mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-03-31 08:01:35 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: acme: store the TXT record in auth->token

Browse Source 
In case of dns-01 challenge, replace the token by the TXT record which
is more pertinent and could be used later to verify if the record is
correct.
This commit is contained in:
William Lallemand 2026-03-24 21:51:23 +01:00
parent e418e828aa
commit 5dcfbc5fad
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/acme.c
View File

@ -1730,8 +1730,12 @@ int acme_res_auth(struct task *task, struct acme_ctx *ctx, struct acme_auth *aut
goto error;
}
/* replace the token by the TXT entry */
istfree(&auth->token);
auth->token = istdup(ist2(dns_record->area, dns_record->data));
send_log(NULL, LOG_NOTICE,"acme: %s: dns-01 requires to set the \"_acme-challenge.%.*s\" TXT record to \"%.*s\" and use the \"acme challenge_ready %s domain %.*s\" command over the CLI\n",
ctx->store->path, (int)auth->dns.len, auth->dns.ptr, (int)dns_record->data, dns_record->area, ctx->store->path, (int)auth->dns.len, auth->dns.ptr);
ctx->store->path, (int)auth->dns.len, auth->dns.ptr, (int)auth->token.len, auth->token.ptr, ctx->store->path, (int)auth->dns.len, auth->dns.ptr);
/* dump to the "dpapi" sink */
line[nmsg++] = ist("acme deploy ");