@@ -677,48 +677,48 @@ func (va VAImpl) validateDNSPersist01(task *vaTask) *core.ValidationRecord {
677677 }
678678
679679 task .Challenge .RLock ()
680- issuerNames := append ([]string (nil ), task .Challenge .IssuerDomainNames ... )
680+ allowedIssuers := append ([]string (nil ), task .Challenge .IssuerDomainNames ... )
681681 task .Challenge .RUnlock ()
682682
683683 var syntaxErrs []string
684684 var authorizationErrs []string
685685 for _ , record := range txtRecords {
686- issuerDomainName , paramsRaw := splitIssuerDomainName (record )
687- if ! slices .Contains (issuerNames , issuerDomainName ) {
686+ receivedIssuer , paramsRaw := splitIssuerDomainName (record )
687+ if ! slices .Contains (allowedIssuers , receivedIssuer ) {
688688 continue
689689 }
690- issueValue , err := parseDNSPersistIssueValues (issuerDomainName , paramsRaw )
690+ params , err := parseDNSPersistIssueValues (receivedIssuer , paramsRaw )
691691 if err != nil {
692692 // We know if this record was intended for us but it is malformed,
693693 // we can continue checking other records but we should report the
694694 // syntax error if no other record authorizes the challenge.
695695 syntaxErrs = append (syntaxErrs , fmt .Sprintf (
696- "Error parsing DNS-PERSIST-01 challenge TXT record with issuer-domain-name %q: %s" , issuerDomainName , err ))
696+ "Error parsing DNS-PERSIST-01 challenge TXT record with issuer-domain-name %q: %s" , receivedIssuer , err ))
697697 continue
698698 }
699- if issueValue .accountURI == "" {
699+ if params .accountURI == "" {
700700 syntaxErrs = append (syntaxErrs , fmt .Sprintf (
701- "Error parsing DNS-PERSIST-01 challenge TXT record with issuer-domain-name %q: missing mandatory accountURI parameter" , issuerDomainName ))
701+ "Error parsing DNS-PERSIST-01 challenge TXT record with issuer-domain-name %q: missing mandatory accountURI parameter" , receivedIssuer ))
702702 continue
703703 }
704- if issueValue .accountURI != task .AccountURL {
704+ if params .accountURI != task .AccountURL {
705705 authorizationErrs = append (authorizationErrs , fmt .Sprintf (
706706 "Error parsing DNS-PERSIST-01 challenge TXT record with issuer-domain-name %q: accounturi mismatch: expected %q, got %q" ,
707- issuerDomainName , task .AccountURL , issueValue .accountURI ))
707+ receivedIssuer , task .AccountURL , params .accountURI ))
708708 continue
709709 }
710710 // Per the dns-persist-01 specification, if the policy tag is present
711711 // parameter's defined values MUST be treated as case-insensitive.
712- if task .Wildcard && strings .ToLower (issueValue .policy ) != "wildcard" {
712+ if task .Wildcard && strings .ToLower (params .policy ) != "wildcard" {
713713 authorizationErrs = append (authorizationErrs , fmt .Sprintf (
714714 "Error parsing DNS-PERSIST-01 challenge TXT record with issuer-domain-name %q: policy mismatch: expected \" wildcard\" , got %q" ,
715- issuerDomainName , issueValue .policy ))
715+ receivedIssuer , params .policy ))
716716 continue
717717 }
718- if issueValue .persistUntil != nil && result .ValidatedAt .After (* issueValue .persistUntil ) {
718+ if params .persistUntil != nil && result .ValidatedAt .After (* params .persistUntil ) {
719719 authorizationErrs = append (authorizationErrs , fmt .Sprintf (
720720 "Error parsing DNS-PERSIST-01 challenge TXT record with issuer-domain-name %q, validation time %s is after persistUntil %s" ,
721- issuerDomainName , result .ValidatedAt .Format (time .RFC3339 ), issueValue .persistUntil .Format (time .RFC3339 )))
721+ receivedIssuer , result .ValidatedAt .Format (time .RFC3339 ), params .persistUntil .Format (time .RFC3339 )))
722722 continue
723723 }
724724 return result
0 commit comments