From be477c6c0a2ecebe181da47f78f93dad255a20bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Richard=20K=C3=B6rber?= Date: Mon, 21 Nov 2016 00:48:37 +0100 Subject: [PATCH] Remove http-01 preferred address --- .../acme4j/challenge/Http01Challenge.java | 27 ------------------- .../acme4j/challenge/HttpChallengeTest.java | 20 -------------- src/site/markdown/challenge/http-01.md | 11 -------- 3 files changed, 58 deletions(-) diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/Http01Challenge.java b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/Http01Challenge.java index d8f6935e..c12d3f86 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/Http01Challenge.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/challenge/Http01Challenge.java @@ -13,8 +13,6 @@ */ package org.shredzone.acme4j.challenge; -import java.net.InetAddress; - import org.shredzone.acme4j.Session; import org.shredzone.acme4j.util.ClaimBuilder; @@ -24,15 +22,11 @@ import org.shredzone.acme4j.util.ClaimBuilder; public class Http01Challenge extends TokenChallenge { private static final long serialVersionUID = 3322211185872544605L; - protected static final String KEY_ADDRESS = "address"; - /** * Challenge type name: {@value} */ public static final String TYPE = "http-01"; - private InetAddress address; - /** * Creates a new generic {@link Http01Challenge} object. * @@ -63,30 +57,9 @@ public class Http01Challenge extends TokenChallenge { return super.getAuthorization(); } - /** - * An address that the CA server should connect to in order to request the response. - * This address must be included in the set of IP addresses to which the domain name - * resolves. - *

- * It is at the discretion of the CA server to use this address for the request. - * However, if the address is not included in the set of IP addresses, the challenge - * will fail. - * - * @param address - * Address to request the response from - * @deprecated feature has been removed in draft-03, do not use. - */ - @Deprecated - public void setAddress(InetAddress address) { - this.address = address; - } - @Override protected void respond(ClaimBuilder cb) { super.respond(cb); - if (address != null) { - cb.put(KEY_ADDRESS, address.getHostAddress()); - } } @Override diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/HttpChallengeTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/HttpChallengeTest.java index eefbc410..720fc1f2 100644 --- a/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/HttpChallengeTest.java +++ b/acme4j-client/src/test/java/org/shredzone/acme4j/challenge/HttpChallengeTest.java @@ -18,7 +18,6 @@ import static org.junit.Assert.assertThat; import static uk.co.datumedge.hamcrest.json.SameJSONAs.sameJSONAs; import java.io.IOException; -import java.net.InetAddress; import org.junit.BeforeClass; import org.junit.Test; @@ -63,23 +62,4 @@ public class HttpChallengeTest { + KEY_AUTHORIZATION + "\"}").allowingExtraUnexpectedFields()); } - /** - * Test that {@link Http01Challenge} uses the given address. - */ - @Test - @Deprecated - public void testAddress() throws IOException { - Http01Challenge challenge = new Http01Challenge(session); - challenge.unmarshall(TestUtils.getJsonAsMap("httpChallenge")); - - challenge.setAddress(InetAddress.getByName("198.051.100.012")); - - ClaimBuilder cb = new ClaimBuilder(); - challenge.respond(cb); - - assertThat(cb.toString(), sameJSONAs("{\"keyAuthorization\"=\"" - + KEY_AUTHORIZATION + "\", \"address\"=\"198.51.100.12\"}") - .allowingExtraUnexpectedFields()); - } - } diff --git a/src/site/markdown/challenge/http-01.md b/src/site/markdown/challenge/http-01.md index 15c0a174..a87d07e8 100644 --- a/src/site/markdown/challenge/http-01.md +++ b/src/site/markdown/challenge/http-01.md @@ -22,14 +22,3 @@ http://${domain}/.well-known/acme-challenge/${token} The challenge is completed when the CA was able to download that file and found `content` in it. Note that the request is sent to port 80 only. There is no way to choose a different port, for security reasons. This is a limitation of the ACME protocol, not of _acme4j_. - -## Preferred Address - -If your domain name resolves to multiple IP adresses, you can set an explicit address that the CA server should prefer to send the request to. This address must be included in the set of your domain's IP addresses. - -```java -Http01Challenge challenge = auth.findChallenge(Http01Challenge.TYPE); -challenge.setAddress(InetAddress.getByName("198.51.100.12")); -``` - -The server _should_ connect to this address, but is not required to do so.