@certd/acme-client 1.31.7 → 1.31.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +3 -3
- package/src/util.js +1 -1
- package/src/verify.js +29 -10
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"description": "Simple and unopinionated ACME client",
|
|
4
4
|
"private": false,
|
|
5
5
|
"author": "nmorsman",
|
|
6
|
-
"version": "1.31.
|
|
6
|
+
"version": "1.31.8",
|
|
7
7
|
"type": "module",
|
|
8
8
|
"module": "scr/index.js",
|
|
9
9
|
"main": "src/index.js",
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
"types"
|
|
19
19
|
],
|
|
20
20
|
"dependencies": {
|
|
21
|
-
"@certd/basic": "^1.31.
|
|
21
|
+
"@certd/basic": "^1.31.8",
|
|
22
22
|
"@peculiar/x509": "^1.11.0",
|
|
23
23
|
"asn1js": "^3.0.5",
|
|
24
24
|
"axios": "^1.7.2",
|
|
@@ -67,5 +67,5 @@
|
|
|
67
67
|
"bugs": {
|
|
68
68
|
"url": "https://github.com/publishlab/node-acme-client/issues"
|
|
69
69
|
},
|
|
70
|
-
"gitHead": "
|
|
70
|
+
"gitHead": "2acaa66635f91b8c169b7e68e08907f233c67c6e"
|
|
71
71
|
}
|
package/src/util.js
CHANGED
|
@@ -62,7 +62,7 @@ async function retryPromise(fn, attempts, backoff) {
|
|
|
62
62
|
|
|
63
63
|
log(`Promise rejected: ${e.message}`);
|
|
64
64
|
const duration = backoff.duration();
|
|
65
|
-
log(`attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
|
|
65
|
+
log(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
|
|
66
66
|
|
|
67
67
|
await new Promise((resolve) => { setTimeout(resolve, duration); });
|
|
68
68
|
return retryPromise(fn, attempts, backoff);
|
package/src/verify.js
CHANGED
|
@@ -82,21 +82,40 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
|
|
|
82
82
|
}
|
|
83
83
|
|
|
84
84
|
export async function walkTxtRecord(recordName) {
|
|
85
|
+
|
|
86
|
+
const txtRecords = []
|
|
85
87
|
try {
|
|
86
88
|
/* Default DNS resolver first */
|
|
87
|
-
log('
|
|
89
|
+
log('从本地DNS服务器获取TXT解析记录');
|
|
88
90
|
const res = await walkDnsChallengeRecord(recordName);
|
|
89
91
|
if (res && res.length > 0) {
|
|
90
|
-
|
|
92
|
+
for (const item of res) {
|
|
93
|
+
txtRecords.push(item)
|
|
94
|
+
}
|
|
91
95
|
}
|
|
92
|
-
|
|
96
|
+
|
|
97
|
+
} catch (e) {
|
|
98
|
+
log(`本地获取TXT解析记录失败:${e.message}`)
|
|
93
99
|
}
|
|
94
|
-
|
|
100
|
+
|
|
101
|
+
try{
|
|
95
102
|
/* Authoritative DNS resolver */
|
|
96
|
-
log(
|
|
103
|
+
log(`从域名权威服务器获取TXT解析记录`);
|
|
97
104
|
const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
|
|
98
|
-
|
|
105
|
+
const res = await walkDnsChallengeRecord(recordName, authoritativeResolver);
|
|
106
|
+
if (res && res.length > 0) {
|
|
107
|
+
for (const item of res) {
|
|
108
|
+
txtRecords.push(item)
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
}catch (e) {
|
|
112
|
+
log(`权威服务器获取TXT解析记录失败:${e.message}`)
|
|
113
|
+
}
|
|
114
|
+
|
|
115
|
+
if (txtRecords.length === 0) {
|
|
116
|
+
throw new Error(`没有找到TXT解析记录(${recordName})`);
|
|
99
117
|
}
|
|
118
|
+
return txtRecords;
|
|
100
119
|
}
|
|
101
120
|
|
|
102
121
|
/**
|
|
@@ -113,14 +132,14 @@ export async function walkTxtRecord(recordName) {
|
|
|
113
132
|
|
|
114
133
|
async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
|
|
115
134
|
const recordName = `${prefix}${authz.identifier.value}`;
|
|
116
|
-
log(
|
|
135
|
+
log(`本地校验TXT记录): ${recordName}`);
|
|
117
136
|
const recordValues = await walkTxtRecord(recordName);
|
|
118
|
-
log(`DNS
|
|
137
|
+
log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录`);
|
|
119
138
|
if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
|
|
120
|
-
throw new Error(
|
|
139
|
+
throw new Error(`没有找到需要的DNS TXT记录: ${recordName},期望:${keyAuthorization},结果:${recordValues}`);
|
|
121
140
|
}
|
|
122
141
|
|
|
123
|
-
log(
|
|
142
|
+
log(`关键授权匹配成功(${challenge.type}/${recordName}),校验成功, ACME challenge verified`);
|
|
124
143
|
return true;
|
|
125
144
|
}
|
|
126
145
|
|