; | ||||
| @ -664,7 +704,9 @@ Greenlock.create = function(gl) { | ||||
| 						gl.approveDomains(opts, certs, mb2); | ||||
| 					} | ||||
| 				} catch (e) { | ||||
| 					console.error("[ERROR] Something went wrong in approveDomains:"); | ||||
| 					console.error( | ||||
| 						'[ERROR] Something went wrong in approveDomains:' | ||||
| 					); | ||||
| 					console.error(e); | ||||
| 					console.error( | ||||
| 						"BUT WAIT! Good news: It's probably your fault, so you can probably fix it." | ||||
| @ -672,30 +714,36 @@ Greenlock.create = function(gl) { | ||||
| 				} | ||||
| 			}; | ||||
| 		} | ||||
| 		gl.sni = gl.sni || require("le-sni-auto"); | ||||
| 		gl.sni = gl.sni || require('le-sni-auto'); | ||||
| 		if (gl.sni.create) { | ||||
| 			gl.sni = gl.sni.create(gl); | ||||
| 		} | ||||
| 		gl.tlsOptions.SNICallback = function(_domain, cb) { | ||||
| 			// format and (lightly) sanitize sni so that users can be naive
 | ||||
| 			// and not have to worry about SQL injection or fs discovery
 | ||||
| 			var domain = (_domain || "").toLowerCase(); | ||||
| 			var domain = (_domain || '').toLowerCase(); | ||||
| 			// hostname labels allow a-z, 0-9, -, and are separated by dots
 | ||||
| 			// _ is sometimes allowed
 | ||||
| 			// REGEX // https://www.codeproject.com/Questions/1063023/alphanumeric-validation-javascript-without-regex
 | ||||
| 			if ( | ||||
| 				!gl.__sni_allow_dangerous_names && | ||||
| 				(!/^[a-z0-9_\.\-]+$/i.test(domain) || -1 !== domain.indexOf("..")) | ||||
| 				(!/^[a-z0-9_\.\-]+$/i.test(domain) || | ||||
| 					-1 !== domain.indexOf('..')) | ||||
| 			) { | ||||
| 				log(gl.debug, "invalid sni '" + domain + "'"); | ||||
| 				cb(new Error("invalid SNI")); | ||||
| 				cb(new Error('invalid SNI')); | ||||
| 				return; | ||||
| 			} | ||||
| 
 | ||||
| 			try { | ||||
| 				gl.sni.sniCallback((gl.__sni_preserve_case && _domain) || domain, cb); | ||||
| 				gl.sni.sniCallback( | ||||
| 					(gl.__sni_preserve_case && _domain) || domain, | ||||
| 					cb | ||||
| 				); | ||||
| 			} catch (e) { | ||||
| 				console.error("[ERROR] Something went wrong in the SNICallback:"); | ||||
| 				console.error( | ||||
| 					'[ERROR] Something went wrong in the SNICallback:' | ||||
| 				); | ||||
| 				console.error(e); | ||||
| 				cb(e); | ||||
| 			} | ||||
| @ -723,7 +771,7 @@ Greenlock.create = function(gl) { | ||||
| 		return gl.core.certificates.checkAsync(args); | ||||
| 	}; | ||||
| 
 | ||||
| 	gl.middleware = gl.middleware || require("./lib/middleware"); | ||||
| 	gl.middleware = gl.middleware || require('./lib/middleware'); | ||||
| 	if (gl.middleware.create) { | ||||
| 		gl.middleware = gl.middleware.create(gl); | ||||
| 	} | ||||
| @ -733,17 +781,17 @@ Greenlock.create = function(gl) { | ||||
| 	gl.middleware.sanitizeHost = function(app) { | ||||
| 		return function(req, res, next) { | ||||
| 			function realNext() { | ||||
| 				if ("function" === typeof app) { | ||||
| 				if ('function' === typeof app) { | ||||
| 					app(req, res); | ||||
| 				} else if ("function" === typeof next) { | ||||
| 				} else if ('function' === typeof next) { | ||||
| 					next(); | ||||
| 				} else { | ||||
| 					res.statusCode = 500; | ||||
| 					res.end("Error: no middleware assigned"); | ||||
| 					res.end('Error: no middleware assigned'); | ||||
| 				} | ||||
| 			} | ||||
| 			// Get the host:port combo, if it exists
 | ||||
| 			var host = (req.headers.host || "").split(":"); | ||||
| 			var host = (req.headers.host || '').split(':'); | ||||
| 
 | ||||
| 			// if not, move along
 | ||||
| 			if (!host[0]) { | ||||
| @ -752,7 +800,7 @@ Greenlock.create = function(gl) { | ||||
| 			} | ||||
| 
 | ||||
| 			// if so, remove non-allowed characters
 | ||||
| 			var safehost = host[0].toLowerCase().replace(SERVERNAME_G, ""); | ||||
| 			var safehost = host[0].toLowerCase().replace(SERVERNAME_G, ''); | ||||
| 
 | ||||
| 			// if there were unallowed characters, complain
 | ||||
| 			if ( | ||||
| @ -767,27 +815,33 @@ Greenlock.create = function(gl) { | ||||
| 			// make lowercase
 | ||||
| 			if (!gl.__sni_preserve_case) { | ||||
| 				host[0] = safehost; | ||||
| 				req.headers.host = host.join(":"); | ||||
| 				req.headers.host = host.join(':'); | ||||
| 			} | ||||
| 
 | ||||
| 			// Note: This sanitize function is also called on plain sockets, which don't need Domain Fronting checks
 | ||||
| 			if (req.socket.encrypted && !gl.__sni_allow_domain_fronting) { | ||||
| 				if (req.socket && "string" === typeof req.socket.servername) { | ||||
| 				if (req.socket && 'string' === typeof req.socket.servername) { | ||||
| 					// Workaround for https://github.com/nodejs/node/issues/22389
 | ||||
| 					if ( | ||||
| 						!gl._checkServername(safehost, req.socket.servername.toLowerCase()) | ||||
| 						!gl._checkServername( | ||||
| 							safehost, | ||||
| 							req.socket.servername.toLowerCase() | ||||
| 						) | ||||
| 					) { | ||||
| 						res.statusCode = 400; | ||||
| 						res.setHeader("Content-Type", "text/html; charset=utf-8"); | ||||
| 						res.setHeader( | ||||
| 							'Content-Type', | ||||
| 							'text/html; charset=utf-8' | ||||
| 						); | ||||
| 						res.end( | ||||
| 							"<h1>Domain Fronting Error</h1>" + | ||||
