mirror of
https://github.com/certbot/certbot.git
synced 2026-05-28 04:34:11 -04:00
5a4028c763
* fix dns-rfc2136 plugin not respecting cnames The plugin does not work if the domain of a certificate is found to have a cname record in dns. That is because when plugin tries to find zone boundary, it searches from the domain up for the SOA record, and each DNS response is checked for the answer being empty, assuming that empty answer means no SOA record is present and the higher level domain has to be checked, and non empty answer section means that this domain is a zone root. However, if the initial domain, or any upper level domain except the zone root has a cname record pointing to the zone root, then the server will, instead of returning an empty answer, return one containing two records, first a cname pointing to the zone root, then the SOA record of zone root, and that will make the check fail and use a wrong domain as a zone name during update. Fix that by replacing a check for empty answer with explicitly searching in response's answer section for a SOA record matching the domain that is being checked. * dns-rfc2136: fix lint errors |
||
|---|---|---|
| .. | ||
| certbot_dns_rfc2136 | ||
| docs | ||
| LICENSE.txt | ||
| MANIFEST.in | ||
| README.rst | ||
| setup.cfg | ||
| setup.py | ||
RFC 2136 DNS Authenticator plugin for Certbot