@root/acme
Advanced tools
Comparing version 3.0.10 to 3.1.0
@@ -10,7 +10,7 @@ 'use strict'; | ||
| A._getAccountKid = function(me, options) { | ||
| A._getAccountKid = function (me, options) { | ||
| // It's just fine if there's no account, we'll go get the key id we need via the existing key | ||
| var kid = | ||
| options.kid || | ||
| (options.account && (options.account.key && options.account.key.kid)); | ||
| (options.account && options.account.key && options.account.key.kid); | ||
@@ -23,3 +23,3 @@ if (kid) { | ||
| // This is an idempotent request. It'll return the same account for the same public key. | ||
| return A._registerAccount(me, options).then(function(account) { | ||
| return A._registerAccount(me, options).then(function (account) { | ||
| return account.key.kid; | ||
@@ -49,3 +49,3 @@ }); | ||
| */ | ||
| A._registerAccount = function(me, options) { | ||
| A._registerAccount = function (me, options) { | ||
| //#console.debug('[ACME.js] accounts.create'); | ||
@@ -64,3 +64,3 @@ | ||
| function getAccount() { | ||
| return U._importKeypair(options.accountKey).then(function(pair) { | ||
| return U._importKeypair(options.accountKey).then(function (pair) { | ||
| var contact; | ||
@@ -80,3 +80,3 @@ if (options.contact) { | ||
| var pub = pair.public; | ||
| return attachExtAcc(pub, accountRequest).then(function(accReq) { | ||
| return attachExtAcc(pub, accountRequest).then(function (accReq) { | ||
| var payload = JSON.stringify(accReq); | ||
@@ -88,3 +88,3 @@ return U._jwsRequest(me, { | ||
| payload: Enc.strToBuf(payload) | ||
| }).then(function(resp) { | ||
| }).then(function (resp) { | ||
| var account = resp.body; | ||
@@ -136,3 +136,3 @@ | ||
| payload: Enc.strToBuf(JSON.stringify(pubkey)) | ||
| }).then(function(jws) { | ||
| }).then(function (jws) { | ||
| accountRequest.externalAccountBinding = jws; | ||
@@ -144,7 +144,7 @@ return accountRequest; | ||
| return Promise.resolve() | ||
| .then(function() { | ||
| .then(function () { | ||
| //#console.debug('[ACME.js] agreeToTerms'); | ||
| var agreeToTerms = options.agreeToTerms; | ||
| if (!agreeToTerms) { | ||
| agreeToTerms = function(terms) { | ||
| agreeToTerms = function (terms) { | ||
| if (agreers[options.subscriberEmail]) { | ||
@@ -172,3 +172,3 @@ return true; | ||
| } else if (true === agreeToTerms) { | ||
| agreeToTerms = function(terms) { | ||
| agreeToTerms = function (terms) { | ||
| return terms && true; | ||
@@ -175,0 +175,0 @@ }; |
225
acme.js
@@ -46,3 +46,3 @@ // Copyright 2018-present AJ ONeal. All rights reserved | ||
| if (!me.dns01) { | ||
| me.dns01 = function(ch) { | ||
| me.dns01 = function (ch) { | ||
| return native._dns01(me, ch); | ||
@@ -57,3 +57,3 @@ }; | ||
| } | ||
| me.http01 = function(ch) { | ||
| me.http01 = function (ch) { | ||
| return native._http01(me, ch); | ||
@@ -67,7 +67,7 @@ }; | ||
| // passed to dependencies | ||
| me.request = function(opts) { | ||
| me.request = function (opts) { | ||
| return U._request(me, opts); | ||
| }; | ||
| me.init = function(opts) { | ||
| me.init = function (opts) { | ||
| M.init(me); | ||
@@ -96,4 +96,4 @@ | ||
| } | ||
| return p.then(function() { | ||
| return ACME._directory(me).then(function(resp) { | ||
| return p.then(function () { | ||
| return ACME._directory(me).then(function (resp) { | ||
| return fin(resp.body); | ||
@@ -104,3 +104,3 @@ }); | ||
| me.accounts = { | ||
| create: function(options) { | ||
| create: function (options) { | ||
| try { | ||
@@ -134,4 +134,4 @@ return A._registerAccount(me, options); | ||
| me.certificates = { | ||
| create: function(options) { | ||
| return A._getAccountKid(me, options).then(function(kid) { | ||
| create: function (options) { | ||
| return A._getAccountKid(me, options).then(function (kid) { | ||
| ACME._normalizePresenters(me, options, options.challenges); | ||
@@ -152,5 +152,5 @@ return ACME._getCertificate(me, options, kid); | ||
| ACME.challengeTests = { | ||
| 'http-01': function(me, auth) { | ||
| 'http-01': function (me, auth) { | ||
| var ch = auth.challenge; | ||
| return me.http01(ch).then(function(keyAuth) { | ||
| return me.http01(ch).then(function (keyAuth) { | ||
| var err; | ||
@@ -180,10 +180,10 @@ | ||
| }, | ||
| 'dns-01': function(me, auth) { | ||
