From 3ae21fe62a463062f5457c9b670e3062f4b8745a Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Thu, 16 Aug 2018 18:32:14 -0600 Subject: [PATCH] v1.2.1: made magic numbers (for status polling) configurable, updated deps --- README.md | 9 +++++++++ node.js | 26 +++++++++++++++----------- package.json | 6 +++--- 3 files changed, 27 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index fd13d68..f37bea6 100644 --- a/README.md +++ b/README.md @@ -129,8 +129,17 @@ var ACME = require('acme-v2').ACME.create({ , userAgent: 'My custom UA String' , getUserAgentString: function (deps) { return 'My custom UA String'; } + // don't try to validate challenges locally , skipChallengeTest: false + // ask if the certificate can be issued up to 10 times before failing +, retryPoll: 8 + // ask if the certificate has been validated up to 6 times before cancelling +, retryPending: 4 + // Wait 1000ms between retries +, retryInterval: 1000 + // Wait 10,000ms after deauthorizing a challenge before retrying +, deauthWait: 10 * 1000 }); diff --git a/node.js b/node.js index 9441876..b0b1c8e 100644 --- a/node.js +++ b/node.js @@ -255,6 +255,10 @@ ACME._wait = function wait(ms) { }; // https://tools.ietf.org/html/draft-ietf-acme-acme-10#section-7.5.1 ACME._postChallenge = function (me, options, identifier, ch) { + var RETRY_INTERVAL = me.retryInterval || 1000; + var DEAUTH_INTERVAL = me.deauthWait || 10 * 1000; + var MAX_POLL = me.retryPoll || 8; + var MAX_PEND = me.retryPending || 4; var count = 0; var thumbprint = me.RSA.thumbprint(options.accountKeypair); @@ -314,12 +318,12 @@ ACME._postChallenge = function (me, options, identifier, ch) { me._nonce = resp.toJSON().headers['replay-nonce']; if (me.debug) { console.debug('deactivate challenge: resp.body:'); } if (me.debug) { console.debug(resp.body); } - return ACME._wait(10 * 1000); + return ACME._wait(DEAUTH_INTERVAL); }); } function pollStatus() { - if (count >= 5) { + if (count >= MAX_POLL) { return Promise.reject(new Error("[acme-v2] stuck in bad pending/processing state")); } @@ -330,16 +334,16 @@ ACME._postChallenge = function (me, options, identifier, ch) { if ('processing' === resp.body.status) { if (me.debug) { console.debug('poll: again'); } - return ACME._wait(1 * 1000).then(pollStatus); + return ACME._wait(RETRY_INTERVAL).then(pollStatus); } // This state should never occur if ('pending' === resp.body.status) { - if (count >= 4) { - return ACME._wait(1 * 1000).then(deactivate).then(testChallenge); + if (count >= MAX_PEND) { + return ACME._wait(RETRY_INTERVAL).then(deactivate).then(testChallenge); } if (me.debug) { console.debug('poll: again'); } - return ACME._wait(1 * 1000).then(testChallenge); + return ACME._wait(RETRY_INTERVAL).then(testChallenge); } if ('valid' === resp.body.status) { @@ -361,13 +365,13 @@ ACME._postChallenge = function (me, options, identifier, ch) { console.error("[acme-v2] (E_STATE_EMPTY) empty challenge state:"); } else if ('invalid' === resp.body.status) { - console.error("[acme-v2] (E_STATE_INVALID) invalid challenge state:"); + console.error("[acme-v2] (E_STATE_INVALID) challenge state: '" + resp.body.status + "'"); } else { - console.error("[acme-v2] (E_STATE_UKN) unkown challenge state:"); + console.error("[acme-v2] (E_STATE_UKN) challenge state: '" + resp.body.status + "'"); } - return Promise.reject(new Error("[acme-v2] challenge state error")); + return Promise.reject(new Error("[acme-v2] [error] unacceptable challenge state '" + resp.body.status + "'")); }); } @@ -393,7 +397,7 @@ ACME._postChallenge = function (me, options, identifier, ch) { me._nonce = resp.toJSON().headers['replay-nonce']; if (me.debug) { console.debug('respond to challenge: resp.body:'); } if (me.debug) { console.debug(resp.body); } - return ACME._wait(1 * 1000).then(pollStatus); + return ACME._wait(RETRY_INTERVAL).then(pollStatus); }); } @@ -405,7 +409,7 @@ ACME._postChallenge = function (me, options, identifier, ch) { if (me.debug) {console.debug('\n[DEBUG] postChallenge\n'); } //if (me.debug) console.debug('\n[DEBUG] stop to fix things\n'); return; - return ACME._wait(1 * 1000).then(function () { + return ACME._wait(RETRY_INTERVAL).then(function () { if (!me.skipChallengeTest) { return ACME.challengeTests[ch.type](me, auth); } diff --git a/package.json b/package.json index 0742de4..3ccac1b 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "acme-v2", - "version": "1.2.0", + "version": "1.2.1", "description": "Free SSL. A framework for building Let's Encrypt v2 clients, and other ACME v2 (draft 11) clients. Successor to le-acme-core.js", "homepage": "https://git.coolaj86.com/coolaj86/acme-v2.js", "main": "node.js", @@ -26,7 +26,7 @@ "author": "AJ ONeal (https://coolaj86.com/)", "license": "(MIT OR Apache-2.0)", "dependencies": { - "@coolaj86/urequest": "^1.1.1", - "rsa-compat": "^1.3.0" + "@coolaj86/urequest": "^1.3.6", + "rsa-compat": "^1.5.1" } }