// setChallengeToken sets the token value both in the Token field and
// in the serialized KeyAuthorization object.
func setChallengeToken(ch *core.Challenge, token string) {
ch.Token = token
ka, err := ch.ExpectedKeyAuthorization()
if err != nil {
panic(err)
}
ch.ProvidedKeyAuthorization = ka
}
// challengeType == "tls-sni-00" or "dns-00", since they're the same
func createChallenge(challengeType string) core.Challenge {
chall := core.Challenge{
Type: challengeType,
Status: core.StatusPending,
Token: core.NewToken(),
ValidationRecord: []core.ValidationRecord{},
AccountKey: accountKey,
}
chall.ProvidedKeyAuthorization, _ = chall.ExpectedKeyAuthorization()
return chall
}
func httpSrv(t *testing.T, token string) *httptest.Server {
m := http.NewServeMux()
server := httptest.NewUnstartedServer(m)
defaultToken := token
currentToken := defaultToken
m.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
if !strings.HasPrefix(r.Host, "localhost:") && !strings.HasPrefix(r.Host, "other.valid:") {
t.Errorf("Bad Host header: " + r.Host)
}
if strings.HasSuffix(r.URL.Path, path404) {
t.Logf("HTTPSRV: Got a 404 req\n")
http.NotFound(w, r)
} else if strings.HasSuffix(r.URL.Path, path500) {
t.Logf("HTTPSRV: Got a 500 req\n")
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
} else if strings.HasSuffix(r.URL.Path, pathMoved) {
t.Logf("HTTPSRV: Got a 301 redirect req\n")
if currentToken == defaultToken {
currentToken = pathMoved
}
http.Redirect(w, r, pathValid, 301)
} else if strings.HasSuffix(r.URL.Path, pathFound) {
t.Logf("HTTPSRV: Got a 302 redirect req\n")
if currentToken == defaultToken {
currentToken = pathFound
}
http.Redirect(w, r, pathMoved, 302)
} else if strings.HasSuffix(r.URL.Path, pathWait) {
t.Logf("HTTPSRV: Got a wait req\n")
time.Sleep(time.Second * 3)
} else if strings.HasSuffix(r.URL.Path, pathWaitLong) {
t.Logf("HTTPSRV: Got a wait-long req\n")
time.Sleep(time.Second * 10)
} else if strings.HasSuffix(r.URL.Path, pathReLookup) {
t.Logf("HTTPSRV: Got a redirect req to a valid hostname\n")
if currentToken == defaultToken {
currentToken = pathReLookup
}
port, err := getPort(server)
test.AssertNotError(t, err, "failed to get server test port")
http.Redirect(w, r, fmt.Sprintf("http://other.valid:%d/path", port), 302)
} else if strings.HasSuffix(r.URL.Path, pathReLookupInvalid) {
t.Logf("HTTPSRV: Got a redirect req to an invalid hostname\n")
http.Redirect(w, r, "http://invalid.invalid/path", 302)
} else if strings.HasSuffix(r.URL.Path, pathRedirectToFailingURL) {
t.Logf("HTTPSRV: Redirecting to a URL that will fail\n")
http.Redirect(w, r, fmt.Sprintf("http://other.valid/%s", path500), 301)
} else if strings.HasSuffix(r.URL.Path, pathLooper) {
t.Logf("HTTPSRV: Got a loop req\n")
http.Redirect(w, r, r.URL.String(), 301)
} else if strings.HasSuffix(r.URL.Path, pathRedirectPort) {
t.Logf("HTTPSRV: Got a port redirect req\n")
http.Redirect(w, r, "http://other.valid:8080/path", 302)
} else if r.Header.Get("User-Agent") == rejectUserAgent {
w.WriteHeader(http.StatusBadRequest)
w.Write([]byte("found trap User-Agent"))
} else {
t.Logf("HTTPSRV: Got a valid req\n")
t.Logf("HTTPSRV: Path = %s\n", r.URL.Path)
ch := core.Challenge{Token: currentToken}
keyAuthz, _ := ch.ExpectedKeyAuthorization(accountKey)
t.Logf("HTTPSRV: Key Authz = '%s%s'\n", keyAuthz, "\\n\\r \\t")
fmt.Fprint(w, keyAuthz, "\n\r \t")
currentToken = defaultToken
}
})
server.Start()
return server
}
