Update lego

2018-09-17 15:16:03 +02:00 · 2018-09-17 15:16:03 +02:00 · a80cca95a2
commit a80cca95a2
parent c52f4b043d
57 changed files with 4479 additions and 2319 deletions
--- a/vendor/github.com/xenolf/lego/providers/dns/cloudxns/cloudxns.go
+++ b/vendor/github.com/xenolf/lego/providers/dns/cloudxns/cloudxns.go
@ -1,32 +1,49 @@
 // Package cloudxns implements a DNS provider for solving the DNS-01 challenge
-// using cloudxns DNS.
+// using CloudXNS DNS.
 package cloudxns

 import (
-	"bytes"
-	"crypto/md5"
-	"encoding/hex"
-	"encoding/json"
+	"errors"
 	"fmt"
 	"net/http"
-	"strconv"
 	"time"

 	"github.com/xenolf/lego/acme"
 	"github.com/xenolf/lego/platform/config/env"
 )

-const cloudXNSBaseURL = "https://www.cloudxns.net/api2/"
+// Config is used to configure the creation of the DNSProvider
+type Config struct {
+	APIKey             string
+	SecretKey          string
+	PropagationTimeout time.Duration
+	PollingInterval    time.Duration
+	TTL                int
+	HTTPClient         *http.Client
+}
+
+// NewDefaultConfig returns a default configuration for the DNSProvider
+func NewDefaultConfig() *Config {
+	client := acme.HTTPClient
+	client.Timeout = time.Second * time.Duration(env.GetOrDefaultInt("CLOUDXNS_HTTP_TIMEOUT", 30))
+
+	return &Config{
+		PropagationTimeout: env.GetOrDefaultSecond("AKAMAI_PROPAGATION_TIMEOUT", acme.DefaultPropagationTimeout),
+		PollingInterval:    env.GetOrDefaultSecond("AKAMAI_POLLING_INTERVAL", acme.DefaultPollingInterval),
+		TTL:                env.GetOrDefaultInt("CLOUDXNS_TTL", 120),
+		HTTPClient:         &client,
+	}
+}

 // DNSProvider is an implementation of the acme.ChallengeProvider interface
 type DNSProvider struct {
-	apiKey    string
-	secretKey string
+	config *Config
+	client *Client
 }

-// NewDNSProvider returns a DNSProvider instance configured for cloudxns.
-// Credentials must be passed in the environment variables: CLOUDXNS_API_KEY
-// and CLOUDXNS_SECRET_KEY.
+// NewDNSProvider returns a DNSProvider instance configured for CloudXNS.
+// Credentials must be passed in the environment variables:
+// CLOUDXNS_API_KEY and CLOUDXNS_SECRET_KEY.
 func NewDNSProvider() (*DNSProvider, error) {
 	values, err := env.Get("CLOUDXNS_API_KEY", "CLOUDXNS_SECRET_KEY")
 	if err != nil {
@ -37,177 +54,62 @@ func NewDNSProvider() (*DNSProvider, error) {
 }

 // NewDNSProviderCredentials uses the supplied credentials to return a
-// DNSProvider instance configured for cloudxns.
+// DNSProvider instance configured for CloudXNS.
 func NewDNSProviderCredentials(apiKey, secretKey string) (*DNSProvider, error) {
-	if apiKey == "" || secretKey == "" {
-		return nil, fmt.Errorf("CloudXNS credentials missing")
+	config := NewDefaultConfig()
+	config.APIKey = apiKey
+	config.SecretKey = secretKey
+
+	return NewDNSProviderConfig(config)
+}
+
+// NewDNSProviderConfig return a DNSProvider instance configured for CloudXNS.
+func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
+	if config == nil {
+		return nil, errors.New("CloudXNS: the configuration of the DNS provider is nil")
 	}

-	return &DNSProvider{
-		apiKey:    apiKey,
-		secretKey: secretKey,
-	}, nil
+	client, err := NewClient(config.APIKey, config.SecretKey)
+	if err != nil {
+		return nil, err
+	}
+
+	client.HTTPClient = config.HTTPClient
+
+	return &DNSProvider{client: client}, nil
 }

 // Present creates a TXT record to fulfil the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value, ttl := acme.DNS01Record(domain, keyAuth)
-	zoneID, err := d.getHostedZoneID(fqdn)
+	fqdn, value, _ := acme.DNS01Record(domain, keyAuth)
+
+	info, err := d.client.GetDomainInformation(fqdn)
 	if err != nil {
 		return err
 	}

-	return d.addTxtRecord(zoneID, fqdn, value, ttl)
+	return d.client.AddTxtRecord(info, fqdn, value, d.config.TTL)
 }

 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	fqdn, _, _ := acme.DNS01Record(domain, keyAuth)
-	zoneID, err := d.getHostedZoneID(fqdn)
+
+	info, err := d.client.GetDomainInformation(fqdn)
 	if err != nil {
 		return err
 	}

