[pve-devel] [PATCH proxmox-acme 0/3] update acme.sh and fix #3536 and #3546
Stoiko Ivanov
s.ivanov at proxmox.com
Fri Aug 6 17:44:26 CEST 2021
This patchset started out as attempt to add comfortable proxy-handling to
our acme client(s) and to address #3536 and #3546, but in it's current form
only fixes the two issues.
patch 1/3 is independent of the others and enables users to interact with an
ACME provider via proxy on PVE on the commandline (by exporting the
https_proxy environment variable).
the remaining patches simply update the acme.sh submodule, add the 2 new
dns-plugins to our schema.json file and and port over retrying GET and POST
requests from acme.sh.
Tested on my PVE-node with a domain of mine and the powerdns api:
* setting https_proxy (and having a squid configured on a guest) does not
cause the `pvenode acme cert renew -force` to abort due to taint-checks
* the content type of the PATCH requests is application/json insted of
application/x-www-form-urlencoded
Stoiko Ivanov (3):
acme client: fix #3536 untaint data returned from acme server
update to acme.sh dns plugins to 3.0.0
plugin-caller: pull in changes from upstream 3.0.0
src/Makefile | 2 ++
src/PVE/ACME.pm | 12 +++++--
src/acme.sh | 2 +-
src/dns-challenge-schema.json | 2 ++
src/proxmox-acme | 62 +++++++++++++++++++++++++++++++++--
5 files changed, 75 insertions(+), 5 deletions(-)
--
2.30.2
More information about the pve-devel
mailing list