From 39176b1d4c6c23cb17d76dfe1549353045236dcd Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Wed, 27 Jan 2016 18:07:23 +0100 Subject: Start testing --- solve_tls.go | 15 +++++++++------ solve_tls_test.go | 12 ++++++++++++ 2 files changed, 21 insertions(+), 6 deletions(-) create mode 100644 solve_tls_test.go diff --git a/solve_tls.go b/solve_tls.go index 97a0ede..876a39a 100644 --- a/solve_tls.go +++ b/solve_tls.go @@ -33,7 +33,7 @@ func NewTLSSolver(addr string) Solver { return s } -func newCert(keyAuth string) (tls.Certificate, error) { +func newCert(domain string) (tls.Certificate, error) { fail := func(err error) (tls.Certificate, error) { return tls.Certificate{}, err } @@ -46,9 +46,6 @@ func newCert(keyAuth string) (tls.Certificate, error) { if err != nil { return fail(err) } - hash := sha256.Sum256([]byte(keyAuth)) - z := hex.EncodeToString(hash[:]) - name := z[:32] + "." + z[32:] + tlsSuffix tmpl := x509.Certificate{ SerialNumber: serial, Subject: pkix.Name{ @@ -60,7 +57,7 @@ func newCert(keyAuth string) (tls.Certificate, error) { ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, BasicConstraintsValid: true, SignatureAlgorithm: x509.SHA256WithRSA, - DNSNames: []string{name}, + DNSNames: []string{domain}, } crt, err := x509.CreateCertificate(rand.Reader, &tmpl, &tmpl, key.Public(), key) if err != nil { @@ -72,9 +69,15 @@ func newCert(keyAuth string) (tls.Certificate, error) { }, nil } +func sniName(keyAuth string) string { + hash := sha256.Sum256([]byte(keyAuth)) + z := hex.EncodeToString(hash[:]) + return z[:32] + "." + z[32:] + tlsSuffix +} + func (s *tlsSolver) Solve(_, keyAuth string) error { log.Println("solve tls") - crt, err := newCert(keyAuth) + crt, err := newCert(sniName(keyAuth)) if err != nil { return err } diff --git a/solve_tls_test.go b/solve_tls_test.go new file mode 100644 index 0000000..4f29809 --- /dev/null +++ b/solve_tls_test.go @@ -0,0 +1,12 @@ +package acme + +import "testing" + +const emptySni = "e3b0c44298fc1c149afbf4c8996fb924.27ae41e4649b934ca495991b7852b855.acme.invalid" + +func TestSniName(t *testing.T) { + n := sniName("") + if n != emptySni { + t.Error("got", n, "expected", emptySni) + } +} -- cgit v1.2.3