| 
									
										
										
										
											2016-09-07 14:58:25 -06:00
										 |  |  | 'use strict'; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | var PromiseA = require('bluebird'); | 
					
						
							|  |  |  | var dns = PromiseA.promisifyAll(require('dns')); | 
					
						
							|  |  |  | var Challenge = module.exports; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-10-14 20:08:21 -06:00
										 |  |  | Challenge.create = function (defaults) { | 
					
						
							| 
									
										
										
										
											2017-04-19 16:51:48 -05:00
										 |  |  |   return { | 
					
						
							| 
									
										
										
										
											2016-10-14 20:08:21 -06:00
										 |  |  |     getOptions: function () { | 
					
						
							|  |  |  |       return defaults || {}; | 
					
						
							| 
									
										
										
										
											2016-09-07 14:58:25 -06:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2016-10-14 20:08:21 -06:00
										 |  |  |   , set: Challenge.set | 
					
						
							|  |  |  |   , get: Challenge.get | 
					
						
							|  |  |  |   , remove: Challenge.remove | 
					
						
							|  |  |  |   , loopback: Challenge.loopback | 
					
						
							|  |  |  |   , test: Challenge.test | 
					
						
							| 
									
										
										
										
											2016-09-07 14:58:25 -06:00
										 |  |  |   }; | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-10-14 20:08:21 -06:00
										 |  |  | // Show the user the token and key and wait for them to be ready to continue
 | 
					
						
							|  |  |  | Challenge.set = function (args, domain, challenge, keyAuthorization, cb) { | 
					
						
							| 
									
										
										
										
											2016-09-15 00:51:29 -06:00
										 |  |  |   var keyAuthDigest = require('crypto').createHash('sha256').update(keyAuthorization||'').digest('base64') | 
					
						
							|  |  |  |     .replace(/\+/g, '-') | 
					
						
							|  |  |  |     .replace(/\//g, '_') | 
					
						
							|  |  |  |     .replace(/=+$/g, '') | 
					
						
							|  |  |  |     ; | 
					
						
							| 
									
										
										
										
											2016-10-14 20:08:21 -06:00
										 |  |  |   var challengeDomain = (args.test || '') + args.acmeChallengeDns + domain; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   console.info(""); | 
					
						
							|  |  |  |   console.info("Challenge for '" + domain + "'"); | 
					
						
							|  |  |  |   console.info(""); | 
					
						
							|  |  |  |   console.info("We now present (for you copy-and-paste pleasure) your ACME Challenge"); | 
					
						
							|  |  |  |   console.info("public Challenge and secret KeyAuthorization and Digest, in that order, respectively:"); | 
					
						
							|  |  |  |   console.info(challenge); | 
					
						
							|  |  |  |   console.info(keyAuthorization); | 
					
						
							|  |  |  |   console.info(keyAuthDigest); | 
					
						
							|  |  |  |   console.info(""); | 
					
						
							|  |  |  |   console.info(challengeDomain + "\tTXT " + keyAuthDigest + "\tTTL 60"); | 
					
						
							|  |  |  |   console.info(""); | 
					
						
							|  |  |  |   console.info(JSON.stringify({ | 
					
						
							|  |  |  |     domain: domain | 
					
						
							|  |  |  |   , challenge: challenge | 
					
						
							|  |  |  |   , keyAuthorization: keyAuthorization | 
					
						
							| 
									
										
										
										
											2016-09-15 00:51:29 -06:00
										 |  |  |   , keyAuthDigest: keyAuthDigest | 
					
						
							| 
									
										
										
										
											2016-10-14 20:08:21 -06:00
										 |  |  |   }, null, '  ').replace(/^/gm, '\t')); | 
					
						
							|  |  |  |   console.info(""); | 
					
						
							|  |  |  |   console.info("hit enter to continue..."); | 
					
						
							|  |  |  |   process.stdin.resume(); | 
					
						
							|  |  |  |   process.stdin.on('data', function () { | 
					
						
							|  |  |  |     process.stdin.pause(); | 
					
						
							|  |  |  |     cb(null); | 
					
						
							| 
									
										
										
