@certd/acme-client 1.31.6 → 1.31.8

package/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.31.6",
+    "version": "1.31.8",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.31.6",
+        "@certd/basic": "^1.31.8",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -67,5 +67,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "86ca35ce3381b98b455538b11219d9856be5d0d6"
+    "gitHead": "2acaa66635f91b8c169b7e68e08907f233c67c6e"
 }

package/src/util.js

@@ -62,7 +62,7 @@ async function retryPromise(fn, attempts, backoff) {
 
         log(`Promise rejected: ${e.message}`);
         const duration = backoff.duration();
-        log(`attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
+        log(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
 
         await new Promise((resolve) => { setTimeout(resolve, duration); });
         return retryPromise(fn, attempts, backoff);

package/src/verify.js

@@ -82,21 +82,40 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
 }
 
 export async function walkTxtRecord(recordName) {
+
+    const txtRecords = []
     try {
         /* Default DNS resolver first */
-        log('Attempting to resolve TXT with default DNS resolver first');
+        log('从本地DNS服务器获取TXT解析记录');
         const res = await walkDnsChallengeRecord(recordName);
         if (res && res.length > 0) {
-            return res;
+            for (const item of res) {
+                txtRecords.push(item)
+            }
         }
-        throw new Error('No TXT records found');
+
+    } catch (e) {
+        log(`本地获取TXT解析记录失败:${e.message}`)
     }
-    catch (e) {
+
+    try{
         /* Authoritative DNS resolver */
-        log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
+        log(`从域名权威服务器获取TXT解析记录`);
         const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
-        return await walkDnsChallengeRecord(recordName, authoritativeResolver);
+        const res = await walkDnsChallengeRecord(recordName, authoritativeResolver);
+        if (res && res.length > 0) {
+            for (const item of res) {
+                txtRecords.push(item)
+            }
+        }
+    }catch (e) {
+        log(`权威服务器获取TXT解析记录失败:${e.message}`)
+    }
+
+    if (txtRecords.length === 0) {
+        throw new Error(`没有找到TXT解析记录（${recordName}）`);
     }
+    return txtRecords;
 }
 
 /**
@@ -113,14 +132,14 @@ export async function walkTxtRecord(recordName) {
 
 async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
     const recordName = `${prefix}${authz.identifier.value}`;
-    log(`Resolving DNS TXT from record（解析DNS TXT记录）: ${recordName}`);
+    log(`本地校验TXT记录）: ${recordName}`);
     const recordValues = await walkTxtRecord(recordName);
-    log(`DNS query finished successfully（DNS查询成功）, found ${recordValues.length} TXT records`);
+    log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录`);
     if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
-        throw new Error(`Authorization not found in DNS TXT record（没有找到需要的DNS TXT记录）: ${recordName}，need:${keyAuthorization},found:${recordValues}`);
+        throw new Error(`没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`);
     }
 
-    log(`Key authorization match for ${challenge.type}/${recordName}, ACME challenge verified（域名所有权校验成功）`);
+    log(`关键授权匹配成功（${challenge.type}/${recordName}）,校验成功, ACME challenge verified`);
     return true;
 }