From 24352e799aa7eff2044e7ae548e94a8c3ad812de Mon Sep 17 00:00:00 2001
From: Matthew Holt <Matthew.Holt+git@gmail.com>
Date: Wed, 18 Nov 2015 17:40:35 -0700
Subject: [PATCH] Remove SimpleHTTP and bump version to 0.8 beta 4!

---
 caddy/letsencrypt/handler.go  | 31 ++++---------------------------
 caddy/letsencrypt/maintain.go | 17 ++---------------
 main.go                       |  2 +-
 3 files changed, 7 insertions(+), 43 deletions(-)

diff --git a/caddy/letsencrypt/handler.go b/caddy/letsencrypt/handler.go
index 4fdf4f625..6c9f962dd 100644
--- a/caddy/letsencrypt/handler.go
+++ b/caddy/letsencrypt/handler.go
@@ -7,7 +7,6 @@ import (
 	"net/http/httputil"
 	"net/url"
 	"strings"
-	"sync/atomic"
 
 	"github.com/mholt/caddy/middleware"
 )
@@ -18,18 +17,15 @@ const challengeBasePath = "/.well-known/acme-challenge"
 // requests to the real ACME client endpoint. This is necessary
 // to renew certificates while the server is running.
 type Handler struct {
-	Next            middleware.Handler
-	ChallengeActive int32 // TODO: use sync/atomic to set/get this flag safely and efficiently
+	Next middleware.Handler
+	//ChallengeActive int32 // (TODO) use sync/atomic to set/get this flag safely and efficiently
 }
 
 // ServeHTTP is basically a no-op unless an ACME challenge is active on this host
 // and the request path matches the expected path exactly.
 func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) {
-	// Only if challenge is active
-	// TODO: this won't work until the global challenge hook in the acme package is ready
-	//if atomic.LoadInt32(&h.ChallengeActive) == 1 {
-
 	// Proxy challenge requests to ACME client
+	// TODO: Only do this if a challenge is active?
 	if strings.HasPrefix(r.URL.Path, challengeBasePath) {
 		scheme := "http"
 		if r.TLS != nil {
@@ -48,31 +44,12 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error)
 
 		proxy := httputil.NewSingleHostReverseProxy(upstream)
 		proxy.Transport = &http.Transport{
-			TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // client uses self-signed cert
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // client would use self-signed cert
 		}
 		proxy.ServeHTTP(w, r)
 
 		return 0, nil
 	}
 
-	//}
-
 	return h.Next.ServeHTTP(w, r)
 }
-
-// TODO: SimpleHTTP deprecation imminent!! meaning these
-// challenge handlers will go away and be replaced with
-// something else.
-
-// ChallengeOn enables h to proxy ACME requests.
-func (h *Handler) ChallengeOn(challengePath string) {
-	// h.Lock()
-	// h.ChallengePath = challengePath
-	// h.Unlock()
-	atomic.StoreInt32(&h.ChallengeActive, 1)
-}
-
-// ChallengeOff disables ACME proxying from this h.
-func (h *Handler) ChallengeOff(success bool) {
-	atomic.StoreInt32(&h.ChallengeActive, 0)
-}
diff --git a/caddy/letsencrypt/maintain.go b/caddy/letsencrypt/maintain.go
index 6eaa8220a..c6701b40a 100644
--- a/caddy/letsencrypt/maintain.go
+++ b/caddy/letsencrypt/maintain.go
@@ -79,12 +79,6 @@ func renewCertificates(configs []server.Config, useCustomPort bool) (int, []erro
 	var errs []error
 	var n int
 
-	defer func() {
-		// reset these so as to not interfere with other challenges
-		acme.OnSimpleHTTPStart = nil
-		acme.OnSimpleHTTPEnd = nil
-	}()
-
 	for _, cfg := range configs {
 		// Host must be TLS-enabled and have existing assets managed by LE
 		if !cfg.TLS.Enabled || !existingCertAndKey(cfg.Host) {
@@ -122,28 +116,22 @@ func renewCertificates(configs []server.Config, useCustomPort bool) (int, []erro
 				continue
 			}
 
-			// Read metadata
+			// Read and set up cert meta, required for renewal
 			metaBytes, err := ioutil.ReadFile(storage.SiteMetaFile(cfg.Host))
 			if err != nil {
 				errs = append(errs, err)
 				continue
 			}
-
 			privBytes, err := ioutil.ReadFile(storage.SiteKeyFile(cfg.Host))
 			if err != nil {
 				errs = append(errs, err)
 				continue
 			}
-
 			var certMeta acme.CertificateResource
 			err = json.Unmarshal(metaBytes, &certMeta)
 			certMeta.Certificate = certBytes
 			certMeta.PrivateKey = privBytes
 
-			// Tell the handler to accept and proxy acme request in order to solve challenge
-			acme.OnSimpleHTTPStart = acmeHandlers[cfg.Host].ChallengeOn
-			acme.OnSimpleHTTPEnd = acmeHandlers[cfg.Host].ChallengeOff
-
 			// Renew certificate
 		Renew:
 			newCertMeta, err := client.RenewCertificate(certMeta, true, true)
@@ -176,6 +164,5 @@ func renewCertificates(configs []server.Config, useCustomPort bool) (int, []erro
 }
 
 // acmeHandlers is a map of host to ACME handler. These
-// are used to proxy ACME requests to the ACME client
-// when port 443 is in use.
+// are used to proxy ACME requests to the ACME client.
 var acmeHandlers = make(map[string]*Handler)
diff --git a/main.go b/main.go
index 784fc651e..b08d101ae 100644
--- a/main.go
+++ b/main.go
@@ -26,7 +26,7 @@ var (
 
 const (
 	appName    = "Caddy"
-	appVersion = "0.8 beta 3"
+	appVersion = "0.8 beta 4"
 )
 
 func init() {