From eaee39e534b195ff611fc79bbd59b68d79659a91 Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Wed, 27 Mar 2019 11:18:04 +0100 Subject: [PATCH] fix: update lego. --- Gopkg.lock | 7 +- Gopkg.toml | 4 +- docs/configuration/acme.md | 1 + .../acme/api/internal/sender/useragent.go | 4 +- .../lego/providers/dns/dns_providers.go | 3 + .../go-acme/lego/providers/dns/dode/client.go | 57 ++++++++++++ .../go-acme/lego/providers/dns/dode/dode.go | 89 +++++++++++++++++++ .../lego/providers/dns/hostingde/hostingde.go | 4 +- .../go-acme/lego/providers/dns/pdns/client.go | 2 +- .../go-acme/lego/providers/dns/pdns/pdns.go | 18 +++- webui/Dockerfile | 2 +- 11 files changed, 179 insertions(+), 12 deletions(-) create mode 100644 vendor/github.com/go-acme/lego/providers/dns/dode/client.go create mode 100644 vendor/github.com/go-acme/lego/providers/dns/dode/dode.go diff --git a/Gopkg.lock b/Gopkg.lock index 9a0d158e3..9ba833fbf 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -594,7 +594,6 @@ revision = "73d445a93680fa1a78ae23a5839bad48f32ba1ee" [[projects]] - branch = "master" name = "github.com/go-acme/lego" packages = [ "acme", @@ -632,6 +631,7 @@ "providers/dns/dnsmadeeasy", "providers/dns/dnsmadeeasy/internal", "providers/dns/dnspod", + "providers/dns/dode", "providers/dns/dreamhost", "providers/dns/duckdns", "providers/dns/dyn", @@ -677,7 +677,8 @@ "providers/dns/zoneee", "registration" ] - revision = "11ddd58253974c38f1b84cca1129da48cb82dff7" + revision = "aaecc1ca7254190b71c5f01f57ee3bb6701bc937" + version = "v2.4.0" [[projects]] branch = "fork-containous" @@ -1916,6 +1917,6 @@ [solve-meta] analyzer-name = "dep" analyzer-version = 1 - inputs-digest = "f63ec47121609bae0d1fb226078acda9556528924ca9ec03aea716d42036f6aa" + inputs-digest = "e1f276078ea628ca8cc597040e41a6a56d9b64e1dcc96bfdc99004171b848bd0" solver-name = "gps-cdcl" solver-version = 1 diff --git a/Gopkg.toml b/Gopkg.toml index 7b0378b4c..b5f736b90 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -186,9 +186,9 @@ name = "github.com/vulcand/oxy" [[constraint]] - branch = "master" +# branch = "master" name = "github.com/go-acme/lego" -# version = "2.4.0" + version = "2.4.0" [[constraint]] name = "google.golang.org/grpc" diff --git a/docs/configuration/acme.md b/docs/configuration/acme.md index 7f4fa7a7a..59fd135b2 100644 --- a/docs/configuration/acme.md +++ b/docs/configuration/acme.md @@ -291,6 +291,7 @@ For example, `CF_API_EMAIL_FILE=/run/secrets/traefik_cf-api-email` could be used | [DNSimple](https://dnsimple.com) | `dnsimple` | `DNSIMPLE_OAUTH_TOKEN`, `DNSIMPLE_BASE_URL` | YES | | [DNS Made Easy](https://dnsmadeeasy.com) | `dnsmadeeasy` | `DNSMADEEASY_API_KEY`, `DNSMADEEASY_API_SECRET`, `DNSMADEEASY_SANDBOX` | Not tested yet | | [DNSPod](https://www.dnspod.com/) | `dnspod` | `DNSPOD_API_KEY` | Not tested yet | +| [Domain Offensive (do.de)](https://www.do.de/) | `dode` | `DODE_TOKEN` | YES | | [DreamHost](https://www.dreamhost.com/) | `dreamhost` | `DREAMHOST_API_KEY` | YES | | [Duck DNS](https://www.duckdns.org/) | `duckdns` | `DUCKDNS_TOKEN` | YES | | [Dyn](https://dyn.com) | `dyn` | `DYN_CUSTOMER_NAME`, `DYN_USER_NAME`, `DYN_PASSWORD` | Not tested yet | diff --git a/vendor/github.com/go-acme/lego/acme/api/internal/sender/useragent.go b/vendor/github.com/go-acme/lego/acme/api/internal/sender/useragent.go index b8d84a0f4..822ea5b11 100644 --- a/vendor/github.com/go-acme/lego/acme/api/internal/sender/useragent.go +++ b/vendor/github.com/go-acme/lego/acme/api/internal/sender/useragent.go @@ -5,10 +5,10 @@ package sender const ( // ourUserAgent is the User-Agent of this underlying library package. - ourUserAgent = "xenolf-acme/2.3.0" + ourUserAgent = "xenolf-acme/2.4.0" // ourUserAgentComment is part of the UA comment linked to the version status of this underlying library package. // values: detach|release // NOTE: Update this with each tagged release. - ourUserAgentComment = "detach" + ourUserAgentComment = "release" ) diff --git a/vendor/github.com/go-acme/lego/providers/dns/dns_providers.go b/vendor/github.com/go-acme/lego/providers/dns/dns_providers.go index 62bc40dec..a8def0919 100644 --- a/vendor/github.com/go-acme/lego/providers/dns/dns_providers.go +++ b/vendor/github.com/go-acme/lego/providers/dns/dns_providers.go @@ -19,6 +19,7 @@ import ( "github.com/go-acme/lego/providers/dns/dnsimple" "github.com/go-acme/lego/providers/dns/dnsmadeeasy" "github.com/go-acme/lego/providers/dns/dnspod" + "github.com/go-acme/lego/providers/dns/dode" "github.com/go-acme/lego/providers/dns/dreamhost" "github.com/go-acme/lego/providers/dns/duckdns" "github.com/go-acme/lego/providers/dns/dyn" @@ -91,6 +92,8 @@ func NewDNSChallengeProviderByName(name string) (challenge.Provider, error) { return dnsmadeeasy.NewDNSProvider() case "dnspod": return dnspod.NewDNSProvider() + case "dode": + return dode.NewDNSProvider() case "dreamhost": return dreamhost.NewDNSProvider() case "duckdns": diff --git a/vendor/github.com/go-acme/lego/providers/dns/dode/client.go b/vendor/github.com/go-acme/lego/providers/dns/dode/client.go new file mode 100644 index 000000000..193b5160d --- /dev/null +++ b/vendor/github.com/go-acme/lego/providers/dns/dode/client.go @@ -0,0 +1,57 @@ +package dode + +import ( + "encoding/json" + "fmt" + "io/ioutil" + "net/url" + + "github.com/go-acme/lego/challenge/dns01" +) + +type apiResponse struct { + Domain string + Success bool +} + +// updateTxtRecord Update the domains TXT record +// To update the TXT record we just need to make one simple get request. +func (d *DNSProvider) updateTxtRecord(fqdn, token, txt string, clear bool) error { + u, _ := url.Parse("https://www.do.de/api/letsencrypt") + + query := u.Query() + query.Set("token", token) + query.Set("domain", dns01.UnFqdn(fqdn)) + + // api call differs per set/delete + if clear { + query.Set("action", "delete") + } else { + query.Set("value", txt) + } + + u.RawQuery = query.Encode() + + response, err := d.config.HTTPClient.Get(u.String()) + if err != nil { + return err + } + defer response.Body.Close() + + bodyBytes, err := ioutil.ReadAll(response.Body) + if err != nil { + return err + } + + var r apiResponse + err = json.Unmarshal(bodyBytes, &r) + if err != nil { + return fmt.Errorf("request to change TXT record for do.de returned the following invalid json (%s); used url [%s]", string(bodyBytes), u) + } + + body := string(bodyBytes) + if !r.Success { + return fmt.Errorf("request to change TXT record for do.de returned the following error result (%s); used url [%s]", body, u) + } + return nil +} diff --git a/vendor/github.com/go-acme/lego/providers/dns/dode/dode.go b/vendor/github.com/go-acme/lego/providers/dns/dode/dode.go new file mode 100644 index 000000000..693543a77 --- /dev/null +++ b/vendor/github.com/go-acme/lego/providers/dns/dode/dode.go @@ -0,0 +1,89 @@ +// Package dode implements a DNS provider for solving the DNS-01 challenge using do.de. +package dode + +import ( + "errors" + "fmt" + "net/http" + "time" + + "github.com/go-acme/lego/challenge/dns01" + "github.com/go-acme/lego/platform/config/env" +) + +// Config is used to configure the creation of the DNSProvider +type Config struct { + Token string + PropagationTimeout time.Duration + PollingInterval time.Duration + SequenceInterval time.Duration + HTTPClient *http.Client +} + +// NewDefaultConfig returns a default configuration for the DNSProvider +func NewDefaultConfig() *Config { + return &Config{ + PropagationTimeout: env.GetOrDefaultSecond("DODE_PROPAGATION_TIMEOUT", dns01.DefaultPropagationTimeout), + PollingInterval: env.GetOrDefaultSecond("DODE_POLLING_INTERVAL", dns01.DefaultPollingInterval), + SequenceInterval: env.GetOrDefaultSecond("DODE_SEQUENCE_INTERVAL", dns01.DefaultPropagationTimeout), + HTTPClient: &http.Client{ + Timeout: env.GetOrDefaultSecond("DODE_HTTP_TIMEOUT", 30*time.Second), + }, + } +} + +// DNSProvider adds and removes the record for the DNS challenge +type DNSProvider struct { + config *Config +} + +// NewDNSProvider returns a new DNS provider using +// environment variable DODE_TOKEN for adding and removing the DNS record. +func NewDNSProvider() (*DNSProvider, error) { + values, err := env.Get("DODE_TOKEN") + if err != nil { + return nil, fmt.Errorf("do.de: %v", err) + } + + config := NewDefaultConfig() + config.Token = values["DODE_TOKEN"] + + return NewDNSProviderConfig(config) +} + +// NewDNSProviderConfig return a DNSProvider instance configured for do.de. +func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { + if config == nil { + return nil, errors.New("do.de: the configuration of the DNS provider is nil") + } + + if config.Token == "" { + return nil, errors.New("do.de: credentials missing") + } + + return &DNSProvider{config: config}, nil +} + +// Present creates a TXT record to fulfill the dns-01 challenge. +func (d *DNSProvider) Present(domain, token, keyAuth string) error { + fqdn, txtRecord := dns01.GetRecord(domain, keyAuth) + return d.updateTxtRecord(fqdn, d.config.Token, txtRecord, false) +} + +// CleanUp clears TXT record +func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { + fqdn, _ := dns01.GetRecord(domain, keyAuth) + return d.updateTxtRecord(fqdn, d.config.Token, "", true) +} + +// Timeout returns the timeout and interval to use when checking for DNS propagation. +// Adjusting here to cope with spikes in propagation times. +func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { + return d.config.PropagationTimeout, d.config.PollingInterval +} + +// Sequential All DNS challenges for this provider will be resolved sequentially. +// Returns the interval between each iteration. +func (d *DNSProvider) Sequential() time.Duration { + return d.config.SequenceInterval +} diff --git a/vendor/github.com/go-acme/lego/providers/dns/hostingde/hostingde.go b/vendor/github.com/go-acme/lego/providers/dns/hostingde/hostingde.go index 817622c3e..4a00f0451 100644 --- a/vendor/github.com/go-acme/lego/providers/dns/hostingde/hostingde.go +++ b/vendor/github.com/go-acme/lego/providers/dns/hostingde/hostingde.go @@ -91,7 +91,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error { zonesFind := ZoneConfigsFindRequest{ Filter: Filter{ Field: "zoneName", - Value: domain, + Value: d.config.ZoneName, }, Limit: 1, Page: 1, @@ -151,7 +151,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { zonesFind := ZoneConfigsFindRequest{ Filter: Filter{ Field: "zoneName", - Value: domain, + Value: d.config.ZoneName, }, Limit: 1, Page: 1, diff --git a/vendor/github.com/go-acme/lego/providers/dns/pdns/client.go b/vendor/github.com/go-acme/lego/providers/dns/pdns/client.go index 4b58159ca..c66181eff 100644 --- a/vendor/github.com/go-acme/lego/providers/dns/pdns/client.go +++ b/vendor/github.com/go-acme/lego/providers/dns/pdns/client.go @@ -127,7 +127,7 @@ func (d *DNSProvider) findTxtRecord(fqdn string) (*rrSet, error) { } } - return nil, fmt.Errorf("no existing record found for %s", fqdn) + return nil, nil } func (d *DNSProvider) getAPIVersion() (int, error) { diff --git a/vendor/github.com/go-acme/lego/providers/dns/pdns/pdns.go b/vendor/github.com/go-acme/lego/providers/dns/pdns/pdns.go index 997d9998a..87adedb2a 100644 --- a/vendor/github.com/go-acme/lego/providers/dns/pdns/pdns.go +++ b/vendor/github.com/go-acme/lego/providers/dns/pdns/pdns.go @@ -121,6 +121,19 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error { TTL: d.config.TTL, } + // Look for existing records. + existingRrSet, err := d.findTxtRecord(fqdn) + if err != nil { + return fmt.Errorf("pdns: %v", err) + } + + // merge the existing and new records + var records []Record + if existingRrSet != nil { + records = existingRrSet.Records + } + records = append(records, rec) + rrsets := rrSets{ RRSets: []rrSet{ { @@ -129,7 +142,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error { Type: "TXT", Kind: "Master", TTL: d.config.TTL, - Records: []Record{rec}, + Records: records, }, }, } @@ -159,6 +172,9 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { if err != nil { return fmt.Errorf("pdns: %v", err) } + if set == nil { + return fmt.Errorf("pdns: no existing record found for %s", fqdn) + } rrsets := rrSets{ RRSets: []rrSet{ diff --git a/webui/Dockerfile b/webui/Dockerfile index bcd201dcf..ad5d90f09 100644 --- a/webui/Dockerfile +++ b/webui/Dockerfile @@ -1,4 +1,4 @@ -FROM node:6.9.1 +FROM node:6.16.0 ENV WEBUI_DIR /src/webui RUN mkdir -p $WEBUI_DIR