Update Lego
This commit is contained in:
Ludovic Fernandez
Traefiker Bot
parent
fc8c24e987
commit
9b2423aaba
192 changed files with 11105 additions and 8535 deletions
63
vendor/github.com/xenolf/lego/providers/dns/acmedns/acmedns.go
generated
vendored
63
vendor/github.com/xenolf/lego/providers/dns/acmedns/acmedns.go
generated
vendored
|
|
@ -7,7 +7,7 @@ import (
|
|||
"fmt"
|
||||
|
||||
"github.com/cpu/goacmedns"
|
||||
"github.com/xenolf/lego/acme"
|
||||
"github.com/xenolf/lego/challenge/dns01"
|
||||
"github.com/xenolf/lego/platform/config/env"
|
||||
)
|
||||
|
||||
|
|
@ -17,21 +17,19 @@ const (
|
|||
// apiBaseEnvVar is the environment variable name for the ACME-DNS API address
|
||||
// (e.g. https://acmedns.your-domain.com).
|
||||
apiBaseEnvVar = envNamespace + "API_BASE"
|
||||
// storagePathEnvVar is the environment variable name for the ACME-DNS JSON
|
||||
// account data file. A per-domain account will be registered/persisted to
|
||||
// this file and used for TXT updates.
|
||||
// storagePathEnvVar is the environment variable name for the ACME-DNS JSON account data file.
|
||||
// A per-domain account will be registered/persisted to this file and used for TXT updates.
|
||||
storagePathEnvVar = envNamespace + "STORAGE_PATH"
|
||||
)
|
||||
|
||||
// acmeDNSClient is an interface describing the goacmedns.Client functions
|
||||
// the DNSProvider uses. It makes it easier for tests to shim a mock Client into
|
||||
// the DNSProvider.
|
||||
// acmeDNSClient is an interface describing the goacmedns.Client functions the DNSProvider uses.
|
||||
// It makes it easier for tests to shim a mock Client into the DNSProvider.
|
||||
type acmeDNSClient interface {
|
||||
// UpdateTXTRecord updates the provided account's TXT record to the given
|
||||
// value or returns an error.
|
||||
// UpdateTXTRecord updates the provided account's TXT record
|
||||
// to the given value or returns an error.
|
||||
UpdateTXTRecord(goacmedns.Account, string) error
|
||||
// RegisterAccount registers and returns a new account with the given
|
||||
// allowFrom restriction or returns an error.
|
||||
// RegisterAccount registers and returns a new account
|
||||
// with the given allowFrom restriction or returns an error.
|
||||
RegisterAccount([]string) (goacmedns.Account, error)
|
||||
}
|
||||
|
||||
|
|
@ -43,8 +41,7 @@ type DNSProvider struct {
|
|||
}
|
||||
|
||||
// NewDNSProvider creates an ACME-DNS provider using file based account storage.
|
||||
// Its configuration is loaded from the environment by reading apiBaseEnvVar and
|
||||
// storagePathEnvVar.
|
||||
// Its configuration is loaded from the environment by reading apiBaseEnvVar and storagePathEnvVar.
|
||||
func NewDNSProvider() (*DNSProvider, error) {
|
||||
values, err := env.Get(apiBaseEnvVar, storagePathEnvVar)
|
||||
if err != nil {
|
||||
|
|
@ -56,8 +53,7 @@ func NewDNSProvider() (*DNSProvider, error) {
|
|||
return NewDNSProviderClient(client, storage)
|
||||
}
|
||||
|
||||
// NewDNSProviderClient creates an ACME-DNS DNSProvider with the given
|
||||
// acmeDNSClient and goacmedns.Storage.
|
||||
// NewDNSProviderClient creates an ACME-DNS DNSProvider with the given acmeDNSClient and goacmedns.Storage.
|
||||
func NewDNSProviderClient(client acmeDNSClient, storage goacmedns.Storage) (*DNSProvider, error) {
|
||||
if client == nil {
|
||||
return nil, errors.New("ACME-DNS Client must be not nil")
|
||||
|
|
@ -76,8 +72,7 @@ func NewDNSProviderClient(client acmeDNSClient, storage goacmedns.Storage) (*DNS
|
|||
// ErrCNAMERequired is returned by Present when the Domain indicated had no
|
||||
// existing ACME-DNS account in the Storage and additional setup is required.
