From b668bde5e4b782e3a7553397d0cec3ed0fa29b8f Mon Sep 17 00:00:00 2001
From: tbe <loki@lokis-chaos.de>
Date: Thu, 21 Mar 2019 15:46:21 +0100
Subject: [PATCH] pdns: fix wildcard with SANs (#837)

The current implementation of the DNS challenge does not allow
to set multiple TXT records at once.

As PowerDNS has the concept of record sets, and so all records
for the same type and name must set during one call, we would override
existing records.

To avoid this, we merge the new TXT record with existing ones
---
 providers/dns/pdns/client.go |  2 +-
 providers/dns/pdns/pdns.go   | 18 +++++++++++++++++-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/providers/dns/pdns/client.go b/providers/dns/pdns/client.go
index 4b58159c..c66181ef 100644
--- a/providers/dns/pdns/client.go
+++ b/providers/dns/pdns/client.go
@@ -127,7 +127,7 @@ func (d *DNSProvider) findTxtRecord(fqdn string) (*rrSet, error) {
 		}
 	}
 
-	return nil, fmt.Errorf("no existing record found for %s", fqdn)
+	return nil, nil
 }
 
 func (d *DNSProvider) getAPIVersion() (int, error) {
diff --git a/providers/dns/pdns/pdns.go b/providers/dns/pdns/pdns.go
index 997d9998..87adedb2 100644
--- a/providers/dns/pdns/pdns.go
+++ b/providers/dns/pdns/pdns.go
@@ -121,6 +121,19 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		TTL:  d.config.TTL,
 	}
 
+	// Look for existing records.
+	existingRrSet, err := d.findTxtRecord(fqdn)
+	if err != nil {
+		return fmt.Errorf("pdns: %v", err)
+	}
+
+	// merge the existing and new records
+	var records []Record
+	if existingRrSet != nil {
+		records = existingRrSet.Records
+	}
+	records = append(records, rec)
+
 	rrsets := rrSets{
 		RRSets: []rrSet{
 			{
@@ -129,7 +142,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 				Type:       "TXT",
 				Kind:       "Master",
 				TTL:        d.config.TTL,
-				Records:    []Record{rec},
+				Records:    records,
 			},
 		},
 	}
@@ -159,6 +172,9 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	if err != nil {
 		return fmt.Errorf("pdns: %v", err)
 	}
+	if set == nil {
+		return fmt.Errorf("pdns: no existing record found for %s", fqdn)
+	}
 
 	rrsets := rrSets{
 		RRSets: []rrSet{