* Adding output of which envvars are missing in Cloudflare dns provider
* go fmt, duh
* Fixing & adding test(s)
* Adding azure missing env vars checking
* Fixing test
* Doh, fixing up expected output
* Add dns provider duckdns see http://www.duckdns.org/spec.jsp for more info
* Add DNS challenge provider 'exec' (#508)
As discussed in #505, this commits adds a very simple DNS provider which
calls out to an external program which must then add or remove the DNS
record.
* Update duckdns to support caddy, and cleanup some comments
As discussed in #505, this commits adds a very simple DNS provider which
calls out to an external program which must then add or remove the DNS
record.
If Dyn responds with a 3xx or 4xx status code, information describing exactly
what went wrong is generally included in the body of the response (as part of
the typical Dyn JSON response). On the other hand, if Dyn responds with a 5xx
status code, we very likely have extremely limited information.
This commit modifies the reporting to display the explanatory messages included
in the body of the Dyn response for 3xx and 4xx status codes. The intent is to
make it much easier to determine what might be going wrong (when something is
going wrong).
The `acme.NewClient` function's `caDirURL` argument is expected to be
the full path to the ACME server's directory endpoint. In the README
example of using Lego programmatically against a Boulder instance only
the hostname & port are provided but not the directory path:
`"http://192.168.99.100:4000"`
This produces an error like:
```
2018/01/15 14:34:06 get directory at 'http://192.168.99.100:4000': invalid
character '<' looking for beginning of value
```
When used verbatim with a Boulder container since the `/directory` is
missing and "What is an ACME server" HTML index page is returned.
This commit updates the example to use:
`"http://192.168.99.100:4000/directory"`
Which allows the example code to work with Boulder as-intended.
* Fix zone detection for cross-zone cnames
CNAMEs cannot co-exist with SOA records so responses with
a CNAME should be skipped.
The `cross-zone-example.assets.sh.` is currently hosted by
me (@fd) and will continue to exist for as long as the assets.sh
domain exists. (The assets.sh domain is used as a CDN and is unlikely
to go away.)
See #330
* Extracted CNAME checking to simplify the FindZoneByFqdn control flow.
They will not get anymore an error message saying
"Could not find the start of authority".
Finding the zone cut of a FQDN now only rely on the presence
of a SOA record. Indeed, in the context of an eTLD the
authority will be the eTLD itself so you need to continue
to recurse until you get an answer instead of cutting the search
when you find the public suffix of a domain.
Fixes#434
* Dockerfile broken with old alpine version with old go
3.4 no longer works with error
```
package context: unrecognized import path "context" (import path does not begin with hostname)
```
3.5 with no changes did not work with error
```
# runtime/cgo
/tmp/go-build671992352/runtime/cgo/_obj/_cgo_export.c:2:20: fatal error: stdlib.h: No such file or directory
#include <stdlib.h>
^
compilation terminated.
```
3.6 with no changes did not work with error:
```
# github.com/xenolf/lego
/usr/lib/go/pkg/tool/linux_amd64/link: running gcc failed: exit status 1
/usr/lib/gcc/x86_64-alpine-linux-musl/6.3.0/../../../../x86_64-alpine-linux-musl/bin/ld: cannot find Scrt1.o: No such file or directory
/usr/lib/gcc/x86_64-alpine-linux-musl/6.3.0/../../../../x86_64-alpine-linux-musl/bin/ld: cannot find crti.o: No such file or directory
/usr/lib/gcc/x86_64-alpine-linux-musl/6.3.0/../../../../x86_64-alpine-linux-musl/bin/ld: cannot find -lpthread
/usr/lib/gcc/x86_64-alpine-linux-musl/6.3.0/../../../../x86_64-alpine-linux-musl/bin/ld: cannot find -lssp_nonshared
collect2: error: ld returned 1 exit status
```
* Fix git tag to freeze successfully builded image.
Fix git tag to freeze successfully builded image (prevents issues with newer versions in the future, plus uses stable release)
* Update Dockerfile according to PR comments
* Forgot /go in rm
* Bump lego version
* Add otc provider.
* Added tests for provider otc.
* Format dns_providers
* fix getZoneId
* Add for tests for provider otc.
* Add proxy to transport in otc provider.
* Use DefaultTransport in otc provider.
* Make loginRequest private in provider otc.
* better error handling in provider otc.
* add more tests for provider otc.
* dns/route53: Allow specifying hosted zone ID
This commit adds support for specifying hosted zone ID via the
environment variable AWS_HOSTED_ZONE_ID. If this is not specified, the
previous discovery process is used.
This is useful in environments where multiple hosted zones for the same
domain name are present in an account.
* dns/route53: Fix up getHostedZoneID method params
Now that getHostedZoneID is a method on the DNSProvider struct, there is
no reason for it to take the Route53 client as a parameter - we can
simply use the reference stored in the struct.
The help documentation still points to the old environment variable
(DNSIMPLE_API_KEY) so attempts that use that fail with: `DNSimple OAuth token is missing`.
This updates it with the correct key `DNSIMPLE_OAUTH_TOKEN`.
* Move nonce retry from jws to http
The error raised by an "invalid nonce" response never appeared
inside jws.go, but instead it was handled at http.go, so it makes
sense to move the retry logic to that file. The previous code from
jws.go had no effect and did not solve issues related to invalid
nonces.
* Rename retry response variable name for clarity
