diff options
author | vg <vgm+dev@devys.org> | 2019-05-21 17:22:44 +0200 |
---|---|---|
committer | vg <vgm+dev@devys.org> | 2019-05-21 17:22:44 +0200 |
commit | c8fa357699e03dab78cbd15fcbe4876eb2348242 (patch) | |
tree | b554c17884cb18d4ef9b233cbc6d57c9c34922dc /doc/ssh_api_example/update-acme-challenge | |
parent | 1a3b1960e27037bb7330630cbfe42935e61481a5 (diff) | |
download | acme-dns-tiny-c8fa357699e03dab78cbd15fcbe4876eb2348242.tar.gz acme-dns-tiny-c8fa357699e03dab78cbd15fcbe4876eb2348242.tar.bz2 acme-dns-tiny-c8fa357699e03dab78cbd15fcbe4876eb2348242.zip |
fix update-acme-challenge in examples
Diffstat (limited to 'doc/ssh_api_example/update-acme-challenge')
-rwxr-xr-x | doc/ssh_api_example/update-acme-challenge | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/doc/ssh_api_example/update-acme-challenge b/doc/ssh_api_example/update-acme-challenge index 39b90d0..3fd0c28 100755 --- a/doc/ssh_api_example/update-acme-challenge +++ b/doc/ssh_api_example/update-acme-challenge @@ -8,7 +8,7 @@ Takes json in stdin to modify a challenge in a zone txt record. Usage: update-acme-challenge --zones=ZONES Options: - --zones comma separated list of authorized zones to be changed + --zones=ZONES json object: {"zone-to-check": "zone-to-modify"} Json format: { @@ -29,19 +29,20 @@ def nsupdate(zone, challenge): content = f''' server ::1 del {zone} TXT - add {zone} TXT "{challenge}" + add {zone} 60 TXT "{challenge}" send ''' - subprocess.run(['nsupdate'], check=True, input=content) + subprocess.run(['nsupdate'], check=True, input=content, encoding='utf8') def main(): args = docopt.docopt(__doc__) - jsonmap = json.load(sys.stdin.read()) + jsonmap = json.loads(sys.stdin.read()) - zones = [x.strip() for x in args['--zones'].split(',')] + zones = json.loads(args['--zones']) zone = jsonmap.get('zone', '') + zone = zone[:-1] if zone.endswith('.') else zone if zone not in zones: raise ValueError(f'not permitted to modify zone {zone}') @@ -50,10 +51,11 @@ def main(): raise ValueError(f'bad value for action content: {action}') challenge = jsonmap.get('challenge', '') - if not all(x.isalnum() or x in ('+', '/') for x in challenge): + if not all(x.isalnum() or x in '_-' for x in challenge): + # base64url as in acme spec raise ValueError('bad format for challenge content') - nsupdate(zone, challenge if action == 'add' else '') + nsupdate(zones[zone], challenge if action == 'add' else '') main() |