forked from TrueCloudLab/lego
The TTL Min limit should throw an error. (#663)
This commit is contained in:
Ludovic Fernandez
GitHub
parent
a90f03791c
commit
79f14b5ab2
8 changed files with 33 additions and 20 deletions
1
Makefile
1
Makefile
|
|
@ -10,7 +10,6 @@ clean:
|
|||
build: clean
|
||||
go build
|
||||
|
||||
|
||||
dependencies:
|
||||
dep ensure -v
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
// Package acmedns implements a DNS provider for solving DNS-01 challenges using
|
||||
// Joohoi's acme-dns project. For more information see the ACME-DNS homepage:
|
||||
// https://github.com/joohoi/acme-dns
|
||||
// Package acmedns implements a DNS provider for solving DNS-01 challenges using Joohoi's acme-dns project.
|
||||
// For more information see the ACME-DNS homepage: https://github.com/joohoi/acme-dns
|
||||
package acmedns
|
||||
|
||||
import (
|
||||
|
|
|
|||
|
|
@ -85,7 +85,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
}
|
||||
|
||||
if config.TTL < minTTL {
|
||||
config.TTL = minTTL
|
||||
return nil, fmt.Errorf("cloudflare: invalid TTL, TTL (%d) must be greater than %d", config.TTL, minTTL)
|
||||
}
|
||||
|
||||
client, err := cloudflare.New(config.AuthKey, config.AuthEmail, cloudflare.HTTPClient(config.HTTPClient))
|
||||
|
|
|
|||
|
|
@ -86,6 +86,10 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
return nil, fmt.Errorf("godaddy: credentials missing")
|
||||
}
|
||||
|
||||
if config.TTL < minTTL {
|
||||
return nil, fmt.Errorf("godaddy: invalid TTL, TTL (%d) must be greater than %d", config.TTL, minTTL)
|
||||
}
|
||||
|
||||
return &DNSProvider{config: config}, nil
|
||||
}
|
||||
|
||||
|
|
@ -111,10 +115,6 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
|
|||
return err
|
||||
}
|
||||
|
||||
if d.config.TTL < minTTL {
|
||||
d.config.TTL = minTTL
|
||||
}
|
||||
|
||||
recordName := d.extractRecordName(fqdn, domainZone)
|
||||
rec := []DNSRecord{
|
||||
{
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ import (
|
|||
)
|
||||
|
||||
const (
|
||||
dnsMinTTLSecs = 300
|
||||
minTTL = 300
|
||||
dnsUpdateFreqMins = 15
|
||||
dnsUpdateFudgeSecs = 120
|
||||
)
|
||||
|
|
@ -30,7 +30,7 @@ type Config struct {
|
|||
func NewDefaultConfig() *Config {
|
||||
return &Config{
|
||||
PollingInterval: env.GetOrDefaultSecond("LINODE_POLLING_INTERVAL", 15*time.Second),
|
||||
TTL: env.GetOrDefaultInt("LINODE_TTL", 60),
|
||||
TTL: env.GetOrDefaultInt("LINODE_TTL", minTTL),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -79,6 +79,10 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
return nil, errors.New("linode: credentials missing")
|
||||
}
|
||||
|
||||
if config.TTL < minTTL {
|
||||
return nil, fmt.Errorf("linode: invalid TTL, TTL (%d) must be greater than %d", config.TTL, minTTL)
|
||||
}
|
||||
|
||||
return &DNSProvider{
|
||||
config: config,
|
||||
client: dns.New(config.APIKey),
|
||||
|
|
@ -96,7 +100,7 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
|
|||
minsRemaining := dnsUpdateFreqMins - (time.Now().Minute() % dnsUpdateFreqMins)
|
||||
|
||||
timeout = (time.Duration(minsRemaining) * time.Minute) +
|
||||
(dnsMinTTLSecs * time.Second) +
|
||||
(minTTL * time.Second) +
|
||||
(dnsUpdateFudgeSecs * time.Second)
|
||||
interval = d.config.PollingInterval
|
||||
return
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ import (
|
|||
)
|
||||
|
||||
const (
|
||||
dnsMinTTLSecs = 300
|
||||
minTTL = 300
|
||||
dnsUpdateFreqMins = 15
|
||||
dnsUpdateFudgeSecs = 120
|
||||
