Migrate to go-acme/lego.

2019-03-14 11:04:04 +01:00 · 2019-03-14 11:04:04 +01:00 · 87da7520de
commit 87da7520de
parent 4a68d29ce2
286 changed files with 14021 additions and 2501 deletions
--- a/vendor/github.com/go-acme/lego/providers/dns/cloudns/cloudns.go
+++ b/vendor/github.com/go-acme/lego/providers/dns/cloudns/cloudns.go
@ -0,0 +1,108 @@
+// Package cloudns implements a DNS provider for solving the DNS-01 challenge using ClouDNS DNS.
+package cloudns
+
+import (
+	"errors"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/go-acme/lego/challenge/dns01"
+	"github.com/go-acme/lego/platform/config/env"
+	"github.com/go-acme/lego/providers/dns/cloudns/internal"
+)
+
+// Config is used to configure the creation of the DNSProvider
+type Config struct {
+	AuthID             string
+	AuthPassword       string
+	PropagationTimeout time.Duration
+	PollingInterval    time.Duration
+	TTL                int
+	HTTPClient         *http.Client
+}
+
+// NewDefaultConfig returns a default configuration for the DNSProvider
+func NewDefaultConfig() *Config {
+	return &Config{
+		PropagationTimeout: env.GetOrDefaultSecond("CLOUDNS_PROPAGATION_TIMEOUT", 120*time.Second),
+		PollingInterval:    env.GetOrDefaultSecond("CLOUDNS_POLLING_INTERVAL", 4*time.Second),
+		TTL:                env.GetOrDefaultInt("CLOUDNS_TTL", dns01.DefaultTTL),
+		HTTPClient: &http.Client{
+			Timeout: env.GetOrDefaultSecond("CLOUDNS_HTTP_TIMEOUT", 30*time.Second),
+		},
+	}
+}
+
+// DNSProvider is an implementation of the acme.ChallengeProvider interface
+type DNSProvider struct {
+	config *Config
+	client *internal.Client
+}
+
+// NewDNSProvider returns a DNSProvider instance configured for ClouDNS.
+// Credentials must be passed in the environment variables:
+// CLOUDNS_AUTH_ID and CLOUDNS_AUTH_PASSWORD.
+func NewDNSProvider() (*DNSProvider, error) {
+	values, err := env.Get("CLOUDNS_AUTH_ID", "CLOUDNS_AUTH_PASSWORD")
+	if err != nil {
+		return nil, fmt.Errorf("ClouDNS: %v", err)
+	}
+
+	config := NewDefaultConfig()
+	config.AuthID = values["CLOUDNS_AUTH_ID"]
+	config.AuthPassword = values["CLOUDNS_AUTH_PASSWORD"]
+
+	return NewDNSProviderConfig(config)
+}
+
+// NewDNSProviderConfig return a DNSProvider instance configured for ClouDNS.
+func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
+	if config == nil {
+		return nil, errors.New("ClouDNS: the configuration of the DNS provider is nil")
+	}
+
+	client, err := internal.NewClient(config.AuthID, config.AuthPassword)
+	if err != nil {
+		return nil, err
+	}
+
+	client.HTTPClient = config.HTTPClient
+
+	return &DNSProvider{client: client, config: config}, nil
+}
+
+// Present creates a TXT record to fulfill the dns-01 challenge.
+func (d *DNSProvider) Present(domain, token, keyAuth string) error {
+	fqdn, value := dns01.GetRecord(domain, keyAuth)
+
+	zone, err := d.client.GetZone(fqdn)
+	if err != nil {
+		return err
+	}
+
+	return d.client.AddTxtRecord(zone.Name, fqdn, value, d.config.TTL)
+}
+
+// CleanUp removes the TXT record matching the specified parameters.
+func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
+	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+
+	zone, err := d.client.GetZone(fqdn)
+	if err != nil {
+		return err
+	}
+
+	record, err := d.client.FindTxtRecord(zone.Name, fqdn)
+	if err != nil {
+		return err
+	}
+
+	return d.client.RemoveTxtRecord(record.ID, zone.Name)
+}
+
+// Timeout returns the timeout and interval to use when checking for DNS propagation.
+// Adjusting here to cope with spikes in propagation times.