-	recordID, err := d.findTxtRecord(zoneID, fqdn)
+	record, err := d.client.FindTxtRecord(info.ID, fqdn)
 	if err != nil {
 		return err
 	}

-	return d.delTxtRecord(recordID, zoneID)
+	return d.client.RemoveTxtRecord(record.RecordID, info.ID)
 }

-func (d *DNSProvider) getHostedZoneID(fqdn string) (string, error) {
-	type Data struct {
-		ID     string `json:"id"`
-		Domain string `json:"domain"`
-	}
-
-	authZone, err := acme.FindZoneByFqdn(fqdn, acme.RecursiveNameservers)
-	if err != nil {
-		return "", err
-	}
-
-	result, err := d.makeRequest(http.MethodGet, "domain", nil)
-	if err != nil {
-		return "", err
-	}
-
-	var domains []Data
-	err = json.Unmarshal(result, &domains)
-	if err != nil {
-		return "", err
-	}
-
-	for _, data := range domains {
-		if data.Domain == authZone {
-			return data.ID, nil
-		}
-	}
-
-	return "", fmt.Errorf("zone %s not found in cloudxns for domain %s", authZone, fqdn)
-}
-
-func (d *DNSProvider) findTxtRecord(zoneID, fqdn string) (string, error) {
-	result, err := d.makeRequest(http.MethodGet, fmt.Sprintf("record/%s?host_id=0&offset=0&row_num=2000", zoneID), nil)
-	if err != nil {
-		return "", err
-	}
-
-	var records []cloudXNSRecord
-	err = json.Unmarshal(result, &records)
-	if err != nil {
-		return "", err
-	}
-
-	for _, record := range records {
-		if record.Host == acme.UnFqdn(fqdn) && record.Type == "TXT" {
-			return record.RecordID, nil
-		}
-	}
-
-	return "", fmt.Errorf("no existing record found for %s", fqdn)
-}
-
-func (d *DNSProvider) addTxtRecord(zoneID, fqdn, value string, ttl int) error {
-	id, err := strconv.Atoi(zoneID)
-	if err != nil {
-		return err
-	}
-
-	payload := cloudXNSRecord{
-		ID:     id,
-		Host:   acme.UnFqdn(fqdn),
-		Value:  value,
-		Type:   "TXT",
-		LineID: 1,
-		TTL:    ttl,
-	}
-
-	body, err := json.Marshal(payload)
-	if err != nil {
-		return err
-	}
-
-	_, err = d.makeRequest(http.MethodPost, "record", body)
-	return err
-}
-
-func (d *DNSProvider) delTxtRecord(recordID, zoneID string) error {
-	_, err := d.makeRequest(http.MethodDelete, fmt.Sprintf("record/%s/%s", recordID, zoneID), nil)
-	return err
-}
-
-func (d *DNSProvider) hmac(url, date, body string) string {
-	sum := md5.Sum([]byte(d.apiKey + url + body + date + d.secretKey))
-	return hex.EncodeToString(sum[:])
-}
-
-func (d *DNSProvider) makeRequest(method, uri string, body []byte) (json.RawMessage, error) {
-	type APIResponse struct {
-		Code    int             `json:"code"`
-		Message string          `json:"message"`
-		Data    json.RawMessage `json:"data,omitempty"`
-	}
-
-	url := cloudXNSBaseURL + uri
-	req, err := http.NewRequest(method, url, bytes.NewReader(body))
-	if err != nil {
-		return nil, err
-	}
-
-	requestDate := time.Now().Format(time.RFC1123Z)
-
-	req.Header.Set("API-KEY", d.apiKey)
-	req.Header.Set("API-REQUEST-DATE", requestDate)
-	req.Header.Set("API-HMAC", d.hmac(url, requestDate, string(body)))
-	req.Header.Set("API-FORMAT", "json")
-
-	resp, err := acme.HTTPClient.Do(req)
-	if err != nil {
-		return nil, err
-	}
-
-	defer resp.Body.Close()
-
-	var r APIResponse
-	err = json.NewDecoder(resp.Body).Decode(&r)
-	if err != nil {
-		return nil, err
-	}
-
-	if r.Code != 1 {
-		return nil, fmt.Errorf("CloudXNS API Error: %s", r.Message)
-	}
-	return r.Data, nil
-}
-
-type cloudXNSRecord struct {
-	ID       int    `json:"domain_id,omitempty"`
-	RecordID string `json:"record_id,omitempty"`
-
-	Host   string `json:"host"`
-	Value  string `json:"value"`
-	Type   string `json:"type"`
-	LineID int    `json:"line_id,string"`
-	TTL    int    `json:"ttl,string"`
+// Timeout returns the timeout and interval to use when checking for DNS propagation.
+// Adjusting here to cope with spikes in propagation times.
+func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
+	return d.config.PropagationTimeout, d.config.PollingInterval
 }