diff --git a/.golangci.toml b/.golangci.toml index e7a9a5602bb..e7e21518cae 100644 --- a/.golangci.toml +++ b/.golangci.toml @@ -125,7 +125,10 @@ text = "(tlsFeatureExtensionOID|ocspMustStapleFeature) is a global variable" [[issues.exclude-rules]] path = "challenge/dns01/nameserver.go" - text = "(defaultNameservers|recursiveNameservers|dnsTimeout|fqdnSoaCache|muFqdnSoaCache) is a global variable" + text = "(defaultNameservers|recursiveNameservers|fqdnSoaCache|muFqdnSoaCache) is a global variable" + [[issues.exclude-rules]] + path = "challenge/dns01/nameserver_.+.go" + text = "dnsTimeout is a global variable" [[issues.exclude-rules]] path = "challenge/dns01/nameserver_test.go" text = "findXByFqdnTestCases is a global variable" diff --git a/challenge/dns01/dns_challenge.go b/challenge/dns01/dns_challenge.go index 310d8250659..ca24e7af70d 100644 --- a/challenge/dns01/dns_challenge.go +++ b/challenge/dns01/dns_challenge.go @@ -176,24 +176,33 @@ func GetRecord(domain, keyAuth string) (fqdn, value string) { keyAuthShaBytes := sha256.Sum256([]byte(keyAuth)) // base64URL encoding without padding value = base64.RawURLEncoding.EncodeToString(keyAuthShaBytes[:sha256.Size]) - fqdn = fmt.Sprintf("_acme-challenge.%s.", domain) + + fqdn = getChallengeFqdn(domain) + + return +} + +func getChallengeFqdn(domain string) string { + fqdn := fmt.Sprintf("_acme-challenge.%s.", domain) if ok, _ := strconv.ParseBool(os.Getenv("LEGO_DISABLE_CNAME_SUPPORT")); ok { - return + return fqdn } // recursion counter so it doesn't spin out of control for limit := 0; limit < 50; limit++ { // Keep following CNAMEs r, err := dnsQuery(fqdn, dns.TypeCNAME, recursiveNameservers, true) + // Check if the domain has CNAME then use that if err == nil && r.Rcode == dns.RcodeSuccess { fqdn = updateDomainWithCName(r, fqdn) - } else { - // No more CNAME records to follow, exit - return + continue } + + // No more CNAME records to follow, exit + break } - return + return fqdn } diff --git a/challenge/dns01/nameserver.go b/challenge/dns01/nameserver.go index a6947e9c271..4762dc574be 100644 --- a/challenge/dns01/nameserver.go +++ b/challenge/dns01/nameserver.go @@ -13,9 +13,6 @@ import ( const defaultResolvConf = "/etc/resolv.conf" -// dnsTimeout is used to override the default DNS timeout of 10 seconds. -var dnsTimeout = 10 * time.Second - var ( fqdnSoaCache = map[string]*soaCacheEntry{} muFqdnSoaCache sync.Mutex diff --git a/challenge/dns01/nameserver_unix.go b/challenge/dns01/nameserver_unix.go new file mode 100644 index 00000000000..a3cbad13a7f --- /dev/null +++ b/challenge/dns01/nameserver_unix.go @@ -0,0 +1,8 @@ +//go:build !windows + +package dns01 + +import "time" + +// dnsTimeout is used to override the default DNS timeout of 10 seconds. +var dnsTimeout = 10 * time.Second diff --git a/challenge/dns01/nameserver_windows.go b/challenge/dns01/nameserver_windows.go new file mode 100644 index 00000000000..b4f6bc6f12a --- /dev/null +++ b/challenge/dns01/nameserver_windows.go @@ -0,0 +1,6 @@ +//go:build windows + +package dns01 + +// dnsTimeout is used to override the default DNS timeout of 20 seconds. +var dnsTimeout = 20 * time.Second diff --git a/providers/dns/versio/versio_test.go b/providers/dns/versio/versio_test.go index 026a20d4a51..7144d43a89f 100644 --- a/providers/dns/versio/versio_test.go +++ b/providers/dns/versio/versio_test.go @@ -2,6 +2,7 @@ package versio import ( "fmt" + "io" "net/http" "net/http/httptest" "testing" @@ -231,7 +232,10 @@ func muxSuccess() *http.ServeMux { }) mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { - log.Printf("Not Found for Request: (%+v)\n\n", r) + log.Printf("unexpected request: %+v\n\n", r) + data, _ := io.ReadAll(r.Body) + defer func() { _ = r.Body.Close() }() + log.Println(string(data)) http.NotFound(w, r) }) @@ -267,6 +271,14 @@ func muxFailToCreateTXT() *http.ServeMux { w.WriteHeader(http.StatusBadRequest) }) + mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { + log.Printf("unexpected request: %+v\n\n", r) + data, _ := io.ReadAll(r.Body) + defer func() { _ = r.Body.Close() }() + log.Println(string(data)) + http.NotFound(w, r) + }) + return mux }