[pve-devel] [common 4/9] refactor extract_callenge for code reuse.

Wolfgang Link w.link at proxmox.com
Mon Oct 21 12:12:07 CEST 2019 

comment inline

On 10/18/19 11:25 AM, Fabian Grünbichler wrote:
> On October 14, 2019 1:08 pm, Wolfgang Link wrote:
>> ---
>>   src/PVE/ACME.pm            | 16 ++++++++++++++++
>>   src/PVE/ACME/StandAlone.pm |  9 +--------
>>   2 files changed, 17 insertions(+), 8 deletions(-)
>>
>> diff --git a/src/PVE/ACME.pm b/src/PVE/ACME.pm
>> index d6b6e99..173af69 100644
>> --- a/src/PVE/ACME.pm
>> +++ b/src/PVE/ACME.pm
>> @@ -76,6 +76,22 @@ sub fromjs($) {
>>       return from_json($_[0]);
>>   }
>>   
>> +sub extract_challenge ($$) {
>> +    my ($challenges, $c_type) = @_;
>> +
>> +    die "no challenges defined\n" if !$challenges;
>> +    die "no challenge type is defined \n" if !$c_type;
>> +
>> +    my $tmp_challenges = [ grep {$_->{type} eq $c_type} @$challenges ];
>> +    die "no $c_type challenge defined in authorization\n"
>> +	if ! scalar $tmp_challenges;
>> +
>> +    my $challenge = $tmp_challenges->[0];
>> +
>> +    die "no token found in $c_type challenge\n" if !$challenge->{token};
> strictly speaking, not all challenges must require a token. http-01 and
> dns-01 do though ;)
Would it be better to do an extra check if http-01 and dns-01 the token 
required?
>> +    return $challenge;
>> +}
>> +
>>   sub validating_url($$$$) {
>>       my ($acme, $auth, $auth_url, $node_config) = @_;
>>   
>> diff --git a/src/PVE/ACME/StandAlone.pm b/src/PVE/ACME/StandAlone.pm
>> index 965fb32..7910bfd 100644
>> --- a/src/PVE/ACME/StandAlone.pm
>> +++ b/src/PVE/ACME/StandAlone.pm
>> @@ -49,14 +49,7 @@ sub validating_url {
>>   sub setup {
>>       my ($class, $acme, $authorization) = @_;
>>   
>> -    my $challenges = $authorization->{challenges};
>> -    die "no challenges defined in authorization\n" if !$challenges;
>> -
>> -    my $http_challenges = [ grep {$_->{type} eq 'http-01'} @$challenges ];
>> -    die "no http-01 challenge defined in authorization\n"
>> -	if ! scalar $http_challenges;
>> -
>> -    my $http_challenge = $http_challenges->[0];
>> +    my $http_challenge = extract_challenge($authorization->{challenges}, "http-01");
>>   
>>       die "no token found in http-01 challenge\n" if !$http_challenge->{token};
> this line should no longer be needed?
>
>>   
>> -- 
>> 2.20.1
>>
>>
>> _______________________________________________
>> pve-devel mailing list
>> pve-devel at pve.proxmox.com
>> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>>
>>
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>

More information about the pve-devel mailing list