summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/xenolf/lego
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/xenolf/lego')
-rw-r--r--vendor/github.com/xenolf/lego/.travis.yml2
-rw-r--r--vendor/github.com/xenolf/lego/acme/dns_challenge.go13
-rw-r--r--vendor/github.com/xenolf/lego/acme/dns_challenge_test.go9
-rw-r--r--vendor/github.com/xenolf/lego/cli_handlers.go11
-rw-r--r--vendor/github.com/xenolf/lego/providers/dns/dns_providers.go3
-rw-r--r--vendor/github.com/xenolf/lego/providers/dns/godaddy/godaddy.go155
-rw-r--r--vendor/github.com/xenolf/lego/providers/dns/godaddy/godaddy_test.go60
7 files changed, 228 insertions, 25 deletions
diff --git a/vendor/github.com/xenolf/lego/.travis.yml b/vendor/github.com/xenolf/lego/.travis.yml
index ff9ae963a..8cf9aed1b 100644
--- a/vendor/github.com/xenolf/lego/.travis.yml
+++ b/vendor/github.com/xenolf/lego/.travis.yml
@@ -1,7 +1,7 @@
language: go
go:
-- 1.7
- 1.8
+- 1.9
- tip
services:
- memcached
diff --git a/vendor/github.com/xenolf/lego/acme/dns_challenge.go b/vendor/github.com/xenolf/lego/acme/dns_challenge.go
index 7c4cb80de..133739748 100644
--- a/vendor/github.com/xenolf/lego/acme/dns_challenge.go
+++ b/vendor/github.com/xenolf/lego/acme/dns_challenge.go
@@ -11,7 +11,6 @@ import (
"time"
"github.com/miekg/dns"
- "golang.org/x/net/publicsuffix"
)
type preCheckDNSFunc func(fqdn, value string) (bool, error)
@@ -242,10 +241,6 @@ func FindZoneByFqdn(fqdn string, nameservers []string) (string, error) {
labelIndexes := dns.Split(fqdn)
for _, index := range labelIndexes {
domain := fqdn[index:]
- // Give up if we have reached the TLD
- if isTLD(domain) {
- break
- }
in, err := dnsQuery(domain, dns.TypeSOA, nameservers, true)
if err != nil {
@@ -273,14 +268,6 @@ func FindZoneByFqdn(fqdn string, nameservers []string) (string, error) {
return "", fmt.Errorf("Could not find the start of authority")
}
-func isTLD(domain string) bool {
- publicsuffix, _ := publicsuffix.PublicSuffix(UnFqdn(domain))
- if publicsuffix == UnFqdn(domain) {
- return true
- }
- return false
-}
-
// ClearFqdnCache clears the cache of fqdn to zone mappings. Primarily used in testing.
func ClearFqdnCache() {
fqdnToZone = map[string]string{}
diff --git a/vendor/github.com/xenolf/lego/acme/dns_challenge_test.go b/vendor/github.com/xenolf/lego/acme/dns_challenge_test.go
index 597aaac17..4a2a7feac 100644
--- a/vendor/github.com/xenolf/lego/acme/dns_challenge_test.go
+++ b/vendor/github.com/xenolf/lego/acme/dns_challenge_test.go
@@ -37,14 +37,6 @@ var lookupNameserversTestsErr = []struct {
{"_null.n0n0.",
"Could not determine the zone",
},
- // invalid domain
- {"_null.com.",
- "Could not determine the zone",
- },
- // invalid domain
- {"in-valid.co.uk.",
- "Could not determine the zone",
- },
}
var findZoneByFqdnTests = []struct {
@@ -53,6 +45,7 @@ var findZoneByFqdnTests = []struct {
}{
{"mail.google.com.", "google.com."}, // domain is a CNAME
{"foo.google.com.", "google.com."}, // domain is a non-existent subdomain
+ {"example.com.ac.", "ac."}, // domain is a eTLD
}
var checkAuthoritativeNssTests = []struct {
diff --git a/vendor/github.com/xenolf/lego/cli_handlers.go b/vendor/github.com/xenolf/lego/cli_handlers.go
index 79bbb37e5..b8790c4b2 100644
--- a/vendor/github.com/xenolf/lego/cli_handlers.go
+++ b/vendor/github.com/xenolf/lego/cli_handlers.go
@@ -329,8 +329,10 @@ func run(c *cli.Context) error {
}
func revoke(c *cli.Context) error {
-
- conf, _, client := setup(c)
+ conf, acc, client := setup(c)
+ if acc.Registration == nil {
+ logger().Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", acc.Email)
+ }
err := checkFolder(conf.CertPath())
if err != nil {
@@ -355,7 +357,10 @@ func revoke(c *cli.Context) error {
}
func renew(c *cli.Context) error {
- conf, _, client := setup(c)
+ conf, acc, client := setup(c)
+ if acc.Registration == nil {
+ logger().Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", acc.Email)
+ }
if len(c.GlobalStringSlice("domains")) <= 0 {
logger().Fatal("Please specify at least one domain.")
