forked from root/acme.js
v1.2.1: made magic numbers (for status polling) configurable, updated deps
This commit is contained in:
parent
2051fb0e4b
commit
3ae21fe62a
|
@ -129,8 +129,17 @@ var ACME = require('acme-v2').ACME.create({
|
||||||
, userAgent: 'My custom UA String'
|
, userAgent: 'My custom UA String'
|
||||||
, getUserAgentString: function (deps) { return 'My custom UA String'; }
|
, getUserAgentString: function (deps) { return 'My custom UA String'; }
|
||||||
|
|
||||||
|
|
||||||
// don't try to validate challenges locally
|
// don't try to validate challenges locally
|
||||||
, skipChallengeTest: false
|
, skipChallengeTest: false
|
||||||
|
// ask if the certificate can be issued up to 10 times before failing
|
||||||
|
, retryPoll: 8
|
||||||
|
// ask if the certificate has been validated up to 6 times before cancelling
|
||||||
|
, retryPending: 4
|
||||||
|
// Wait 1000ms between retries
|
||||||
|
, retryInterval: 1000
|
||||||
|
// Wait 10,000ms after deauthorizing a challenge before retrying
|
||||||
|
, deauthWait: 10 * 1000
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
|
|
26
node.js
26
node.js
|
@ -255,6 +255,10 @@ ACME._wait = function wait(ms) {
|
||||||
};
|
};
|
||||||
// https://tools.ietf.org/html/draft-ietf-acme-acme-10#section-7.5.1
|
// https://tools.ietf.org/html/draft-ietf-acme-acme-10#section-7.5.1
|
||||||
ACME._postChallenge = function (me, options, identifier, ch) {
|
ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
|
var RETRY_INTERVAL = me.retryInterval || 1000;
|
||||||
|
var DEAUTH_INTERVAL = me.deauthWait || 10 * 1000;
|
||||||
|
var MAX_POLL = me.retryPoll || 8;
|
||||||
|
var MAX_PEND = me.retryPending || 4;
|
||||||
var count = 0;
|
var count = 0;
|
||||||
|
|
||||||
var thumbprint = me.RSA.thumbprint(options.accountKeypair);
|
var thumbprint = me.RSA.thumbprint(options.accountKeypair);
|
||||||
|
@ -314,12 +318,12 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
me._nonce = resp.toJSON().headers['replay-nonce'];
|
me._nonce = resp.toJSON().headers['replay-nonce'];
|
||||||
if (me.debug) { console.debug('deactivate challenge: resp.body:'); }
|
if (me.debug) { console.debug('deactivate challenge: resp.body:'); }
|
||||||
if (me.debug) { console.debug(resp.body); }
|
if (me.debug) { console.debug(resp.body); }
|
||||||
return ACME._wait(10 * 1000);
|
return ACME._wait(DEAUTH_INTERVAL);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function pollStatus() {
|
function pollStatus() {
|
||||||
if (count >= 5) {
|
if (count >= MAX_POLL) {
|
||||||
return Promise.reject(new Error("[acme-v2] stuck in bad pending/processing state"));
|
return Promise.reject(new Error("[acme-v2] stuck in bad pending/processing state"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -330,16 +334,16 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
|
|
||||||
if ('processing' === resp.body.status) {
|
if ('processing' === resp.body.status) {
|
||||||
if (me.debug) { console.debug('poll: again'); }
|
if (me.debug) { console.debug('poll: again'); }
|
||||||
return ACME._wait(1 * 1000).then(pollStatus);
|
return ACME._wait(RETRY_INTERVAL).then(pollStatus);
|
||||||
}
|
}
|
||||||
|
|
||||||
// This state should never occur
|
// This state should never occur
|
||||||
if ('pending' === resp.body.status) {
|
if ('pending' === resp.body.status) {
|
||||||
if (count >= 4) {
|
if (count >= MAX_PEND) {
|
||||||
return ACME._wait(1 * 1000).then(deactivate).then(testChallenge);
|
return ACME._wait(RETRY_INTERVAL).then(deactivate).then(testChallenge);
|
||||||
}
|
}
|
||||||