)
|
||||
|
|
@ -35,7 +35,7 @@ type Config struct {
|
|||
func NewDefaultConfig() *Config {
|
||||
return &Config{
|
||||
PollingInterval: env.GetOrDefaultSecond("LINODE_POLLING_INTERVAL", 15*time.Second),
|
||||
TTL: env.GetOrDefaultInt("LINODE_TTL", 60),
|
||||
TTL: env.GetOrDefaultInt("LINODE_TTL", minTTL),
|
||||
HTTPTimeout: env.GetOrDefaultSecond("LINODE_HTTP_TIMEOUT", 0),
|
||||
}
|
||||
}
|
||||
|
|
@ -75,6 +75,10 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
return nil, errors.New("linodev4: Linode Access Token missing")
|
||||
}
|
||||
|
||||
if config.TTL < minTTL {
|
||||
return nil, fmt.Errorf("linodev4: invalid TTL, TTL (%d) must be greater than %d", config.TTL, minTTL)
|
||||
}
|
||||
|
||||
tokenSource := oauth2.StaticTokenSource(&oauth2.Token{AccessToken: config.Token})
|
||||
oauth2Client := &http.Client{
|
||||
Timeout: config.HTTPTimeout,
|
||||
|
|
@ -103,7 +107,7 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
|
|||
minsRemaining := dnsUpdateFreqMins - (time.Now().Minute() % dnsUpdateFreqMins)
|
||||
|
||||
timeout = (time.Duration(minsRemaining) * time.Minute) +
|
||||
(dnsMinTTLSecs * time.Second) +
|
||||
(minTTL * time.Second) +
|
||||
(dnsUpdateFudgeSecs * time.Second)
|
||||
interval = d.config.PollingInterval
|
||||
return
|
||||
|
|
|
|||
|
|
@ -14,6 +14,9 @@ import (
|
|||
"github.com/xenolf/lego/platform/config/env"
|
||||
)
|
||||
|
||||
// according to https://www.name.com/api-docs/DNS#CreateRecord
|
||||
const minTTL = 300
|
||||
|
||||
// Config is used to configure the creation of the DNSProvider
|
||||
type Config struct {
|
||||
Username string
|
||||
|
|
@ -28,7 +31,7 @@ type Config struct {
|
|||
// NewDefaultConfig returns a default configuration for the DNSProvider
|
||||
func NewDefaultConfig() *Config {
|
||||
return &Config{
|
||||
TTL: env.GetOrDefaultInt("NAMECOM_TTL", 120),
|
||||
TTL: env.GetOrDefaultInt("NAMECOM_TTL", minTTL),
|
||||
PropagationTimeout: env.GetOrDefaultSecond("NAMECOM_PROPAGATION_TIMEOUT", acme.DefaultPropagationTimeout),
|
||||
PollingInterval: env.GetOrDefaultSecond("NAMECOM_POLLING_INTERVAL", acme.DefaultPollingInterval),
|
||||
HTTPClient: &http.Client{
|
||||
|
|
@ -86,6 +89,10 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
return nil, fmt.Errorf("namedotcom: API token is required")
|
||||
}
|
||||
|
||||
if config.TTL < minTTL {
|
||||
return nil, fmt.Errorf("namedotcom: invalid TTL, TTL (%d) must be greater than %d", config.TTL, minTTL)
|
||||
}
|
||||
|
||||
client := namecom.New(config.Username, config.APIToken)
|
||||
client.Client = config.HTTPClient
|
||||
|
||||
|
|
|
|||
|
|
@ -113,6 +113,10 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
return nil, fmt.Errorf("otc: credentials missing")
|
||||
}
|
||||
|
||||
if config.TTL < minTTL {
|
||||
return nil, fmt.Errorf("otc: invalid TTL, TTL (%d) must be greater than %d", config.TTL, minTTL)
|
||||
}
|
||||
|
||||
if config.IdentityEndpoint == "" {
|
||||
config.IdentityEndpoint = defaultIdentityEndpoint
|
||||
}
|
||||
|
|
@ -124,10 +128,6 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
|||
func (d *DNSProvider) Present(domain, token, keyAuth string) error {
|
||||
fqdn, value, _ := acme.DNS01Record(domain, keyAuth)
|
||||
|
||||
if d.config.TTL < minTTL {
|
||||
d.config.TTL = minTTL
|
||||
}
|
||||
|
||||
authZone, err := acme.FindZoneByFqdn(fqdn, acme.RecursiveNameservers)
|
||||
if err != nil {
|
||||
return fmt.Errorf("otc: %v", err)
|
||||
|
|
|
|||
Loading…
Reference in a new issue