1
0
mirror of https://github.com/go-acme/lego.git synced 2024-12-27 19:43:24 +02:00

Simplify httpChallenge code.

Solve is blocking, so no need to run initialization code in a separate
goroutine. Removes the need for s.start.

Once the listener is closed, all I/O resources have been returned. No
need to wait for http.Serve to return. Removes the need for s.end.
This commit is contained in:
Tommie Gannert 2015-12-05 11:58:08 +00:00
parent 58a2fd2267
commit 5dc33c8c08

View File

@ -10,45 +10,18 @@ import (
type httpChallenge struct { type httpChallenge struct {
jws *jws jws *jws
optPort string optPort string
start chan net.Listener
end chan error
} }
func (s *httpChallenge) Solve(chlng challenge, domain string) error { func (s *httpChallenge) Solve(chlng challenge, domain string) error {
logf("[INFO] acme: Trying to solve HTTP-01") logf("[INFO] acme: Trying to solve HTTP-01")
s.start = make(chan net.Listener)
s.end = make(chan error)
// Generate the Key Authorization for the challenge // Generate the Key Authorization for the challenge
keyAuth, err := getKeyAuthorization(chlng.Token, &s.jws.privKey.PublicKey) keyAuth, err := getKeyAuthorization(chlng.Token, &s.jws.privKey.PublicKey)
if err != nil { if err != nil {
return err return err
} }
go s.startHTTPServer(domain, chlng.Token, keyAuth)
var listener net.Listener
select {
case listener = <-s.start:
break
case err := <-s.end:
return fmt.Errorf("Could not start HTTP server for challenge -> %v", err)
}
// Make sure we properly close the HTTP server before we return
defer func() {
listener.Close()
err = <-s.end
close(s.start)
close(s.end)
}()
return validate(s.jws, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
}
func (s *httpChallenge) startHTTPServer(domain string, token string, keyAuth string) {
// Allow for CLI port override // Allow for CLI port override
port := ":80" port := ":80"
if s.optPort != "" { if s.optPort != "" {
@ -60,13 +33,12 @@ func (s *httpChallenge) startHTTPServer(domain string, token string, keyAuth str
// if the domain:port bind failed, fall back to :port bind and try that instead. // if the domain:port bind failed, fall back to :port bind and try that instead.
listener, err = net.Listen("tcp", port) listener, err = net.Listen("tcp", port)
if err != nil { if err != nil {
s.end <- err return fmt.Errorf("Could not start HTTP server for challenge -> %v", err)
} }
} }
// Signal successfull start defer listener.Close()
s.start <- listener
path := "/.well-known/acme-challenge/" + token path := "/.well-known/acme-challenge/" + chlng.Token
// The handler validates the HOST header and request type. // The handler validates the HOST header and request type.
// For validation it then writes the token the server returned with the challenge // For validation it then writes the token the server returned with the challenge
@ -81,8 +53,7 @@ func (s *httpChallenge) startHTTPServer(domain string, token string, keyAuth str
} }
}) })
http.Serve(listener, nil) go http.Serve(listener, nil)
// Signal that the server was shut down return validate(s.jws, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
s.end <- nil
} }