+func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
+	return d.config.PropagationTimeout, d.config.PollingInterval
+}
--- a/vendor/github.com/go-acme/lego/providers/dns/cloudns/internal/client.go
+++ b/vendor/github.com/go-acme/lego/providers/dns/cloudns/internal/client.go
@ -0,0 +1,209 @@
+package internal
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+
+	"github.com/go-acme/lego/challenge/dns01"
+)
+
+const defaultBaseURL = "https://api.cloudns.net/dns/"
+
+type Zone struct {
+	Name   string
+	Type   string
+	Zone   string
+	Status string // is an integer, but cast as string
+}
+
+// TXTRecord a TXT record
+type TXTRecord struct {
+	ID       int    `json:"id,string"`
+	Type     string `json:"type"`
+	Host     string `json:"host"`
+	Record   string `json:"record"`
+	Failover int    `json:"failover,string"`
+	TTL      int    `json:"ttl,string"`
+	Status   int    `json:"status"`
+}
+
+type TXTRecords map[string]TXTRecord
+
+// NewClient creates a ClouDNS client
+func NewClient(authID string, authPassword string) (*Client, error) {
+	if authID == "" {
+		return nil, fmt.Errorf("ClouDNS: credentials missing: authID")
+	}
+
+	if authPassword == "" {
+		return nil, fmt.Errorf("ClouDNS: credentials missing: authPassword")
+	}
+
+	baseURL, err := url.Parse(defaultBaseURL)
+	if err != nil {
+		return nil, err
+	}
+
+	return &Client{
+		authID:       authID,
+		authPassword: authPassword,
+		HTTPClient:   &http.Client{},
+		BaseURL:      baseURL,
+	}, nil
+}
+
+// Client ClouDNS client
+type Client struct {
+	authID       string
+	authPassword string
+	HTTPClient   *http.Client
+	BaseURL      *url.URL
+}
+
+// GetZone Get domain name information for a FQDN
+func (c *Client) GetZone(authFQDN string) (*Zone, error) {
+	authZone, err := dns01.FindZoneByFqdn(authFQDN)
+	if err != nil {
+		return nil, err
+	}
+
+	authZoneName := dns01.UnFqdn(authZone)
+
+	reqURL := *c.BaseURL
+	reqURL.Path += "get-zone-info.json"
+
+	q := reqURL.Query()
+	q.Add("domain-name", authZoneName)
+	reqURL.RawQuery = q.Encode()
+
+	result, err := c.doRequest(http.MethodGet, &reqURL)
+	if err != nil {
+		return nil, err
+	}
+
+	var zone Zone
+
+	if len(result) > 0 {
+		if err = json.Unmarshal(result, &zone); err != nil {
+			return nil, fmt.Errorf("ClouDNS: zone unmarshaling error: %v", err)
+		}
+	}
+
+	if zone.Name == authZoneName {
+		return &zone, nil
+	}
+
+	return nil, fmt.Errorf("ClouDNS: zone %s not found for authFQDN %s", authZoneName, authFQDN)
+}
+
+// FindTxtRecord return the TXT record a zone ID and a FQDN
+func (c *Client) FindTxtRecord(zoneName, fqdn string) (*TXTRecord, error) {
+	host := dns01.UnFqdn(strings.TrimSuffix(dns01.UnFqdn(fqdn), zoneName))
+
+	reqURL := *c.BaseURL
+	reqURL.Path += "records.json"
+
+	q := reqURL.Query()
+	q.Add("domain-name", zoneName)
+	q.Add("host", host)
+	q.Add("type", "TXT")
+	reqURL.RawQuery = q.Encode()
+
+	result, err := c.doRequest(http.MethodGet, &reqURL)
+	if err != nil {
+		return nil, err
+	}
+
+	var records TXTRecords
+	if err = json.Unmarshal(result, &records); err != nil {
+		return nil, fmt.Errorf("ClouDNS: TXT record unmarshaling error: %v", err)
+	}
+
+	for _, record := range records {
+		if record.Host == host && record.Type == "TXT" {
+			return &record, nil
+		}
+	}
+
+	return nil, fmt.Errorf("ClouDNS: no existing record found for %q", fqdn)
+}
+
+// AddTxtRecord add a TXT record
+func (c *Client) AddTxtRecord(zoneName string, fqdn, value string, ttl int) error {
+	host := dns01.UnFqdn(strings.TrimSuffix(dns01.UnFqdn(fqdn), zoneName))
+
+	reqURL := *c.BaseURL
+	reqURL.Path += "add-record.json"
+
+	q := reqURL.Query()
+	q.Add("domain-name", zoneName)
+	q.Add("host", host)
+	q.Add("record", value)
+	q.Add("ttl", strconv.Itoa(ttl))
+	q.Add("record-type", "TXT")
+	reqURL.RawQuery = q.Encode()
+
+	_, err := c.doRequest(http.MethodPost, &reqURL)
+	return err
+}
+
+// RemoveTxtRecord remove a TXT record
+func (c *Client) RemoveTxtRecord(recordID int, zoneName string) error {
+	reqURL := *c.BaseURL
+	reqURL.Path += "delete-record.json"
+
+	q := reqURL.Query()
+	q.Add("domain-name", zoneName)
+	q.Add("record-id", strconv.Itoa(recordID))
+	reqURL.RawQuery = q.Encode()
+
+	_, err := c.doRequest(http.MethodPost, &reqURL)
+	return err
+}
+
+func (c *Client) doRequest(method string, url *url.URL) (json.RawMessage, error) {
+	req, err := c.buildRequest(method, url)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := c.HTTPClient.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("ClouDNS: %v", err)
+	}
+
+	defer resp.Body.Close()
+
+	content, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("ClouDNS: %s", toUnreadableBodyMessage(req, content))
+	}
+
+	if resp.StatusCode != 200 {
+		return nil, fmt.Errorf("ClouDNS: invalid code (%v), error: %s", resp.StatusCode, content)
+	}
+	return content, nil
+}
+
+func (c *Client) buildRequest(method string, url *url.URL) (*http.Request, error) {
+	q := url.Query()
+	q.Add("auth-id", c.authID)
+	q.Add("auth-password", c.authPassword)
+	url.RawQuery = q.Encode()
+
+	req, err := http.NewRequest(method, url.String(), nil)
+	if err != nil {
+		return nil, fmt.Errorf("ClouDNS: invalid request: %v", err)
+	}
+
+	return req, nil
+}
+
+func toUnreadableBodyMessage(req *http.Request, rawBody []byte) string {
+	return fmt.Sprintf("the request %s sent a response with a body which is an invalid format: %q", req.URL, string(rawBody))
+}