acme4netvs issueshttps://git.scc.kit.edu/KIT-CA/acme4netvs/-/issues2021-09-14T20:26:06+02:00https://git.scc.kit.edu/KIT-CA/acme4netvs/-/issues/13certbot auth plugin currently broken2021-09-14T20:26:06+02:00ge3242heiko.reese@kit.educertbot auth plugin currently brokenOutput of
```
certbot certonly \
--preferred-challenges dns \
--work-dir .certbot/work --logs-dir .certbot/logs --config-dir .certbot/conf \
--config certbot.ini \
-d certbot.le.uni-beispiel.de \
--manual-auth-hook './auth --de...Output of
```
certbot certonly \
--preferred-challenges dns \
--work-dir .certbot/work --logs-dir .certbot/logs --config-dir .certbot/conf \
--config certbot.ini \
-d certbot.le.uni-beispiel.de \
--manual-auth-hook './auth --debug' --manual-cleanup-hook ./cleanup`
```
```
Requesting a certificate for certbot.le.uni-beispiel.de
Hook '--manual-auth-hook' for certbot.le.uni-beispiel.de reported error code 1
Hook '--manual-auth-hook' for certbot.le.uni-beispiel.de ran with output:
&acme4netvs.CertbotArguments{
Domain: "certbot.le.uni-beispiel.de",
Validation: "EC0Mf0ryy1lfGF7M5Mw9h8rtdFIl8S9MupJoz6QXTjE",
Token: "",
RemainingChallenges: 0,
AllDomains: []string{
"certbot.le.uni-beispiel.de",
},
AuthOutput: "",
}
Hook '--manual-auth-hook' for certbot.le.uni-beispiel.de ran with error output:
2021/08/19 01:46:41 Error: CERTBOT_TOKEN is empty
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: certbot.le.uni-beispiel.de
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.certbot.le.uni-beispiel.de - check that a DNS record exists for this domain
```
----
[certbot documentation](https://certbot.eff.org/docs/using.html#pre-and-post-validation-hooks) states:
```
CERTBOT_DOMAIN: The domain being authenticated
CERTBOT_VALIDATION: The validation string
CERTBOT_TOKEN: Resource name part of the HTTP-01 challenge (HTTP-01 only)
CERTBOT_REMAINING_CHALLENGES: Number of challenges remaining after the current challenge
CERTBOT_ALL_DOMAINS: A comma-separated list of all domains challenged for the current certificate
```https://git.scc.kit.edu/KIT-CA/acme4netvs/-/issues/24If acme challenge starts with -, it is interpreted as command line flag2022-09-21T18:36:59+02:00ts9019peter.oettig@kit.eduIf acme challenge starts with -, it is interpreted as command line flag![image](/uploads/0d274841cc2e95b02cd058aac3579e08/image.png)![image](/uploads/0d274841cc2e95b02cd058aac3579e08/image.png)https://git.scc.kit.edu/KIT-CA/acme4netvs/-/issues/30ACME4NETVS_DNS_WAIT_BETWEEN ignored2022-10-13T19:55:42+02:00ts9019peter.oettig@kit.eduACME4NETVS_DNS_WAIT_BETWEEN ignoredFor some reason this doesn't work.
At best also check if the other env vars work.For some reason this doesn't work.
At best also check if the other env vars work.ts9019peter.oettig@kit.eduts9019peter.oettig@kit.eduhttps://git.scc.kit.edu/KIT-CA/acme4netvs/-/issues/33Convert "dns-wait" to "disable-dns-wait"2022-10-13T19:55:54+02:00ts9019peter.oettig@kit.eduConvert "dns-wait" to "disable-dns-wait"Default-Enabled flags are confusing and adding -w just keeps it enabled, which is the default.
Can currently only disable via env var ACME4NETVS_DNS_WAIT=falseDefault-Enabled flags are confusing and adding -w just keeps it enabled, which is the default.
Can currently only disable via env var ACME4NETVS_DNS_WAIT=falsehttps://git.scc.kit.edu/KIT-CA/acme4netvs/-/issues/35Test `TestNameserverHasChallenge` sometimes results in an invalid memory addr...2022-10-22T01:59:34+02:00ge3242heiko.reese@kit.eduTest `TestNameserverHasChallenge` sometimes results in an invalid memory address.Test `TestNameserverHasChallenge` sometimes (less than 1% of all test runs) results in an invalid memory address.
```
=== RUN TestNameserverHasChallenge
--- FAIL: TestNameserverHasChallenge (2.00s)
panic: runtime error: invalid memory...Test `TestNameserverHasChallenge` sometimes (less than 1% of all test runs) results in an invalid memory address.
```
=== RUN TestNameserverHasChallenge
--- FAIL: TestNameserverHasChallenge (2.00s)
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x8fd334]
goroutine 66 [running]:
testing.tRunner.func1.2({0x948920, 0xcaf3e0})
/usr/local/go/src/testing/testing.go:1396 +0x372
testing.tRunner.func1()
/usr/local/go/src/testing/testing.go:1399 +0x5f0
panic({0x948920, 0xcaf3e0})
/usr/local/go/src/runtime/panic.go:890 +0x262
git.scc.kit.edu/KIT-CA/acme4netvs/v2.NameserverHasChallenge({0x9b3da7, 0xf}, {0x9b9491, 0x1a}, {0x9af2b9, 0x3})
/home/sprawl/git/KIT-CA/acme4netvs/dns_utils.go:61 +0x394
git.scc.kit.edu/KIT-CA/acme4netvs/v2.TestNameserverHasChallenge(0x0?)
/home/sprawl/git/KIT-CA/acme4netvs/dns_utils_test.go:57 +0x225
testing.tRunner(0xc000206680, 0x9e57c0)
/usr/local/go/src/testing/testing.go:1446 +0x217
created by testing.(*T).Run
/usr/local/go/src/testing/testing.go:1493 +0x75e
exit status 2
FAIL git.scc.kit.edu/KIT-CA/acme4netvs/v2 2.679s
```ge3242heiko.reese@kit.eduge3242heiko.reese@kit.edu