diff --git a/caddy/letsencrypt/handler.go b/caddy/letsencrypt/handler.go index 4fdf4f62..6c9f962d 100644 --- a/caddy/letsencrypt/handler.go +++ b/caddy/letsencrypt/handler.go @@ -7,7 +7,6 @@ import ( "net/http/httputil" "net/url" "strings" - "sync/atomic" "github.com/mholt/caddy/middleware" ) @@ -18,18 +17,15 @@ const challengeBasePath = "/.well-known/acme-challenge" // requests to the real ACME client endpoint. This is necessary // to renew certificates while the server is running. type Handler struct { - Next middleware.Handler - ChallengeActive int32 // TODO: use sync/atomic to set/get this flag safely and efficiently + Next middleware.Handler + //ChallengeActive int32 // (TODO) use sync/atomic to set/get this flag safely and efficiently } // ServeHTTP is basically a no-op unless an ACME challenge is active on this host // and the request path matches the expected path exactly. func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) { - // Only if challenge is active - // TODO: this won't work until the global challenge hook in the acme package is ready - //if atomic.LoadInt32(&h.ChallengeActive) == 1 { - // Proxy challenge requests to ACME client + // TODO: Only do this if a challenge is active? if strings.HasPrefix(r.URL.Path, challengeBasePath) { scheme := "http" if r.TLS != nil { @@ -48,31 +44,12 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) proxy := httputil.NewSingleHostReverseProxy(upstream) proxy.Transport = &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // client uses self-signed cert + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // client would use self-signed cert } proxy.ServeHTTP(w, r) return 0, nil } - //} - return h.Next.ServeHTTP(w, r) } - -// TODO: SimpleHTTP deprecation imminent!! meaning these -// challenge handlers will go away and be replaced with -// something else. - -// ChallengeOn enables h to proxy ACME requests. -func (h *Handler) ChallengeOn(challengePath string) { - // h.Lock() - // h.ChallengePath = challengePath - // h.Unlock() - atomic.StoreInt32(&h.ChallengeActive, 1) -} - -// ChallengeOff disables ACME proxying from this h. -func (h *Handler) ChallengeOff(success bool) { - atomic.StoreInt32(&h.ChallengeActive, 0) -} diff --git a/caddy/letsencrypt/maintain.go b/caddy/letsencrypt/maintain.go index 6eaa8220..c6701b40 100644 --- a/caddy/letsencrypt/maintain.go +++ b/caddy/letsencrypt/maintain.go @@ -79,12 +79,6 @@ func renewCertificates(configs []server.Config, useCustomPort bool) (int, []erro var errs []error var n int - defer func() { - // reset these so as to not interfere with other challenges - acme.OnSimpleHTTPStart = nil - acme.OnSimpleHTTPEnd = nil - }() - for _, cfg := range configs { // Host must be TLS-enabled and have existing assets managed by LE if !cfg.TLS.Enabled || !existingCertAndKey(cfg.Host) { @@ -122,28 +116,22 @@ func renewCertificates(configs []server.Config, useCustomPort bool) (int, []erro continue } - // Read metadata + // Read and set up cert meta, required for renewal metaBytes, err := ioutil.ReadFile(storage.SiteMetaFile(cfg.Host)) if err != nil { errs = append(errs, err) continue } - privBytes, err := ioutil.ReadFile(storage.SiteKeyFile(cfg.Host)) if err != nil { errs = append(errs, err) continue } - var certMeta acme.CertificateResource err = json.Unmarshal(metaBytes, &certMeta) certMeta.Certificate = certBytes certMeta.PrivateKey = privBytes - // Tell the handler to accept and proxy acme request in order to solve challenge - acme.OnSimpleHTTPStart = acmeHandlers[cfg.Host].ChallengeOn - acme.OnSimpleHTTPEnd = acmeHandlers[cfg.Host].ChallengeOff - // Renew certificate Renew: newCertMeta, err := client.RenewCertificate(certMeta, true, true) @@ -176,6 +164,5 @@ func renewCertificates(configs []server.Config, useCustomPort bool) (int, []erro } // acmeHandlers is a map of host to ACME handler. These -// are used to proxy ACME requests to the ACME client -// when port 443 is in use. +// are used to proxy ACME requests to the ACME client. var acmeHandlers = make(map[string]*Handler) diff --git a/main.go b/main.go index 784fc651..b08d101a 100644 --- a/main.go +++ b/main.go @@ -26,7 +26,7 @@ var ( const ( appName = "Caddy" - appVersion = "0.8 beta 3" + appVersion = "0.8 beta 4" ) func init() {