refactor: minor changes

challenge/dns01/dns_challenge.go

@@ -15,6 +15,7 @@ import (
 	"github.com/go-acme/lego/v5/challenge"
 	"github.com/go-acme/lego/v5/internal/wait"
 	"github.com/go-acme/lego/v5/log"
+	"github.com/miekg/dns"
 )
 
 const (
@@ -28,7 +29,7 @@ const (
 	DefaultTTL = 120
 )
 
-const prefix = "_acme-challenge"
+const challengeLabel = "_acme-challenge"
 
 type ValidateFunc func(ctx context.Context, core *api.Core, domain string, chlng acme.Challenge) error
 
@@ -62,6 +63,7 @@ func NewChallenge(core *api.Core, validate ValidateFunc, provider challenge.Prov
 // It does not validate record propagation or do anything at all with the ACME server.
 func (c *Challenge) PreSolve(ctx context.Context, authz acme.Authorization) error {
 	domain := challenge.GetTargetedDomain(authz)
+
 	log.Info("dns01: preparing to solve the challenge.", log.DomainAttr(domain))
 
 	chlng, err := challenge.FindChallenge(challenge.DNS01, authz)
@@ -89,6 +91,7 @@ func (c *Challenge) PreSolve(ctx context.Context, authz acme.Authorization) erro
 
 func (c *Challenge) Solve(ctx context.Context, authz acme.Authorization) error {
 	domain := challenge.GetTargetedDomain(authz)
+
 	log.Info("dns01: trying to solve the challenge.", log.DomainAttr(domain))
 
 	chlng, err := challenge.FindChallenge(challenge.DNS01, authz)
@@ -202,13 +205,13 @@ func GetChallengeInfo(ctx context.Context, domain, keyAuth string) ChallengeInfo
 
 	ok, _ := strconv.ParseBool(os.Getenv("LEGO_DISABLE_CNAME_SUPPORT"))
 
-	fqdn := fmt.Sprintf("%s.%s.", prefix, domain)
+	fqdn := getAuthorizationDomainName(domain)
 
 	return ChallengeInfo{
 		Value:         value,
 		FQDN:          getChallengeFQDN(ctx, fqdn, false),
 		EffectiveFQDN: getChallengeFQDN(ctx, fqdn, !ok),
-		Prefix:        prefix,
+		Prefix:        challengeLabel,
 	}
 }
 
@@ -219,3 +222,9 @@ func getChallengeFQDN(ctx context.Context, fqdn string, followCNAME bool) string
 
 	return DefaultClient().lookupCNAME(ctx, fqdn)
 }
+
+// getAuthorizationDomainName returns the fully qualified DNS label
+// used by the dns-01 challenge for the given domain.
+func getAuthorizationDomainName(domain string) string {
+	return dns.Fqdn(challengeLabel + "." + domain)
+}

challenge/dnspersist01/dns_persist_challenge.go

@@ -21,18 +21,6 @@ const validationLabel = "_validation-persist"
 // ValidateFunc validates a challenge with the ACME server.
 type ValidateFunc func(ctx context.Context, core *api.Core, domain string, chlng acme.Challenge) error
 
-// ChallengeInfo contains the information used to create a dns-persist-01 TXT record.
-type ChallengeInfo struct {
-	// FQDN is the full-qualified challenge domain (i.e. `_validation-persist.[domain].`).
-	FQDN string
-
-	// Value contains the TXT record value, an RFC 8659 issue-value.
-	Value string
-
-	// IssuerDomainName is the normalized issuer-domain-name used in Value.
-	IssuerDomainName string
-}
-
 // Challenge implements the dns-persist-01 challenge.
 type Challenge struct {
 	core     *api.Core
@@ -76,6 +64,8 @@ func (c *Challenge) Solve(ctx context.Context, authz acme.Authorization) error {
 		return errors.New("dnspersist01: empty identifier")
 	}
 
+	log.Info("dnspersist01: trying to solve the challenge.", log.DomainAttr(domain))
+
 	chlng, err := challenge.FindChallenge(challenge.DNSPersist01, authz)
 	if err != nil {
 		return err
@@ -185,6 +175,18 @@ func (c *Challenge) hasMatchingRecord(records []TXTRecord, issuerDomainName stri
 	})
 }
 
+// ChallengeInfo contains the information used to create a dns-persist-01 TXT record.
+type ChallengeInfo struct {
+	// FQDN is the full-qualified challenge domain (i.e. `_validation-persist.[domain].`).
+	FQDN string
+
+	// Value contains the TXT record value, an RFC 8659 issue-value.
+	Value string
+
+	// IssuerDomainName is the normalized issuer-domain-name used in Value.
+	IssuerDomainName string
+}
+
 // GetChallengeInfo returns information used to create a DNS TXT record
 // which can fulfill the `dns-persist-01` challenge.
 // Domain, issuerDomainName, and accountURI parameters are required.