Remove challenge pre-checks.

We won't ever be able to do this properly for all possible scenarios.
2024-11-28 17:41:10 +02:00 · 2015-10-26 00:39:24 +01:00 · 2015-10-26 00:39:24 +01:00 · 8d31bb0123
commit 8d31bb0123
parent 537a0b74fd
3 changed files with 1 additions and 67 deletions
--- a/acme/client.go
+++ b/acme/client.go
@ -38,7 +38,6 @@ type User interface {
 // Interface for all challenge solvers to implement.
 type solver interface {
 	CanSolve(domain string) bool
 	Solve(challenge challenge, domain string) error
 }
@ -321,7 +320,7 @@ func (c *Client) chooseSolvers(auth authorization, domain string) map[int]solver
 	for _, combination := range auth.Combinations {
 		solvers := make(map[int]solver)
 		for _, idx := range combination {
-			if solver, ok := c.solvers[auth.Challenges[idx].Type]; ok && (c.devMode || solver.CanSolve(domain)) {
+			if solver, ok := c.solvers[auth.Challenges[idx].Type]; ok {
 				solvers[idx] = solver
 			} else {
 				logger().Printf("Could not find solver for: %s", auth.Challenges[idx].Type)
--- a/acme/simple_http_challenge.go
+++ b/acme/simple_http_challenge.go
@ -9,7 +9,6 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
 	"io/ioutil"
 	"net"
 	"net/http"
 	"strings"
@ -21,43 +20,6 @@ type simpleHTTPChallenge struct {
 	optPort string
 }
 // SimpleHTTPS checks for DNS, public IP and port bindings
 func (s *simpleHTTPChallenge) CanSolve(domain string) bool {
 	// determine public ip
 	resp, err := http.Get("https://icanhazip.com/")
 	if err != nil {
 		logger().Printf("Could not get public IP -> %v", err)
 		return false
 	}
 	defer resp.Body.Close()
 	ip, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		logger().Printf("Could not get public IP -> %v", err)
 		return false
 	}
 	ipStr := string(ip)
 	ipStr = strings.Replace(ipStr, "\n", "", -1)
 	// resolve domain we should solve for
 	resolvedIPs, err := net.LookupHost(domain)
 	if err != nil {
 		logger().Printf("Could not lookup DNS A record for %s", domain)
 		return false
 	}
 	// if the resolve does not resolve to our public ip, we can't solve.
 	for _, resolvedIP := range resolvedIPs {
 		if resolvedIP == ipStr {
 			return true
 		}
 	}
 	logger().Printf("SimpleHTTP: Domain %s does not resolve to the public ip of this server. Determined IP: %s Resolved IP: %s", domain, ipStr, resolvedIPs[0])
 	return false
 }
 func (s *simpleHTTPChallenge) Solve(chlng challenge, domain string) error {
 	logger().Print("Trying to solve SimpleHTTP")
--- a/acme/simple_http_challenge_test.go
+++ b/acme/simple_http_challenge_test.go
@ -7,38 +7,11 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
 	"strings"
 	"testing"
 	"github.com/square/go-jose"
 )
 func TestSimpleHTTPCanSolve(t *testing.T) {
 	challenge := &simpleHTTPChallenge{}
 	// determine public ip
 	resp, err := http.Get("https://icanhazip.com/")
 	if err != nil {
 		t.Errorf("Could not get public IP -> %v", err)
 	}
 	defer resp.Body.Close()
 	ip, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		t.Errorf("Could not get public IP -> %v", err)
 	}
 	ipStr := string(ip)
 	if expected, actual := false, challenge.CanSolve("google.com"); expected != actual {
 		t.Errorf("Expected CanSolve to return %t for domain 'google.com' but was %t", expected, actual)
 	}
 	localResolv := strings.Replace(ipStr, "\n", "", -1) + ".xip.io"
 	if expected, actual := true, challenge.CanSolve(localResolv); expected != actual {
 		t.Errorf("Expected CanSolve to return %t for domain 'localhost' but was %t", expected, actual)
 	}
 }
 func TestSimpleHTTP(t *testing.T) {
 	privKey, err := generatePrivateKey(rsakey, 512)
 	if err != nil {