MCPcopy
hub / github.com/caddyserver/certmagic / solveHTTPChallenge

Function solveHTTPChallenge

httphandlers.go:178–194  ·  view source on GitHub ↗

solveHTTPChallenge solves the HTTP challenge using the given challenge information. If the challenge is being solved in a distributed fahsion, set distributed to true for logging purposes. It returns true the properties of the request check out in relation to the HTTP challenge. Most of this code bo

(logger *zap.Logger, w http.ResponseWriter, r *http.Request, challenge acme.Challenge, distributed bool)

Source from the content-addressed store, hash-verified

176// It returns true the properties of the request check out in relation to the HTTP challenge.
177// Most of this code borrowed from xenolf's built-in HTTP-01 challenge solver in March 2018.
178func solveHTTPChallenge(logger *zap.Logger, w http.ResponseWriter, r *http.Request, challenge acme.Challenge, distributed bool) bool {
179 challengeReqPath := challenge.HTTP01ResourcePath()
180 if r.URL.Path == challengeReqPath &&
181 strings.EqualFold(hostOnly(r.Host), challenge.Identifier.Value) && // mitigate DNS rebinding attacks
182 r.Method == http.MethodGet {
183 w.Header().Add("Content-Type", "text/plain")
184 w.Write([]byte(challenge.KeyAuthorization))
185 r.Close = true
186 logger.Info("served key authentication",
187 zap.String("identifier", challenge.Identifier.Value),
188 zap.String("challenge", "http-01"),
189 zap.String("remote", r.RemoteAddr),
190 zap.Bool("distributed", distributed))
191 return true
192 }
193 return false
194}
195
196// SolveHTTPChallenge solves the HTTP challenge. It should be used only on HTTP requests that are
197// from ACME servers trying to validate an identifier (i.e. LooksLikeHTTPChallenge() == true). It

Callers 2

SolveHTTPChallengeFunction · 0.85

Calls 3

hostOnlyFunction · 0.85
WriteMethod · 0.80
StringMethod · 0.80

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…