| 'dns-01': function (me, auth) { | ||
| // remove leading *. on wildcard domains | ||
| var ch = auth.challenge; | ||
| return me.dns01(ch).then(function(ans) { | ||
| return me.dns01(ch).then(function (ans) { | ||
| var err; | ||
| if ( | ||
| ans.answer.some(function(txt) { | ||
| ans.answer.some(function (txt) { | ||
| return ch.dnsAuthorization === txt.data[0]; | ||
@@ -210,3 +210,3 @@ }) | ||
| ACME._directory = function(me) { | ||
| ACME._directory = function (me) { | ||
| // TODO cache the directory URL | ||
@@ -222,9 +222,9 @@ | ||
| // getCertificate | ||
| ACME._getCertificate = function(me, options, kid) { | ||
| ACME._getCertificate = function (me, options, kid) { | ||
| //#console.debug('[ACME.js] certificates.create'); | ||
| return ACME._orderCert(me, options, kid).then(function(order) { | ||
| return ACME._orderCert(me, options, kid).then(function (order) { | ||
| return ACME._finalizeOrder(me, options, kid, order); | ||
| }); | ||
| }; | ||
| ACME._normalizePresenters = function(me, options, presenters) { | ||
| ACME._normalizePresenters = function (me, options, presenters) { | ||
| // Prefer this order for efficiency: | ||
@@ -237,3 +237,3 @@ // * http-01 is the fasest | ||
| options._presenterTypes = ['http-01', 'tls-alpn-01', 'dns-01'].filter( | ||
| function(typ) { | ||
| function (typ) { | ||
| return -1 !== presenterTypes.indexOf(typ); | ||
@@ -258,3 +258,3 @@ } | ||
| } | ||
| Object.keys(presenters || {}).forEach(function(k) { | ||
| Object.keys(presenters || {}).forEach(function (k) { | ||
| var ch = presenters[k]; | ||
@@ -295,5 +295,5 @@ var warned = false; | ||
| function promisify(fn) { | ||
| return function(opts) { | ||
| new Promise(function(resolve, reject) { | ||
| fn(opts, function(err, result) { | ||
| return function (opts) { | ||
| new Promise(function (resolve, reject) { | ||
| fn(opts, function (err, result) { | ||
| if (err) { | ||
@@ -360,3 +360,3 @@ reject(err); | ||
| */ | ||
| ACME._getAuthorization = function(me, options, kid, zonenames, authUrl) { | ||
| ACME._getAuthorization = function (me, options, kid, zonenames, authUrl) { | ||
| //#console.debug('\n[DEBUG] getAuthorization\n'); | ||
@@ -369,3 +369,3 @@ | ||
| payload: '' | ||
| }).then(function(resp) { | ||
| }).then(function (resp) { | ||
| // Pre-emptive rather than lazy for interfaces that need to show the | ||
@@ -380,3 +380,3 @@ // challenges to the user first | ||
| false | ||
| ).then(function(auths) { | ||
| ).then(function (auths) { | ||
| resp.body._rawChallenges = resp.body.challenges; | ||
@@ -389,3 +389,3 @@ resp.body.challenges = auths; | ||
| ACME._testChallengeOptions = function() { | ||
| ACME._testChallengeOptions = function () { | ||
| // we want this to be the same for the whole group | ||
@@ -416,5 +416,5 @@ var chToken = ACME._prnd(16); | ||
| ACME._thumber = function(options, thumb) { | ||
| ACME._thumber = function (options, thumb) { | ||
| var thumbPromise; | ||
| return function(key) { | ||
| return function (key) { | ||
| if (thumb) { | ||
@@ -429,3 +429,3 @@ return Promise.resolve(thumb); | ||
| } | ||
| thumbPromise = U._importKeypair(key).then(function(pair) { | ||
| thumbPromise = U._importKeypair(key).then(function (pair) { | ||
| return Keypairs.thumbprint({ | ||
@@ -439,5 +439,5 @@ jwk: pair.public | ||
| ACME._dryRun = function(me, realOptions, zonenames) { | ||
| ACME._dryRun = function (me, realOptions, zonenames) { | ||
| var noopts = {}; | ||
| Object.keys(realOptions).forEach(function(key) { | ||
| Object.keys(realOptions).forEach(function (key) { | ||
| noopts[key] = realOptions[key]; | ||
@@ -451,3 +451,3 @@ }); | ||
| return Promise.all( | ||
| noopts.domains.map(function(identifierValue) { | ||
| noopts.domains.map(function (identifierValue) { | ||
| // TODO we really only need one to pass, not all to pass | ||
@@ -457,11 +457,11 @@ var challenges = ACME._testChallengeOptions(); | ||
| if (wild) { | ||
| challenges = challenges.filter(function(ch) { | ||
| challenges = challenges.filter(function (ch) { | ||
| return ch._wildcard; | ||
| }); | ||
| } | ||
| challenges = challenges.filter(function(auth) { | ||
| challenges = challenges.filter(function (auth) { | ||
| return me._canCheck[auth.type]; | ||
| }); | ||
| return getThumbprint().then(function(accountKeyThumb) { | ||
