From d1ecac53225982a21faec04dae1e32e210fe8906 Mon Sep 17 00:00:00 2001
From: AJ ONeal <awesome@coolaj86.com>
Date: Sat, 12 Dec 2015 06:39:20 +0000
Subject: [PATCH] preparing to test

---
 tests/config.js                |  7 +++
 tests/serve-acme-challenges.js | 87 ++++++++++++++++++++++++++++++++++
 2 files changed, 94 insertions(+)
 create mode 100644 tests/config.js
 create mode 100644 tests/serve-acme-challenges.js

diff --git a/tests/config.js b/tests/config.js
new file mode 100644
index 0000000..ec07da5
--- /dev/null
+++ b/tests/config.js
@@ -0,0 +1,7 @@
+'use strict';
+
+module.exports = {
+  server: "https://acme-staging.api.letsencrypt.org/directory"
+, tlsSni01Port: 5001
+, http01Port: 80
+};
diff --git a/tests/serve-acme-challenges.js b/tests/serve-acme-challenges.js
new file mode 100644
index 0000000..ef5709b
--- /dev/null
+++ b/tests/serve-acme-challenges.js
@@ -0,0 +1,87 @@
+'use strict';
+
+var fs = require('fs');
+var path = require('path');
+var localCerts = require('localhost.daplie.com-certificates');
+var https = require('https');
+var http = require('http');
+var express = require('express');
+var app = express();
+var server;
+var insecureServer;
+
+var config = require('./config');
+
+
+function getSecureContext(domainname, opts, cb) {
+  var letsetc = '/etc/letsencrypt/live/';
+
+  if (!opts) { opts = {}; }
+
+  opts.key = fs.readFileSync(path.join(letsetc, domainname, 'privkey.pem'));
+  opts.cert = fs.readFileSync(path.join(letsetc, domainname, 'cert.pem'));
+  opts.ca = fs.readFileSync(path.join(letsetc, domainname, 'chain.pem'), 'ascii')
+    .split('-----END CERTIFICATE-----')
+    .filter(function (ca) {
+      return ca.trim();
+    }).map(function (ca) {
+      return (ca + '-----END CERTIFICATE-----').trim();
+    });
+
+  cb(null, require('tls').createSecureContext(opts));
+}
+
+
+//
+// SSL Certificates
+//
+var options = {
+  requestCert: false
+, rejectUnauthorized: true
+
+  // If you need to use SNICallback you should be using io.js >= 1.x (possibly node >= 0.12)
+, SNICallback: function (domainname, cb) {
+    var secureContext = getSecureContext(domainname);
+    cb(null, secureContext);
+  }
+  // If you need to support HTTP2 this is what you need to work with
+//, NPNProtocols: ['http/2.0', 'http/1.1', 'http/1.0']
+//, NPNProtocols: ['http/1.1']
+, key: null
+, cert: null
+//, ca: null
+};
+options.key = localCerts.key;
+options.cert = localCerts.cert;
+
+
+// log the requests
+app.use('/', function (req, res, next) {
+  console.log(req.method + ' ' + req.headers['host'], req.protocol + req.url);
+});
+// handle static requests to /.well-known/acme-challenge
+app.use(
+  '/.well-known/acme-challenge'
+, express.static(path.join(__dirname, 'acme-challenge'), { dotfiles: undefined })
+);
+
+
+// Start the tls sni server
+server = https.createServer(options);
+server.on('error', function (err) {
+  console.error(err);
+});
+server.listen(config.tlsSni01Port, function () {
+  console.log('Listening');
+});
+server.on('request', app);
+
+// Start the http server
+insecureServer = http.createServer();
+insecureServer.on('error', function (err) {
+  console.error(err);
+});
+insecureServer.listen(config.http01Port, function () {
+  console.log('Listening');
+});
+insecureServer.on('request', app);