my $ACME_PATH = '/usr/share/proxmox-acme/proxmox-acme';
sub supported_challenge_types {
- return { 'dns-01' => 1 };
+ return ["dns-01"];
}
sub type {
};
}
-sub extract_challenge {
- my ($self, $challenge) = @_;
-
- return PVE::ACME::Challenge->extract_challenge($challenge, 'dns-01');
-}
-
-sub get_subplugins {
- return $api_name_list;
-}
-
my $proxmox_acme_command = sub {
my ($self, $acme, $auth, $data, $action) = @_;
# for security reasons, we execute the command as nobody
# we can't verify that the code of the DNSPlugins are harmless.
- my $cmd = ["setpriv", "--reuid", "nobody", "--regid", "nogroup", "--clear-groups", "--"];
+ my $cmd = ["setpriv", "--reuid", "nobody", "--regid", "nogroup", "--clear-groups", "--reset-env", "--"];
# The order of the parameters passed to proxmox-acme is important
# proxmox-acme <setup|teardown> $plugin <$domain|$alias> $txtvalue [$plugin_conf_string]
} else {
push @$cmd, $domain;
}
- push @$cmd, $txtvalue, $plugin_conf_string;
+ my $input = "$txtvalue\n";
+ $input .= "$plugin_conf_string\n" if $plugin_conf_string;
- PVE::Tools::run_command($cmd);
+ PVE::Tools::run_command($cmd, input => $input);
$data->{url} = $challenge->{url};