1
1
mirror of https://git.sr.ht/~emersion/tlstunnel synced 2024-11-19 15:53:50 +01:00

Fix ACME DNS challenge for top-level domains in a zone

e.g. "*.emersion.fr" when the zone is "emersion.fr".

Fixes: 662136ea745b ("Add support for ACME DNS hooks")
This commit is contained in:
Simon Ser 2023-01-26 19:14:08 +01:00
parent 662136ea74
commit 86308c9780

18
dns.go

@ -62,10 +62,20 @@ func (provider *commandDNSProvider) DeleteRecords(ctx context.Context, zone stri
} }
func domainFromACMEChallengeRecord(zone string, rec *libdns.Record) (string, error) { func domainFromACMEChallengeRecord(zone string, rec *libdns.Record) (string, error) {
if rec.Type != "TXT" || !strings.HasPrefix(rec.Name, "_acme-challenge.") { relZone := strings.TrimSuffix(zone, ".")
var domain string
if rec.Name == "_acme-challenge" {
// Root domain
domain = relZone
} else if strings.HasPrefix(rec.Name, "_acme-challenge.") {
// Subdomain
relName := strings.TrimPrefix(rec.Name, "_acme-challenge.")
domain = relName + "." + relZone
}
if rec.Type != "TXT" || domain == "" {
return "", fmt.Errorf("DNS record doesn't look like an ACME challenge: %v %v", rec.Type, rec.Name) return "", fmt.Errorf("DNS record doesn't look like an ACME challenge: %v %v", rec.Type, rec.Name)
} }
relName := strings.TrimPrefix(rec.Name, "_acme-challenge.")
relZone := strings.TrimSuffix(zone, ".") return domain, nil
return relName + "." + relZone, nil
} }