| 							'<h1>Domain Fronting Error</h1>' + | ||||
| 								"<p>This connection was secured using TLS/SSL for '" + | ||||
| 								req.socket.servername.toLowerCase() + | ||||
| 								"'</p>" + | ||||
| 								"<p>The HTTP request specified 'Host: " + | ||||
| 								safehost + | ||||
| 								"', which is (obviously) different.</p>" + | ||||
| 								"<p>Because this looks like a domain fronting attack, the connection has been terminated.</p>" | ||||
| 								'<p>Because this looks like a domain fronting attack, the connection has been terminated.</p>' | ||||
| 						); | ||||
| 						return; | ||||
| 					} | ||||
| @ -797,7 +851,7 @@ Greenlock.create = function(gl) { | ||||
| 				) { | ||||
| 					// TODO how to handle wrapped sockets, as with telebit?
 | ||||
| 					console.warn( | ||||
| 						"\n\n\n[greenlock] WARN: no string for req.socket.servername," + | ||||
| 						'\n\n\n[greenlock] WARN: no string for req.socket.servername,' + | ||||
| 							" skipping fronting check for '" + | ||||
| 							safehost + | ||||
| 							"'\n\n\n" | ||||
|  | ||||
| @ -3,34 +3,48 @@ | ||||
| function addCommunityMember(opts) { | ||||
| 	// { name, version, email, domains, action, communityMember, telemetry }
 | ||||
| 	var https = require('https'); | ||||
|   var req = https.request({ | ||||
|     hostname: 'api.ppl.family' | ||||
|   , port: 443 | ||||
|   , path: '/api/ppl.family/public/list' | ||||
|   , method: 'POST' | ||||
|   , headers: { | ||||
| 	var req = https.request( | ||||
| 		{ | ||||
| 			hostname: 'api.ppl.family', | ||||
| 			port: 443, | ||||
| 			path: '/api/ppl.family/public/list', | ||||
| 			method: 'POST', | ||||
| 			headers: { | ||||
| 				'Content-Type': 'application/json' | ||||
| 			} | ||||
|   }, function (err, resp) { | ||||
|     if (err) { return; } | ||||
|     resp.on('data', function () {}); | ||||
|   }); | ||||
| 		}, | ||||
| 		function(err, resp) { | ||||
| 			if (err) { | ||||
| 				return; | ||||
| 			} | ||||
| 			resp.on('data', function() {}); | ||||
| 		} | ||||
| 	); | ||||
| 	req.on('error', function(error) { | ||||
| 		/* ignore */ | ||||
| 	}); | ||||
| 	var os = require('os'); | ||||
| 	var data = { | ||||
|     address: opts.email | ||||
| 		address: opts.email, | ||||
| 		// greenlock-security is transactional and security only
 | ||||
|   , list: opts.communityMember ? (opts.name + '@ppl.family') : 'greenlock-security@ppl.family' | ||||
|   , action: opts.action // reg | renew
 | ||||
|   , package: opts.name | ||||
| 		list: opts.communityMember | ||||
| 			? opts.name + '@ppl.family' | ||||
| 			: 'greenlock-security@ppl.family', | ||||
| 		action: opts.action, // reg | renew
 | ||||
| 		package: opts.name, | ||||
| 		// hashed for privacy, but so we can still get some telemetry and inform users
 | ||||
| 		// if abnormal things are happening (like several registrations for the same domain each day)
 | ||||
|   , domain: (opts.domains||[]).map(function (d) { | ||||
|       return require('crypto').createHash('sha1').update(d).digest('base64') | ||||
|         .replace(/\//g, '_').replace(/\+/g, '-').replace(/=/g, ''); | ||||
|     }).join(',') | ||||
| 		domain: (opts.domains || []) | ||||
| 			.map(function(d) { | ||||
| 				return require('crypto') | ||||
| 					.createHash('sha1') | ||||
| 					.update(d) | ||||
| 					.digest('base64') | ||||
| 					.replace(/\//g, '_') | ||||
| 					.replace(/\+/g, '-') | ||||
| 					.replace(/=/g, ''); | ||||
| 			}) | ||||
| 			.join(',') | ||||
| 	}; | ||||
| 	if (false !== opts.telemetry) { | ||||
| 		data.arch = process.arch || os.arch(); | ||||
| @ -44,19 +58,20 @@ function addCommunityMember(opts) { | ||||
| } | ||||
| 
 | ||||
| function delay(ms) { | ||||
|   return new Promise(function (resolve) { | ||||
| 	return new Promise(function(resolve) { | ||||
| 		return setTimeout(resolve, ms); | ||||
| 	}); | ||||
| } | ||||
| 
 | ||||
| module.exports.add = function (opts) { | ||||
|   return delay(50).then(() => { | ||||
| module.exports.add = function(opts) { | ||||
| 	return delay(50) | ||||
| 		.then(() => { | ||||
| 			return addCommunityMember(opts); | ||||
| 		}) | ||||
|   .catch(function (ex) { | ||||
| 		.catch(function(ex) { | ||||
| 			/* ignore */ | ||||
|   }) | ||||
| } | ||||
| 		}); | ||||
| }; | ||||
| 
 | ||||
| if (require.main === module) { | ||||
| 	//addCommunityMember('greenlock-express.js', 'reg', 'coolaj86+test42@gmail.com', ['coolaj86.com'], true);
 | ||||
|  | ||||
| @ -3,11 +3,13 @@ | ||||
| function requireBluebird() { | ||||
| 	try { | ||||
| 		return require('bluebird'); | ||||
|   } catch(e) { | ||||
|     console.error(""); | ||||
|     console.error("DON'T PANIC. You're running an old version of node with incomplete Promise support."); | ||||
|     console.error("EASY FIX: `npm install --save bluebird`"); | ||||
|     console.error(""); | ||||
| 	} catch (e) { | ||||
| 		console.error(''); | ||||
| 		console.error( | ||||
| 			"DON'T PANIC. You're running an old version of node with incomplete Promise support." | ||||
| 		); | ||||
| 		console.error('EASY FIX: `npm install --save bluebird`'); | ||||
| 		console.error(''); | ||||
| 		throw e; | ||||
| 	} | ||||
| } | ||||
|  | ||||
							
