1 package PVE
::ACME
::StandAlone
;
9 use base
qw(PVE::ACME::Challenge);
11 sub supported_challenge_types
{
12 return { 'http-01' => 1 };
25 nodes
=> { optional
=> 1 },
26 disable
=> { optional
=> 1 },
30 sub extract_challenge
{
31 my ($self, $challenge) = @_;
33 return PVE
::ACME
::Challenge-
>extract_challenge($challenge, 'http-01');
37 my ($class, $acme, $authorization) = @_;
39 my $challenges = $authorization->{challenges
};
40 die "no challenges defined in authorization\n" if !$challenges;
42 my $http_challenges = [ grep {$_->{type
} eq 'http-01'} @$challenges ];
43 die "no http-01 challenge defined in authorization\n"
44 if ! scalar $http_challenges;
46 my $http_challenge = $http_challenges->[0];
48 die "no token found in http-01 challenge\n" if !$http_challenge->{token
};
50 my $key_authorization = $acme->key_authorization($http_challenge->{token
});
52 my $server = HTTP
::Daemon-
>new(
55 ) or die "Failed to initialize HTTP daemon\n";
56 my $pid = fork() // die "Failed to fork HTTP daemon - $!\n";
61 authorization
=> $authorization,
62 key_auth
=> $key_authorization,
63 url
=> $http_challenge->{url
},
66 return bless $self, $class;
68 while (my $c = $server->accept()) {
69 while (my $r = $c->get_request()) {
70 if ($r->method() eq 'GET' and $r->uri->path eq "/.well-known/acme-challenge/$http_challenge->{token}") {
71 my $resp = HTTP
::Response-
>new(200, 'OK', undef, $key_authorization);
73 $c->send_response($resp);
75 $c->send_error(404, 'Not found.')
87 eval { $self->{server
}->close() };
88 kill('KILL', $self->{pid
});
89 waitpid($self->{pid
}, 0);