Update lego

2018-09-17 15:16:03 +02:00 · 2018-09-17 15:16:03 +02:00 · a80cca95a2
commit a80cca95a2
parent c52f4b043d
57 changed files with 4479 additions and 2319 deletions
--- a/vendor/github.com/xenolf/lego/providers/dns/cloudxns/client.go
+++ b/vendor/github.com/xenolf/lego/providers/dns/cloudxns/client.go
@ -0,0 +1,208 @@
+package cloudxns
+
+import (
+	"bytes"
+	"crypto/md5"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/xenolf/lego/acme"
+)
+
+const defaultBaseURL = "https://www.cloudxns.net/api2/"
+
+type apiResponse struct {
+	Code    int             `json:"code"`
+	Message string          `json:"message"`
+	Data    json.RawMessage `json:"data,omitempty"`
+}
+
+// Data Domain information
+type Data struct {
+	ID     string `json:"id"`
+	Domain string `json:"domain"`
+	TTL    int    `json:"ttl,omitempty"`
+}
+
+// TXTRecord a TXT record
+type TXTRecord struct {
+	ID       int    `json:"domain_id,omitempty"`
+	RecordID string `json:"record_id,omitempty"`
+
+	Host   string `json:"host"`
+	Value  string `json:"value"`
+	Type   string `json:"type"`
+	LineID int    `json:"line_id,string"`
+	TTL    int    `json:"ttl,string"`
+}
+
+// NewClient creates a CloudXNS client
+func NewClient(apiKey string, secretKey string) (*Client, error) {
+	if apiKey == "" {
+		return nil, fmt.Errorf("CloudXNS: credentials missing: apiKey")
+	}
+
+	if secretKey == "" {
+		return nil, fmt.Errorf("CloudXNS: credentials missing: secretKey")
+	}
+
+	return &Client{
+		apiKey:     apiKey,
+		secretKey:  secretKey,
+		HTTPClient: &http.Client{},
+		BaseURL:    defaultBaseURL,
+	}, nil
+}
+
+// Client CloudXNS client
+type Client struct {
+	apiKey     string
+	secretKey  string
+	HTTPClient *http.Client
+	BaseURL    string
+}
+
+// GetDomainInformation Get domain name information for a FQDN
+func (c *Client) GetDomainInformation(fqdn string) (*Data, error) {
+	authZone, err := acme.FindZoneByFqdn(fqdn, acme.RecursiveNameservers)
+	if err != nil {
+		return nil, err
+	}
+
+	result, err := c.doRequest(http.MethodGet, "domain", nil)
+	if err != nil {
+		return nil, err
+	}
+
+	var domains []Data
+	if len(result) > 0 {
+		err = json.Unmarshal(result, &domains)
+		if err != nil {
+			return nil, fmt.Errorf("CloudXNS: domains unmarshaling error: %v", err)
+		}
+	}
+
+	for _, data := range domains {
+		if data.Domain == authZone {
+			return &data, nil
+		}
+	}
+
+	return nil, fmt.Errorf("CloudXNS: zone %s not found for domain %s", authZone, fqdn)
+}
+
+// FindTxtRecord return the TXT record a zone ID and a FQDN
+func (c *Client) FindTxtRecord(zoneID, fqdn string) (*TXTRecord, error) {
+	result, err := c.doRequest(http.MethodGet, fmt.Sprintf("record/%s?host_id=0&offset=0&row_num=2000", zoneID), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	var records []TXTRecord
+	err = json.Unmarshal(result, &records)
+	if err != nil {
+		return nil, fmt.Errorf("CloudXNS: TXT record unmarshaling error: %v", err)
+	}
+
+	for _, record := range records {