								
								
									
										772
									
								
								lib/core.js
									
									
									
									
									
								
							
							
						
						
									
										772
									
								
								lib/core.js
									
									
									
									
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| @ -6,36 +6,38 @@ function _log(debug) { | ||||
| 	if (debug) { | ||||
| 		var args = Array.prototype.slice.call(arguments); | ||||
| 		args.shift(); | ||||
|     args.unshift("[greenlock/lib/middleware.js]"); | ||||
| 		args.unshift('[greenlock/lib/middleware.js]'); | ||||
| 		console.log.apply(console, args); | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| module.exports.create = function (gl) { | ||||
| module.exports.create = function(gl) { | ||||
| 	if (!gl.challenges['http-01'] || !gl.challenges['http-01'].get) { | ||||
|     throw new Error("middleware requires challenge plugin with get method"); | ||||
| 		throw new Error('middleware requires challenge plugin with get method'); | ||||
| 	} | ||||
| 	var log = gl.log || _log; | ||||
| 
 | ||||
|   log(gl.debug, "created middleware"); | ||||
|   return function (_app) { | ||||
| 	log(gl.debug, 'created middleware'); | ||||
| 	return function(_app) { | ||||
| 		if (_app && 'function' !== typeof _app) { | ||||
|       throw new Error("use greenlock.middleware() or greenlock.middleware(function (req, res) {})"); | ||||
| 			throw new Error( | ||||
| 				'use greenlock.middleware() or greenlock.middleware(function (req, res) {})' | ||||
| 			); | ||||
| 		} | ||||
| 		var prefix = gl.acmeChallengePrefix || '/.well-known/acme-challenge/'; | ||||
| 
 | ||||
|     return function (req, res, next) { | ||||
| 		return function(req, res, next) { | ||||
| 			if (0 !== req.url.indexOf(prefix)) { | ||||
|         log(gl.debug, "no match, skipping middleware"); | ||||
| 				log(gl.debug, 'no match, skipping middleware'); | ||||
| 				if ('function' === typeof _app) { | ||||
| 					_app(req, res, next); | ||||
|         } | ||||
|         else if ('function' === typeof next) { | ||||
| 				} else if ('function' === typeof next) { | ||||
| 					next(); | ||||
|         } | ||||
|         else { | ||||
| 				} else { | ||||
| 					res.statusCode = 500; | ||||
|           res.end("[500] Developer Error: app.use('/', greenlock.middleware()) or greenlock.middleware(app)"); | ||||
| 					res.end( | ||||
| 						"[500] Developer Error: app.use('/', greenlock.middleware()) or greenlock.middleware(app)" | ||||
| 					); | ||||
| 				} | ||||
| 				return; | ||||
| 			} | ||||
| @ -43,11 +45,13 @@ module.exports.create = function (gl) { | ||||
| 			log(gl.debug, "this must be tinder, 'cuz it's a match!"); | ||||
| 
 | ||||
| 			var token = req.url.slice(prefix.length); | ||||
|       var hostname = req.hostname || (req.headers.host || '').toLowerCase().replace(/:.*/, ''); | ||||
| 			var hostname = | ||||
| 				req.hostname || | ||||
| 				(req.headers.host || '').toLowerCase().replace(/:.*/, ''); | ||||
| 
 | ||||
|       log(gl.debug, "hostname", hostname, "token", token); | ||||
| 			log(gl.debug, 'hostname', hostname, 'token', token); | ||||
| 
 | ||||
|       var copy = utils.merge({ domains: [ hostname ] }, gl); | ||||
| 			var copy = utils.merge({ domains: [hostname] }, gl); | ||||
| 			copy = utils.tplCopy(copy); | ||||
| 			copy.challenge = {}; | ||||
| 			copy.challenge.type = 'http-01'; // obviously...
 | ||||
| @ -68,27 +72,37 @@ module.exports.create = function (gl) { | ||||
| 			} | ||||
| 			function eb(/*err*/) { | ||||
| 				res.statusCode = 404; | ||||
|         res.setHeader('Content-Type', 'application/json; charset=utf-8'); | ||||
|         res.end('{ "error": { "message": "Error: These aren\'t the tokens you\'re looking for. Move along." } }'); | ||||
| 				res.setHeader( | ||||
| 					'Content-Type', | ||||
| 					'application/json; charset=utf-8' | ||||
| 				); | ||||
| 				res.end( | ||||
| 					'{ "error": { "message": "Error: These aren\'t the tokens you\'re looking for. Move along." } }' | ||||
| 				); | ||||
| 				return; | ||||
| 			} | ||||
| 			function mb(err, result) { | ||||
|         if (err) { eb(err); return; } | ||||
| 				if (err) { | ||||
| 					eb(err); | ||||
| 					return; | ||||
| 				} | ||||
| 				cb(result); | ||||
| 			} | ||||
| 
 | ||||
| 			var challenger = gl.challenges['http-01'].get; | ||||
| 			if (1 === challenger.length) { | ||||
| 				/*global Promise*/ | ||||
|         return Promise.resolve().then(function () { | ||||
| 				return Promise.resolve() | ||||
| 					.then(function() { | ||||
| 						return gl.challenges['http-01'].get(copy); | ||||
|         }).then(cb).catch(eb); | ||||
| 					}) | ||||
| 					.then(cb) | ||||
| 					.catch(eb); | ||||
| 			} else if (2 === challenger.length) { | ||||
| 				gl.challenges['http-01'].get(copy, mb); | ||||
| 			} else { | ||||
| 				gl.challenges['http-01'].get(copy, hostname, token, mb); | ||||
| 			} | ||||
| 
 | ||||
| 		}; | ||||
| 	}; | ||||
| }; | ||||
|  | ||||
| @ -1,24 +1,24 @@ | ||||
| 'use strict'; | ||||
| 
 | ||||
| var utils = require('./utils.js') | ||||
| var cert = { subject: 'example.com', altnames: ['*.bar.com','foo.net'] }; | ||||
| var utils = require('./utils.js'); | ||||
| var cert = { subject: 'example.com', altnames: ['*.bar.com', 'foo.net'] }; | ||||
| if (utils.certHasDomain(cert, 'bad.com')) { | ||||
|   throw new Error("allowed bad domain"); | ||||
| 	throw new Error('allowed bad domain'); | ||||
| } | ||||
| if (!utils.certHasDomain(cert, 'example.com')) { | ||||
|   throw new Error("missed subject"); | ||||
| 	throw new Error('missed subject'); | ||||
| } | ||||
| if (utils.certHasDomain(cert, 'bar.com')) { | ||||
|   throw new Error("allowed bad (missing) sub"); | ||||
| 	throw new Error('allowed bad (missing) sub'); | ||||
| } | ||||
| if (!utils.certHasDomain(cert, 'foo.bar.com')) { | ||||
| 	throw new Error("didn't allow valid wildcarded-domain"); | ||||
| } | ||||
| if (utils.certHasDomain(cert, 'dub.foo.bar.com')) { | ||||
|   throw new Error("allowed sub-sub domain"); | ||||
| 	throw new Error('allowed sub-sub domain'); | ||||
| } | ||||
| if (!utils.certHasDomain(cert, 'foo.net')) { | ||||
|   throw new Error("missed altname"); | ||||
| 	throw new Error('missed altname'); | ||||
| } | ||||
| 
 | ||||
| console.info("PASSED"); | ||||
| console.info('PASSED'); | ||||
|  | ||||
							
