dns plugin: improve 'data' string encoding/passing

[proxmox-acme.git] / src / PVE / ACME / DNSChallenge.pm

diff --git a/src/PVE/ACME/DNSChallenge.pm b/src/PVE/ACME/DNSChallenge.pm
index 041bc791b5cd13434784e56b3b0ac8eedbb229c9..dec57a6b461c9178a8d556b9e997b25799ec6e34 100644 (file)
--- a/src/PVE/ACME/DNSChallenge.pm
+++ b/src/PVE/ACME/DNSChallenge.pm
@@ -11,7 +11,7 @@ use base qw(PVE::ACME::Challenge);
 my $ACME_PATH = '/usr/share/proxmox-acme/proxmox-acme';
 
 sub supported_challenge_types {
-    return { 'dns-01' => 1 };
+    return ["dns-01"];
 }
 
 sub type {
@@ -143,16 +143,6 @@ sub options {
     };
 }
 
-sub extract_challenge {
-    my ($self, $challenge) = @_;
-
-    return PVE::ACME::Challenge->extract_challenge($challenge, 'dns-01');
-}
-    
-sub get_subplugins {
-    return $api_name_list;
-}
-
 my $proxmox_acme_command = sub {
     my ($self, $acme, $auth, $data, $action) = @_;
 
@@ -170,7 +160,7 @@ my $proxmox_acme_command = sub {
 
     # for security reasons, we execute the command as nobody
     # we can't verify that the code of the DNSPlugins are harmless.
-    my $cmd = ["setpriv", "--reuid", "nobody", "--regid", "nogroup", "--clear-groups", "--"];
+    my $cmd = ["setpriv", "--reuid", "nobody", "--regid", "nogroup", "--clear-groups", "--reset-env", "--"];
 
     # The order of the parameters passed to proxmox-acme is important
     # proxmox-acme <setup|teardown> $plugin <$domain|$alias> $txtvalue [$plugin_conf_string]
@@ -180,9 +170,10 @@ my $proxmox_acme_command = sub {
     } else {
        push @$cmd, $domain;
     }
-    push @$cmd, $txtvalue, $plugin_conf_string;
+    my $input = "$txtvalue\n";
+    $input .= "$plugin_conf_string\n" if $plugin_conf_string;
 
-    PVE::Tools::run_command($cmd);
+    PVE::Tools::run_command($cmd, input => $input);
 
     $data->{url} = $challenge->{url};