Commit 2bcbdd6a authored by Matthew Holt's avatar Matthew Holt

Merge branch 'getcertificate'

parents e283af4d 8f2196c0
...@@ -342,9 +342,11 @@ func newClientPort(leEmail, port string) (*acme.Client, error) { ...@@ -342,9 +342,11 @@ func newClientPort(leEmail, port string) (*acme.Client, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
if port != "" {
client.SetHTTPAddress(":" + port) client.SetHTTPAddress(":" + port)
client.SetTLSAddress(":" + port) client.SetTLSAddress(":" + port)
client.ExcludeChallenges([]string{"tls-sni-01", "dns-01"}) // We can only guarantee http-01 at this time }
client.ExcludeChallenges([]string{"tls-sni-01", "dns-01"}) // We can only guarantee http-01 at this time, but tls-01 should work if port is not custom!
// If not registered, the user must register an account with the CA // If not registered, the user must register an account with the CA
// and agree to terms // and agree to terms
...@@ -355,12 +357,14 @@ func newClientPort(leEmail, port string) (*acme.Client, error) { ...@@ -355,12 +357,14 @@ func newClientPort(leEmail, port string) (*acme.Client, error) {
} }
leUser.Registration = reg leUser.Registration = reg
if port == "" { // can't prompt a user who isn't there
if !Agreed && reg.TosURL == "" { if !Agreed && reg.TosURL == "" {
Agreed = promptUserAgreement(saURL, false) // TODO - latest URL Agreed = promptUserAgreement(saURL, false) // TODO - latest URL
} }
if !Agreed && reg.TosURL == "" { if !Agreed && reg.TosURL == "" {
return nil, errors.New("user must agree to terms") return nil, errors.New("user must agree to terms")
} }
}
err = client.AgreeToTOS() err = client.AgreeToTOS()
if err != nil { if err != nil {
......
...@@ -34,7 +34,9 @@ func TLS(c *Controller) (middleware.Middleware, error) { ...@@ -34,7 +34,9 @@ func TLS(c *Controller) (middleware.Middleware, error) {
} }
// Optional block with extra parameters // Optional block with extra parameters
var hadBlock bool
for c.NextBlock() { for c.NextBlock() {
hadBlock = true
switch c.Val() { switch c.Val() {
case "protocols": case "protocols":
args := c.RemainingArgs() args := c.RemainingArgs()
...@@ -71,6 +73,11 @@ func TLS(c *Controller) (middleware.Middleware, error) { ...@@ -71,6 +73,11 @@ func TLS(c *Controller) (middleware.Middleware, error) {
return nil, c.Errf("Unknown keyword '%s'", c.Val()) return nil, c.Errf("Unknown keyword '%s'", c.Val())
} }
} }
// tls requires at least one argument if a block is not opened
if len(args) == 0 && !hadBlock {
return nil, c.ArgErr()
}
} }
SetDefaultTLSParams(c.Config) SetDefaultTLSParams(c.Config)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment