1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
package acme
import (
"crypto/sha256"
"encoding/hex"
"time"
)
// Challege ...
type Challenge struct {
Resource Resource `json:"resource"` // challenge
Type ChalType `json:"type"`
Token string `json:"token,omitempty"`
Status Status `json:"status,omitempty"` // e.g. valid
URI string `json:"uri,omitempty"`
Validated *time.Time `json:"validated,omitempty"`
KeyAuthorization string `json:"keyAuthorization,omitempty"`
Err *Problem `json:"error,omitempty"`
}
const AcmeInvalid = `.acme.invalid`
// SNIName returns a new SNI name based on KeyAuthorization
func (c Challenge) SNIName() string {
hash := sha256.Sum256([]byte(c.KeyAuthorization))
z := hex.EncodeToString(hash[:])
return z[:32] + "." + z[32:] + AcmeInvalid
}
// Status of request
type Status string
// Statuses
const (
StatusUnknown Status = "unknown"
StatusPending Status = "pending"
StatusProcessing Status = "processing"
StatusValid Status = "valid"
StatusInvalid Status = "invalid"
StatusRevoked Status = "revoked"
)
type ChalType string
const (
ChallengeHTTP ChalType = "http-01"
ChallengeTLS ChalType = "tls-sni-01"
ChallengePOP ChalType = "proofOfPossession-01"
ChallengeDNS ChalType = "dns-01"
)
func (p *Provider) Solve(s Signer, ch Challenge, sol Solver) error {
// update challenge
ch.Resource = ResChallenge
ch.KeyAuthorization = s.KeyAuth(ch.Token)
// prepare solver
if err := sol.Solve(ch); err != nil {
return err
}
defer sol.Solved()
resp, err := p.post(ch.URI, s, ch)
if err != nil {
return err
}
ns := parseHeader(resp)
return p.pollStatus(ns.Location)
}
func (p *Provider) pollStatus(uri string) error {
t := time.NewTicker(poll)
defer t.Stop()
for range t.C {
resp, err := p.Get(uri)
if err != nil {
return err
}
req := new(Challenge)
err = parseJson(resp, req)
if err != nil {
return err
}
if req.Err != nil {
return req.Err
}
if req.Status == StatusValid {
return nil
}
}
return nil
}
|