1
0
mirror of https://github.com/go-acme/lego.git synced 2024-12-05 03:58:54 +02:00

Merge pull request #227 from dmcgowan/add-rsc-changes

Change TLS SNI Challenge Cert function to return domain
This commit is contained in:
xenolf 2016-06-14 01:31:55 +02:00 committed by GitHub
commit a9d8cec0e6
2 changed files with 7 additions and 7 deletions

View File

@ -40,12 +40,12 @@ func (t *tlsSNIChallenge) Solve(chlng challenge, domain string) error {
return t.validate(t.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth}) return t.validate(t.jws, domain, chlng.URI, challenge{Resource: "challenge", Type: chlng.Type, Token: chlng.Token, KeyAuthorization: keyAuth})
} }
// TLSSNI01ChallengeCert returns a certificate for the `tls-sni-01` challenge // TLSSNI01ChallengeCert returns a certificate and target domain for the `tls-sni-01` challenge
func TLSSNI01ChallengeCert(keyAuth string) (tls.Certificate, error) { func TLSSNI01ChallengeCert(keyAuth string) (tls.Certificate, string, error) {
// generate a new RSA key for the certificates // generate a new RSA key for the certificates
tempPrivKey, err := generatePrivateKey(RSA2048) tempPrivKey, err := generatePrivateKey(RSA2048)
if err != nil { if err != nil {
return tls.Certificate{}, err return tls.Certificate{}, "", err
} }
rsaPrivKey := tempPrivKey.(*rsa.PrivateKey) rsaPrivKey := tempPrivKey.(*rsa.PrivateKey)
rsaPrivPEM := pemEncode(rsaPrivKey) rsaPrivPEM := pemEncode(rsaPrivKey)
@ -55,13 +55,13 @@ func TLSSNI01ChallengeCert(keyAuth string) (tls.Certificate, error) {
domain := fmt.Sprintf("%s.%s.acme.invalid", z[:32], z[32:]) domain := fmt.Sprintf("%s.%s.acme.invalid", z[:32], z[32:])
tempCertPEM, err := generatePemCert(rsaPrivKey, domain) tempCertPEM, err := generatePemCert(rsaPrivKey, domain)
if err != nil { if err != nil {
return tls.Certificate{}, err return tls.Certificate{}, "", err
} }
certificate, err := tls.X509KeyPair(tempCertPEM, rsaPrivPEM) certificate, err := tls.X509KeyPair(tempCertPEM, rsaPrivPEM)
if err != nil { if err != nil {
return tls.Certificate{}, err return tls.Certificate{}, "", err
} }
return certificate, nil return certificate, domain, nil
} }

View File

@ -30,7 +30,7 @@ func (s *TLSProviderServer) Present(domain, token, keyAuth string) error {
s.port = "443" s.port = "443"
} }
cert, err := TLSSNI01ChallengeCert(keyAuth) cert, _, err := TLSSNI01ChallengeCert(keyAuth)
if err != nil { if err != nil {
return err return err
} }