Add a "TestMode" config option

This makes the same change as PR #59, but allows test mode to be turned back on with a config option.
2015-03-25 12:58:57 -07:00 · 2015-03-25 12:58:57 -07:00 · 5eac0cda09
parent 4b962b9025
commit 5eac0cda09
4 changed files with 27 additions and 12 deletions
--- a/cmd/boulder/main.go
+++ b/cmd/boulder/main.go
@ -37,7 +37,7 @@ func main() {
 		err = sa.InitTables()
 		cmd.FailOnError(err, "Unable to initialize SA")
 		ra := ra.NewRegistrationAuthorityImpl(auditlogger)
-		va := va.NewValidationAuthorityImpl(auditlogger)
+		va := va.NewValidationAuthorityImpl(auditlogger, c.CA.TestMode)
 		ca, err := ca.NewCertificateAuthorityImpl(auditlogger, c.CA.Server, c.CA.AuthKey, c.CA.Profile)
 		cmd.FailOnError(err, "Unable to create CA")

--- a/cmd/shell.go
+++ b/cmd/shell.go
@ -53,9 +53,10 @@ type Config struct {
 	}

 	CA struct {
-		Server  string
-		AuthKey string
-		Profile string
+		Server    string
+		AuthKey   string
+		Profile   string
+    TestMode  bool
 	}

 	SA struct {
--- a/test/example-config.json
+++ b/test/example-config.json
@ -33,7 +33,8 @@
  "ca": {
    "server": "localhost:9000",
    "authKey": "79999d86250c367a2b517a1ae7d409c1",
-    "profile": "ee"
+    "profile": "ee",
+    "testMode": true
  },

  "sa": {
--- a/va/validation-authority.go
+++ b/va/validation-authority.go
@ -22,11 +22,12 @@ import (
 type ValidationAuthorityImpl struct {
 	RA  core.RegistrationAuthority
 	log *blog.AuditLogger
+  TestMode bool
 }

-func NewValidationAuthorityImpl(logger *blog.AuditLogger) ValidationAuthorityImpl {
+func NewValidationAuthorityImpl(logger *blog.AuditLogger, tm bool) ValidationAuthorityImpl {
 	logger.Notice("Validation Authority Starting")
-	return ValidationAuthorityImpl{log: logger}
+	return ValidationAuthorityImpl{log: logger, TestMode: tm}
 }

 // Validation methods
@ -39,9 +40,12 @@ func (va ValidationAuthorityImpl) validateSimpleHTTPS(identifier core.AcmeIdenti
 		return
 	}

-	// XXX: Local version; uncomment for real version
-	url := fmt.Sprintf("http://localhost:5001/.well-known/acme-challenge/%s", challenge.Path)
-	//url := fmt.Sprintf("https://%s/.well-known/acme-challenge/%s", identifier, challenge.Path)
+  url := ""
+  if va.TestMode {
+	  url = fmt.Sprintf("http://localhost:5001/.well-known/acme-challenge/%s", challenge.Path)
+  } else {
+	  url = fmt.Sprintf("https://%s/.well-known/acme-challenge/%s", identifier, challenge.Path)
+  }

 	httpRequest, err := http.NewRequest("GET", url, nil)
 	if err != nil {
@ -96,8 +100,17 @@ func (va ValidationAuthorityImpl) validateDvsni(identifier core.AcmeIdentifier,
 	zName := hex.EncodeToString(z)

 	// Make a connection with SNI = nonceName
-	hostPort := "localhost:5001"
-	//hostPort := identifier + ":443" // XXX: Local version; uncomment for real version
+
+  hostPort := ""
+  if va.TestMode {
+	  hostPort = "localhost:5001"
+  } else {
+    if identifier.Type != "dns" {
+		  challenge.Status = core.StatusInvalid
+      return
+    }
+	  hostPort = identifier.Value + ":443"
+  }
 	conn, err := tls.Dial("tcp", hostPort, &tls.Config{
 		ServerName:         nonceName,
 		InsecureSkipVerify: true,