[proxmox-acme.git] / src / PVE / ACME / StandAlone.pm

package PVE::ACME::StandAlone;

use strict;
use warnings;

use HTTP::Daemon;
use HTTP::Response;

use base qw(PVE::ACME::Challenge);

sub supported_challenge_types {
    return ['http-01'];
}

sub type {
    return 'standalone';
}

sub properties {
    return {};
}

sub options {
    return {
	nodes => { optional => 1 },
	disable => { optional => 1 },
    };
}

sub setup {
    my ($self, $acme, $auth, $data) = @_;

    print "Setting up webserver\n";

    my $challenge = $self->extract_challenge($auth->{challenges});
    my $key_auth = $acme->key_authorization($challenge->{token});

    my %sockopts = (
	LocalPort => 80,
	ReuseAddr => 1,
	);
    my $server = HTTP::Daemon->new( LocalHost => '::', V6Only => 0, %sockopts) //
	    HTTP::Daemon->new( LocalHost => '0.0.0.0', %sockopts)
	    or die "Failed to initialize HTTP daemon\n";

    my $pid = fork() // die "Failed to fork HTTP daemon - $!\n";
    if ($pid) {
	$data->{server} = $server;
	$data->{pid} = $pid;
	$data->{url} = $challenge->{url};
    } else {
	while (my $c = $server->accept()) {
	    while (my $r = $c->get_request()) {
		if ($r->method() eq 'GET' and
		    $r->uri->path eq "/.well-known/acme-challenge/$challenge->{token}") {
		    my $resp = HTTP::Response->new(200, 'OK', undef, $key_auth);
		    $resp->request($r);
		    $c->send_response($resp);
		} else {
		    $c->send_error(404, 'Not found.')
		}
	    }
	    $c->close();
	    $c = undef;
	}
    }
}

sub teardown {
    my ($self, $acme, $auth, $data) = @_;

    eval { $data->{server}->close() };
    kill('KILL', $data->{pid});
    waitpid($data->{pid}, 0);
}

1;
Commit	Line	Data
5460050d WL	1	package PVE::ACME::StandAlone;
	2
	3	use strict;
	4	use warnings;
	5
	6	use HTTP::Daemon;
	7	use HTTP::Response;
	8
	9	use base qw(PVE::ACME::Challenge);
	10
	11	sub supported_challenge_types {
122626b3	12	return ['http-01'];
5460050d WL	13	}
5460050d WL	14
435e1726 WL	15	sub type {
	16	return 'standalone';
	17	}
	18
	19	sub properties {
	20	return {};
	21	}
	22
	23	sub options {
	24	return {
	25	nodes => { optional => 1 },
	26	disable => { optional => 1 },
	27	};
	28	}
	29
5460050d	30	sub setup {
f00829fd	31	my ($self, $acme, $auth, $data) = @_;
5460050d	32
d18383f0	33	print "Setting up webserver\n";
5460050d	34
f00829fd FG	35	my $challenge = $self->extract_challenge($auth->{challenges});
f00829fd FG	36	my $key_auth = $acme->key_authorization($challenge->{token});
5460050d	37
a4ac1b6e	38	my %sockopts = (
5460050d WL	39	LocalPort => 80,
5460050d WL	40	ReuseAddr => 1,
a4ac1b6e SI	41	);
	42	my $server = HTTP::Daemon->new( LocalHost => '::', V6Only => 0, %sockopts) //
	43	HTTP::Daemon->new( LocalHost => '0.0.0.0', %sockopts)
	44	or die "Failed to initialize HTTP daemon\n";
	45
5460050d WL	46	my $pid = fork() // die "Failed to fork HTTP daemon - $!\n";
5460050d WL	47	if ($pid) {
d18383f0 WL	48	$data->{server} = $server;
d18383f0 WL	49	$data->{pid} = $pid;
f00829fd	50	$data->{url} = $challenge->{url};
5460050d WL	51	} else {
	52	while (my $c = $server->accept()) {
	53	while (my $r = $c->get_request()) {
d18383f0	54	if ($r->method() eq 'GET' and
f00829fd	55	$r->uri->path eq "/.well-known/acme-challenge/$challenge->{token}") {
d18383f0	56	my $resp = HTTP::Response->new(200, 'OK', undef, $key_auth);
5460050d WL	57	$resp->request($r);
	58	$c->send_response($resp);
	59	} else {
	60	$c->send_error(404, 'Not found.')
	61	}
	62	}
	63	$c->close();
	64	$c = undef;
	65	}
	66	}
	67	}
	68
	69	sub teardown {
f00829fd	70	my ($self, $acme, $auth, $data) = @_;
5460050d	71
d18383f0 WL	72	eval { $data->{server}->close() };
	73	kill('KILL', $data->{pid});
	74	waitpid($data->{pid}, 0);
5460050d WL	75	}
	76
	77	1;