letsencrypt
/
challtestsrv
mirror of https://github.com/letsencrypt/challtestsrv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: letsencrypt:main
Branches Tags
letsencrypt:main
letsencrypt:master
letsencrypt:update-deps
letsencrypt:cpu-custom-redirect-status-code
letsencrypt:v1.3.3
letsencrypt:v1.3.2
letsencrypt:v1.3.1
letsencrypt:v1.3.0
letsencrypt:v1.2.1
letsencrypt:v1.2.0
letsencrypt:v1.1.0
letsencrypt:v1.0.2
letsencrypt:v1.0.1
letsencrypt:v1.0.0
..
compare: letsencrypt:v1.3.1
Branches Tags
letsencrypt:main
letsencrypt:master
letsencrypt:update-deps
letsencrypt:cpu-custom-redirect-status-code
letsencrypt:v1.3.3
letsencrypt:v1.3.2
letsencrypt:v1.3.1
letsencrypt:v1.3.0
letsencrypt:v1.2.1
letsencrypt:v1.2.0
letsencrypt:v1.1.0
letsencrypt:v1.0.2
letsencrypt:v1.0.1
letsencrypt:v1.0.0

No commits in common. "main" and "v1.3.1" have entirely different histories.
main ... v1.3.1

3 changed files with 9 additions and 11 deletions
Show Stats Expand all files Collapse all files

9
dns.go
View File

@ -195,7 +195,7 @@ func (s *ChallSrv) dohHandler(w http.ResponseWriter, r *http.Request) {
return
}
s.dnsHandlerInner(&dnsToHTTPWriter{w}, msg, r.Header.Get("User-Agent"))
s.dnsHandlerInner(&dnsToHTTPWriter{w}, msg)
}
// dnsHandler is a miekg/dns handler that can process a dns.Msg request and
@ -204,10 +204,10 @@ func (s *ChallSrv) dohHandler(w http.ResponseWriter, r *http.Request) {
// DNS data. A host that is aliased by a CNAME record will follow that alias
// one level and return the requested record types for that alias' target
func (s *ChallSrv) dnsHandler(w dns.ResponseWriter, r *dns.Msg) {
s.dnsHandlerInner(w, r, "")
s.dnsHandlerInner(w, r)
}
func (s *ChallSrv) dnsHandlerInner(w writeMsg, r *dns.Msg, userAgent string) {
func (s *ChallSrv) dnsHandlerInner(w writeMsg, r *dns.Msg) {
m := new(dns.Msg)
m.SetReply(r)
m.Compress = false
@ -215,8 +215,7 @@ func (s *ChallSrv) dnsHandlerInner(w writeMsg, r *dns.Msg, userAgent string) {
// For each question, add answers based on the type of question
for _, q := range r.Question {
s.AddRequestEvent(DNSRequestEvent{
Question: q,
UserAgent: userAgent,
Question: q,
})
// If there is a ServFail mock set then ignore the question and set the

5
event.go
View File

@ -38,8 +38,6 @@ type HTTPRequestEvent struct {
// The ServerName from the ClientHello. May be empty if there was no SNI or if
// the request was not HTTPS
ServerName string
// The User-Agent header from the request
UserAgent string
}
// HTTPRequestEvents always have type HTTPRequestEventType
@ -61,9 +59,6 @@ func (e HTTPRequestEvent) Key() string {
type DNSRequestEvent struct {
// The DNS question received.
Question dns.Question
// The User-Agent header from the request, may be empty
// if the request was not over DoH.
UserAgent string
}
// DNSRequestEvents always have type DNSRequestEventType

6
httpone.go
View File

@ -128,7 +128,6 @@ func (s *ChallSrv) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Host: r.Host,
HTTPS: r.TLS != nil,
ServerName: serverName,
UserAgent: r.Header.Get("User-Agent"),
})
// If the request was not over HTTPS and we have a redirect, serve it.
@ -189,6 +188,11 @@ func httpOneServer(address string, handler http.Handler, https bool) challengeSe
if https {
tlsConfig = &tls.Config{
Certificates: []tls.Certificate{cert},
// Only accept TLS 1.0 and TLS 1.1. This is a temporary restriction, to
// make it possible to test Boulder features that log when validation hits
// an HTTPS URL that doesn't support TLS >1.2. Once Let's Encrypt turns
// off TLS 1.0 and TLS 1.1 support in validations, remove this line.
MaxVersion: tls.VersionTLS11,
}
}
// Create an HTTP Server for HTTP-01 challenges