| return getThumbprint().then(function (accountKeyThumb) { | ||
| var resp = { | ||
@@ -489,3 +489,3 @@ body: { | ||
| dryrun | ||
| ).then(function(auths) { | ||
| ).then(function (auths) { | ||
| resp.body.challenges = auths; | ||
@@ -496,6 +496,6 @@ return resp.body; | ||
| }) | ||
| ).then(function(claims) { | ||
| ).then(function (claims) { | ||
| var selected = []; | ||
| noopts.order._claims = claims.slice(0); | ||
| noopts.notify = function(ev, params) { | ||
| noopts.notify = function (ev, params) { | ||
| if ('_challenge_select' === ev) { | ||
@@ -507,3 +507,3 @@ selected.push(params.challenge); | ||
| function clear() { | ||
| selected.forEach(function(ch) { | ||
| selected.forEach(function (ch) { | ||
| ACME._notify(me, noopts, 'challenge_remove', { | ||
@@ -517,3 +517,3 @@ altname: ch.altname, | ||
| .remove({ challenge: ch }) | ||
| .catch(function(err) { | ||
| .catch(function (err) { | ||
| err.action = 'challenge_remove'; | ||
@@ -528,3 +528,3 @@ err.altname = ch.altname; | ||
| return ACME._setChallenges(me, noopts, noopts.order) | ||
| .catch(function(err) { | ||
| .catch(function (err) { | ||
| clear(); | ||
@@ -540,8 +540,8 @@ throw err; | ||
| // Select the first matching offered challenge type | ||
| ACME._chooseChallenge = function(options, results) { | ||
| ACME._chooseChallenge = function (options, results) { | ||
| // For each of the challenge types that we support | ||
| var challenge; | ||
| options._presenterTypes.some(function(chType) { | ||
| options._presenterTypes.some(function (chType) { | ||
| // And for each of the challenge types that are allowed | ||
| return results.challenges.some(function(ch) { | ||
| return results.challenges.some(function (ch) { | ||
| // Check to see if there are any matches | ||
@@ -558,3 +558,3 @@ if (ch.type === chType) { | ||
| ACME._getZones = function(me, challenges, domains) { | ||
| ACME._getZones = function (me, challenges, domains) { | ||
| var presenter = challenges['dns-01']; | ||
@@ -570,3 +570,3 @@ if (!presenter) { | ||
| // actually returns the zones and not the hosts as zones | ||
| var dnsHosts = domains.map(function(d) { | ||
| var dnsHosts = domains.map(function (d) { | ||
| var rnd = ACME._prnd(2); | ||
@@ -585,3 +585,3 @@ return rnd + '.' + d; | ||
| ACME._challengesMap = { 'http-01': 0, 'dns-01': 0, 'tls-alpn-01': 0 }; | ||
| ACME._computeAuths = function(me, options, thumb, authz, zonenames, dryrun) { | ||
| ACME._computeAuths = function (me, options, thumb, authz, zonenames, dryrun) { | ||
| // we don't poison the dns cache with our dummy request | ||
@@ -599,3 +599,3 @@ var dnsPrefix = ACME.challengePrefixes['dns-01']; | ||
| return Promise.all( | ||
| authz.challenges.map(function(challenge) { | ||
| authz.challenges.map(function (challenge) { | ||
| // Don't do extra work for challenges that we can't satisfy | ||
@@ -611,3 +611,3 @@ var _types = options._presenterTypes; | ||
| // { identifier, status, expires, challenges, wildcard } | ||
| Object.keys(authz).forEach(function(key) { | ||
| Object.keys(authz).forEach(function (key) { | ||
| auth[key] = authz[key]; | ||
@@ -619,3 +619,3 @@ }); | ||
| // (note the duplicate status overwrites the one above, but they should be the same) | ||
| Object.keys(challenge).forEach(function(key) { | ||
| Object.keys(challenge).forEach(function (key) { | ||
| // don't confused devs with the id url | ||
@@ -639,4 +639,4 @@ auth[key] = challenge[key]; | ||
| dnsPrefix: dnsPrefix | ||
| }).then(function(resp) { | ||
| Object.keys(resp).forEach(function(k) { | ||
| }).then(function (resp) { | ||
| Object.keys(resp).forEach(function (k) { | ||
| auth[k] = resp[k]; | ||
@@ -647,3 +647,3 @@ }); | ||
| }) | ||
| ).then(function(auths) { | ||
| ).then(function (auths) { | ||
| return auths.filter(Boolean); | ||
@@ -653,3 +653,3 @@ }); | ||
| ACME.computeChallenge = function(opts) { | ||
| ACME.computeChallenge = function (opts) { | ||
| var auth = opts.challenge; | ||
@@ -663,3 +663,3 @@ var hostname = auth.hostname || opts.hostname; | ||
| return getThumbprint(accountKey).then(function(thumb) { | ||
| return getThumbprint(accountKey).then(function (thumb) { | ||
| var resp = {}; | ||
@@ -692,6 +692,6 @@ resp.thumbprint = thumb; | ||
