Merge v1.7.0 into master

vendor/github.com/vulcand/oxy/buffer/buffer.go

@@ -216,7 +216,7 @@ func (b *Buffer) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	}
 
 	if err := b.checkLimit(req); err != nil {
-		log.Errorf("vulcand/oxy/buffer: request body over limit, err: %v", err)
+		b.log.Errorf("vulcand/oxy/buffer: request body over limit, err: %v", err)
 		b.errHandler.ServeHTTP(w, req, err)
 		return
 	}
@@ -239,7 +239,7 @@ func (b *Buffer) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 		if body != nil {
 			errClose := body.Close()
 			if errClose != nil {
-				log.Errorf("vulcand/oxy/buffer: failed to close body, err: %v", errClose)
+				b.log.Errorf("vulcand/oxy/buffer: failed to close body, err: %v", errClose)
 			}
 		}
 	}()
@@ -417,7 +417,7 @@ func (b *bufferWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) {
 		return conn, rw, err
 	}
 	b.log.Warningf("Upstream ResponseWriter of type %v does not implement http.Hijacker. Returning dummy channel.", reflect.TypeOf(b.responseWriter))
-	return nil, nil, fmt.Errorf("the response writer wrapped in this proxy does not implement http.Hijacker. Its type is: %v”", reflect.TypeOf(b.responseWriter))
+	return nil, nil, fmt.Errorf("the response writer wrapped in this proxy does not implement http.Hijacker. Its type is: %v", reflect.TypeOf(b.responseWriter))
 }
 
 // SizeErrHandler Size error handler

vendor/github.com/vulcand/oxy/cbreaker/fallback.go

@@ -51,7 +51,7 @@ func (f *ResponseFallback) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	w.WriteHeader(f.r.StatusCode)
 	_, err := w.Write(f.r.Body)
 	if err != nil {
-		log.Errorf("vulcand/oxy/fallback/response: failed to write response, err: %v", err)
+		f.log.Errorf("vulcand/oxy/fallback/response: failed to write response, err: %v", err)
 	}
 }
 
@@ -100,6 +100,6 @@ func (f *RedirectFallback) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	w.WriteHeader(http.StatusFound)
 	_, err := w.Write([]byte(http.StatusText(http.StatusFound)))
 	if err != nil {
-		log.Errorf("vulcand/oxy/fallback/redirect: failed to write response, err: %v", err)
+		f.log.Errorf("vulcand/oxy/fallback/redirect: failed to write response, err: %v", err)
 	}
 }

vendor/github.com/vulcand/oxy/forward/fwd.go

@@ -349,17 +349,17 @@ func (f *httpForwarder) serveWebSocket(w http.ResponseWriter, req *http.Request,
 		if resp == nil {
 			ctx.errHandler.ServeHTTP(w, req, err)
 		} else {
-			log.Errorf("vulcand/oxy/forward/websocket: Error dialing %q: %v with resp: %d %s", outReq.Host, err, resp.StatusCode, resp.Status)
+			f.log.Errorf("vulcand/oxy/forward/websocket: Error dialing %q: %v with resp: %d %s", outReq.Host, err, resp.StatusCode, resp.Status)
 			hijacker, ok := w.(http.Hijacker)
 			if !ok {
-				log.Errorf("vulcand/oxy/forward/websocket: %s can not be hijack", reflect.TypeOf(w))
+				f.log.Errorf("vulcand/oxy/forward/websocket: %s can not be hijack", reflect.TypeOf(w))
 				ctx.errHandler.ServeHTTP(w, req, err)
 				return
 			}
 
 			conn, _, errHijack := hijacker.Hijack()
 			if errHijack != nil {
-				log.Errorf("vulcand/oxy/forward/websocket: Failed to hijack responseWriter")
+				f.log.Errorf("vulcand/oxy/forward/websocket: Failed to hijack responseWriter")
 				ctx.errHandler.ServeHTTP(w, req, errHijack)
 				return
 			}
@@ -367,7 +367,7 @@ func (f *httpForwarder) serveWebSocket(w http.ResponseWriter, req *http.Request,
 
 			errWrite := resp.Write(conn)
 			if errWrite != nil {
-				log.Errorf("vulcand/oxy/forward/websocket: Failed to forward response")
+				f.log.Errorf("vulcand/oxy/forward/websocket: Failed to forward response")
 				ctx.errHandler.ServeHTTP(w, req, errWrite)
 				return
 			}
@@ -385,7 +385,7 @@ func (f *httpForwarder) serveWebSocket(w http.ResponseWriter, req *http.Request,
 
 	underlyingConn, err := upgrader.Upgrade(w, req, resp.Header)
 	if err != nil {
-		log.Errorf("vulcand/oxy/forward/websocket: Error while upgrading connection : %v", err)
+		f.log.Errorf("vulcand/oxy/forward/websocket: Error while upgrading connection : %v", err)
 		return
 	}
 	defer func() {

vendor/github.com/xenolf/lego/acme/client.go

@@ -593,7 +593,7 @@ func (c *Client) solveChallengeForAuthz(authorizations []authorization) error {
 		}
 	}
 
