From 4c6cdfde0a388abe8ae190b9d18431db7e6613df Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 15 May 2018 15:42:04 -0600 Subject: [PATCH] update version detection --- examples/README.md | 14 ++--- examples/simple.js | 13 ++-- index.js | 153 +++++++++++++++++++++++++++++++++------------ package.json | 1 - 4 files changed, 127 insertions(+), 54 deletions(-) diff --git a/examples/README.md b/examples/README.md index 47fb61c..3ac9a10 100644 --- a/examples/README.md +++ b/examples/README.md @@ -3,7 +3,7 @@ STOP **These aren't the droids you're looking for.** -You probably don't want to use `node-letsencrypt` directly. +You probably don't want to use `greenlock` directly. Instead, look here: @@ -12,21 +12,21 @@ Webservers For any type of webserver (express, hapi, koa, connect, https, spdy, etc), you're going to want to take a look at -[letsencrypt-express](https://github.com/Daplie/letsencrypt-express). +[greenlock-express](https://git.coolaj86.com/coolaj86/greenlock-express.js). - + CLIs ---- For any type of CLI (like what you want to use with bash, fish, zsh, cmd.exe, PowerShell, etc), you're going to want to take a look at -[letsencrypt-cli](https://github.com/Daplie/letsencrypt-cli). +[greenlock-cli](https://git.coolaj86.com/coolaj86/greenlock-cli.js). - + -No, I wanted node-letsencrypt -============================= +No, I wanted greenlock +====================== Well, take a look at the API in the main README and you can also check out the code in the repos above. diff --git a/examples/simple.js b/examples/simple.js index 83dd846..a7ec1cf 100644 --- a/examples/simple.js +++ b/examples/simple.js @@ -5,9 +5,10 @@ var LE = require('../'); var db = {}; var config = { - server: LE.stagingServerUrl // or LE.productionServerUrl + server: 'https://acme-staging-v02.api.letsencrypt.org/directory' +, version: 'v02' -, configDir: require('homedir')() + '/letsencrypt/etc' // or /etc/letsencrypt or wherever +, configDir: require('os').homedir() + '/acme/etc' // or /etc/acme or wherever , privkeyPath: ':config/live/:hostname/privkey.pem' // , fullchainPath: ':config/live/:hostname/fullchain.pem' // Note: both that :config and :hostname @@ -34,7 +35,7 @@ var handlers = { cb(null); } , getChallenge: function (opts, hostname, key, cb) { // this is special because it is called by the webserver - cb(null, db[key].val); // (see letsencrypt-cli/bin & letsencrypt-express/standalone), + cb(null, db[key].val); // (see greenlock-cli/bin & greenlock-express/standalone), // not by the library itself } , agreeToTerms: function (tosUrl, cb) { // gives you an async way to expose the legal agreement @@ -43,6 +44,8 @@ var handlers = { }; var le = LE.create(config, handlers); +console.error("CHANGE THE EMAIL, DOMAINS, AND AGREE TOS IN THE EXAMPLE BEFORE RUNNING IT"); +process.exit(1); // checks :conf/renewal/:hostname.conf le.register({ // and either renews or registers domains: ['example.com'] // CHANGE TO YOUR DOMAIN @@ -55,8 +58,8 @@ le.register({ // and either renews // Note: you must have a webserver running // and expose handlers.getChallenge to it // in order to pass validation - // See letsencrypt-cli and or letsencrypt-express - console.error('[Error]: node-letsencrypt/examples/standalone'); + // See greenlock-cli and or greenlock-express + console.error('[Error]: greenlock/examples/standalone'); console.error(err.stack); } else { console.log('success'); diff --git a/index.js b/index.js index c01fdee..dd117c7 100644 --- a/index.js +++ b/index.js @@ -19,8 +19,8 @@ function _log(debug) { } LE.defaults = { - productionServerUrl: 'https://acme-v02.api.letsencrypt.org/directory' -, stagingServerUrl: 'https://acme-staging-v02.api.letsencrypt.org/directory' + productionServerUrl: 'https://acme-v01.api.letsencrypt.org/directory' +, stagingServerUrl: 'https://acme-staging.api.letsencrypt.org/directory' , rsaKeySize: ACME.rsaKeySize || 2048 , challengeType: ACME.challengeType || 'http-01' @@ -111,51 +111,122 @@ LE.create = function (le) { if (!le.renewWithin) { le.renewWithin = 14 * DAY; } // renewBy has a default in le-sni-auto - if (!le.server) { - throw new Error("opts.server must be set to 'staging' or a production url, such as LE.productionServerUrl'"); - } - if ('staging' === le.server) { - le.server = LE.stagingServerUrl; - } - else if ('production' === le.server) { - le.server = LE.productionServerUrl; + + + /////////////////////////// + // BEGIN VERSION MADNESS // + /////////////////////////// + + if (!le.version) { + //console.warn("Please specify version: 'v01' (Let's Encrypt v1) or 'draft-11' (Let's Encrypt v2 / ACME draft 11)"); + console.warn(""); + console.warn(""); + console.warn(""); + console.warn("===================================================================="); + console.warn("== greenlock.js (v2.2.0+) =="); + console.warn("===================================================================="); + console.warn(""); + console.warn("Please specify 'version' option:"); + console.warn(""); + console.warn(" 'draft-11' for Let's Encrypt v2 and ACME draft 11"); + console.warn(" ('v02' is an alias of 'draft-11'"); + console.warn(""); + console.warn("or"); + console.warn(""); + console.warn(" 'v01' for Let's Encrypt v1 (deprecated)"); + console.warn(""); + console.warn("===================================================================="); + console.warn("== this will be required from version v2.3 forward =="); + console.warn("===================================================================="); + console.warn(""); + console.warn(""); + console.warn(""); + } else if ('v02' === le.version) { + le.version = 'draft-11'; + } else if ('v01' !