diff --git a/providers/cloudflare/cloudflareProvider.go b/providers/cloudflare/cloudflareProvider.go index 29af3ffe9..edf15d94f 100644 --- a/providers/cloudflare/cloudflareProvider.go +++ b/providers/cloudflare/cloudflareProvider.go @@ -39,8 +39,11 @@ Domain level metadata available: var features = providers.DocumentationNotes{ providers.CanUseAlias: providers.Can("CF automatically flattens CNAME records into A records dynamically"), + providers.CanUsePTR: providers.Cannot(), providers.CanUseCAA: providers.Can(), providers.CanUseSRV: providers.Can(), + providers.CanUseTLSA: providers.Can(), + providers.CanUseSSHFP: providers.Can(), providers.DocCreateDomains: providers.Can(), providers.DocDualHost: providers.Cannot("Cloudflare will not work well in situations where it is not the only DNS server"), providers.DocOfficiallySupported: providers.Can(), @@ -359,16 +362,23 @@ func newCloudflare(m map[string]string, metadata json.RawMessage) (providers.DNS // Used on the "existing" records. type cfRecData struct { - Name string `json:"name"` - Target string `json:"target"` - Service string `json:"service"` // SRV - Proto string `json:"proto"` // SRV - Priority uint16 `json:"priority"` // SRV - Weight uint16 `json:"weight"` // SRV - Port uint16 `json:"port"` // SRV - Tag string `json:"tag"` // CAA - Flags uint8 `json:"flags"` // CAA - Value string `json:"value"` // CAA + Name string `json:"name"` + Target string `json:"target"` + Service string `json:"service"` // SRV + Proto string `json:"proto"` // SRV + Priority uint16 `json:"priority"` // SRV + Weight uint16 `json:"weight"` // SRV + Port uint16 `json:"port"` // SRV + Tag string `json:"tag"` // CAA + Flags uint8 `json:"flags"` // CAA + Value string `json:"value"` // CAA + Usage uint8 `json:"usage"` // TLSA + Selector uint8 `json:"selector"` // TLSA + Matching_Type uint8 `json:"matching_type"` // TLSA + Certificate string `json:"certificate"` // TLSA + Algorithm uint8 `json:"algorithm"` // SSHFP + Hash_Type uint8 `json:"type"` // SSHFP + Fingerprint string `json:"fingerprint"` // SSHFP } type cfRecord struct { diff --git a/providers/cloudflare/rest.go b/providers/cloudflare/rest.go index 19c82eb22..3e7f26a34 100644 --- a/providers/cloudflare/rest.go +++ b/providers/cloudflare/rest.go @@ -149,6 +149,23 @@ func cfCaaData(rec *models.RecordConfig) *cfRecData { } } +func cfTlsaData(rec *models.RecordConfig) *cfRecData { + return &cfRecData{ + Usage: rec.TlsaUsage, + Selector: rec.TlsaSelector, + Matching_Type: rec.TlsaMatchingType, + Certificate: rec.GetTargetField(), + } +} + +func cfSshfpData(rec *models.RecordConfig) *cfRecData { + return &cfRecData{ + Algorithm: rec.SshfpAlgorithm, + Hash_Type: rec.SshfpFingerprint, + Fingerprint: rec.GetTargetField(), + } +} + func (c *CloudflareApi) createRec(rec *models.RecordConfig, domainID string) []*models.Correction { type createRecord struct { Name string `json:"name"` @@ -185,6 +202,12 @@ func (c *CloudflareApi) createRec(rec *models.RecordConfig, domainID string) []* cf.Data = cfCaaData(rec) cf.Name = rec.GetLabelFQDN() cf.Content = "" + } else if rec.Type == "TLSA" { + cf.Data = cfTlsaData(rec) + cf.Name = rec.GetLabelFQDN() + } else if rec.Type == "SSHFP" { + cf.Data = cfSshfpData(rec) + cf.Name = rec.GetLabelFQDN() } endpoint := fmt.Sprintf(recordsURL, domainID) buf := &bytes.Buffer{} @@ -241,6 +264,12 @@ func (c *CloudflareApi) modifyRecord(domainID, recID string, proxied bool, rec * r.Data = cfCaaData(rec) r.Name = rec.GetLabelFQDN() r.Content = "" + } else if rec.Type == "TLSA" { + r.Data = cfTlsaData(rec) + r.Name = rec.GetLabelFQDN() + } else if rec.Type == "SSHFP" { + r.Data = cfSshfpData(rec) + r.Name = rec.GetLabelFQDN() } endpoint := fmt.Sprintf(singleRecordURL, domainID, recID) buf := &bytes.Buffer{}