|
||||
// The user must create a CNAME in the DNS zone for Domain that aliases FQDN
|
||||
// to Target in order to complete setup for the ACME-DNS account that was
|
||||
// created.
|
||||
// to Target in order to complete setup for the ACME-DNS account that was created.
|
||||
type ErrCNAMERequired struct {
|
||||
// The Domain that is being issued for.
|
||||
Domain string
|
||||
|
|
@ -100,18 +95,16 @@ func (e ErrCNAMERequired) Error() string {
|
|||
e.Domain, e.Domain, e.FQDN, e.Target)
|
||||
}
|
||||
|
||||
// Present creates a TXT record to fulfill the DNS-01 challenge. If there is an
|
||||
// existing account for the domain in the provider's storage then it will be
|
||||
// used to set the challenge response TXT record with the ACME-DNS server and
|
||||
// issuance will continue. If there is not an account for the given domain
|
||||
// present in the DNSProvider storage one will be created and registered with
|
||||
// the ACME DNS server and an ErrCNAMERequired error is returned. This will halt
|
||||
// issuance and indicate to the user that a one-time manual setup is required
|
||||
// for the domain.
|
||||
// Present creates a TXT record to fulfill the DNS-01 challenge.
|
||||
// If there is an existing account for the domain in the provider's storage
|
||||
// then it will be used to set the challenge response TXT record with the ACME-DNS server and issuance will continue.
|
||||
// If there is not an account for the given domain present in the DNSProvider storage
|
||||
// one will be created and registered with the ACME DNS server and an ErrCNAMERequired error is returned.
|
||||
// This will halt issuance and indicate to the user that a one-time manual setup is required for the domain.
|
||||
func (d *DNSProvider) Present(domain, _, keyAuth string) error {
|
||||
// Compute the challenge response FQDN and TXT value for the domain based
|
||||
// on the keyAuth.
|
||||
fqdn, value, _ := acme.DNS01Record(domain, keyAuth)
|
||||
fqdn, value := dns01.GetRecord(domain, keyAuth)
|
||||
|
||||
// Check if credentials were previously saved for this domain.
|
||||
account, err := d.storage.Fetch(domain)
|
||||
|
|
@ -132,15 +125,15 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
|
|||
// CleanUp removes the record matching the specified parameters. It is not
|
||||
// implemented for the ACME-DNS provider.
|
||||
func (d *DNSProvider) CleanUp(_, _, _ string) error {
|
||||
// ACME-DNS doesn't support the notion of removing a record. For users of
|
||||
// ACME-DNS it is expected the stale records remain in-place.
|
||||
// ACME-DNS doesn't support the notion of removing a record.
|
||||
// For users of ACME-DNS it is expected the stale records remain in-place.
|
||||
return nil
|
||||
}
|
||||
|
||||
// register creates a new ACME-DNS account for the given domain. If account
|
||||
// creation works as expected a ErrCNAMERequired error is returned describing
|
||||
// the one-time manual CNAME setup required to complete setup of the ACME-DNS
|
||||
// hook for the domain. If any other error occurs it is returned as-is.
|
||||
// register creates a new ACME-DNS account for the given domain.
|
||||
// If account creation works as expected a ErrCNAMERequired error is returned describing
|
||||
// the one-time manual CNAME setup required to complete setup of the ACME-DNS hook for the domain.
|
||||
// If any other error occurs it is returned as-is.
|
||||
func (d *DNSProvider) register(domain, fqdn string) error {
|
||||
// TODO(@cpu): Read CIDR whitelists from the environment
|
||||
newAcct, err := d.client.RegisterAccount(nil)
|
||||
|
|
@ -158,9 +151,9 @@ func (d *DNSProvider) register(domain, fqdn string) error {
|
|||
return err
|
||||
}
|
||||
|
||||
// Stop issuance by returning an error. The user needs to perform a manual
|
||||
// one-time CNAME setup in their DNS zone to complete the setup of the new
|
||||
// account we created.
|
||||
// Stop issuance by returning an error.
|
||||
// The user needs to perform a manual one-time CNAME setup in their DNS zone
|
||||
// to complete the setup of the new account we created.
|
||||
return ErrCNAMERequired{
|
||||
Domain: domain,
|
||||
FQDN: fqdn,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue