zishuo/nip
1
0
Fork 0
mirror of https://github.com/cunnie/sslip.io.git synced 2025-10-08 00:51:04 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Custom DNS/HTTP server combo updates TXT record

Browse Source 
This is an [acme-dns](https://github.com/joohoi/acme-dns)-compatible
webserver that allows you to update the TXT record to verify domain
ownership to the certificate authority in order to procure a wildcard
certificate.
This commit is contained in:
Brian Cunnie
2021-01-09 12:14:04 -08:00
parent 0614f2b059
commit be1803de6d
1 changed files with 46 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
bosh-release/src/wildcard-dns-http-server/main.go
View File

@@ -1,8 +1,13 @@
package main package main
import ( import (
"encoding/json"
"errors"
"fmt"
"io/ioutil"
"log" "log"
"net" "net"
"net/http"
"sync" "sync"
"golang.org/x/net/dns/dnsmessage" "golang.org/x/net/dns/dnsmessage"
@@ -10,6 +15,11 @@ import (
var txt = `Set this TXT record: curl -X POST http://localhost/update -d '{"txt":"Certificate Authority's validation token"}'` var txt = `Set this TXT record: curl -X POST http://localhost/update -d '{"txt":"Certificate Authority's validation token"}'`
// Txt is for parsing the JSON POST to set the DNS TXT record
type Txt struct {
Txt string
}
func main() { func main() {
conn, err := net.ListenUDP("udp", &net.UDPAddr{Port: 53}) conn, err := net.ListenUDP("udp", &net.UDPAddr{Port: 53})
if err != nil { if err != nil {
@@ -46,7 +56,7 @@ func dnsServer(conn *net.UDPConn, group *sync.WaitGroup) {
log.Printf("I expected one question but got %d.\n", len(query.Questions)) log.Printf("I expected one question but got %d.\n", len(query.Questions))
continue continue
} }
// We only return answers to TXT records, nothing else // We only return answers to TXT queries, nothing else
if query.Questions[0].Type != dnsmessage.TypeTXT { if query.Questions[0].Type != dnsmessage.TypeTXT {
log.Println("I expected a question for a TypeTXT record but got a question for a " + query.Questions[0].Type.String() + " record.") log.Println("I expected a question for a TypeTXT record but got a question for a " + query.Questions[0].Type.String() + " record.")
continue continue
@@ -87,4 +97,39 @@ func dnsServer(conn *net.UDPConn, group *sync.WaitGroup) {
func httpServer(group *sync.WaitGroup) { func httpServer(group *sync.WaitGroup) {
defer group.Done() defer group.Done()
log.Println("I'm firing up the HTTP server.") log.Println("I'm firing up the HTTP server.")
http.HandleFunc("/", usageHandler)
http.HandleFunc("/update", updateTxtHandler)
log.Fatal(http.ListenAndServe(":80", nil))
}
func usageHandler(w http.ResponseWriter, r *http.Request) {
_, err := fmt.Fprintln(w, `Set the TXT record: curl -X POST http://localhost/update -d '{"txt":"Certificate Authority's validation token"}'`)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
log.Println(err.Error())
}
}
func updateTxtHandler(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
err := errors.New("/update requires POST method, not " + r.Method + " method")
http.Error(w, err.Error(), http.StatusBadRequest)
log.Println(err.Error())
return
}
body, err := ioutil.ReadAll(r.Body)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
log.Println(err.Error())
return
}
var updateTxt Txt
err = json.Unmarshal(body, &updateTxt)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
log.Println(err.Error())
return
}
// this is the money shot, where we update the DNS TXT record to what was in the POST request
txt = updateTxt.Txt
} }