| .sum(256, resp.keyAuthorization) | ||
| .then(function(hash) { | ||
| .then(function (hash) { | ||
| return Enc.bufToUrlBase64(Uint8Array.from(hash)); | ||
| }) | ||
| .then(function(hash64) { | ||
| .then(function (hash64) { | ||
| resp.dnsHost = dnsPrefix + '.' + hostname; // .replace('*.', ''); | ||
@@ -716,3 +716,3 @@ | ||
| ACME._untame = function(name, wild) { | ||
| ACME._untame = function (name, wild) { | ||
| if (wild) { | ||
@@ -725,3 +725,3 @@ name = '*.' + name.replace('*.', ''); | ||
| // https://tools.ietf.org/html/draft-ietf-acme-acme-10#section-7.5.1 | ||
| ACME._postChallenge = function(me, options, kid, auth) { | ||
| ACME._postChallenge = function (me, options, kid, auth) { | ||
| var RETRY_INTERVAL = me.retryInterval || 1000; | ||
@@ -760,3 +760,3 @@ var DEAUTH_INTERVAL = me.deauthWait || 10 * 1000; | ||
| payload: Enc.strToBuf(JSON.stringify({ status: 'deactivated' })) | ||
| }).then(function(/*#resp*/) { | ||
| }).then(function (/*#resp*/) { | ||
| //#console.debug('deactivate challenge: resp.body:'); | ||
@@ -822,3 +822,3 @@ //#console.debug(resp.body); | ||
| .remove({ challenge: auth }) | ||
| .catch(function(err) { | ||
| .catch(function (err) { | ||
| err.action = 'challenge_remove'; | ||
@@ -904,3 +904,3 @@ err.altname = auth.altname; | ||
| // options = { domains, claims, challenges } | ||
| ACME._setChallenges = function(me, options, order) { | ||
| ACME._setChallenges = function (me, options, order) { | ||
| var claims = order._claims.slice(0); | ||
@@ -922,7 +922,7 @@ var valids = []; | ||
| return Promise.resolve() | ||
| .then(function() { | ||
| .then(function () { | ||
| // For any challenges that are already valid, | ||
| // add to the list and skip any checks. | ||
| if ( | ||
| claim.challenges.some(function(ch) { | ||
| claim.challenges.some(function (ch) { | ||
| if ('valid' === ch.status) { | ||
@@ -1007,3 +1007,3 @@ valids.push(ch); | ||
| return ACME.challengeTests[auth.type](me, { challenge: auth }) | ||
| .then(function() { | ||
| .then(function () { | ||
| valids.push(auth); | ||
@@ -1017,3 +1017,3 @@ }) | ||
| .remove({ challenge: ch }) | ||
| .catch(function(err) { | ||
| .catch(function (err) { | ||
| err.action = 'challenge_remove'; | ||
@@ -1031,3 +1031,3 @@ err.altname = ch.altname; | ||
| .then(checkNext) | ||
| .catch(function(err) { | ||
| .catch(function (err) { | ||
| if (!options.debug) { | ||
@@ -1040,3 +1040,3 @@ placed.forEach(removeAll); | ||
| ACME._presentChallenges = function(me, options, kid, readyToPresent) { | ||
| ACME._presentChallenges = function (me, options, kid, readyToPresent) { | ||
| // Actually sets the challenge via ACME | ||
@@ -1054,3 +1054,3 @@ function challengeNext() { | ||
| // (rate limits, propagation delays, etc) | ||
| return challengeNext().then(function() { | ||
| return challengeNext().then(function () { | ||
| return readyToPresent; | ||
@@ -1060,3 +1060,3 @@ }); | ||
| ACME._pollOrderStatus = function(me, options, kid, order, verifieds) { | ||
| ACME._pollOrderStatus = function (me, options, kid, order, verifieds) { | ||
| var csr64 = ACME._csrToUrlBase64(options.csr); | ||
@@ -1073,3 +1073,3 @@ var body = { csr: csr64 }; | ||
| payload: Enc.strToBuf(payload) | ||
| }).then(function(resp) { | ||
| }).then(function (resp) { | ||
| ACME._notify(me, options, 'certificate_status', { | ||
@@ -1136,3 +1136,3 @@ subject: options.domains[0], | ||
| ACME._redeemCert = function(me, options, kid, voucher) { | ||
| ACME._redeemCert = function (me, options, kid, voucher) { | ||
| //#console.debug('ACME.js: order was finalized'); | ||
@@ -1147,3 +1147,3 @@ | ||
| json: true | ||
| }).then(function(resp) { | ||
| }).then(function (resp) { | ||
| //#console.debug('ACME.js: csr submitted and cert received:'); | ||
@@ -1167,8 +1167,8 @@ | ||
| ACME._finalizeOrder = function(me, options, kid, order) { | ||
| ACME._finalizeOrder = function (me, options, kid, order) { | ||
| //#console.debug('[ACME.js] finalizeOrder:'); | ||
| var readyToPresent; | ||
| return A._getAccountKid(me, options).then(function(kid) { | ||
| return A._getAccountKid(me, options).then(function (kid) { | ||
| return ACME._setChallenges(me, options, order) | ||
| .then(function(_readyToPresent) { | ||
| .then(function (_readyToPresent) { | ||