-	// for all valid presolvers, first submit the challenges so they have max time to propigate
+	// for all valid presolvers, first submit the challenges so they have max time to propagate
 	for _, item := range authSolvers {
 		authz := item.authz
 		i := item.challengeIndex

vendor/github.com/xenolf/lego/acme/dns_challenge.go

@@ -30,6 +30,9 @@ const (
 
 	// DefaultPollingInterval default polling interval
 	DefaultPollingInterval = 2 * time.Second
+
+	// DefaultTTL default TTL
+	DefaultTTL = 120
 )
 
 var defaultNameservers = []string{
@@ -67,7 +70,7 @@ func DNS01Record(domain, keyAuth string) (fqdn string, value string, ttl int) {
 	keyAuthShaBytes := sha256.Sum256([]byte(keyAuth))
 	// base64URL encoding without padding
 	value = base64.RawURLEncoding.EncodeToString(keyAuthShaBytes[:sha256.Size])
-	ttl = 120
+	ttl = DefaultTTL
 	fqdn = fmt.Sprintf("_acme-challenge.%s.", domain)
 	return
 }
@@ -149,6 +152,7 @@ func checkDNSPropagation(fqdn, value string) (bool, error) {
 	if err != nil {
 		return false, err
 	}
+
 	if r.Rcode == dns.RcodeSuccess {
 		// If we see a CNAME here then use the alias
 		for _, rr := range r.Answer {

vendor/github.com/xenolf/lego/log/logger.go

@@ -6,7 +6,17 @@ import (
 )
 
 // Logger is an optional custom logger.
-var Logger = log.New(os.Stdout, "", log.LstdFlags)
+var Logger StdLogger = log.New(os.Stdout, "", log.LstdFlags)
+
+// StdLogger interface for Standard Logger.
+type StdLogger interface {
+	Fatal(args ...interface{})
+	Fatalln(args ...interface{})
+	Fatalf(format string, args ...interface{})
+	Print(args ...interface{})
+	Println(args ...interface{})
+	Printf(format string, args ...interface{})
+}
 
 // Fatal writes a log entry.
 // It uses Logger if not nil, otherwise it uses the default log.Logger.

vendor/github.com/xenolf/lego/providers/dns/azure/azure.go

@@ -127,7 +127,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 
 	_, err = rsc.CreateOrUpdate(ctx, d.config.ResourceGroup, zone, relative, dns.TXT, rec, "", "")
-	return fmt.Errorf("azure: %v", err)
+	if err != nil {
+		return fmt.Errorf("azure: %v", err)
+	}
+	return nil
 }
 
 // CleanUp removes the TXT record matching the specified parameters
@@ -150,7 +153,10 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	rsc.Authorizer = autorest.NewBearerAuthorizer(spt)
 
 	_, err = rsc.Delete(ctx, d.config.ResourceGroup, zone, relative, dns.TXT, "")
-	return fmt.Errorf("azure: %v", err)
+	if err != nil {
+		return fmt.Errorf("azure: %v", err)
+	}
+	return nil
 }
 
 // Checks that azure has a zone for this domain name.

vendor/github.com/xenolf/lego/providers/dns/gcloud/googlecloud.go

@@ -131,26 +131,33 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("googlecloud: %v", err)
 	}
 
+	// Look for existing records.
+	existing, err := d.findTxtRecords(zone, fqdn)
+	if err != nil {
+		return fmt.Errorf("googlecloud: %v", err)
+	}
+
 	rec := &dns.ResourceRecordSet{
 		Name:    fqdn,
 		Rrdatas: []string{value},
 		Ttl:     int64(d.config.TTL),
 		Type:    "TXT",
 	}
-	change := &dns.Change{
-		Additions: []*dns.ResourceRecordSet{rec},
-	}
 
-	// Look for existing records.
-	existing, err := d.findTxtRecords(zone, fqdn)
-	if err != nil {
-		return fmt.Errorf("googlecloud: %v", err)
-	}
+	change := &dns.Change{}
+
 	if len(existing) > 0 {
 		// Attempt to delete the existing records when adding our new one.
 		change.Deletions = existing
+
+		// Append existing TXT record data to the new TXT record data
+		for _, value := range existing {
+			rec.Rrdatas = append(rec.Rrdatas, value.Rrdatas...)
+		}
 	}
 
