1
0
mirror of https://github.com/go-acme/lego.git synced 2024-12-26 11:18:00 +02:00

Don't try appending /directory to caURL (spec doesn't require it)

Also improved some comments/docs and fixed a test
This commit is contained in:
Matthew Holt 2015-11-20 12:01:06 -07:00
parent f2389fda58
commit 974f2fa929
2 changed files with 16 additions and 18 deletions

View File

@ -52,13 +52,14 @@ type Client struct {
solvers map[string]solver
}
// NewClient creates a new client for the set user.
// caURL - The root url to the boulder instance you want certificates from
// usr - A filled in user struct
// keyBits - Size of the key in bits
// optPort - The alternative port to listen on for challenges.
func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, error) {
privKey := usr.GetPrivateKey()
// NewClient creates a new ACME client on behalf of user. The client will depend on
// the ACME directory located at caDirURL for the rest of its actions. It will
// generate private keys for certificates of size keyBits. And, if the challenge
// type requires it, the client will open a port at optPort to solve the challenge.
// If optPort is blank, the port required by the spec will be used, but you must
// forward the required port to optPort for the challenge to succeed.
func NewClient(caDirURL string, user User, keyBits int, optPort string) (*Client, error) {
privKey := user.GetPrivateKey()
if privKey == nil {
return nil, errors.New("private key was nil")
}
@ -67,12 +68,9 @@ func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, er
return nil, fmt.Errorf("invalid private key: %v", err)
}
if !strings.HasSuffix(caURL, "/directory") {
caURL = caURL + "/directory"
}
dirResp, err := http.Get(caURL)
dirResp, err := http.Get(caDirURL)
if err != nil {
return nil, fmt.Errorf("get directory at '%s': %v", caURL, err)
return nil, fmt.Errorf("get directory at '%s': %v", caDirURL, err)
}
defer dirResp.Body.Close()
@ -95,7 +93,7 @@ func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, er
return nil, errors.New("directory missing revoke certificate URL")
}
jws := &jws{privKey: privKey, directoryURL: caURL}
jws := &jws{privKey: privKey, directoryURL: caDirURL}
// REVIEW: best possibility?
// Add all available solvers with the right index as per ACME
@ -103,7 +101,7 @@ func NewClient(caURL string, usr User, keyBits int, optPort string) (*Client, er
solvers := make(map[string]solver)
solvers["http-01"] = &httpChallenge{jws: jws, optPort: optPort}
return &Client{directory: dir, user: usr, jws: jws, keyBits: keyBits, solvers: solvers}, nil
return &Client{directory: dir, user: user, jws: jws, keyBits: keyBits, solvers: solvers}, nil
}
// Register the current account to the ACME server.

View File

@ -43,19 +43,19 @@ func TestNewClient(t *testing.T) {
t.Errorf("Expected keyBits to be %d but was %d", keyBits, client.keyBits)
}
if expected, actual := 2, len(client.solvers); actual != expected {
if expected, actual := 1, len(client.solvers); actual != expected {
t.Fatalf("Expected %d solver(s), got %d", expected, actual)
}
httpSolver, ok := client.solvers["http-01"].(*httpChallenge)
if !ok {
t.Fatal("Expected simpleHttps solver to be simpleHTTPChallenge type")
t.Fatal("Expected http-01 solver to be httpChallenge type")
}
if httpSolver.jws != client.jws {
t.Error("Expected simpleHTTPChallenge to have same jws as client")
t.Error("Expected http-01 to have same jws as client")
}
if httpSolver.optPort != optPort {
t.Errorf("Expected simpleHTTPChallenge to have optPort %s but was %s", optPort, httpSolver.optPort)
t.Errorf("Expected http-01 to have optPort %s but was %s", optPort, httpSolver.optPort)
}
}