letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge tomclegg:change-ip-not-vhost

This commit is contained in:
Roland Shoemaker 2015-07-23 00:42:54 -07:00
parent 5face2bf08 7dd7425115
commit 8239ec0ddd
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
va/validation-authority.go
View File

@ -113,7 +113,6 @@ func (va ValidationAuthorityImpl) validateSimpleHTTP(identifier core.AcmeIdentif
Host: hostName,
Path: fmt.Sprintf(".well-known/acme-challenge/%s", challenge.Path),
}
// url := fmt.Sprintf("%s://%s/.well-known/acme-challenge/%s", scheme, hostName, challenge.Path)
// AUDIT[ Certificate Requests ] 11917fa4-10ef-4e0d-9105-bacbe7836a3c
va.log.Audit(fmt.Sprintf("Attempting to validate Simple%s for %s", strings.ToUpper(scheme), url.String()))
@ -135,20 +134,23 @@ func (va ValidationAuthorityImpl) validateSimpleHTTP(identifier core.AcmeIdentif
httpRequest.Host = hostName
tr := *http.DefaultTransport.(*http.Transport)
// We are talking to a client that does not yet have a certificate,
// so we accept a temporary, invalid one
// so we accept a temporary, invalid one.
tr.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
// We don't expect to make multiple requests to a client, so close
// connection immediately
// connection immediately.
tr.DisableKeepAlives = true
originalDial := tr.Dial
// Intercept Dial in order to connect to the IP address we
// selected above.
defaultDial := tr.Dial
tr.Dial = func(_, _ string) (net.Conn, error) {
// Ignore the addr selected by net/http.
port := "80"
if va.TestMode {
port = "5001"
} else if scheme == "https" {
port = "443"
}
return originalDial("tcp", net.JoinHostPort(addr.String(), port))
return defaultDial("tcp", net.JoinHostPort(addr.String(), port))
}
logRedirect := func(req *http.Request, via []*http.Request) error {
va.log.Info(fmt.Sprintf("validateSimpleHTTP [%s] redirect from %q to %q", identifier, via[len(via)-1].URL.String(), req.URL.String()))

3
va/validation-authority_test.go
View File

@ -64,6 +64,9 @@ func simpleSrv(t *testing.T, token string, stopChan, waitChan chan bool, enableT
m := http.NewServeMux()
m.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
if r.Host != "localhost" {
t.Errorf("Bad Host header: " + r.Host)
}
if strings.HasSuffix(r.URL.Path, path404) {
t.Logf("SIMPLESRV: Got a 404 req\n")
http.NotFound(w, r)