Merge branch 'lordelph-master'

# Conflicts: # src/Data/Authorization.php
2026-03-13 13:46:10 +00:00 · 2020-03-18 19:57:43 +01:00
parent ccaec498e9 0090165353
commit 505ce369e5
4 changed files with 111 additions and 0 deletions
--- a/src/Client.php
+++ b/src/Client.php
@@ -55,6 +55,11 @@ class Client
     */
    const VALIDATION_HTTP = 'http-01';

+    /**
+     * DNS validation
+     */
+    const VALIDATION_DNS = 'dns-01';
+
    /**
     * @var string
     */
--- a/src/Data/Authorization.php
+++ b/src/Data/Authorization.php
@@ -3,6 +3,7 @@
 namespace Afosto\Acme\Data;

 use Afosto\Acme\Client;
+use Afosto\Acme\Helper;

 class Authorization
 {
@@ -93,6 +94,20 @@ class Authorization
        return false;
    }

+    /**
+     * @return Challenge|bool
+     */
+    public function getDnsChallenge()
+    {
+        foreach ($this->getChallenges() as $challenge) {
+            if ($challenge->getType() == Client::VALIDATION_DNS) {
+                return $challenge;
+            }
+        }
+
+        return false;
+    }
+
    /**
     * Return File object for the given challenge
     * @return File|bool
@@ -105,4 +120,15 @@ class Authorization
        }
        return false;
    }
+
+    /**
+     * @param Challenge $challenge
+     * @return string containing TXT record for DNS challenge
+     */
+    public function getTxtRecord(Challenge $challenge)
+    {
+        $raw=$challenge->getToken() . '.' . $this->digest;
+        $hash=hash('sha256', $raw, true);
+        return Helper::toSafeString($hash);
+    }
 }
--- a/src/Helper.php
+++ b/src/Helper.php
@@ -140,4 +140,37 @@ class Helper

        return $accountDetails;
    }
+
+    /**
+     * Wait until a set of DNS records return specific TXT record values
+     *
+     * @param array mapping domain to desired TXT record value
+     * @param $txtRecord
+     * @param int $maxSeconds to wait
+     * @return bool true if record found, false otherwise
+     */
+    public static function waitForDNS(array $records, $maxSeconds=60)
+    {
+        $waitUntil = time() + $maxSeconds;
+
+        do {
+            //validate all remaining records..
+            foreach($records as $domain=>$txtRecord) {
+                $record=dns_get_record($domain, DNS_TXT);
+                if (isset($record[0]['txt']) && ($record[0]['txt']===$txtRecord)) {
+                    unset($records[$domain]);
+                }
+            }
+
+            //did we find them all?
+            if (empty($records)) {
+                return true;
+            }
+
+            //otherwise still domains to check...have a short sleep
+            sleep(1);
+        } while(time() < $waitUntil);
+
+        return false;
+    }
 }