pogpp/lego
1
0
Fork 0
forked from TrueCloudLab/lego
Code Pull requests Activity

Base64 encode dns-01 record

Browse source
This commit is contained in:
Jan Broer 2016-01-01 14:36:30 +01:00
parent 468e9a2ede
commit 04e4239653
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
acme/dns_challenge.go
View file

@ -2,11 +2,12 @@ package acme
import ( import (
"crypto/sha256" "crypto/sha256"
"encoding/hex" "encoding/base64"
"encoding/json" "encoding/json"
"errors" "errors"
"fmt" "fmt"
"net/http" "net/http"
"strings"
"time" "time"
) )
@ -34,9 +35,9 @@ func (s *dnsChallenge) Solve(chlng challenge, domain string) error {
} }
keyAuthShaBytes := sha256.Sum256([]byte(keyAuth)) keyAuthShaBytes := sha256.Sum256([]byte(keyAuth))
// FIXME: Currently boulder does not conform to the spec as in it uses hex encoding instead // base64URL encoding without padding
// of the base64 encoding mentioned by the spec. Fix this if either the spec or boulder changes! keyAuthSha := base64.URLEncoding.EncodeToString(keyAuthShaBytes[:sha256.Size])
keyAuthSha := hex.EncodeToString(keyAuthShaBytes[:sha256.Size]) keyAuthSha = strings.TrimRight(keyAuthSha, "=")
fqdn := fmt.Sprintf("_acme-challenge.%s.", domain) fqdn := fmt.Sprintf("_acme-challenge.%s.", domain)
if err = s.provider.CreateTXTRecord(fqdn, keyAuthSha, 120); err != nil { if err = s.provider.CreateTXTRecord(fqdn, keyAuthSha, 120); err != nil {