diff options
| author | Wouter Tinus <wouter.tinus@gmail.com> | 2019-10-14 19:51:29 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-10-14 19:51:29 +0200 |
| commit | 4be426d324120fbc11ae2c1aee2a23c40bd7953f (patch) | |
| tree | 75c43063b38d531d4685828a33c0fa0254cb1951 | |
| parent | c2668109b75036e7968a280d7c00f5b450ccdc29 (diff) | |
| parent | 3b373dd8026f8ba971a79a9c28948e418e4d5c55 (diff) | |
| download | letsencrypt-win-simple-4be426d324120fbc11ae2c1aee2a23c40bd7953f.zip letsencrypt-win-simple-4be426d324120fbc11ae2c1aee2a23c40bd7953f.tar.gz letsencrypt-win-simple-4be426d324120fbc11ae2c1aee2a23c40bd7953f.tar.bz2 | |
Merge pull request #1229 from Jaecen/optional-prevalidation
Make DNS pre-validation a configuration option
| -rw-r--r-- | docs/reference/settings.md | 6 | ||||
| -rw-r--r-- | src/main.lib/Plugins/ValidationPlugins/Dns/Acme/Acme.cs | 4 | ||||
| -rw-r--r-- | src/main.lib/Plugins/ValidationPlugins/Dns/DnsValidation.cs | 9 | ||||
| -rw-r--r-- | src/main.lib/Plugins/ValidationPlugins/Dns/Manual/Manual.cs | 8 | ||||
| -rw-r--r-- | src/main.lib/Plugins/ValidationPlugins/Dns/Script/Script.cs | 3 | ||||
| -rw-r--r-- | src/main.lib/Services/SettingsService.cs | 6 | ||||
| -rw-r--r-- | src/main/settings.json | 1 | ||||
| -rw-r--r-- | src/plugin.validation.dns.azure/Azure.cs | 8 | ||||
| -rw-r--r-- | src/plugin.validation.dns.dreamhost/DreamhostDnsValidation.cs | 8 | ||||
| -rw-r--r-- | src/plugin.validation.dns.route53/Route53.cs | 7 |
10 files changed, 49 insertions, 11 deletions
diff --git a/docs/reference/settings.md b/docs/reference/settings.md index 9dabba4..bcff439 100644 --- a/docs/reference/settings.md +++ b/docs/reference/settings.md @@ -247,6 +247,12 @@ Default: `true` If set to `true`, it will cleanup the folder structure and files it creates under the site for authorization. +### `PrevalidateDns` +Default: `true` + +If set to `true`, it will wait until it can verify that the validation record +has been created and is available before beginning DNS validation. + ### `DnsServers` Default: `[ "8.8.8.8", "1.1.1.1", "8.8.4.4" ]` diff --git a/src/main.lib/Plugins/ValidationPlugins/Dns/Acme/Acme.cs b/src/main.lib/Plugins/ValidationPlugins/Dns/Acme/Acme.cs index f5ab732..819d0d6 100644 --- a/src/main.lib/Plugins/ValidationPlugins/Dns/Acme/Acme.cs +++ b/src/main.lib/Plugins/ValidationPlugins/Dns/Acme/Acme.cs @@ -7,7 +7,6 @@ namespace PKISharp.WACS.Plugins.ValidationPlugins.Dns { internal class Acme : DnsValidation<Acme> { - private readonly ISettingsService _settings; private readonly IInputService _input; private readonly ProxyService _proxy; private readonly AcmeOptions _options; @@ -21,11 +20,10 @@ namespace PKISharp.WACS.Plugins.ValidationPlugins.Dns ProxyService proxy, AcmeOptions options, string identifier) : - base(dnsClient, log) + base(dnsClient, log, settings) { _options = options; _identifier = identifier; - _settings = settings; _input = input; _proxy = proxy; } diff --git a/src/main.lib/Plugins/ValidationPlugins/Dns/DnsValidation.cs b/src/main.lib/Plugins/ValidationPlugins/Dns/DnsValidation.cs index 30bf630..6c186f4 100644 --- a/src/main.lib/Plugins/ValidationPlugins/Dns/DnsValidation.cs +++ b/src/main.lib/Plugins/ValidationPlugins/Dns/DnsValidation.cs @@ -16,11 +16,16 @@ namespace PKISharp.WACS.Plugins.ValidationPlugins { protected readonly LookupClientProvider _dnsClientProvider; protected readonly ILogService _log; + protected readonly ISettingsService _settings; - protected DnsValidation(LookupClientProvider dnsClient, ILogService log) + protected DnsValidation( + LookupClientProvider dnsClient, + ILogService log, + ISettingsService settings) { _dnsClientProvider = dnsClient; _log = log; + _settings = settings; } public override async Task PrepareChallenge() @@ -33,7 +38,7 @@ namespace PKISharp.WACS.Plugins.ValidationPlugins var retry = 0; var maxRetries = 5; var retrySeconds = 30; - while (true) + while (_settings.Validation.PrevalidateDns) { if (await PreValidate(retry)) { diff --git a/src/main.lib/Plugins/ValidationPlugins/Dns/Manual/Manual.cs b/src/main.lib/Plugins/ValidationPlugins/Dns/Manual/Manual.cs index f197e18..d9fc670 100644 --- a/src/main.lib/Plugins/ValidationPlugins/Dns/Manual/Manual.cs +++ b/src/main.lib/Plugins/ValidationPlugins/Dns/Manual/Manual.cs @@ -10,8 +10,12 @@ namespace PKISharp.WACS.Plugins.ValidationPlugins.Dns private readonly string _identifier; public Manual( - LookupClientProvider dnsClient, ILogService log, - IInputService input, string identifier) : base(dnsClient, log) + LookupClientProvider dnsClient, + ILogService log, + IInputService input, + ISettingsService settings, + string identifier) + : base(dnsClient, log, settings) { // Usually it's a big no-no to rely on user input in validation plugin // because this should be able to run unattended. This plugin is for testing diff --git a/src/main.lib/Plugins/ValidationPlugins/Dns/Script/Script.cs b/src/main.lib/Plugins/ValidationPlugins/Dns/Script/Script.cs index 9782193..267849b 100644 --- a/src/main.lib/Plugins/ValidationPlugins/Dns/Script/Script.cs +++ b/src/main.lib/Plugins/ValidationPlugins/Dns/Script/Script.cs @@ -18,8 +18,9 @@ namespace PKISharp.WACS.Plugins.ValidationPlugins.Dns ScriptOptions options, LookupClientProvider dnsClient, ILogService log, + ISettingsService settings, string identifier) : - base(dnsClient, log) + base(dnsClient, log, settings) { _identifier = identifier; _options = options; diff --git a/src/main.lib/Services/SettingsService.cs b/src/main.lib/Services/SettingsService.cs index ed5e12c..dafa4f6 100644 --- a/src/main.lib/Services/SettingsService.cs +++ b/src/main.lib/Services/SettingsService.cs @@ -390,6 +390,12 @@ namespace PKISharp.WACS.Services /// </summary> public bool CleanupFolders { get; set; } /// <summary> + /// If set to `true`, it will wait until it can verify that the + /// validation record has been created and is available before + /// beginning DNS validation. + /// </summary> + public bool PrevalidateDns { get; set; } + /// <summary> /// A comma seperated list of servers to query during DNS /// prevalidation checks to verify whether or not the validation /// record has been properly created and is visible for the world. diff --git a/src/main/settings.json b/src/main/settings.json index 3b01184..ee38595 100644 --- a/src/main/settings.json +++ b/src/main/settings.json @@ -52,6 +52,7 @@ }, "Validation": { "CleanupFolders": true, + "PrevalidateDns": true, "DnsServers": [ "8.8.8.8", "1.1.1.1", "8.8.4.4" ] }, "Store": { diff --git a/src/plugin.validation.dns.azure/Azure.cs b/src/plugin.validation.dns.azure/Azure.cs index 912bc0f..b13004a 100644 --- a/src/plugin.validation.dns.azure/Azure.cs +++ b/src/plugin.validation.dns.azure/Azure.cs @@ -14,7 +14,13 @@ namespace PKISharp.WACS.Plugins.ValidationPlugins.Dns private DnsManagementClient _azureDnsClient; private readonly AzureOptions _options; - public Azure(AzureOptions options, LookupClientProvider dnsClient, ILogService log) : base(dnsClient, log) => _options = options; + public Azure( + AzureOptions options, + LookupClientProvider dnsClient, + ILogService log, + ISettingsService settings) + : base(dnsClient, log, settings) + => _options = options; public override async Task CreateRecord(string recordName, string token) { diff --git a/src/plugin.validation.dns.dreamhost/DreamhostDnsValidation.cs b/src/plugin.validation.dns.dreamhost/DreamhostDnsValidation.cs index 8288f7a..8c971b5 100644 --- a/src/plugin.validation.dns.dreamhost/DreamhostDnsValidation.cs +++ b/src/plugin.validation.dns.dreamhost/DreamhostDnsValidation.cs @@ -9,7 +9,13 @@ namespace PKISharp.WACS.Plugins.ValidationPlugins { private readonly DnsManagementClient _client; - public DreamhostDnsValidation(LookupClientProvider dnsClient, ILogService logService, DreamhostOptions options) : base(dnsClient, logService) => _client = new DnsManagementClient(options.ApiKey.Value, logService); + public DreamhostDnsValidation( + LookupClientProvider dnsClient, + ILogService logService, + ISettingsService settings, + DreamhostOptions options) + : base(dnsClient, logService, settings) + => _client = new DnsManagementClient(options.ApiKey.Value, logService); public override Task CreateRecord(string recordName, string token) => _client.CreateRecord(recordName, RecordType.TXT, token); diff --git a/src/plugin.validation.dns.route53/Route53.cs b/src/plugin.validation.dns.route53/Route53.cs index c756270..de67819 100644 --- a/src/plugin.validation.dns.route53/Route53.cs +++ b/src/plugin.validation.dns.route53/Route53.cs @@ -16,7 +16,12 @@ namespace PKISharp.WACS.Plugins.ValidationPlugins.Dns { private readonly IAmazonRoute53 _route53Client; - public Route53(LookupClientProvider dnsClient, ILogService log, Route53Options options) : base(dnsClient, log) + public Route53( + LookupClientProvider dnsClient, + ILogService log, + ISettingsService settings, + Route53Options options) + : base(dnsClient, log, settings) { var region = RegionEndpoint.USEast1; _route53Client = !string.IsNullOrWhiteSpace(options.IAMRole) |