								
								
									
										56
									
								
								lib/utils.js
									
									
									
									
									
								
							
							
						
						
									
										56
									
								
								lib/utils.js
									
									
									
									
									
								
							| @ -2,38 +2,41 @@ | ||||
| require('./compat.js'); | ||||
| 
 | ||||
| var path = require('path'); | ||||
| var homeRe = new RegExp("^~(\\/|\\\\|\\" + path.sep + ")"); | ||||
| var homeRe = new RegExp('^~(\\/|\\\\|\\' + path.sep + ')'); | ||||
| // very basic check. Allows *.example.com.
 | ||||
| var re = /^(\*\.)?[a-zA-Z0-9\.\-]+$/; | ||||
| var punycode = require('punycode'); | ||||
| var dnsResolveMxAsync = require('util').promisify(require('dns').resolveMx); | ||||
| 
 | ||||
| module.exports.attachCertInfo = function (results) { | ||||
| module.exports.attachCertInfo = function(results) { | ||||
| 	var certInfo = require('cert-info').info(results.cert); | ||||
| 
 | ||||
| 	// subject, altnames, issuedAt, expiresAt
 | ||||
|   Object.keys(certInfo).forEach(function (key) { | ||||
| 	Object.keys(certInfo).forEach(function(key) { | ||||
| 		results[key] = certInfo[key]; | ||||
| 	}); | ||||
| 
 | ||||
| 	return results; | ||||
| }; | ||||
| 
 | ||||
| module.exports.certHasDomain = function (certInfo, _domain) { | ||||
| module.exports.certHasDomain = function(certInfo, _domain) { | ||||
| 	var names = (certInfo.altnames || []).slice(0); | ||||
| 	names.push(certInfo.subject); | ||||
|   return names.some(function (name) { | ||||
| 	return names.some(function(name) { | ||||
| 		var domain = _domain.toLowerCase(); | ||||
| 		name = name.toLowerCase(); | ||||
| 		if ('*.' === name.substr(0, 2)) { | ||||
| 			name = name.substr(2); | ||||
|       domain = domain.split('.').slice(1).join('.'); | ||||
| 			domain = domain | ||||
| 				.split('.') | ||||
| 				.slice(1) | ||||
| 				.join('.'); | ||||
| 		} | ||||
| 		return name === domain; | ||||
| 	}); | ||||
| }; | ||||
| 
 | ||||
| module.exports.isValidDomain = function (domain) { | ||||
| module.exports.isValidDomain = function(domain) { | ||||
| 	if (re.test(domain)) { | ||||
| 		return domain; | ||||
| 	} | ||||
| @ -47,13 +50,13 @@ module.exports.isValidDomain = function (domain) { | ||||
| 	return ''; | ||||
| }; | ||||
| 
 | ||||
| module.exports.merge = function (/*defaults, args*/) { | ||||
| module.exports.merge = function(/*defaults, args*/) { | ||||
| 	var allDefaults = Array.prototype.slice.apply(arguments); | ||||
| 	var args = allDefaults.shift(); | ||||
| 	var copy = {}; | ||||
| 
 | ||||
|   allDefaults.forEach(function (defaults) { | ||||
|     Object.keys(defaults).forEach(function (key) { | ||||
| 	allDefaults.forEach(function(defaults) { | ||||
| 		Object.keys(defaults).forEach(function(key) { | ||||
| 			/* | ||||
|       if ('challenges' === key && copy[key] && defaults[key]) { | ||||
|         Object.keys(defaults[key]).forEach(function (k) { | ||||
| @ -67,7 +70,7 @@ module.exports.merge = function (/*defaults, args*/) { | ||||
| 		}); | ||||
| 	}); | ||||
| 
 | ||||
|   Object.keys(args).forEach(function (key) { | ||||
| 	Object.keys(args).forEach(function(key) { | ||||
| 		/* | ||||
|     if ('challenges' === key && copy[key] && args[key]) { | ||||
|         Object.keys(args[key]).forEach(function (k) { | ||||
| @ -83,15 +86,15 @@ module.exports.merge = function (/*defaults, args*/) { | ||||
| 	return copy; | ||||
| }; | ||||
| 
 | ||||
| module.exports.tplCopy = function (copy) { | ||||
| module.exports.tplCopy = function(copy) { | ||||
| 	var homedir = require('os').homedir(); | ||||
| 	var tplKeys; | ||||
| 
 | ||||
|   copy.hostnameGet = function (copy) { | ||||
| 	copy.hostnameGet = function(copy) { | ||||
| 		return copy.subject || (copy.domains || [])[0] || copy.domain; | ||||
| 	}; | ||||
| 
 | ||||
|   Object.keys(copy).forEach(function (key) { | ||||
| 	Object.keys(copy).forEach(function(key) { | ||||
| 		var newName; | ||||
| 		if (!/Get$/.test(key)) { | ||||
| 			return; | ||||
| @ -102,11 +105,11 @@ module.exports.tplCopy = function (copy) { | ||||
| 	}); | ||||
| 
 | ||||
| 	tplKeys = Object.keys(copy); | ||||
|   tplKeys.sort(function (a, b) { | ||||
| 	tplKeys.sort(function(a, b) { | ||||
| 		return b.length - a.length; | ||||
| 	}); | ||||
| 
 | ||||
|   tplKeys.forEach(function (key) { | ||||
| 	tplKeys.forEach(function(key) { | ||||
| 		if ('string' !== typeof copy[key]) { | ||||
| 			return; | ||||
| 		} | ||||
| @ -114,12 +117,12 @@ module.exports.tplCopy = function (copy) { | ||||
| 		copy[key] = copy[key].replace(homeRe, homedir + path.sep); | ||||
| 	}); | ||||
| 
 | ||||