== le.version && 'draft-11' !== le.version) { + throw new Error("Unrecognized version '" + le.version + "'"); } - if (-1 !== [ 'https://acme-v01.api.letsencrypt.org/directory' - , 'https://acme-staging.api.letsencrypt.org/directory' ].indexOf(le.server)) { - ACME = require('le-acme-core').ACME; - console.warn("Let's Encrypt v1 is deprecated. Please update to Let's Encrypt v2 (ACME draft 11)"); + if (!le.server) { + throw new Error("opts.server must specify an ACME directory URL, such as 'https://acme-staging-v02.api.letsencrypt.org/directory'"); } - else if (-1 !== [ 'https://acme-v02.api.letsencrypt.org/directory' - , 'https://acme-staging-v02.api.letsencrypt.org/directory' ].indexOf(le.server)) { - if ('v02' !== le.version && 'draft-11' !== le.version) { - ACME = require('le-acme-core').ACME; - if ('v01' !== le.version) { - //console.warn("Please specify version: 'v01' (Let's Encrypt v1) or 'draft-11' (Let's Encrypt v2 / ACME draft 11)"); - console.warn(""); - console.warn(""); - console.warn(""); - console.warn("===================================================================="); - console.warn("== greenlock.js (v2.2.0+) =="); - console.warn("===================================================================="); - console.warn(""); - console.warn("Please specify 'version' option:"); - console.warn(""); - console.warn(" 'v01' for Let's Encrypt v1"); - console.warn(" or"); - console.warn(" 'draft-11' for Let's Encrypt v2 and ACME draft 11"); - console.warn(" ('v02' is an alias of 'draft-11'"); - console.warn(""); - console.warn("===================================================================="); - console.warn("== this will be required from version v2.3 forward =="); - console.warn("===================================================================="); - console.warn(""); - console.warn(""); - console.warn(""); - } + if ('staging' === le.server) { + le.server = 'https://acme-staging.api.letsencrypt.org/directory'; + le.version = 'v01'; + console.warn(""); + console.warn(""); + console.warn("=== WARNING ==="); + console.warn(""); + console.warn("Due to versioning issues the 'staging' option is deprecated. Please specify the full url and version."); + console.warn(""); + console.warn("\t--acme-url '" + le.server + "' \\"); + console.warn("\t--acme-version '" + le.version + "' \\"); + console.warn(""); + console.warn(""); + } + else if ('production' === le.server) { + le.server = 'https://acme-v01.api.letsencrypt.org/directory'; + le.version = 'v01'; + console.warn(""); + console.warn(""); + console.warn("=== WARNING ==="); + console.warn(""); + console.warn("Due to versioning issues the 'production' option is deprecated. Please specify the full url and version."); + console.warn(""); + console.warn("\t--acme-url '" + le.server + "' \\"); + console.warn("\t--acme-version '" + le.version + "' \\"); + console.warn(""); + console.warn(""); + } + + function loadLeV01() { + console.warn(""); + console.warn("=== WARNING ==="); + console.warn(""); + console.warn("Let's Encrypt v1 is deprecated. Please update to Let's Encrypt v2 (ACME draft 11)"); + console.warn(""); + try { + return require('le-acme-core').ACME; + } catch(e) { + console.error(e); + console.info(""); + console.info(""); + console.info("If you require v01 API support (which is deprecated), you must install it:"); + console.info(""); + console.info("\tnpm install le-acme-core"); + console.info(""); + console.info(""); + process.exit(e.code || 13); } } + if (-1 !== [ + 'https://acme-v02.api.letsencrypt.org/directory' + , 'https://acme-staging-v02.api.letsencrypt.org/directory' ].indexOf(le.server) + ) { + if ('draft-11' !== le.version) { + console.warn("Detected Let's Encrypt v02 URL. Changing version to draft-11."); + le.version = 'draft-11'; + } + } else if (-1 !== [ + 'https://acme-v01.api.letsencrypt.org/directory' + , 'https://acme-staging.api.letsencrypt.org/directory' ].indexOf(le.server) + || 'v01' === le.version + ) { + if ('v01' !== le.version) { + console.warn("Detected Let's Encrypt v01 URL (deprecated). Changing version to v01."); + le.version = 'v01'; + } + } + if ('v01' === le.version) { + ACME = loadLeV01(); + } + ///////////////////////// + // END VERSION MADNESS // + ///////////////////////// + + + le.acme = le.acme || ACME.create({ debug: le.debug }); if (le.acme.create) { le.acme = le.acme.create(le); diff --git a/package.json b/package.json index 0feea48..850bb7d 100644 --- a/package.json +++ b/package.json @@ -65,7 +65,6 @@ "asn1js": "^1.2.12", "certpem": "^1.0.0", "homedir": "^0.6.0", - "le-acme-core": "^2.1.2", "le-challenge-fs": "^2.0.2", "le-challenge-sni": "^2.0.0", "le-sni-auto": "^2.1.3",