+		if record.Host == acme.UnFqdn(fqdn) && record.Type == "TXT" {
+			return &record, nil
+		}
+	}
+
+	return nil, fmt.Errorf("CloudXNS: no existing record found for %q", fqdn)
+}
+
+// AddTxtRecord add a TXT record
+func (c *Client) AddTxtRecord(info *Data, fqdn, value string, ttl int) error {
+	id, err := strconv.Atoi(info.ID)
+	if err != nil {
+		return fmt.Errorf("CloudXNS: invalid zone ID: %v", err)
+	}
+
+	payload := TXTRecord{
+		ID:     id,
+		Host:   acme.UnFqdn(strings.TrimSuffix(fqdn, info.Domain)),
+		Value:  value,
+		Type:   "TXT",
+		LineID: 1,
+		TTL:    ttl,
+	}
+
+	body, err := json.Marshal(payload)
+	if err != nil {
+		return fmt.Errorf("CloudXNS: record unmarshaling error: %v", err)
+	}
+
+	_, err = c.doRequest(http.MethodPost, "record", body)
+	return err
+}
+
+// RemoveTxtRecord remove a TXT record
+func (c *Client) RemoveTxtRecord(recordID, zoneID string) error {
+	_, err := c.doRequest(http.MethodDelete, fmt.Sprintf("record/%s/%s", recordID, zoneID), nil)
+	return err
+}
+
+func (c *Client) doRequest(method, uri string, body []byte) (json.RawMessage, error) {
+	req, err := c.buildRequest(method, uri, body)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := c.HTTPClient.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("CloudXNS: %v", err)
+	}
+
+	defer resp.Body.Close()
+
+	content, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("CloudXNS: %s", toUnreadableBodyMessage(req, content))
+	}
+
+	var r apiResponse
+	err = json.Unmarshal(content, &r)
+	if err != nil {
+		return nil, fmt.Errorf("CloudXNS: response unmashaling error: %v: %s", err, toUnreadableBodyMessage(req, content))
+	}
+
+	if r.Code != 1 {
+		return nil, fmt.Errorf("CloudXNS: invalid code (%v), error: %s", r.Code, r.Message)
+	}
+	return r.Data, nil
+}
+
+func (c *Client) buildRequest(method, uri string, body []byte) (*http.Request, error) {
+	url := c.BaseURL + uri
+
+	req, err := http.NewRequest(method, url, bytes.NewReader(body))
+	if err != nil {
+		return nil, fmt.Errorf("CloudXNS: invalid request: %v", err)
+	}
+
+	requestDate := time.Now().Format(time.RFC1123Z)
+
+	req.Header.Set("API-KEY", c.apiKey)
+	req.Header.Set("API-REQUEST-DATE", requestDate)
+	req.Header.Set("API-HMAC", c.hmac(url, requestDate, string(body)))
+	req.Header.Set("API-FORMAT", "json")
+
+	return req, nil
+}
+
+func (c *Client) hmac(url, date, body string) string {
+	sum := md5.Sum([]byte(c.apiKey + url + body + date + c.secretKey))
+	return hex.EncodeToString(sum[:])
+}
+
+func toUnreadableBodyMessage(req *http.Request, rawBody []byte) string {
+	return fmt.Sprintf("the request %s sent a response with a body which is an invalid format: %q", req.URL, string(rawBody))
+}
--- a/vendor/github.com/xenolf/lego/providers/dns/cloudxns/cloudxns.go
+++ b/vendor/github.com/xenolf/lego/providers/dns/cloudxns/cloudxns.go
@ -1,32 +1,49 @@
 // Package cloudxns implements a DNS provider for solving the DNS-01 challenge
-// using cloudxns DNS.
+// using CloudXNS DNS.
 package cloudxns