|   tplKeys.forEach(function (key) { | ||||
| 	tplKeys.forEach(function(key) { | ||||
| 		if ('string' !== typeof copy[key]) { | ||||
| 			return; | ||||
| 		} | ||||
| 
 | ||||
|     tplKeys.forEach(function (tplname) { | ||||
| 		tplKeys.forEach(function(tplname) { | ||||
| 			if (!copy[tplname]) { | ||||
| 				// what can't be templated now may be templatable later
 | ||||
| 				return; | ||||
| @ -131,8 +134,8 @@ module.exports.tplCopy = function (copy) { | ||||
| 	return copy; | ||||
| }; | ||||
| 
 | ||||
| module.exports.testEmail = function (email) { | ||||
|   var parts = (email||'').split('@'); | ||||
| module.exports.testEmail = function(email) { | ||||
| 	var parts = (email || '').split('@'); | ||||
| 	var err; | ||||
| 
 | ||||
| 	if (2 !== parts.length || !parts[0] || !parts[1]) { | ||||
| @ -141,17 +144,22 @@ module.exports.testEmail = function (email) { | ||||
| 		return Promise.reject(err); | ||||
| 	} | ||||
| 
 | ||||
|   return dnsResolveMxAsync(parts[1]).then(function (records) { | ||||
| 	return dnsResolveMxAsync(parts[1]).then( | ||||
| 		function(records) { | ||||
| 			// records only returns when there is data
 | ||||
| 			if (!records.length) { | ||||
|       throw new Error("sanity check fail: success, but no MX records returned"); | ||||
| 				throw new Error( | ||||
| 					'sanity check fail: success, but no MX records returned' | ||||
| 				); | ||||
| 			} | ||||
| 			return email; | ||||
|   }, function (err) { | ||||
| 		}, | ||||
| 		function(err) { | ||||
| 			if ('ENODATA' === err.code) { | ||||
| 				err = new Error("no MX records found for '" + parts[1] + "'"); | ||||
| 				err.code = 'E_EMAIL'; | ||||
| 				return Promise.reject(err); | ||||
| 			} | ||||
|   }); | ||||
| 		} | ||||
| 	); | ||||
| }; | ||||
|  | ||||
| @ -2,13 +2,13 @@ | ||||
| 
 | ||||
| var LE = require('../').LE; | ||||
| var le = LE.create({ | ||||
|   server: 'staging' | ||||
| , acme: require('le-acme-core').ACME.create() | ||||
| , store: require('le-store-certbot').create({ | ||||
|     configDir: '~/letsencrypt.test/etc/' | ||||
|   , webrootPath: '~/letsencrypt.test/tmp/:hostname' | ||||
|   }) | ||||
| , debug: true | ||||
| 	server: 'staging', | ||||
| 	acme: require('le-acme-core').ACME.create(), | ||||
| 	store: require('le-store-certbot').create({ | ||||
| 		configDir: '~/letsencrypt.test/etc/', | ||||
| 		webrootPath: '~/letsencrypt.test/tmp/:hostname' | ||||
| 	}), | ||||
| 	debug: true | ||||
| }); | ||||
| 
 | ||||
| // TODO test generateRsaKey code path separately
 | ||||
| @ -20,24 +20,32 @@ var testEmail = 'coolaj86+le.' + testId + '@gmail.com'; | ||||
| var testAccountId = '939573edbf2506c92c9ab32131209d7b'; | ||||
| 
 | ||||
| var tests = [ | ||||
|   function () { | ||||
|     return le.core.accounts.checkAsync({ | ||||
| 	function() { | ||||
| 		return le.core.accounts | ||||
| 			.checkAsync({ | ||||
| 				accountId: testAccountId | ||||
|     }).then(function (account) { | ||||
| 			}) | ||||
| 			.then(function(account) { | ||||
| 				if (!account) { | ||||
|         throw new Error("Test account should exist when searched by account id."); | ||||
| 					throw new Error( | ||||
| 						'Test account should exist when searched by account id.' | ||||
| 					); | ||||
| 				} | ||||
| 			}); | ||||
|   } | ||||
| 	}, | ||||
| 
 | ||||
| , function () { | ||||
|     return le.core.accounts.checkAsync({ | ||||
| 	function() { | ||||
| 		return le.core.accounts | ||||
| 			.checkAsync({ | ||||
| 				email: testEmail | ||||
|     }).then(function (account) { | ||||
| 			}) | ||||
| 			.then(function(account) { | ||||
| 				console.log('account.regr'); | ||||
| 				console.log(account.regr); | ||||
| 				if (!account) { | ||||
|         throw new Error("Test account should exist when searched by email."); | ||||
| 					throw new Error( | ||||
| 						'Test account should exist when searched by email.' | ||||
| 					); | ||||
| 				} | ||||
| 			}); | ||||
| 	} | ||||
|  | ||||
| @ -2,13 +2,13 @@ | ||||
| 
 | ||||
| var LE = require('../').LE; | ||||
| var le = LE.create({ | ||||
|   server: 'staging' | ||||
| , acme: require('le-acme-core').ACME.create() | ||||
| , store: require('le-store-certbot').create({ | ||||
|     configDir: '~/letsencrypt.test/etc/' | ||||
|   , webrootPath: '~/letsencrypt.test/tmp/:hostname' | ||||
|   }) | ||||
| , debug: true | ||||
| 	server: 'staging', | ||||
| 	acme: require('le-acme-core').ACME.create(), | ||||
| 	store: require('le-store-certbot').create({ | ||||
| 		configDir: '~/letsencrypt.test/etc/', | ||||
| 		webrootPath: '~/letsencrypt.test/tmp/:hostname' | ||||
| 	}), | ||||
| 	debug: true | ||||
| }); | ||||
| 
 | ||||
| //var testId = Math.round(Date.now() / 1000).toString();
 | ||||
| @ -18,75 +18,104 @@ var testEmail = 'coolaj86+le.' + testId + '@gmail.com'; | ||||
| var testAccount; | ||||
| 
 | ||||
| var tests = [ | ||||
|   function () { | ||||
|     return le.core.accounts.checkAsync({ | ||||
| 	function() { | ||||
| 		return le.core.accounts | ||||
| 			.checkAsync({ | ||||
| 				email: testEmail | ||||
|     }).then(function (account) { | ||||
| 			}) | ||||
| 			.then(function(account) { | ||||
| 				if (account) { | ||||
| 					console.error(account); | ||||
|         throw new Error("Test account should not exist."); | ||||
| 					throw new Error('Test account should not exist.'); | ||||
| 				} | ||||
| 			}); | ||||
|   } | ||||
| , function () { | ||||
|     return le.core.accounts.registerAsync({ | ||||
|       email: testEmail | ||||
|     , agreeTos: false | ||||
|     , rsaKeySize: 2048 | ||||
|     }).then(function (/*account*/) { | ||||
|       throw new Error("Should not register if 'agreeTos' is not truthy."); | ||||
|     }, function (err) { | ||||
| 	}, | ||||
| 	function() { | ||||
| 		return le.core.accounts | ||||
| 			.registerAsync({ | ||||
| 				email: testEmail, | ||||
| 				agreeTos: false, | ||||
| 				rsaKeySize: 2048 | ||||
| 			}) | ||||
| 			.then( | ||||
| 				function(/*account*/) { | ||||
| 					throw new Error( | ||||
| 						"Should not register if 'agreeTos' is not truthy." | ||||
| 					); | ||||
| 				}, | ||||
| 				function(err) { | ||||
| 					if (err.code !== 'E_ARGS') { | ||||
| 						throw err; | ||||
| 					} | ||||
|     }); | ||||
| 				} | ||||
| , function () { | ||||
|     return le.core.accounts.registerAsync({ | ||||
|       email: testEmail | ||||
|     , agreeTos: true | ||||
|     , rsaKeySize: 1024 | ||||
|     }).then(function (/*account*/) { | ||||
|       throw new Error("Should not register if 'rsaKeySize' is less than 2048."); | ||||
|     }, function (err) { | ||||
| 			); | ||||
| 	}, | ||||
| 	function() { | ||||
| 		return le.core.accounts | ||||
| 			.registerAsync({ | ||||
| 				email: testEmail, | ||||
| 				agreeTos: true, | ||||
| 				rsaKeySize: 1024 | ||||
| 			}) | ||||
| 			.then( | ||||
| 				function(/*account*/) { | ||||
| 					throw new Error( | ||||
| 						"Should not register if 'rsaKeySize' is less than 2048." | ||||
| 					); | ||||
| 				}, | ||||
| 				function(err) { | ||||
| 					if (err.code !== 'E_ARGS') { | ||||
| 						throw err; | ||||
| 					} | ||||
|     }); | ||||
| 				} | ||||
| , function () { | ||||
|     return le.core.accounts.registerAsync({ | ||||
|       email: fakeEmail | ||||
|     , agreeTos: true | ||||
|     , rsaKeySize: 2048 | ||||
|     }).then(function (/*account*/) { | ||||
| 			); | ||||
| 	}, | ||||
| 	function() { | ||||
| 		return le.core.accounts | ||||
| 			.registerAsync({ | ||||
| 				email: fakeEmail, | ||||
| 				agreeTos: true, | ||||
| 				rsaKeySize: 2048 | ||||
| 			}) | ||||
| 			.then( | ||||
| 				function(/*account*/) { | ||||
| 					// TODO test mx record
 | ||||
|       throw new Error("Registration should NOT succeed with a bad email address."); | ||||
|     }, function (err) { | ||||
| 					throw new Error( | ||||
| 						'Registration should NOT succeed with a bad email address.' | ||||
| 					); | ||||
| 				}, | ||||
| 				function(err) { | ||||
| 					if (err.code !== 'E_EMAIL') { | ||||
| 						throw err; | ||||
| 					} | ||||
|     }); | ||||
| 				} | ||||
| , function () { | ||||
|     return le.core.accounts.registerAsync({ | ||||
|       email: testEmail | ||||
|     , agreeTos: true | ||||
|     , rsaKeySize: 2048 | ||||
|     }).then(function (account) { | ||||
| 			); | ||||
| 	}, | ||||
| 	function() { | ||||
| 		return le.core.accounts | ||||
| 			.registerAsync({ | ||||
| 				email: testEmail, | ||||
| 				agreeTos: true, | ||||
| 				rsaKeySize: 2048 | ||||
| 			}) | ||||
| 			.then(function(account) { | ||||
| 				testAccount = account; | ||||
| 
 | ||||
| 				console.log(testEmail); | ||||
| 				console.log(testAccount); | ||||
| 
 | ||||
| 				if (!account) { | ||||
|         throw new Error("Registration should always return a new account."); | ||||
| 					throw new Error( | ||||
| 						'Registration should always return a new account.' | ||||
| 					); | ||||
| 				} | ||||
| 				if (!account.email) { | ||||
|         throw new Error("Registration should return the email."); | ||||
| 					throw new Error('Registration should return the email.'); | ||||
| 				} | ||||
| 				if (!account.id) { | ||||
|         throw new Error("Registration should return the account id."); | ||||
| 					throw new Error( | ||||
| 						'Registration should return the account id.' | ||||
