Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API: Differentiate bad TXT update error. #42

Merged
merged 3 commits into from
Mar 13, 2018
Merged

API: Differentiate bad TXT update error. #42

merged 3 commits into from
Mar 13, 2018

Conversation

cpu
Copy link
Contributor

@cpu cpu commented Feb 28, 2018

Previous to this commit, if the update message had a valid subdomain but
an invalid TXT value the error returned was for a bad subdomain. This can
confuse developers who were POSTing junk TXT records to test acme-dns 😊
Only TXT values that are exactly 43 chars are considered valid:

acme-dns/validation.go

Lines 37 to 40 in 830cceb

if utf8.RuneCountInString(s) == 43 && utf8.RuneCountInString(sn) == 43 {
// 43 chars is the current LE auth key size, but not limited / defined by ACME
return true
}

This commit adjusts the webUpdatePost error handling such that
!validSubdomain(input) and !validTXT(input) give distinct errors.

The !validSubdomain case should never happen in webUpdatePost
because auth.go's Auth function already vets the post data
subdomain but I retained the error handling code just in case.

Unit tests for an update with an invalid subdomain and an update with an
invalid TXT are included.

I did my best to match the repo style for the code/tests but I admit
to hacking this together quickly without having read most of the codebase
yet! Please critique liberally.

@cpu
API: Differentiate bad TXT update error.
efdd560 
Previous to this commit, if the update message had a valid subdomain but
an invalid TXT the error returned was for a bad subdomain. This can
confuse developers who were POSTing junk TXT records to test acme-dns
:-)

This commit adjusts the `webUpdatePost` error handling such that
`!validSubdomain(input)` and `!validTXT(input)` give distinct errors.

The `!validSubdomain` case should never happen in `webUpdatePost`
because `auth.go`'s `Auth` function already vets the post data
subdomain but I retained the error handling code just in case.

Unit tests for an update with an invalid subdomain and an update with an
invalid TXT are included.
@coveralls
Copy link

coveralls commented Feb 28, 2018
edited
Loading

Coverage Status

Coverage decreased (-0.5%) to 91.946% when pulling 92f8cc2 on cpu:cpu-differentiate-errors into 978ac5d on joohoi:master.

@joohoi
Copy link
Owner

joohoi commented Mar 13, 2018

Thanks for the PR, this certainly adds clarity to the source of error for people poking around and evaluating acme-dns for use.

I did my best to match the repo style for the code/tests but I admit
to hacking this together quickly without having read most of the codebase
yet! Please critique liberally.

It's all good!

@joohoi joohoi merged commit d542ee0 into joohoi:master Mar 13, 2018
@cpu cpu deleted the cpu-differentiate-errors branch March 13, 2018 13:51
@cpu
Copy link
Contributor Author

cpu commented Mar 13, 2018

Thanks @joohoi, happy to help!

@cpu cpu mentioned this pull request Mar 14, 2018
Closed
jacobmyers-codeninja pushed a commit to jacobmyers-codeninja/acme-dns that referenced this pull request Sep 30, 2020
@joohoi
Merge pull request joohoi#42 from cpu/cpu-differentiate-errors
aa13004 
API: Differentiate bad TXT update error.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@cpu @coveralls @joohoi