| readyToPresent = _readyToPresent; | ||
@@ -1182,3 +1182,3 @@ return ACME._presentChallenges( | ||
| }) | ||
| .then(function() { | ||
| .then(function () { | ||
| return ACME._pollOrderStatus( | ||
@@ -1189,3 +1189,3 @@ me, | ||
| order, | ||
| readyToPresent.map(function(ch) { | ||
| readyToPresent.map(function (ch) { | ||
| return ACME._untame(ch.identifier.value, ch.wildcard); | ||
@@ -1195,3 +1195,3 @@ }) | ||
| }) | ||
| .then(function(voucher) { | ||
| .then(function (voucher) { | ||
| return ACME._redeemCert(me, options, kid, voucher); | ||
@@ -1203,6 +1203,6 @@ }); | ||
| // Order a certificate request with all domains | ||
| ACME._orderCert = function(me, options, kid) { | ||
| ACME._orderCert = function (me, options, kid) { | ||
| var certificateRequest = { | ||
| // raw wildcard syntax MUST be used here | ||
| identifiers: options.domains.map(function(hostname) { | ||
| identifiers: options.domains.map(function (hostname) { | ||
| return { type: 'dns', value: hostname }; | ||
@@ -1215,6 +1215,6 @@ }) | ||
| return ACME._prepRequest(me, options) | ||
| .then(function() { | ||
| .then(function () { | ||
| return ACME._getZones(me, options.challenges, options.domains); | ||
| }) | ||
| .then(function(zonenames) { | ||
| .then(function (zonenames) { | ||
| var p; | ||
@@ -1228,5 +1228,5 @@ // Do a little dry-run / self-test | ||
| return p.then(function() { | ||
| return p.then(function () { | ||
| return A._getAccountKid(me, options) | ||
| .then(function(kid) { | ||
| .then(function (kid) { | ||
| ACME._notify(me, options, 'certificate_order', { | ||
@@ -1249,3 +1249,3 @@ // API-locked | ||
| }) | ||
| .then(function(resp) { | ||
| .then(function (resp) { | ||
| var order = resp.body; | ||
@@ -1266,3 +1266,3 @@ order._orderUrl = resp.headers.location; | ||
| }) | ||
| .then(function(order) { | ||
| .then(function (order) { | ||
| return ACME._getAllChallenges( | ||
@@ -1274,3 +1274,3 @@ me, | ||
| order | ||
| ).then(function(claims) { | ||
| ).then(function (claims) { | ||
| order._claims = claims; | ||
@@ -1284,4 +1284,4 @@ return order; | ||
| ACME._prepRequest = function(me, options) { | ||
| return Promise.resolve().then(function() { | ||
| ACME._prepRequest = function (me, options) { | ||
| return Promise.resolve().then(function () { | ||
| // TODO check that all presenterTypes are represented in challenges | ||
@@ -1304,10 +1304,4 @@ if (!options._presenterTypes.length) { | ||
| if ( | ||
| options.domains | ||
| .slice(0) | ||
| .sort() | ||
| .join(' ') !== | ||
| _csr.altnames | ||
| .slice(0) | ||
| .sort() | ||
| .join(' ') | ||
| options.domains.slice(0).sort().join(' ') !== | ||
| _csr.altnames.slice(0).sort().join(' ') | ||
| ) { | ||
@@ -1335,3 +1329,3 @@ return Promise.reject( | ||
| // a cheap check to see if there are non-ascii characters in any of the domains | ||
| var nonAsciiDomains = options.domains.some(function(d) { | ||
| var nonAsciiDomains = options.domains.some(function (d) { | ||
| // IDN / unicode / utf-8 / punycode | ||
@@ -1347,3 +1341,3 @@ return Enc.strToBin(d) !== d; | ||
| // TODO Promise.all()? | ||
| (options._presenterTypes || []).forEach(function(key) { | ||
| (options._presenterTypes || []).forEach(function (key) { | ||
| var presenter = options.challenges[key]; | ||
@@ -1362,3 +1356,3 @@ if ( | ||
| // Request a challenge for each authorization in the order | ||
| ACME._getAllChallenges = function(me, options, kid, zonenames, order) { | ||
| ACME._getAllChallenges = function (me, options, kid, zonenames, order) { | ||
| var claims = []; | ||
@@ -1380,3 +1374,3 @@ //#console.debug("[acme-v2] POST newOrder has authorizations"); | ||
| authUrl | ||
| ).then(function(claim) { | ||
| ).then(function (claim) { | ||
| // var domain = options.domains[i]; // claim.identifier.value | ||
@@ -1388,3 +1382,3 @@ claims.push(claim); | ||
| return getNext().then(function() { | ||
| return getNext().then(function () { | ||
| return claims; | ||
@@ -1407,3 +1401,3 @@ }); | ||
| .split(/[\r\n]{2,}/g) | ||
| .map(function(str) { | ||
| .map(function (str) { | ||
| return str + '\n'; | ||
@@ -1413,3 +1407,3 @@ }); | ||
| ACME._csrToUrlBase64 = function(csr) { | ||
| ACME._csrToUrlBase64 = function (csr) { | ||
| // if der, convert to base64 | ||