 import (
-	"bytes"
-	"crypto/md5"
-	"encoding/hex"
-	"encoding/json"
+	"errors"
 	"fmt"
 	"net/http"
-	"strconv"
 	"time"

 	"github.com/xenolf/lego/acme"
 	"github.com/xenolf/lego/platform/config/env"
 )

-const cloudXNSBaseURL = "https://www.cloudxns.net/api2/"
+// Config is used to configure the creation of the DNSProvider
+type Config struct {
+	APIKey             string
+	SecretKey          string
+	PropagationTimeout time.Duration
+	PollingInterval    time.Duration
+	TTL                int
+	HTTPClient         *http.Client
+}
+
+// NewDefaultConfig returns a default configuration for the DNSProvider
+func NewDefaultConfig() *Config {
+	client := acme.HTTPClient
+	client.Timeout = time.Second * time.Duration(env.GetOrDefaultInt("CLOUDXNS_HTTP_TIMEOUT", 30))
+
+	return &Config{
+		PropagationTimeout: env.GetOrDefaultSecond("AKAMAI_PROPAGATION_TIMEOUT", acme.DefaultPropagationTimeout),
+		PollingInterval:    env.GetOrDefaultSecond("AKAMAI_POLLING_INTERVAL", acme.DefaultPollingInterval),
+		TTL:                env.GetOrDefaultInt("CLOUDXNS_TTL", 120),
+		HTTPClient:         &client,
+	}
+}

 // DNSProvider is an implementation of the acme.ChallengeProvider interface
 type DNSProvider struct {
-	apiKey    string
-	secretKey string
+	config *Config
+	client *Client
 }

-// NewDNSProvider returns a DNSProvider instance configured for cloudxns.
-// Credentials must be passed in the environment variables: CLOUDXNS_API_KEY
-// and CLOUDXNS_SECRET_KEY.
+// NewDNSProvider returns a DNSProvider instance configured for CloudXNS.
+// Credentials must be passed in the environment variables:
+// CLOUDXNS_API_KEY and CLOUDXNS_SECRET_KEY.
 func NewDNSProvider() (*DNSProvider, error) {
 	values, err := env.Get("CLOUDXNS_API_KEY", "CLOUDXNS_SECRET_KEY")
 	if err != nil {
@ -37,177 +54,62 @@ func NewDNSProvider() (*DNSProvider, error) {
 }

 // NewDNSProviderCredentials uses the supplied credentials to return a
-// DNSProvider instance configured for cloudxns.
+// DNSProvider instance configured for CloudXNS.
 func NewDNSProviderCredentials(apiKey, secretKey string) (*DNSProvider, error) {
-	if apiKey == "" || secretKey == "" {
-		return nil, fmt.Errorf("CloudXNS credentials missing")
+	config := NewDefaultConfig()
+	config.APIKey = apiKey
+	config.SecretKey = secretKey
+
+	return NewDNSProviderConfig(config)
+}
+
+// NewDNSProviderConfig return a DNSProvider instance configured for CloudXNS.
+func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
+	if config == nil {
+		return nil, errors.New("CloudXNS: the configuration of the DNS provider is nil")
 	}

-	return &DNSProvider{
-		apiKey:    apiKey,
-		secretKey: secretKey,
-	}, nil
+	client, err := NewClient(config.APIKey, config.SecretKey)
+	if err != nil {
+		return nil, err
+	}
+
+	client.HTTPClient = config.HTTPClient
+
+	return &DNSProvider{client: client}, nil
 }

 // Present creates a TXT record to fulfil the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value, ttl := acme.DNS01Record(domain, keyAuth)
-	zoneID, err := d.getHostedZoneID(fqdn)
+	fqdn, value, _ := acme.DNS01Record(domain, keyAuth)
+
+	info, err := d.client.GetDomainInformation(fqdn)
 	if err != nil {
 		return err
 	}

-	return d.addTxtRecord(zoneID, fqdn, value, ttl)
+	return d.client.AddTxtRecord(info, fqdn, value, d.config.TTL)
 }

 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	fqdn, _, _ := acme.DNS01Record(domain, keyAuth)
-	zoneID, err := d.getHostedZoneID(fqdn)
+
+	info, err := d.client.GetDomainInformation(fqdn)
 	if err != nil {
 		return err
 	}

-	recordID, err := d.findTxtRecord(zoneID, fqdn)
+	record, err := d.client.FindTxtRecord(info.ID, fqdn)
 	if err != nil {
 		return err
 	}

-	return d.delTxtRecord(recordID, zoneID)
+	return d.client.RemoveTxtRecord(record.RecordID, info.ID)
 }

