potyarkin/lego
1
0
Fork 0
forked from TrueCloudLab/lego
Code Pull requests Activity

rfc2136: fix TSIG secret (#1633)

Browse source
This commit is contained in:
Ludovic Fernandez 2022-04-27 17:46:39 +02:00 committed by GitHub
parent 3694559777
commit 5228f6dbcf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Makefile
View file

@ -20,7 +20,7 @@ clean:
build: clean
@echo Version: $(VERSION)
go build -v -trimpath -ldflags '-X "main.version=${VERSION}"' -o ${BIN_OUTPUT} ${MAIN_DIRECTORY}
go build -trimpath -ldflags '-X "main.version=${VERSION}"' -o ${BIN_OUTPUT} ${MAIN_DIRECTORY}
image:
@echo Version: $(VERSION)

7
providers/dns/rfc2136/rfc2136.go
View file

@ -180,10 +180,13 @@ func (d *DNSProvider) changeRecord(action, fqdn, value string, ttl int) error {
// TSIG authentication / msg signing
if len(d.config.TSIGKey) > 0 && len(d.config.TSIGSecret) > 0 {
key := dns.Fqdn(d.config.TSIGKey)
key := strings.ToLower(dns.Fqdn(d.config.TSIGKey))
alg := dns.Fqdn(d.config.TSIGAlgorithm)
m.SetTsig(key, alg, 300, time.Now().Unix())
c.TsigSecret = map[string]string{dns.Fqdn(d.config.TSIGKey): d.config.TSIGSecret}
// secret(s) for Tsig map[<zonename>]<base64 secret>,
// zonename must be in canonical form (lowercase, fqdn, see RFC 4034 Section 6.2)
c.TsigSecret = map[string]string{key: d.config.TSIGSecret}
}
// Send the query