| 					); | ||||
| 				} | ||||
| 			}); | ||||
| 	} | ||||
|  | ||||
| @ -2,16 +2,16 @@ | ||||
| 
 | ||||
| var LE = require('../').LE; | ||||
| var le = LE.create({ | ||||
|   server: 'staging' | ||||
| , acme: require('le-acme-core').ACME.create() | ||||
| , store: require('le-store-certbot').create({ | ||||
|     configDir: '~/letsencrypt.test/etc' | ||||
|   , webrootPath: '~/letsencrypt.test/var/:hostname' | ||||
|   }) | ||||
| , challenge: require('le-challenge-fs').create({ | ||||
| 	server: 'staging', | ||||
| 	acme: require('le-acme-core').ACME.create(), | ||||
| 	store: require('le-store-certbot').create({ | ||||
| 		configDir: '~/letsencrypt.test/etc', | ||||
| 		webrootPath: '~/letsencrypt.test/var/:hostname' | ||||
|   }) | ||||
| , debug: true | ||||
| 	}), | ||||
| 	challenge: require('le-challenge-fs').create({ | ||||
| 		webrootPath: '~/letsencrypt.test/var/:hostname' | ||||
| 	}), | ||||
| 	debug: true | ||||
| }); | ||||
| 
 | ||||
| // TODO test generateRsaKey code path separately
 | ||||
| @ -21,26 +21,34 @@ var le = LE.create({ | ||||
| var testId = 'test1000'; | ||||
| var testEmail = 'coolaj86+le.' + testId + '@gmail.com'; | ||||
| // TODO integrate with Daplie Domains for junk domains to test with
 | ||||
| var testDomains = [ 'pokemap.hellabit.com', 'www.pokemap.hellabit.com' ]; | ||||
| var testDomains = ['pokemap.hellabit.com', 'www.pokemap.hellabit.com']; | ||||
| 
 | ||||
| var tests = [ | ||||
|   function () { | ||||
|     return le.core.certificates.checkAsync({ | ||||
|       domains: [ 'example.com', 'www.example.com' ] | ||||
|     }).then(function (cert) { | ||||
| 	function() { | ||||
| 		return le.core.certificates | ||||
| 			.checkAsync({ | ||||
| 				domains: ['example.com', 'www.example.com'] | ||||
| 			}) | ||||
| 			.then(function(cert) { | ||||
| 				if (cert) { | ||||
|         throw new Error("Bogus domain should not have certificate."); | ||||
| 					throw new Error( | ||||
| 						'Bogus domain should not have certificate.' | ||||
| 					); | ||||
| 				} | ||||
| 			}); | ||||
|   } | ||||
| 	}, | ||||
| 
 | ||||
| , function () { | ||||
|     return le.core.certificates.getAsync({ | ||||
|       email: testEmail | ||||
|     , domains: testDomains | ||||
|     }).then(function (certs) { | ||||
| 	function() { | ||||
| 		return le.core.certificates | ||||
| 			.getAsync({ | ||||
| 				email: testEmail, | ||||
| 				domains: testDomains | ||||
| 			}) | ||||
| 			.then(function(certs) { | ||||
| 				if (!certs) { | ||||
|         throw new Error("Should have acquired certificate for domains."); | ||||
| 					throw new Error( | ||||
| 						'Should have acquired certificate for domains.' | ||||
| 					); | ||||
| 				} | ||||
| 			}); | ||||
| 	} | ||||
| @ -49,7 +57,7 @@ var tests = [ | ||||
| function run() { | ||||
| 	//var express = require(express);
 | ||||
| 	var server = require('http').createServer(le.middleware()); | ||||
|   server.listen(80, function () { | ||||
| 	server.listen(80, function() { | ||||
| 		console.log('Server running, proceeding to test.'); | ||||
| 
 | ||||
| 		function next() { | ||||
| @ -60,7 +68,7 @@ function run() { | ||||
| 				return; | ||||
| 			} | ||||
| 
 | ||||
|       test().then(next, function (err) { | ||||
| 			test().then(next, function(err) { | ||||
| 				console.error('ERROR'); | ||||
| 				console.error(err.stack); | ||||
| 				server.close(); | ||||
|  | ||||
| @ -2,16 +2,16 @@ | ||||
| 
 | ||||
| var LE = require('../').LE; | ||||
| var le = LE.create({ | ||||
|   server: 'staging' | ||||
| , acme: require('le-acme-core').ACME.create() | ||||
| , store: require('le-store-certbot').create({ | ||||
|     configDir: '~/letsencrypt.test/etc' | ||||
|   , webrootPath: '~/letsencrypt.test/var/:hostname' | ||||
|   }) | ||||
| , challenge: require('le-challenge-fs').create({ | ||||
| 	server: 'staging', | ||||
| 	acme: require('le-acme-core').ACME.create(), | ||||
| 	store: require('le-store-certbot').create({ | ||||
| 		configDir: '~/letsencrypt.test/etc', | ||||
| 		webrootPath: '~/letsencrypt.test/var/:hostname' | ||||
|   }) | ||||
| , debug: true | ||||
| 	}), | ||||
| 	challenge: require('le-challenge-fs').create({ | ||||
| 		webrootPath: '~/letsencrypt.test/var/:hostname' | ||||
| 	}), | ||||
| 	debug: true | ||||
| }); | ||||
| 
 | ||||
| // TODO test generateRsaKey code path separately
 | ||||
| @ -21,54 +21,89 @@ var le = LE.create({ | ||||
| var testId = 'test1000'; | ||||
| var testEmail = 'coolaj86+le.' + testId + '@gmail.com'; | ||||
| // TODO integrate with Daplie Domains for junk domains to test with
 | ||||
| var testDomains = [ 'pokemap.hellabit.com', 'www.pokemap.hellabit.com' ]; | ||||
| var testDomains = ['pokemap.hellabit.com', 'www.pokemap.hellabit.com']; | ||||
| var testCerts; | ||||
| 
 | ||||
| var tests = [ | ||||
|   function () { | ||||
| 	function() { | ||||
| 		// TODO test that an altname also fetches the proper certificate
 | ||||
|     return le.core.certificates.checkAsync({ | ||||
| 		return le.core.certificates | ||||
| 			.checkAsync({ | ||||
| 				domains: testDomains | ||||
|     }).then(function (certs) { | ||||
| 			}) | ||||
| 			.then(function(certs) { | ||||
| 				if (!certs) { | ||||
|         throw new Error("Either certificates.registerAsync (in previous test)" | ||||
|           + " or certificates.checkAsync (in this test) failed."); | ||||
| 					throw new Error( | ||||
| 						'Either certificates.registerAsync (in previous test)' + | ||||
| 							' or certificates.checkAsync (in this test) failed.' | ||||
| 					); | ||||
| 				} | ||||
| 
 | ||||
| 				testCerts = certs; | ||||
|       console.log('Issued At', new Date(certs.issuedAt).toISOString()); | ||||
|       console.log('Expires At', new Date(certs.expiresAt).toISOString()); | ||||
| 				console.log( | ||||
| 					'Issued At', | ||||
| 					new Date(certs.issuedAt).toISOString() | ||||
| 				); | ||||
| 				console.log( | ||||
| 					'Expires At', | ||||
| 					new Date(certs.expiresAt).toISOString() | ||||
| 				); | ||||
| 
 | ||||
| 				if (certs.expiresAt <= Date.now()) { | ||||
|         throw new Error("Certificates are already expired. They cannot be tested for duplicate or forced renewal."); | ||||
| 					throw new Error( | ||||
| 						'Certificates are already expired. They cannot be tested for duplicate or forced renewal.' | ||||
| 					); | ||||
| 				} | ||||
| 			}); | ||||
|   } | ||||
| 	}, | ||||
| 
 | ||||
| , function () { | ||||
|     return le.core.certificates.renewAsync({ | ||||
|       email: testEmail | ||||
|     , domains: testDomains | ||||
|     }, testCerts).then(function () { | ||||
|       throw new Error("Should not have renewed non-expired certificates."); | ||||
|     }, function (err) { | ||||
| 	function() { | ||||
| 		return le.core.certificates | ||||
| 			.renewAsync( | ||||
| 				{ | ||||
| 					email: testEmail, | ||||
| 					domains: testDomains | ||||
| 				}, | ||||
| 				testCerts | ||||
| 			) | ||||
| 			.then( | ||||
| 				function() { | ||||
| 					throw new Error( | ||||
| 						'Should not have renewed non-expired certificates.' | ||||
| 					); | ||||
| 				}, | ||||
| 				function(err) { | ||||
| 					if ('E_NOT_RENEWABLE' !== err.code) { | ||||
| 						throw err; | ||||
| 					} | ||||
|     }); | ||||
| 				} | ||||
| 			); | ||||
| 	}, | ||||
| 
 | ||||
| , function () { | ||||
|     return le.core.certificates.renewAsync({ | ||||
|       email: testEmail | ||||
|     , domains: testDomains | ||||
|     , renewWithin: 720 * 24 * 60 * 60 * 1000 | ||||
|     }, testCerts).then(function (certs) { | ||||
|       console.log('Issued At', new Date(certs.issuedAt).toISOString()); | ||||
|       console.log('Expires At', new Date(certs.expiresAt).toISOString()); | ||||
| 	function() { | ||||
| 		return le.core.certificates | ||||
| 			.renewAsync( | ||||
| 				{ | ||||
| 					email: testEmail, | ||||
| 					domains: testDomains, | ||||
| 					renewWithin: 720 * 24 * 60 * 60 * 1000 | ||||
| 				}, | ||||
| 				testCerts | ||||
| 			) | ||||
| 			.then(function(certs) { | ||||
| 				console.log( | ||||
| 					'Issued At', | ||||
| 					new Date(certs.issuedAt).toISOString() | ||||
| 				); | ||||
| 				console.log( | ||||
| 					'Expires At', | ||||
| 					new Date(certs.expiresAt).toISOString() | ||||
| 				); | ||||
| 
 | ||||
| 				if (certs.issuedAt === testCerts.issuedAt) { | ||||
|         throw new Error("Should not have returned existing certificates."); | ||||
| 					throw new Error( | ||||
| 						'Should not have returned existing certificates.' | ||||
| 					); | ||||
| 				} | ||||
| 			}); | ||||
| 	} | ||||
| @ -77,7 +112,7 @@ var tests = [ | ||||
| function run() { | ||||
| 	//var express = require(express);
 | ||||
| 	var server = require('http').createServer(le.middleware()); | ||||
|   server.listen(80, function () { | ||||
| 	server.listen(80, function() { | ||||
| 		console.log('Server running, proceeding to test.'); | ||||
| 
 | ||||
| 		function next() { | ||||
| @ -88,7 +123,7 @@ function run() { | ||||
| 				return; | ||||
| 			} | ||||
| 
 | ||||
|       test().then(next, function (err) { | ||||
| 			test().then(next, function(err) { | ||||
| 				console.error('ERROR'); | ||||
| 				console.error(err.stack); | ||||
| 				server.close(); | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user