-func (d *DNSProvider) getHostedZoneID(fqdn string) (string, error) {
-	type Data struct {
-		ID     string `json:"id"`
-		Domain string `json:"domain"`
-	}
-
-	authZone, err := acme.FindZoneByFqdn(fqdn, acme.RecursiveNameservers)
-	if err != nil {
-		return "", err
-	}
-
-	result, err := d.makeRequest(http.MethodGet, "domain", nil)
-	if err != nil {
-		return "", err
-	}
-
-	var domains []Data
-	err = json.Unmarshal(result, &domains)
-	if err != nil {
-		return "", err
-	}
-
-	for _, data := range domains {
-		if data.Domain == authZone {
-			return data.ID, nil
-		}
-	}
-
-	return "", fmt.Errorf("zone %s not found in cloudxns for domain %s", authZone, fqdn)
-}
-
-func (d *DNSProvider) findTxtRecord(zoneID, fqdn string) (string, error) {
-	result, err := d.makeRequest(http.MethodGet, fmt.Sprintf("record/%s?host_id=0&offset=0&row_num=2000", zoneID), nil)
-	if err != nil {
-		return "", err
-	}
-
-	var records []cloudXNSRecord
-	err = json.Unmarshal(result, &records)
-	if err != nil {
-		return "", err
-	}
-
-	for _, record := range records {
-		if record.Host == acme.UnFqdn(fqdn) && record.Type == "TXT" {
-			return record.RecordID, nil
-		}
-	}
-
-	return "", fmt.Errorf("no existing record found for %s", fqdn)
-}
-
-func (d *DNSProvider) addTxtRecord(zoneID, fqdn, value string, ttl int) error {
-	id, err := strconv.Atoi(zoneID)
-	if err != nil {
-		return err
-	}
-
-	payload := cloudXNSRecord{
-		ID:     id,
-		Host:   acme.UnFqdn(fqdn),
-		Value:  value,
-		Type:   "TXT",
-		LineID: 1,
-		TTL:    ttl,
-	}
-
-	body, err := json.Marshal(payload)
-	if err != nil {
-		return err
-	}
-
-	_, err = d.makeRequest(http.MethodPost, "record", body)
-	return err
-}
-
-func (d *DNSProvider) delTxtRecord(recordID, zoneID string) error {
-	_, err := d.makeRequest(http.MethodDelete, fmt.Sprintf("record/%s/%s", recordID, zoneID), nil)
-	return err
-}
-
-func (d *DNSProvider) hmac(url, date, body string) string {
-	sum := md5.Sum([]byte(d.apiKey + url + body + date + d.secretKey))
-	return hex.EncodeToString(sum[:])
-}
-
-func (d *DNSProvider) makeRequest(method, uri string, body []byte) (json.RawMessage, error) {
-	type APIResponse struct {
-		Code    int             `json:"code"`
-		Message string          `json:"message"`
-		Data    json.RawMessage `json:"data,omitempty"`
-	}
-
-	url := cloudXNSBaseURL + uri
-	req, err := http.NewRequest(method, url, bytes.NewReader(body))
-	if err != nil {
-		return nil, err
-	}
-
-	requestDate := time.Now().Format(time.RFC1123Z)
-
-	req.Header.Set("API-KEY", d.apiKey)
-	req.Header.Set("API-REQUEST-DATE", requestDate)
-	req.Header.Set("API-HMAC", d.hmac(url, requestDate, string(body)))
-	req.Header.Set("API-FORMAT", "json")
-
-	resp, err := acme.HTTPClient.Do(req)
-	if err != nil {
-		return nil, err
-	}
-
-	defer resp.Body.Close()
-
-	var r APIResponse
-	err = json.NewDecoder(resp.Body).Decode(&r)
-	if err != nil {
-		return nil, err
-	}
-
-	if r.Code != 1 {
-		return nil, fmt.Errorf("CloudXNS API Error: %s", r.Message)
-	}
-	return r.Data, nil
-}
-
-type cloudXNSRecord struct {
-	ID       int    `json:"domain_id,omitempty"`
-	RecordID string `json:"record_id,omitempty"`
-
-	Host   string `json:"host"`
-	Value  string `json:"value"`
-	Type   string `json:"type"`
-	LineID int    `json:"line_id,string"`
-	TTL    int    `json:"ttl,string"`
+// Timeout returns the timeout and interval to use when checking for DNS propagation.
+// Adjusting here to cope with spikes in propagation times.
+func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
+	return d.config.PropagationTimeout, d.config.PollingInterval
 }