| 169 | } |
| 170 | |
| 171 | func (s *naiveHTTPSolver) Present(ctx context.Context, challenge acme.Challenge) error { |
| 172 | smallstepacme.InsecurePortHTTP01 = acmeChallengePort |
| 173 | s.srv = &http.Server{ |
| 174 | Addr: fmt.Sprintf(":%d", acmeChallengePort), |
| 175 | Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 176 | host, _, err := net.SplitHostPort(r.Host) |
| 177 | if err != nil { |
| 178 | host = r.Host |
| 179 | } |
| 180 | s.logger.Info("received request on challenge server", zap.String("path", r.URL.Path)) |
| 181 | if r.Method == "GET" && r.URL.Path == challenge.HTTP01ResourcePath() && strings.EqualFold(host, challenge.Identifier.Value) { |
| 182 | w.Header().Add("Content-Type", "text/plain") |
| 183 | w.Write([]byte(challenge.KeyAuthorization)) |
| 184 | r.Close = true |
| 185 | s.logger.Info("served key authentication", |
| 186 | zap.String("identifier", challenge.Identifier.Value), |
| 187 | zap.String("challenge", "http-01"), |
| 188 | zap.String("remote", r.RemoteAddr), |
| 189 | ) |
| 190 | } |
| 191 | }), |
| 192 | } |
| 193 | l, err := net.Listen("tcp", fmt.Sprintf(":%d", acmeChallengePort)) |
| 194 | if err != nil { |
| 195 | return err |
| 196 | } |
| 197 | s.logger.Info("present challenge", zap.Any("challenge", challenge)) |
| 198 | go s.srv.Serve(l) |
| 199 | return nil |
| 200 | } |
| 201 | |
| 202 | func (s naiveHTTPSolver) CleanUp(ctx context.Context, challenge acme.Challenge) error { |
| 203 | smallstepacme.InsecurePortHTTP01 = 0 |