+	change.Additions = []*dns.ResourceRecordSet{rec}
+
 	chg, err := d.client.Changes.Create(d.config.Project, zone, change).Do()
 	if err != nil {
 		return fmt.Errorf("googlecloud: %v", err)
@@ -188,7 +195,10 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	}
 
 	_, err = d.client.Changes.Create(d.config.Project, zone, &dns.Change{Deletions: records}).Do()
-	return fmt.Errorf("googlecloud: %v", err)
+	if err != nil {
+		return fmt.Errorf("googlecloud: %v", err)
+	}
+	return nil
 }
 
 // Timeout customizes the timeout values used by the ACME package for checking

vendor/github.com/xenolf/lego/providers/dns/iij/iij.go

@@ -76,7 +76,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	_, value, _ := acme.DNS01Record(domain, keyAuth)
 
 	err := d.addTxtRecord(domain, value)
-	return fmt.Errorf("iij: %v", err)
+	if err != nil {
+		return fmt.Errorf("iij: %v", err)
+	}
+	return nil
 }
 
 // CleanUp removes the TXT record matching the specified parameters
@@ -84,7 +87,10 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	_, value, _ := acme.DNS01Record(domain, keyAuth)
 
 	err := d.deleteTxtRecord(domain, value)
-	return fmt.Errorf("iij: %v", err)
+	if err != nil {
+		return fmt.Errorf("iij: %v", err)
+	}
+	return nil
 }
 
 func (d *DNSProvider) addTxtRecord(domain, value string) error {

vendor/github.com/xenolf/lego/providers/dns/ns1/ns1.go

@@ -85,7 +85,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	fqdn, value, _ := acme.DNS01Record(domain, keyAuth)
 
-	zone, err := d.getHostedZone(domain)
+	zone, err := d.getHostedZone(fqdn)
 	if err != nil {
 		return fmt.Errorf("ns1: %v", err)
 	}
@@ -93,7 +93,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := d.newTxtRecord(zone, fqdn, value, d.config.TTL)
 	_, err = d.client.Records.Create(record)
 	if err != nil && err != rest.ErrRecordExists {
-		return fmt.Errorf("ns1: %v", err)
+		return fmt.Errorf("ns1: failed to create record [zone: %q, fqdn: %q]: %v", zone.Zone, fqdn, err)
 	}
 
 	return nil
@@ -103,14 +103,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	fqdn, _, _ := acme.DNS01Record(domain, keyAuth)
 
-	zone, err := d.getHostedZone(domain)
+	zone, err := d.getHostedZone(fqdn)
 	if err != nil {
 		return fmt.Errorf("ns1: %v", err)
 	}
 
 	name := acme.UnFqdn(fqdn)
 	_, err = d.client.Records.Delete(zone.Zone, name, "TXT")
-	return fmt.Errorf("ns1: %v", err)
+	return fmt.Errorf("ns1: failed to delete record [zone: %q, domain: %q]: %v", zone.Zone, name, err)
 }
 
 // Timeout returns the timeout and interval to use when checking for DNS propagation.
@@ -119,15 +119,15 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 	return d.config.PropagationTimeout, d.config.PollingInterval
 }
 
-func (d *DNSProvider) getHostedZone(domain string) (*dns.Zone, error) {
-	authZone, err := getAuthZone(domain)
+func (d *DNSProvider) getHostedZone(fqdn string) (*dns.Zone, error) {
+	authZone, err := getAuthZone(fqdn)
 	if err != nil {
-		return nil, fmt.Errorf("ns1: %v", err)
+		return nil, fmt.Errorf("failed to extract auth zone from fqdn %q: %v", fqdn, err)
 	}
 
 	zone, _, err := d.client.Zones.Get(authZone)
 	if err != nil {
-		return nil, fmt.Errorf("ns1: %v", err)
+		return nil, fmt.Errorf("failed to get zone [authZone: %q, fqdn: %q]: %v", authZone, fqdn, err)
 	}
 
 	return zone, nil
@@ -139,11 +139,7 @@ func getAuthZone(fqdn string) (string, error) {
 		return "", err
 	}
 
-	if strings.HasSuffix(authZone, ".") {
-		authZone = authZone[:len(authZone)-len(".")]
-	}
-
-	return authZone, err
+	return strings.TrimSuffix(authZone, "."), nil
 }
 
 func (d *DNSProvider) newTxtRecord(zone *dns.Zone, fqdn, value string, ttl int) *dns.Record {