summaryrefslogtreecommitdiffstats
path: root/doc/ssh_api_example
diff options
context:
space:
mode:
authorvg <vgm+dev@devys.org>2019-05-21 17:22:44 +0200
committervg <vgm+dev@devys.org>2019-05-21 17:22:44 +0200
commitc8fa357699e03dab78cbd15fcbe4876eb2348242 (patch)
treeb554c17884cb18d4ef9b233cbc6d57c9c34922dc /doc/ssh_api_example
parent1a3b1960e27037bb7330630cbfe42935e61481a5 (diff)
downloadacme-dns-tiny-c8fa357699e03dab78cbd15fcbe4876eb2348242.tar.gz
acme-dns-tiny-c8fa357699e03dab78cbd15fcbe4876eb2348242.tar.bz2
acme-dns-tiny-c8fa357699e03dab78cbd15fcbe4876eb2348242.zip
fix update-acme-challenge in examples
Diffstat (limited to 'doc/ssh_api_example')
-rwxr-xr-xdoc/ssh_api_example/update-acme-challenge16
1 files changed, 9 insertions, 7 deletions
diff --git a/doc/ssh_api_example/update-acme-challenge b/doc/ssh_api_example/update-acme-challenge
index 39b90d0..3fd0c28 100755
--- a/doc/ssh_api_example/update-acme-challenge
+++ b/doc/ssh_api_example/update-acme-challenge
@@ -8,7 +8,7 @@ Takes json in stdin to modify a challenge in a zone txt record.
Usage: update-acme-challenge --zones=ZONES
Options:
- --zones comma separated list of authorized zones to be changed
+ --zones=ZONES json object: {"zone-to-check": "zone-to-modify"}
Json format:
{
@@ -29,19 +29,20 @@ def nsupdate(zone, challenge):
content = f'''
server ::1
del {zone} TXT
- add {zone} TXT "{challenge}"
+ add {zone} 60 TXT "{challenge}"
send
'''
- subprocess.run(['nsupdate'], check=True, input=content)
+ subprocess.run(['nsupdate'], check=True, input=content, encoding='utf8')
def main():
args = docopt.docopt(__doc__)
- jsonmap = json.load(sys.stdin.read())
+ jsonmap = json.loads(sys.stdin.read())
- zones = [x.strip() for x in args['--zones'].split(',')]
+ zones = json.loads(args['--zones'])
zone = jsonmap.get('zone', '')
+ zone = zone[:-1] if zone.endswith('.') else zone
if zone not in zones:
raise ValueError(f'not permitted to modify zone {zone}')
@@ -50,10 +51,11 @@ def main():
raise ValueError(f'bad value for action content: {action}')
challenge = jsonmap.get('challenge', '')
- if not all(x.isalnum() or x in ('+', '/') for x in challenge):
+ if not all(x.isalnum() or x in '_-' for x in challenge):
+ # base64url as in acme spec
raise ValueError('bad format for challenge content')
- nsupdate(zone, challenge if action == 'add' else '')
+ nsupdate(zones[zone], challenge if action == 'add' else '')
main()