Merge pull request #1 from shellrent/dnschallenge-fix

svdigital-development · web-flow · commit ede5e9991462 · 2021-05-20T12:53:53.000+02:00
Fixed DNS-01 and HTTP-01 challenges
diff --git a/src/LEFunctions.php b/src/LEFunctions.php
@@ -235,7 +235,9 @@ public static function checkDNSChallenge($domain, $DNSDigest)
 			{
 				if($answer->type === 16)
 				{
+					/* Since May 19th, this check always fails because the comparison should take place without the quotes; let's keep both just to be sure */
 					if($answer->data === ('"' . $DNSDigest . '"')) return true;
+					if($answer->data === $DNSDigest) return true;
 				}
 			}
 		}
diff --git a/src/LEOrder.php b/src/LEOrder.php
@@ -51,6 +51,7 @@ class LEOrder
 	public $expires;
 	public $identifiers;
 	private $authorizationURLs;
+	/** @var LEAuthorization[] */
 	public $authorizations;
 	public $finalizeURL;
 	public $certificateURL;
@@ -414,11 +415,27 @@ public function verifyPendingOrderAuthorization($identifier, $type, $localcheck
 											}
 											elseif($this->log >= LEClient::LOG_STATUS) LEFunctions::log('HTTP challenge for \'' . $identifier . '\' valid.', 'function verifyPendingOrderAuthorization');
 										}
+										
+										$i = 1;
+										
 										while($auth->status == 'pending')
 										{
+											if( $i > 6 )
+											{
+												break;
+											}
+											
 											sleep(1);
 											$auth->updateData();
+											
+											$i++;
+										}
+										
+										if($auth->status == 'pending')
+										{
+											return false;
 										}
+										
 										return true;
 									}
 								}
@@ -447,11 +464,27 @@ public function verifyPendingOrderAuthorization($identifier, $type, $localcheck
 											}
 											elseif($this->log >= LEClient::LOG_STATUS) LEFunctions::log('DNS challenge for \'' . $identifier . '\' valid.', 'function verifyPendingOrderAuthorization');
 										}
+										
+										$i = 1;
+										
 										while($auth->status == 'pending')
 										{
+											if( $i > 6 )
+											{
+												break;
+											}
+											
 											sleep(1);
 											$auth->updateData();
+											
+											$i++;
+										}
+										
+										if($auth->status == 'pending')
+										{
+											return false;
 										}
+										
 										return true;
 									}
 								}

Original file line number	Diff line number	Diff line change
`@@ -235,7 +235,9 @@ public static function checkDNSChallenge($domain, $DNSDigest)`
`235`	`235`	`{`
`236`	`236`	`if($answer->type === 16)`
`237`	`237`	`{`
	`238`	`+ /* Since May 19th, this check always fails because the comparison should take place without the quotes; let's keep both just to be sure */`
`238`	`239`	`if($answer->data === ('"' . $DNSDigest . '"')) return true;`
	`240`	`+ if($answer->data === $DNSDigest) return true;`
`239`	`241`	`}`
`240`	`242`	`}`
`241`	`243`	`}`
Original file line number	Diff line number	Diff line change
`@@ -51,6 +51,7 @@ class LEOrder`
`51`	`51`	`public $expires;`
`52`	`52`	`public $identifiers;`
`53`	`53`	`private $authorizationURLs;`
	`54`	`+ /** @var LEAuthorization[] */`
`54`	`55`	`public $authorizations;`
`55`	`56`	`public $finalizeURL;`
`56`	`57`	`public $certificateURL;`
`@@ -414,11 +415,27 @@ public function verifyPendingOrderAuthorization($identifier, $type, $localcheck`
`414`	`415`	`}`
`415`	`416`	`elseif($this->log >= LEClient::LOG_STATUS) LEFunctions::log('HTTP challenge for \'' . $identifier . '\' valid.', 'function verifyPendingOrderAuthorization');`
`416`	`417`	`}`
	`418`	`+`
	`419`	`+ $i = 1;`
	`420`	`+`
`417`	`421`	`while($auth->status == 'pending')`
`418`	`422`	`{`
	`423`	`+ if( $i > 6 )`
	`424`	`+ {`
	`425`	`+ break;`
	`426`	`+ }`
	`427`	`+`
`419`	`428`	`sleep(1);`
`420`	`429`	`$auth->updateData();`
	`430`	`+`
	`431`	`+ $i++;`
	`432`	`+ }`
	`433`	`+`
	`434`	`+ if($auth->status == 'pending')`
	`435`	`+ {`
	`436`	`+ return false;`
`421`	`437`	`}`
	`438`	`+`
`422`	`439`	`return true;`
`423`	`440`	`}`
`424`	`441`	`}`
`@@ -447,11 +464,27 @@ public function verifyPendingOrderAuthorization($identifier, $type, $localcheck`
`447`	`464`	`}`
`448`	`465`	`elseif($this->log >= LEClient::LOG_STATUS) LEFunctions::log('DNS challenge for \'' . $identifier . '\' valid.', 'function verifyPendingOrderAuthorization');`
`449`	`466`	`}`
	`467`	`+`
	`468`	`+ $i = 1;`
	`469`	`+`
`450`	`470`	`while($auth->status == 'pending')`
`451`	`471`	`{`
	`472`	`+ if( $i > 6 )`
	`473`	`+ {`
	`474`	`+ break;`
	`475`	`+ }`
	`476`	`+`
`452`	`477`	`sleep(1);`
`453`	`478`	`$auth->updateData();`
	`479`	`+`
	`480`	`+ $i++;`
	`481`	`+ }`
	`482`	`+`
	`483`	`+ if($auth->status == 'pending')`
	`484`	`+ {`
	`485`	`+ return false;`
`454`	`486`	`}`
	`487`	`+`
`455`	`488`	`return true;`
`456`	`489`	`}`
`457`	`490`	`}`