@@ -1423,6 +1417,3 @@ if ('string' !== typeof csr) { | ||
| if ('-' === csr[0]) { | ||
| csr = csr | ||
| .split(/\n+/) | ||
| .slice(1, -1) | ||
| .join(''); | ||
| csr = csr.split(/\n+/).slice(1, -1).join(''); | ||
| } | ||
@@ -1433,8 +1424,6 @@ return Enc.base64ToUrlBase64(csr.trim().replace(/\s+/g, '')); | ||
| // In v8 this is crypto random, but we're just using it for pseudorandom | ||
| ACME._prnd = function(n) { | ||
| ACME._prnd = function (n) { | ||
| var rnd = ''; | ||
| while (rnd.length / 2 < n) { | ||
| var i = Math.random() | ||
| .toString() | ||
| .substr(2); | ||
| var i = Math.random().toString().substr(2); | ||
| var h = parseInt(i, 10).toString(16); | ||
@@ -1449,3 +1438,3 @@ if (h.length % 2) { | ||
| ACME._notify = function(me, options, ev, params) { | ||
| ACME._notify = function (me, options, ev, params) { | ||
| if (!options.notify && !me.notify) { | ||
@@ -1464,3 +1453,3 @@ //console.info(ev, params); | ||
| ACME._wait = function wait(ms) { | ||
| return new Promise(function(resolve) { | ||
| return new Promise(function (resolve) { | ||
| setTimeout(resolve, ms || 1100); | ||
@@ -1482,3 +1471,3 @@ }); | ||
| return zonenames | ||
| .filter(function(zonename) { | ||
| .filter(function (zonename) { | ||
| // the only character that needs to be escaped for regex | ||
@@ -1488,3 +1477,3 @@ // and is allowed in a domain name is '.' | ||
| }) | ||
| .sort(function(a, b) { | ||
| .sort(function (a, b) { | ||
| // longest match first | ||
@@ -1491,0 +1480,0 @@ return b.length - a.length; |
| #!/usr/bin/env node | ||
| (async function() { | ||
| (async function () { | ||
| 'use strict'; | ||
@@ -25,3 +25,3 @@ | ||
| '../lib/acme.js' | ||
| ].map(async function(file) { | ||
| ].map(async function (file) { | ||
| return (await readFile(path.join(__dirname, file), 'utf8')).trim(); | ||
@@ -28,0 +28,0 @@ }) |
@@ -5,3 +5,3 @@ 'use strict'; | ||
| E.NO_SUITABLE_CHALLENGE = function(domain, challenges, presenters) { | ||
| E.NO_SUITABLE_CHALLENGE = function (domain, challenges, presenters) { | ||
| // Bail with a descriptive message if no usable challenge could be selected | ||
@@ -12,3 +12,3 @@ // For example, wildcards require dns-01 and, if we don't have that, we have to bail | ||
| challenges | ||
| .map(function(r) { | ||
| .map(function (r) { | ||
| return r.type; | ||
@@ -29,3 +29,3 @@ }) | ||
| }; | ||
| E.UNHANDLED_ORDER_STATUS = function(options, domains, resp) { | ||
| E.UNHANDLED_ORDER_STATUS = function (options, domains, resp) { | ||
| return new Error( | ||
@@ -47,3 +47,3 @@ "Didn't finalize order: Unhandled status '" + | ||
| }; | ||
| E.DOUBLE_READY_ORDER = function(options, domains, resp) { | ||
| E.DOUBLE_READY_ORDER = function (options, domains, resp) { | ||
| return new Error( | ||
@@ -64,3 +64,3 @@ "Did not finalize order: status 'ready'." + | ||
| }; | ||
| E.ORDER_INVALID = function(options, domains, resp) { | ||
| E.ORDER_INVALID = function (options, domains, resp) { | ||
| return new Error( | ||
@@ -79,3 +79,3 @@ "Did not finalize order: status 'invalid'." + | ||
| }; | ||
| E.NO_AUTHORIZATIONS = function(options, resp) { | ||
| E.NO_AUTHORIZATIONS = function (options, resp) { | ||
| return new Error( | ||
@@ -82,0 +82,0 @@ "[acme-v2.js] authorizations were not fetched for '" + |
@@ -5,7 +5,7 @@ 'use strict'; | ||
| native._canCheck = function(me) { | ||
| native._canCheck = function (me) { | ||
| me._canCheck = {}; | ||
| return me | ||
| .request({ url: me._baseUrl + '/api/_acme_api_/' }) | ||
| .then(function(resp) { | ||
| .then(function (resp) { | ||
| if (resp.body.success) { | ||
@@ -16,3 +16,3 @@ me._canCheck['http-01'] = true; | ||
| }) | ||
| .catch(function() { | ||
| .catch(function () { | ||
| // ignore | ||
@@ -22,3 +22,3 @@ }); | ||
| native._dns01 = function(me, ch) { | ||
| native._dns01 = function (me, ch) { | ||
| return me | ||
@@ -28,3 +28,3 @@ .request({ | ||
| }) | ||
| .then(function(resp) { | ||
| .then(function (resp) { | ||
| var err; | ||
@@ -42,3 +42,3 @@ if (!resp.body || !Array.isArray(resp.body.answer)) { | ||
| return { | ||
| answer: resp.body.answer.map(function(ans) { | ||
| answer: resp.body.answer.map(function (ans) { | ||
| return { data: ans.data, ttl: ans.ttl }; | ||
@@ -50,3 +50,3 @@ }) | ||