diff --git a/vendor/github.com/xenolf/lego/providers/dns/dns_providers.go b/vendor/github.com/xenolf/lego/providers/dns/dns_providers.go
index 94c8879b2..d7530f788 100644
--- a/vendor/github.com/xenolf/lego/providers/dns/dns_providers.go
+++ b/vendor/github.com/xenolf/lego/providers/dns/dns_providers.go
@@ -15,6 +15,7 @@ import (
"github.com/xenolf/lego/providers/dns/dyn"
"github.com/xenolf/lego/providers/dns/exoscale"
"github.com/xenolf/lego/providers/dns/gandi"
+ "github.com/xenolf/lego/providers/dns/godaddy"
"github.com/xenolf/lego/providers/dns/googlecloud"
"github.com/xenolf/lego/providers/dns/linode"
"github.com/xenolf/lego/providers/dns/namecheap"
@@ -54,6 +55,8 @@ func NewDNSChallengeProviderByName(name string) (acme.ChallengeProvider, error)
provider, err = gandi.NewDNSProvider()
case "gcloud":
provider, err = googlecloud.NewDNSProvider()
+ case "godaddy":
+ provider, err = godaddy.NewDNSProvider()
case "linode":
provider, err = linode.NewDNSProvider()
case "manual":
diff --git a/vendor/github.com/xenolf/lego/providers/dns/godaddy/godaddy.go b/vendor/github.com/xenolf/lego/providers/dns/godaddy/godaddy.go
new file mode 100644
index 000000000..4112f6628
--- /dev/null
+++ b/vendor/github.com/xenolf/lego/providers/dns/godaddy/godaddy.go
@@ -0,0 +1,155 @@
+// Package godaddy implements a DNS provider for solving the DNS-01 challenge using godaddy DNS.
+package godaddy
+
+import (
+ "fmt"
+ "io"
+ "net/http"
+ "os"
+ "time"
+
+ "bytes"
+ "encoding/json"
+ "github.com/xenolf/lego/acme"
+ "io/ioutil"
+ "strings"
+)
+
+// GoDaddyAPIURL represents the API endpoint to call.
+const apiURL = "https://api.godaddy.com"
+
+// DNSProvider is an implementation of the acme.ChallengeProvider interface
+type DNSProvider struct {
+ apiKey string
+ apiSecret string
+}
+
+// NewDNSProvider returns a DNSProvider instance configured for godaddy.
+// Credentials must be passed in the environment variables: GODADDY_API_KEY
+// and GODADDY_API_SECRET.
+func NewDNSProvider() (*DNSProvider, error) {
+ apikey := os.Getenv("GODADDY_API_KEY")
+ secret := os.Getenv("GODADDY_API_SECRET")
+ return NewDNSProviderCredentials(apikey, secret)
+}
+
+// NewDNSProviderCredentials uses the supplied credentials to return a
+// DNSProvider instance configured for godaddy.
+func NewDNSProviderCredentials(apiKey, apiSecret string) (*DNSProvider, error) {
+ if apiKey == "" || apiSecret == "" {
+ return nil, fmt.Errorf("GoDaddy credentials missing")
+ }
+
+ return &DNSProvider{apiKey, apiSecret}, nil
+}
+
+// Timeout returns the timeout and interval to use when checking for DNS
+// propagation. Adjusting here to cope with spikes in propagation times.