										
											2016-09-07 14:58:25 -06:00
										 |  |  |   }); | 
					
						
							|  |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-10-14 20:08:21 -06:00
										 |  |  | // nothing to do here, that's why it's manual
 | 
					
						
							|  |  |  | Challenge.get = function (defaults, domain, challenge, cb) { | 
					
						
							|  |  |  |   cb(null); | 
					
						
							| 
									
										
										
										
											2016-09-07 14:58:25 -06:00
										 |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-10-14 20:08:21 -06:00
										 |  |  | // might as well tell the user that whatever they were setting up has been checked
 | 
					
						
							|  |  |  | Challenge.remove = function (args, domain, challenge, cb) { | 
					
						
							|  |  |  |   console.info("Challenge for '" + domain + "' complete. You may remove it."); | 
					
						
							|  |  |  |   console.info(""); | 
					
						
							|  |  |  |   //console.info("hit enter to continue...");
 | 
					
						
							|  |  |  |   //process.stdin.resume();
 | 
					
						
							|  |  |  |   //process.stdin.on('data', function () {
 | 
					
						
							|  |  |  |   //  process.stdin.pause();
 | 
					
						
							|  |  |  |     cb(null); | 
					
						
							|  |  |  |   //});
 | 
					
						
							| 
									
										
										
										
											2016-09-07 14:58:25 -06:00
										 |  |  | }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Challenge.loopback = function (defaults, domain, challenge, done) { | 
					
						
							| 
									
										
										
										
											2016-09-15 00:51:29 -06:00
										 |  |  |   var challengeDomain = (defaults.test || '') + defaults.acmeChallengeDns + domain; | 
					
						
							| 
									
										
										
										
											2016-10-14 20:08:21 -06:00
										 |  |  |   console.log("dig TXT +noall +answer @8.8.8.8 '" + challengeDomain + "' # " + challenge); | 
					
						
							| 
									
										
										
										
											2016-10-12 15:04:25 -06:00
										 |  |  |   dns.resolveTxtAsync(challengeDomain).then(function (x) { done(null, x); }, done); | 
					
						
							| 
									
										
										
										
											2016-09-07 14:58:25 -06:00
										 |  |  | }; | 
					
						
							| 
									
										
										
										
											2017-04-19 16:51:48 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  | Challenge.test = function (args, domain, challenge, keyAuthorization, done) { | 
					
						
							|  |  |  |   var me = this; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   args.test = args.test || '_test.'; | 
					
						
							|  |  |  |   defaults.test = args.test; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   me.set(args, domain, challenge, keyAuthorization || challenge, function (err, k) { | 
					
						
							|  |  |  |     if (err) { done(err); return; } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     me.loopback(defaults, domain, challenge, function (err, arr) { | 
					
						
							|  |  |  |       if (err) { done(err); return; } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       if (!arr.some(function (a) { | 
					
						
							|  |  |  |         return a.some(function (keyAuthDigest) { | 
					
						
							|  |  |  |           return keyAuthDigest === k; | 
					
						
							|  |  |  |         }); | 
					
						
							|  |  |  |       })) { | 
					
						
							|  |  |  |         err = new Error("txt record '" + challenge + "' doesn't match '" + k + "'"); | 
					
						
							|  |  |  |       } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       me.remove(defaults, domain, challenge, function (_err) { | 
					
						
							|  |  |  |         if (_err) { done(_err); return; } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         // TODO needs to use native-dns so that specific nameservers can be used
 | 
					
						
							|  |  |  |         // (otherwise the cache will still have the old answer)
 | 
					
						
							|  |  |  |         done(err || null); | 
					
						
							|  |  |  |         /* | 
					
						
							|  |  |  |         me.loopback(defaults, domain, challenge, function (err) { | 
					
						
							|  |  |  |           if (err) { done(err); return; } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |           done(); | 
					
						
							|  |  |  |         }); | 
					
						
							|  |  |  |         */ | 
					
						
							|  |  |  |       }); | 
					
						
							|  |  |  |     }); | 
					
						
							|  |  |  |   }); | 
					
						
							|  |  |  | } |