Skip to content

Commit 0485896

Browse files
jlesagejlesage
committed
Fixes for the server reachability test.
- Do not apply HTTPs redirection for challenge used by the test. - Set the `User-Agent` to avoid 403 answer from site24x7.com. - Handle JSON parsing failure of the received body. - Better handling of different error cases.
1 parent a7c2fa5 commit 0485896

File tree

2 files changed

+65
-0
lines changed

2 files changed

+65
-0
lines changed

src/nginx-proxy-manager/build.sh

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -78,6 +78,7 @@ patch -p1 -d /tmp/nginx-proxy-manager < "$SCRIPT_DIR"/pip-install.patch
7878
patch -p1 -d /tmp/nginx-proxy-manager < "$SCRIPT_DIR"/remove-certbot-dns-oci.patch
7979
patch -p1 -d /tmp/nginx-proxy-manager < "$SCRIPT_DIR"/powerdns-fix.patch
8080
patch -p1 -d /tmp/nginx-proxy-manager < "$SCRIPT_DIR"/http2-support-fix.patch
81+
patch -p1 -d /tmp/nginx-proxy-manager < "$SCRIPT_DIR"/reachability-test-fix.patch
8182

8283
cp -r /tmp/nginx-proxy-manager /app
8384

src/nginx-proxy-manager/reachability-test-fix.patch

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
Fixes for the server reachability test.
2+
- Do not apply HTTPs redirection for challenge used by the test.
3+
- Set the `User-Agent` to avoid 403 answer from site24x7.com.
4+
- Handle JSON parsing failure of the received body.
5+
- Better handling of different error cases.
6+
--- a/backend/internal/certificate.js 2023-12-11 15:50:27.947677992 -0500
7+
+++ b/backend/internal/certificate.js 2023-12-11 16:00:10.953034576 -0500
8+
@@ -1163,6 +1163,7 @@
9+
const options = {
10+
method: 'POST',
11+
headers: {
12+
+ 'User-Agent': 'Mozilla/5.0',
13+
'Content-Type': 'application/x-www-form-urlencoded',
14+
'Content-Length': Buffer.byteLength(formBody)
15+
}
16+
@@ -1175,12 +1176,22 @@
17+
18+
res.on('data', (chunk) => responseBody = responseBody + chunk);
19+
res.on('end', function () {
20+
- const parsedBody = JSON.parse(responseBody + '');
21+
- if (res.statusCode !== 200) {
22+
- logger.warn(`Failed to test HTTP challenge for domain ${domain}`, res);
23+
+ try {
24+
+ const parsedBody = JSON.parse(responseBody + '');
25+
+ if (res.statusCode !== 200) {
26+
+ logger.warn(`Failed to test HTTP challenge for domain ${domain} because HTTP status code ${res.statusCode} was returned: ${parsedBody.message}`);
27+
+ resolve(undefined);
28+
+ } else {
29+
+ resolve(parsedBody);
30+
+ }
31+
+ } catch (err) {
32+
+ if (res.statusCode !== 200) {
33+
+ logger.warn(`Failed to test HTTP challenge for domain ${domain} because HTTP status code ${res.statusCode} was returned`);
34+
+ } else {
35+
+ logger.warn(`Failed to test HTTP challenge for domain ${domain} because response failed to be parsed: ${err.message}`);
36+
+ }
37+
resolve(undefined);
38+
}
39+
- resolve(parsedBody);
40+
});
41+
});
42+
43+
@@ -1194,6 +1205,9 @@
44+
if (!result) {
45+
// Some error occurred while trying to get the data
46+
return 'failed';
47+
+ } else if (result.error) {
48+
+ logger.info(`HTTP challenge test failed for domain ${domain} because error was returned: ${result.error.msg}`);
49+
+ return `other:${result.error.msg}`;
50+
} else if (`${result.responsecode}` === '200' && result.htmlresponse === 'Success') {
51+
// Server exists and has responded with the correct data
52+
return 'ok';
53+
--- a/docker/rootfs/etc/nginx/conf.d/include/force-ssl.conf 2023-12-13 08:00:40.674589907 -0500
54+
+++ b/docker/rootfs/etc/nginx/conf.d/include/force-ssl.conf 2023-12-13 08:05:26.611112675 -0500
55+
@@ -1,3 +1,9 @@
56+
if ($scheme = "http") {
57+
+ set $test H;
58+
+}
59+
+if ($request_uri = /.well-known/acme-challenge/test-challenge) {
60+
+ set $test "${test}T";
61+
+}
62+
+if ($test = H) {
63+
return 301 https://$host$request_uri;
64+
}

0 commit comments

Comments
 (0)