| native._http01 = function(me, ch) { | ||
| native._http01 = function (me, ch) { | ||
| var url = encodeURIComponent(ch.challengeUrl); | ||
@@ -57,5 +57,5 @@ return me | ||
| }) | ||
| .then(function(resp) { | ||
| .then(function (resp) { | ||
| return resp.body; | ||
| }); | ||
| }; |
| 'use strict'; | ||
| var UserAgent = module.exports; | ||
| UserAgent.get = function() { | ||
| UserAgent.get = function () { | ||
| return false; | ||
| }; |
@@ -5,5 +5,5 @@ 'use strict'; | ||
| http.request = function(opts) { | ||
| http.request = function (opts) { | ||
| opts.cors = true; | ||
| return window.fetch(opts.url, opts).then(function(resp) { | ||
| return window.fetch(opts.url, opts).then(function (resp) { | ||
| var headers = {}; | ||
@@ -13,7 +13,7 @@ var result = { | ||
| headers: headers, | ||
| toJSON: function() { | ||
| toJSON: function () { | ||
| return this; | ||
| } | ||
| }; | ||
| Array.from(resp.headers.entries()).forEach(function(h) { | ||
| Array.from(resp.headers.entries()).forEach(function (h) { | ||
| headers[h[0]] = h[1]; | ||
@@ -25,3 +25,3 @@ }); | ||
| if (/json/.test(headers['content-type'])) { | ||
| return resp.json().then(function(json) { | ||
| return resp.json().then(function (json) { | ||
| result.body = json; | ||
@@ -31,3 +31,3 @@ return result; | ||
| } | ||
| return resp.text().then(function(txt) { | ||
| return resp.text().then(function (txt) { | ||
| result.body = txt; | ||
@@ -34,0 +34,0 @@ return result; |
@@ -6,3 +6,3 @@ 'use strict'; | ||
| var encoder = new TextEncoder(); | ||
| sha2.sum = function(alg, str) { | ||
| sha2.sum = function (alg, str) { | ||
| var data = str; | ||
@@ -9,0 +9,0 @@ if ('string' === typeof data) { |
@@ -8,3 +8,3 @@ 'use strict'; | ||
| native._canCheck = function(me) { | ||
| native._canCheck = function (me) { | ||
| me._canCheck = {}; | ||
@@ -16,7 +16,7 @@ me._canCheck['http-01'] = true; | ||
| native._dns01 = function(me, ch) { | ||
| native._dns01 = function (me, ch) { | ||
| // TODO use digd.js | ||
| return resolveTxt(ch.dnsHost).then(function(records) { | ||
| return resolveTxt(ch.dnsHost).then(function (records) { | ||
| return { | ||
| answer: records.map(function(rr) { | ||
| answer: records.map(function (rr) { | ||
| return { | ||
@@ -30,6 +30,6 @@ data: rr | ||
| native._http01 = function(me, ch) { | ||
| native._http01 = function (me, ch) { | ||
| return new me.request({ | ||
| url: ch.challengeUrl | ||
| }).then(function(resp) { | ||
| }).then(function (resp) { | ||
| return resp.body; | ||
@@ -42,3 +42,3 @@ }); | ||
| // (very similar to CloudFlare's api protection) | ||
| native._hashcash = function(ch) { | ||
| native._hashcash = function (ch) { | ||
| if (!ch || !ch.nonce) { | ||
@@ -48,3 +48,3 @@ ch = { nonce: 'xxx' }; | ||
| return Promise.resolve() | ||
| .then(function() { | ||
| .then(function () { | ||
| // only get easy answers | ||
@@ -88,3 +88,3 @@ var len = ch.needle.length; | ||
| }) | ||
| .catch(function() { | ||
| .catch(function () { | ||
| //console.log('[debug]', err); | ||
@@ -91,0 +91,0 @@ // ignore any error |
@@ -7,3 +7,3 @@ 'use strict'; | ||
| var UserAgent = module.exports; | ||
| UserAgent.get = function(me) { | ||
| UserAgent.get = function (me) { | ||
| // ACME clients MUST have an RFC7231-compliant User-Agent | ||
@@ -10,0 +10,0 @@ // ex: Greenlock/v3 ACME.js/v3 node/v12.0.0 darwin/17.7.0 Darwin/x64 |
@@ -7,4 +7,4 @@ 'use strict'; | ||
| http.request = function(opts) { | ||
| http.request = function (opts) { | ||
| return request(opts); | ||
| }; |
@@ -7,12 +7,9 @@ /* global Promise */ | ||
| sha2.sum = function(alg, str) { | ||
| return Promise.resolve().then(function() { | ||
| sha2.sum = function (alg, str) { | ||
| return Promise.resolve().then(function () { | ||
| var sha = 'sha' + String(alg).replace(/^sha-?/i, ''); | ||
| // utf8 is the default for strings | ||
| var buf = Buffer.from(str); | ||
| return crypto | ||
| .createHash(sha) | ||
| .update(buf) | ||
| .digest(); | ||
| return crypto.createHash(sha).update(buf).digest(); | ||
| }); | ||
| }; |
@@ -10,3 +10,3 @@ 'use strict'; | ||
| var oldCollegeTries = {}; | ||
| M.init = function(me) { | ||
| M.init = function (me) { | ||
| if (oldCollegeTries[me.maintainerEmail]) { | ||
@@ -36,4 +36,4 @@ return; | ||
