* ns1: fix multivalue CAA handling
Introducing better multivalue support for the CAA entry broke CAA support
for ns1, failing the relevant test.
Improve the code touching CAA in either side, so that it can handle
multivalue, quoted, CAA entries.
* ns1: use native CAA record parser for CAA
instead of using PopulateFromString.
* ns1: remove panics
Remove panics and bubble-up errors.
* ns1: in case of errors, return nil data
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
* Fix#1338 do not error if domain is not registered
OVH now allows to create zone without registering a domain. The ovh provider
was getting the NS from the registrar and not the zone, which doesn't work
in a scenario where only the zone exists at ovh.
This changeset makes the ovh provider fetch the NS from the registrar and if
there's none from the zone.
* OVH now supports all dual providers scenario
This change updates the OVH provider documentation accordingly.
Fixes broken integration tests and spamming output about chaning NS records TTL from fixed one (86400) to dnscontrol default one (300).
This issue was introduced in #1167.
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
* Switch to aws-sdk-go-v2
AWS has released v2 of their SDK for Go.
See: https://aws.github.io/aws-sdk-go-v2/
One big advantage of this is no longer needing to export the
`AWS_SDK_LOAD_CONFIG=1` env var when using named profiles.
* Update integration test README
* Reenable pager601 and pager1201 integration tests for AWS Route53
* Implement intelligent batching for Route53 record changes
The AWS Route53 API for batch record changes limits the request size to
the smaller of:
- 1000 records.
- 32000 characters total for record values.
Also UPSERTs count as double (a DELETE and then a CREATE).
This commit changes how the record ChangeBatches are created to
respect these limits.
* Remove old comments
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
Previously, the provider would always try to fetch the zone config for
the domain. But that doesn't work if the domain's DNS is not managed
through Hosting.de.
With this patch, getDomainConfig() instead filters directly on the
domain name instead of re-fetching it from the zone.
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
All functions in should test for only one condition. There already is a
function that tests for long TXT records: TxtNoLongStrings.
Add calls to TxtNoLongStrings in all providers that use
TxtNoMultipleStrings, to keep functionality, except for NS1 and ClouDNS,
which allow for any TXT record length, but not for multiple strings per
TXT.
When having multiple RR in a RRset, only a few of them may be applied.
In my case, when I have two A records, only one of them makes its way
to Gandi.
In `convert.go`, we had:
```go
var zrs []livedns.DomainRecord
// [...]
zrs = append(zrs, zr)
keys[key] = &zrs[len(zrs)-1]
```
If the slice needs to be extended when appending, the reference we got
in `keys[key]` may be outdated because the new slice contains a copy
of the old one. We either need to store references to domain records
in the slice or we need to stop keeping reference of items in the
slice.
I have fixed this with the second solution as I think the order of the
RRsets is not important.
* Initial support for easyname as registrar
* DRY
Moving a bunch of the HTTP stuff into a single function for cleanliness and ease of future maintianence.
* Seperate API and Provider logic
* Updating error messages and sorting found nameservers
* Adding provider info to OWNERS and README
This also moves a few of the not-actually-DNS Providers to their own section.
* Update README.md
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
* HEXONET: Support for long TXT records
* HEXONET: Revert and update comments in auditrecords.go
* Update auditrecords.go
* HEXONET: Sync TXT support with reality
* Fix the fixed unit tests
Co-authored-by: Burak Tamturk <buraktamturk@gmail.com>
There is no API call I've found that requires it, only the accountID. Also, we now set the cfClient.AccountID similar to b55278140f (h/t @fdcastel) and no longer store duplicate information in the cfClient and api objects.
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
* First pass at moving to cloudflare-go vs hand made implementation of cloudflare's API
* Final changes to use cloudflare-go
* Fix for proxy configuration failing
Forgot to set the ID when we created a new records. This didn't fail in the integrations tests so I missed it.
* Add integration test
To prevent something like what I did from happening in the future.
* Fix bad messaging
This isn't necessary for Cloudflare, just pass the string you want and they'll take care of the rest. This was breaking DKIM records as it would pass the split string with quotes, which Cloudflare then interpreted the quotes as being necessary for the records.
* VULTR: Fix TXT quoting issue
* VULTR: Add tests that trigger Vultr's SPF mode
* VULTR: Enforce the fact that VULTR only supports a single string in TXT records
Co-authored-by: Lee Martin <lmartin@stackoverflow.com>
* Add PrivateKey authentication for TransIP
* Remove space before comma
* Re-enable CodeQL for Javascript (#1209)
* Create codeql-config.yml
* Update codeql-analysis.yml
Add config to exclude certain files
* deSEC implement pagination (#1208)
* deSEC: Implement pagination for domain list #1177
* deSEC: add debug logging for pagination
* deSEC: simplify get/post methods by allowing url / api endpoints as target
* deSEC: implement pagination for getRecords function
* deSEC: fix linter warnings
* deSEC: replace domainIndexInitalized variable with checking if the domainIndex == nil
* deSEC: add mutex for domainIndex
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
Co-authored-by: Vincent Hagen <vinnie@script4web.nl>
Co-authored-by: Jauder Ho <jauderho@users.noreply.github.com>
Co-authored-by: Georg <georg@neuland.tech>
* deSEC: Implement pagination for domain list #1177
* deSEC: add debug logging for pagination
* deSEC: simplify get/post methods by allowing url / api endpoints as target
* deSEC: implement pagination for getRecords function
* deSEC: fix linter warnings
* deSEC: replace domainIndexInitalized variable with checking if the domainIndex == nil
* deSEC: add mutex for domainIndex
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
* use /auth/account endpoint for token validation
this implements the token validation using the /auth/account api endpoint as suggested in #1177 instead of fetching the domain list
* deSEC: add support for long txt records #996
* deSEC: add support for a different api error response
relates to #996 where we had insufficient error output due to unknown api error format
* deSEC: remove unused fetchDomainList function
* deSEC: improve error handling
* deSEC: support for long / multistring txt records
the previous commit was broken this is now working (CRUD)
* deSEC: document what desecProvider.domainIndex is used for
* deSEC: handle the rate limiting correctly
we try to use the Retry-After header to determine how long we should sleep until retry
* deSEC: further improvement of rate limit handling
we cut off if the Retry-After header exceeds 3 minutes because this might be the daily limit.
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
* Show actual URL to use instead of just "sandbox"
Instead of stating "sandbox", sometimes incorrectly if sandbox is false, just output the actual URL that will be used.
* Replace Println with Printf
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
