mirror of
https://git.sr.ht/~emersion/tlstunnel
synced 2024-11-19 15:53:50 +01:00
Fix ACME DNS challenge for top-level domains in a zone
e.g. "*.emersion.fr" when the zone is "emersion.fr". Fixes: 662136ea745b ("Add support for ACME DNS hooks")
This commit is contained in:
parent
662136ea74
commit
86308c9780
18
dns.go
18
dns.go
@ -62,10 +62,20 @@ func (provider *commandDNSProvider) DeleteRecords(ctx context.Context, zone stri
|
|||||||
}
|
}
|
||||||
|
|
||||||
func domainFromACMEChallengeRecord(zone string, rec *libdns.Record) (string, error) {
|
func domainFromACMEChallengeRecord(zone string, rec *libdns.Record) (string, error) {
|
||||||
if rec.Type != "TXT" || !strings.HasPrefix(rec.Name, "_acme-challenge.") {
|
relZone := strings.TrimSuffix(zone, ".")
|
||||||
|
|
||||||
|
var domain string
|
||||||
|
if rec.Name == "_acme-challenge" {
|
||||||
|
// Root domain
|
||||||
|
domain = relZone
|
||||||
|
} else if strings.HasPrefix(rec.Name, "_acme-challenge.") {
|
||||||
|
// Subdomain
|
||||||
|
relName := strings.TrimPrefix(rec.Name, "_acme-challenge.")
|
||||||
|
domain = relName + "." + relZone
|
||||||
|
}
|
||||||
|
if rec.Type != "TXT" || domain == "" {
|
||||||
return "", fmt.Errorf("DNS record doesn't look like an ACME challenge: %v %v", rec.Type, rec.Name)
|
return "", fmt.Errorf("DNS record doesn't look like an ACME challenge: %v %v", rec.Type, rec.Name)
|
||||||
}
|
}
|
||||||
relName := strings.TrimPrefix(rec.Name, "_acme-challenge.")
|
|
||||||
relZone := strings.TrimSuffix(zone, ".")
|
return domain, nil
|
||||||
return relName + "." + relZone, nil
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user