| M._init = function(me, tz, locale) { | ||
| setTimeout(function() { | ||
| M._init = function (me, tz, locale) { | ||
| setTimeout(function () { | ||
| // prevent a stampede from misconfigured clients in an eternal loop | ||
@@ -46,3 +46,3 @@ me.request({ | ||
| }) | ||
| .then(function(resp) { | ||
| .then(function (resp) { | ||
| // in the browser this will work until solved, but in | ||
@@ -52,3 +52,3 @@ // node this will bail unless the challenge is trivial | ||
| }) | ||
| .then(function(hashcash) { | ||
| .then(function (hashcash) { | ||
| var req = { | ||
@@ -71,3 +71,3 @@ timeout: 3000, | ||
| }) | ||
| .catch(function(err) { | ||
| .catch(function (err) { | ||
| if (me.debug) { | ||
@@ -80,3 +80,3 @@ console.error( | ||
| }) | ||
| .then(function(/*resp*/) { | ||
| .then(function (/*resp*/) { | ||
| oldCollegeTries[me.maintainerEmail] = true; | ||
@@ -83,0 +83,0 @@ //console.log(resp); |
| { | ||
| "name": "@root/acme", | ||
| "version": "3.0.10", | ||
| "version": "3.1.0", | ||
| "description": "Free SSL certificates for Node.js and Browsers. Issued via Let's Encrypt", | ||
@@ -47,5 +47,5 @@ "homepage": "https://rootprojects.org/acme/", | ||
| "@root/encoding": "^1.0.1", | ||
| "@root/keypairs": "^0.9.0", | ||
| "@root/keypairs": "^0.10.0", | ||
| "@root/pem": "^1.0.4", | ||
| "@root/request": "^1.3.11", | ||
| "@root/request": "^1.6.1", | ||
| "@root/x509": "^0.7.2" | ||
@@ -52,0 +52,0 @@ }, |
33
utils.js
@@ -9,12 +9,13 @@ 'use strict'; | ||
| // Handle nonce, signing, and request altogether | ||
| U._jwsRequest = function(me, bigopts) { | ||
| return U._getNonce(me).then(function(nonce) { | ||
| U._jwsRequest = function (me, bigopts) { | ||
| return U._getNonce(me).then(function (nonce) { | ||
| bigopts.protected.nonce = nonce; | ||
| bigopts.protected.url = bigopts.url; | ||
| // protected.alg: added by Keypairs.signJws | ||
| if (!bigopts.protected.jwk) { | ||
| // protected.kid must be overwritten due to ACME's interpretation of the spec | ||
| if (!('kid' in bigopts.protected)) { | ||
| bigopts.protected.kid = bigopts.kid; | ||
| } | ||
| if (bigopts.protected.jwk) { | ||
| bigopts.protected.kid = false; | ||
| } else if (!('kid' in bigopts.protected)) { | ||
| // protected.kid must be provided according to ACME's interpretation of the spec | ||
| // (using the provided URL rather than the Key's Thumbprint as Key ID) | ||
| bigopts.protected.kid = bigopts.kid; | ||
| } | ||
@@ -28,3 +29,3 @@ | ||
| }) | ||
| .then(function(jws) { | ||
| .then(function (jws) { | ||
| //#console.debug('[ACME.js] url: ' + bigopts.url + ':'); | ||
@@ -34,3 +35,3 @@ //#console.debug(jws); | ||
| }) | ||
| .catch(function(e) { | ||
| .catch(function (e) { | ||
| if (/badNonce$/.test(e.urn)) { | ||
@@ -49,3 +50,3 @@ // retry badNonces | ||
| U._getNonce = function(me) { | ||
| U._getNonce = function (me) { | ||
| var nonce; | ||
@@ -71,3 +72,3 @@ while (true) { | ||
| url: me._directoryUrls.newNonce | ||
| }).then(function(resp) { | ||
| }).then(function (resp) { | ||
| return resp.headers['replay-nonce']; | ||
@@ -78,3 +79,3 @@ }); | ||
| // Handle some ACME-specific defaults | ||
| U._request = function(me, opts) { | ||
| U._request = function (me, opts) { | ||
| // no-op on browser | ||
@@ -109,3 +110,3 @@ var ua = UserAgent.get(me, opts); | ||
| //console.log(opts); | ||
| return me.__request(opts).then(function(resp) { | ||
| return me.__request(opts).then(function (resp) { | ||
| if (resp.toJSON) { | ||
@@ -149,7 +150,7 @@ resp = resp.toJSON(); | ||
| U._setNonce = function(me, nonce) { | ||
| U._setNonce = function (me, nonce) { | ||
| me._nonces.unshift({ nonce: nonce, createdAt: Date.now() }); | ||
| }; | ||
| U._importKeypair = function(key) { | ||
| U._importKeypair = function (key) { | ||
| var p; | ||
@@ -173,3 +174,3 @@ var pub; | ||
| return p.then(function(pair) { | ||
| return p.then(function (pair) { | ||
| if (pair.public.kid) { | ||
@@ -176,0 +177,0 @@ pair = JSON.parse(JSON.stringify(pair)); |
Improved metrics
- Total package byte prevSize
- increased by0.23%
92460
Worsened metrics
- Lines of code
- decreased by-0.63%
2051
Dependency changes
+ Added@root/keypairs@0.10.3(transitive)
- Removed@root/keypairs@0.9.0(transitive)
Updated@root/keypairs@^0.10.0
Updated@root/request@^1.6.1