diff --git a/PKG-INFO b/PKG-INFO index fd57a49..0a66b71 100644 --- a/PKG-INFO +++ b/PKG-INFO @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: certbot-dns-rfc2136 -Version: 1.18.0 +Version: 1.21.0 Summary: RFC 2136 DNS Authenticator plugin for Certbot Home-page: https://github.com/certbot/certbot Author: Certbot Project diff --git a/certbot_dns_rfc2136/__init__.py b/certbot_dns_rfc2136/__init__.py index 3c57483..077a731 100644 --- a/certbot_dns_rfc2136/__init__.py +++ b/certbot_dns_rfc2136/__init__.py @@ -33,7 +33,7 @@ :name: credentials.ini :caption: Example credentials file: - # Target DNS server + # Target DNS server (IPv4 or IPv6 address, not a hostname) dns_rfc2136_server = 192.0.2.1 # Target DNS port dns_rfc2136_port = 53 diff --git a/certbot_dns_rfc2136/_internal/dns_rfc2136.py b/certbot_dns_rfc2136/_internal/dns_rfc2136.py index 77007a9..98687e6 100644 --- a/certbot_dns_rfc2136/_internal/dns_rfc2136.py +++ b/certbot_dns_rfc2136/_internal/dns_rfc2136.py @@ -15,6 +15,7 @@ from certbot import errors from certbot.plugins import dns_common from certbot.plugins.dns_common import CredentialsConfiguration +from certbot.util import is_ipaddress logger = logging.getLogger(__name__) @@ -54,7 +55,11 @@ return 'This plugin configures a DNS TXT record to respond to a dns-01 challenge using ' + \ 'RFC 2136 Dynamic Updates.' - def _validate_algorithm(self, credentials): + def _validate_credentials(self, credentials): + server = credentials.conf('server') + if not is_ipaddress(server): + raise errors.PluginError("The configured target DNS server ({0}) is not a valid IPv4 " + "or IPv6 address. A hostname is not allowed.".format(server)) algorithm = credentials.conf('algorithm') if algorithm: if not self.ALGORITHMS.get(algorithm.upper()): @@ -69,7 +74,7 @@ 'secret': 'TSIG key secret', 'server': 'The target DNS server' }, - self._validate_algorithm + self._validate_credentials ) def _perform(self, _domain, validation_name, validation): diff --git a/certbot_dns_rfc2136.egg-info/PKG-INFO b/certbot_dns_rfc2136.egg-info/PKG-INFO index fd57a49..0a66b71 100644 --- a/certbot_dns_rfc2136.egg-info/PKG-INFO +++ b/certbot_dns_rfc2136.egg-info/PKG-INFO @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: certbot-dns-rfc2136 -Version: 1.18.0 +Version: 1.21.0 Summary: RFC 2136 DNS Authenticator plugin for Certbot Home-page: https://github.com/certbot/certbot Author: Certbot Project diff --git a/certbot_dns_rfc2136.egg-info/requires.txt b/certbot_dns_rfc2136.egg-info/requires.txt index 6bdfd92..94ab74a 100644 --- a/certbot_dns_rfc2136.egg-info/requires.txt +++ b/certbot_dns_rfc2136.egg-info/requires.txt @@ -1,8 +1,7 @@ -dnspython +dnspython>=1.15.0 setuptools>=39.0.1 -zope.interface -acme>=1.18.0 -certbot>=1.18.0 +acme>=1.21.0 +certbot>=1.21.0 [docs] Sphinx>=1.0 diff --git a/setup.py b/setup.py index b7f84bc..7e105e4 100644 --- a/setup.py +++ b/setup.py @@ -4,12 +4,11 @@ from setuptools import find_packages from setuptools import setup -version = '1.18.0' +version = '1.21.0' install_requires = [ - 'dnspython', + 'dnspython>=1.15.0', 'setuptools>=39.0.1', - 'zope.interface', ] if not os.environ.get('SNAP_BUILD'): diff --git a/tests/dns_rfc2136_test.py b/tests/dns_rfc2136_test.py index ec424c6..72ea6d9 100644 --- a/tests/dns_rfc2136_test.py +++ b/tests/dns_rfc2136_test.py @@ -74,6 +74,27 @@ self.auth.perform([self.achall]) + def test_invalid_server_raises(self): + config = VALID_CONFIG.copy() + config["rfc2136_server"] = "example.com" + dns_test_common.write(config, self.config.rfc2136_credentials) + + self.assertRaises(errors.PluginError, + self.auth.perform, + [self.achall]) + + @test_util.patch_display_util() + def test_valid_server_passes(self, unused_mock_get_utility): + config = VALID_CONFIG.copy() + dns_test_common.write(config, self.config.rfc2136_credentials) + + self.auth.perform([self.achall]) + + config["rfc2136_server"] = "2001:db8:3333:4444:cccc:dddd:eeee:ffff" + dns_test_common.write(config, self.config.rfc2136_credentials) + + self.auth.perform([self.achall]) + class RFC2136ClientTest(unittest.TestCase):