Fix ACME DNS challenge for top-level domains in a zone

e.g. "*.emersion.fr" when the zone is "emersion.fr". Fixes: 662136ea74 ("Add support for ACME DNS hooks")
2023-01-26 19:14:08 +01:00 · 2023-01-26 19:14:08 +01:00 · 86308c9780
parent 662136ea74
commit 86308c9780
1 changed files with 14 additions and 4 deletions
--- a/dns.go
+++ b/dns.go
@ -62,10 +62,20 @@ func (provider *commandDNSProvider) DeleteRecords(ctx context.Context, zone stri
 }

 func domainFromACMEChallengeRecord(zone string, rec *libdns.Record) (string, error) {
-	if rec.Type != "TXT" || !strings.HasPrefix(rec.Name, "_acme-challenge.") {
+	relZone := strings.TrimSuffix(zone, ".")
+
+	var domain string
+	if rec.Name == "_acme-challenge" {
+		// Root domain
+		domain = relZone
+	} else if strings.HasPrefix(rec.Name, "_acme-challenge.") {
+		// Subdomain
+		relName := strings.TrimPrefix(rec.Name, "_acme-challenge.")
+		domain = relName + "." + relZone
+	}
+	if rec.Type != "TXT" || domain == "" {
 		return "", fmt.Errorf("DNS record doesn't look like an ACME challenge: %v %v", rec.Type, rec.Name)
 	}
-	relName := strings.TrimPrefix(rec.Name, "_acme-challenge.")
-	relZone := strings.TrimSuffix(zone, ".")
-	return relName + "." + relZone, nil
+
+	return domain, nil
 }