Even more specific DNS challenge message

2026-06-08 16:22:18 -04:00 · 2018-10-17 05:32:15 -07:00 · 2018-10-17 05:32:15 -07:00 · 20778a423e
commit 20778a423e
parent 98feff643b
1 changed files with 16 additions and 3 deletions
--- a/certbot/plugins/manual.py
+++ b/certbot/plugins/manual.py
@ -98,6 +98,12 @@ when it receives a TLS ClientHello with the SNI extension set to
    _SUBSEQUENT_CHALLENGE_INSTRUCTIONS = """\
 (This must be set up in addition to the previous challenges; do not remove,
 replace, or undo the previous challenge tasks yet.)
+"""
+    _SUBSEQUENT_DNS_CHALLENGE_INSTRUCTIONS = """\
+(This must be set up in addition to the previous challenges; do not remove,
+replace, or undo the previous challenge tasks yet. Note that you might be
+asked to create multiple distinct TXT records with the same name. This is
+permitted by DNS standards.)
 """

    def __init__(self, *args, **kwargs):
@ -107,7 +113,8 @@ replace, or undo the previous challenge tasks yet.)
        self.env = dict() \
        # type: Dict[achallenges.KeyAuthorizationAnnotatedChallenge, Dict[str, str]]
        self.tls_sni_01 = None
-        self.subsequent_challenge = False
+        self.subsequent_dns_challenge = False
+        self.subsequent_any_challenge = False

    @classmethod
    def add_parser_arguments(cls, add):
@ -217,11 +224,17 @@ replace, or undo the previous challenge tasks yet.)
                key=self.tls_sni_01.get_key_path(achall),
                port=self.config.tls_sni_01_port,
                sni_domain=self.tls_sni_01.get_z_domain(achall))
-        if self.subsequent_challenge:
+        if isinstance(achall.chall, challenges.DNS01):
+            if self.subsequent_dns_challenge:
+                # 2nd or later dns-01 challenge
+                msg += _SUBSEQUENT_DNS_CHALLENGE_INSTRUCTIONS
+            self.subsequent_dns_challenge = True
+        elif self.subsequent_any_challenge:
+            # 2nd or later challenge of another type
            msg += _SUBSEQUENT_CHALLENGE_INSTRUCTIONS
        display = zope.component.getUtility(interfaces.IDisplay)
        display.notification(msg, wrap=False, force_interactive=True)
-        self.subsequent_challenge = True
+        self.subsequent_any_challenge = True

    def cleanup(self, achalls):  # pylint: disable=missing-docstring
        if self.conf('cleanup-hook'):