+func (c *DNSProvider) Timeout() (timeout, interval time.Duration) {
+ return 120 * time.Second, 2 * time.Second
+}
+
+func (c *DNSProvider) extractRecordName(fqdn, domain string) string {
+ name := acme.UnFqdn(fqdn)
+ if idx := strings.Index(name, "."+domain); idx != -1 {
+ return name[:idx]
+ }
+ return name
+}
+
+// Present creates a TXT record to fulfil the dns-01 challenge
+func (c *DNSProvider) Present(domain, token, keyAuth string) error {
+ fqdn, value, ttl := acme.DNS01Record(domain, keyAuth)
+ domainZone, err := c.getZone(fqdn)
+ if err != nil {
+ return err
+ }
+
+ if ttl < 600 {
+ ttl = 600
+ }
+
+ recordName := c.extractRecordName(fqdn, domainZone)
+ rec := []DNSRecord{
+ {
+ Type: "TXT",
+ Name: recordName,
+ Data: value,
+ Ttl: ttl,
+ },
+ }
+
+ return c.updateRecords(rec, domainZone, recordName)
+}
+
+func (c *DNSProvider) updateRecords(records []DNSRecord, domainZone string, recordName string) error {
+ body, err := json.Marshal(records)
+ if err != nil {
+ return err
+ }
+
+ var resp *http.Response
+ resp, err = c.makeRequest("PUT", fmt.Sprintf("/v1/domains/%s/records/TXT/%s", domainZone, recordName), bytes.NewReader(body))
+ if err != nil {
+ return err
+ }
+
+ defer resp.Body.Close()
+
+ if resp.StatusCode != http.StatusOK {
+ bodyBytes, _ := ioutil.ReadAll(resp.Body)
+ return fmt.Errorf("Could not create record %v; Status: %v; Body: %s\n", string(body), resp.StatusCode, string(bodyBytes))
+ }
+ return nil
+}
+
+// CleanUp sets null value in the TXT DNS record as GoDaddy has no proper DELETE record method
+func (c *DNSProvider) CleanUp(domain, token, keyAuth string) error {
+ fqdn, _, _ := acme.DNS01Record(domain, keyAuth)
+ domainZone, err := c.getZone(fqdn)
+ if err != nil {
+ return err
+ }
+
+ recordName := c.extractRecordName(fqdn, domainZone)
+ rec := []DNSRecord{
+ {
+ Type: "TXT",
+ Name: recordName,
+ Data: "null",
+ },
+ }
+
+ return c.updateRecords(rec, domainZone, recordName)
+}
+
+func (c *DNSProvider) getZone(fqdn string) (string, error) {
+ authZone, err := acme.FindZoneByFqdn(fqdn, acme.RecursiveNameservers)
+ if err != nil {
+ return "", err
+ }
+
+ return acme.UnFqdn(authZone), nil
+}
+
+func (c *DNSProvider) makeRequest(method, uri string, body io.Reader) (*http.Response, error) {
+ req, err := http.NewRequest(method, fmt.Sprintf("%s%s", apiURL, uri), body)
+ if err != nil {
+ return nil, err
+ }
+
+ req.Header.Set("Accept", "application/json")
+ req.Header.Set("Content-Type", "application/json")
+ req.Header.Set("Authorization", fmt.Sprintf("sso-key %s:%s", c.apiKey, c.apiSecret))
+
+ client := http.Client{Timeout: 30 * time.Second}
+ return client.Do(req)
+}
+
+type DNSRecord struct {
+ Type string `json:"type"`
+ Name string `json:"name"`
+ Data string `json:"data"`
+ Priority int `json:"priority,omitempty"`
+ Ttl int `json:"ttl,omitempty"`
+}
diff --git a/vendor/github.com/xenolf/lego/providers/dns/godaddy/godaddy_test.go b/vendor/github.com/xenolf/lego/providers/dns/godaddy/godaddy_test.go
new file mode 100644
index 000000000..de84d827e
--- /dev/null
+++ b/vendor/github.com/xenolf/lego/providers/dns/godaddy/godaddy_test.go
@@ -0,0 +1,60 @@
+package godaddy
+
+import (
+ "os"
+ "testing"
+
+ "github.com/stretchr/testify/assert"
+)
+
+var (
+ godaddyAPIKey string
+ godaddyAPISecret string
+ godaddyDomain string
+ godaddyLiveTest bool
+)
+
+func init() {
+ godaddyAPIKey = os.Getenv("GODADDY_API_KEY")
+ godaddyAPISecret = os.Getenv("GODADDY_API_SECRET")
+ godaddyDomain = os.Getenv("GODADDY_DOMAIN")
+
+ if len(godaddyAPIKey) > 0 && len(godaddyAPISecret) > 0 && len(godaddyDomain) > 0 {
+ godaddyLiveTest = true
+ }
+}
+
+func TestNewDNSProvider(t *testing.T) {
+ provider, err := NewDNSProvider()
+
+ if !godaddyLiveTest {
+ assert.Error(t, err)
+ } else {
+ assert.NotNil(t, provider)
+ assert.NoError(t, err)
+ }
+}
+
+func TestDNSProvider_Present(t *testing.T) {
+ if !godaddyLiveTest {
+ t.Skip("skipping live test")
+ }
+
+ provider, err := NewDNSProvider()
+ assert.NoError(t, err)
+
+ err = provider.Present(godaddyDomain, "", "123d==")
+ assert.NoError(t, err)
+}
+
+func TestDNSProvider_CleanUp(t *testing.T) {
+ if !godaddyLiveTest {
+ t.Skip("skipping live test")
+ }
+
+ provider, err := NewDNSProvider()
+ assert.NoError(t, err)
+
+ err = provider.CleanUp(godaddyDomain, "", "123d==")
+ assert.NoError(t, err)
+}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-03 08:06:00 +0000