hatter/acme-client-rs
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: add dns.rs

Browse Source
This commit is contained in:
Hatter Jiang
2022-02-05 15:38:13 +08:00
parent 5ebe0a2dae
commit 31e480a7b2
4 changed files with 99 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/acme.rs
View File

@@ -4,11 +4,10 @@ use std::collections::BTreeMap;
use acme_lib::{Directory, create_p256_key, create_p384_key, create_rsa_key};
use acme_lib::persist::FilePersist;
use rust_util::XResult;
use aliyun_openapi_core_rust_sdk::RPClient;
use crate::util::parse_dns_record;
use crate::network::{get_resolver, resolve_first_ipv4};
use crate::ali_dns::{add_txt_dns_record, build_dns_client, delete_dns_record, list_dns, simple_parse_aliyun_supplier};
use crate::config::{AcmeChallenge, AcmeMode};
use crate::dns::{DnsClient, DnsClientFactory, DnsRecord};
use crate::x509::{X509PublicKeyAlgo, X509EcPublicKeyAlgo};
@@ -64,9 +63,9 @@ pub fn request_acme_certificate(acme_request: AcmeRequest, dns_cleaned_domains:
let dir = opt_result!(Directory::from_url(persist, url), "Create directory from url failed: {}");
let acc = opt_result!(dir.account(acme_request.contract_email), "Directory set account failed: {}");
let mut ord_new = opt_result!( acc.new_order(acme_request.primary_name, acme_request.alt_names), "Create order failed: {}");
let ali_yun_client: Option<RPClient> = match acme_request.credential_supplier {
Some(credential_supplier) => Some(build_dns_client(
&opt_result!(simple_parse_aliyun_supplier(credential_supplier), "Parse credential supplier failed: {}"))),
let mut dns_client: Option<Box<dyn DnsClient>> = match acme_request.credential_supplier {
Some(credential_supplier) => Some(
opt_result!(DnsClientFactory::build(credential_supplier), "Build dns client failed: {}")),
None => None,
};
@@ -107,18 +106,16 @@ pub fn request_acme_certificate(acme_request: AcmeRequest, dns_cleaned_domains:
if !dns_cleaned_domains.contains(&rr_and_domain.1) {
information!("Clearing domain: {}", &rr_and_domain.1);
dns_cleaned_domains.push(rr_and_domain.1.clone());
ali_yun_client.as_ref().map(|client| {
match list_dns(client, &rr_and_domain.1) {
dns_client.as_mut().map(|client| {
match client.list_dns(&rr_and_domain.1) {
Err(e) => warning!("List dns for: {}, failed: {}", &rr_and_domain.1, e),
Ok(Err(e)) => warning!("List dns for: {}, failed: {:?}", &rr_and_domain.1, e),
Ok(Ok(s)) => {
for r in &s.domain_records.record {
Ok(records) => {
for r in &records {
let rr = &r.rr;
if rr == "_acme-challenge" || rr.starts_with("_acme-challenge.") {
match delete_dns_record(client, &r.record_id) {
Err(e) => warning!("Delete dns: {}.{}, failed: {}", r.rr, r.domain_name, e),
Ok(Err(e)) => warning!("Delete dns: {}.{}, failed: {:?}", r.rr, r.domain_name, e),
Ok(Ok(_)) => success!("Delete dns: {}.{}", r.rr, r.domain_name),
match client.delete_dns_record(&r.id) {
Err(e) => warning!("Delete dns: {}.{}, failed: {}", r.rr, r.domain, e),
Ok(_) => success!("Delete dns: {}.{}", r.rr, r.domain),
}
}
}
@@ -127,13 +124,18 @@ pub fn request_acme_certificate(acme_request: AcmeRequest, dns_cleaned_domains:
});
}
match &ali_yun_client {
match &mut dns_client {
Some(client) => {
let add_txt_dns_result = opt_result!(add_txt_dns_record(client, &rr_and_domain.1, &rr_and_domain.0, &proof), "Add DNS TXT record failed: {}");
match add_txt_dns_result {
Ok(s) => success!("Add dns txt record successes: {}", s.record_id),
Err(e) => return simple_error!("Add dns txt record failed: {:?}", e),
}
let dns_record = DnsRecord {
id: String::new(),
domain: rr_and_domain.1,
rr: rr_and_domain.0,
r#type: "TXT".into(),
ttl: -1,
value: proof,
};
let _ = opt_result!(client.add_dns_record(&dns_record), "Add DNS TXT record failed: {}");
success!("Add dns txt record successes: {}.{} -> {}", dns_record.rr, dns_record.domain, dns_record.value);
}
None => if acme_request.allow_interact {
let mut line = String::new();