if (me.debug) { console.debug('poll: again'); }
|
if (me.debug) { console.debug('poll: again'); }
|
||||||
return ACME._wait(1 * 1000).then(testChallenge);
|
return ACME._wait(RETRY_INTERVAL).then(testChallenge);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ('valid' === resp.body.status) {
|
if ('valid' === resp.body.status) {
|
||||||
|
@ -361,13 +365,13 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
console.error("[acme-v2] (E_STATE_EMPTY) empty challenge state:");
|
console.error("[acme-v2] (E_STATE_EMPTY) empty challenge state:");
|
||||||
}
|
}
|
||||||
else if ('invalid' === resp.body.status) {
|
else if ('invalid' === resp.body.status) {
|
||||||
console.error("[acme-v2] (E_STATE_INVALID) invalid challenge state:");
|
console.error("[acme-v2] (E_STATE_INVALID) challenge state: '" + resp.body.status + "'");
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
console.error("[acme-v2] (E_STATE_UKN) unkown challenge state:");
|
console.error("[acme-v2] (E_STATE_UKN) challenge state: '" + resp.body.status + "'");
|
||||||
}
|
}
|
||||||
|
|
||||||
return Promise.reject(new Error("[acme-v2] challenge state error"));
|
return Promise.reject(new Error("[acme-v2] [error] unacceptable challenge state '" + resp.body.status + "'"));
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -393,7 +397,7 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
me._nonce = resp.toJSON().headers['replay-nonce'];
|
me._nonce = resp.toJSON().headers['replay-nonce'];
|
||||||
if (me.debug) { console.debug('respond to challenge: resp.body:'); }
|
if (me.debug) { console.debug('respond to challenge: resp.body:'); }
|
||||||
if (me.debug) { console.debug(resp.body); }
|
if (me.debug) { console.debug(resp.body); }
|
||||||
return ACME._wait(1 * 1000).then(pollStatus);
|
return ACME._wait(RETRY_INTERVAL).then(pollStatus);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -405,7 +409,7 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
if (me.debug) {console.debug('\n[DEBUG] postChallenge\n'); }
|
if (me.debug) {console.debug('\n[DEBUG] postChallenge\n'); }
|
||||||
//if (me.debug) console.debug('\n[DEBUG] stop to fix things\n'); return;
|
//if (me.debug) console.debug('\n[DEBUG] stop to fix things\n'); return;
|
||||||
|
|
||||||
return ACME._wait(1 * 1000).then(function () {
|
return ACME._wait(RETRY_INTERVAL).then(function () {
|
||||||
if (!me.skipChallengeTest) {
|
if (!me.skipChallengeTest) {
|
||||||
return ACME.challengeTests[ch.type](me, auth);
|
return ACME.challengeTests[ch.type](me, auth);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "acme-v2",
|
"name": "acme-v2",
|
||||||
"version": "1.2.0",
|
"version": "1.2.1",
|
||||||
"description": "Free SSL. A framework for building Let's Encrypt v2 clients, and other ACME v2 (draft 11) clients. Successor to le-acme-core.js",
|
"description": "Free SSL. A framework for building Let's Encrypt v2 clients, and other ACME v2 (draft 11) clients. Successor to le-acme-core.js",
|
||||||
"homepage": "https://git.coolaj86.com/coolaj86/acme-v2.js",
|
"homepage": "https://git.coolaj86.com/coolaj86/acme-v2.js",
|
||||||
"main": "node.js",
|
"main": "node.js",
|
||||||
|
@ -26,7 +26,7 @@
|
||||||
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
|
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
|
||||||
"license": "(MIT OR Apache-2.0)",
|
"license": "(MIT OR Apache-2.0)",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@coolaj86/urequest": "^1.1.1",
|
"@coolaj86/urequest": "^1.3.6",
|
||||||
"rsa-compat": "^1.3.0"
|
"rsa-compat": "^1.5.1"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue