git.ipfire.org Git - thirdparty/haproxy.git/commit

author	William Lallemand <wlallemand@haproxy.com>
	Thu, 18 Sep 2025 15:54:27 +0000 (17:54 +0200)
committer	William Lallemand <wlallemand@haproxy.com>
	Fri, 19 Sep 2025 14:40:53 +0000 (16:40 +0200)
commit	92c31a6fb7a2ce80e1ca136b489eed2f836a19c9
tree	a26bc967c68a98f6dd65adb1d7bd79682ce3ae45	tree \| snapshot
parent	331689d2167520ccd5c6098802db468fd9237e39	commit \| diff

MINOR: acme: acme-vars allow to pass data to the dpapi sink

In the case of the dns-01 challenge, the agent that handles the
challenge might need some extra information which depends on the DNS
provider.

This patch introduces the "acme-vars" option in the acme section, which
allows to pass these data to the dpapi sink. The double quotes will be
escaped when printed in the sink.

Example:

    global
        setenv VAR1 'foobar"toto"'

    acme LE
        directory https://acme-staging-v02.api.letsencrypt.org/directory
        challenge DNS-01
        acme-vars "var1=${VAR1},var2=var2"

Would output:

    $ ( echo "@@1 show events dpapi -w -0"; cat - ) | socat /tmp/master.sock -  | cat -e
    <0>2025-09-18T17:53:58.831140+02:00 acme deploy foobpar.pem thumbprint gDvbPL3w4J4rxb8gj20mGEgtuicpvltnTl6j1kSZ3vQ$
    acme-vars "var1=foobar\"toto\",var2=var2"$
    {$
      "identifier": {$
        "type": "dns",$
        "value": "example.com"$
      },$
      "status": "pending",$
      "expires": "2025-09-25T14:41:57Z",$
      [...]

include/haproxy/acme-t.h		diff \| blob \| blame \| history
src/acme.c		diff \| blob \| blame \| history