From 2b2ada94919931a3b5b01d7c9fe498948d19cdca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Richard=20Boldi=C5=A1?= <richard@boldis.dev>
Date: Tue, 27 Jun 2023 18:13:35 +0200
Subject: [PATCH] fix: handle multiple cloudflare dns-01 challenges for the
 same FQDN
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Richard Boldiš <richard@boldis.dev>
---
 pkg/issuer/acme/dns/cloudflare/cloudflare.go | 48 ++++++++------------
 1 file changed, 20 insertions(+), 28 deletions(-)

diff --git a/pkg/issuer/acme/dns/cloudflare/cloudflare.go b/pkg/issuer/acme/dns/cloudflare/cloudflare.go
index 133f9256e70..1837a507a86 100644
--- a/pkg/issuer/acme/dns/cloudflare/cloudflare.go
+++ b/pkg/issuer/acme/dns/cloudflare/cloudflare.go
@@ -141,41 +141,33 @@ func FindNearestZoneForFQDN(c DNSProviderType, fqdn string) (DNSZone, error) {
 
 // Present creates a TXT record to fulfil the dns-01 challenge
 func (c *DNSProvider) Present(domain, fqdn, value string) error {
-	zoneID, err := c.getHostedZoneID(fqdn)
-	if err != nil {
-		return err
-	}
+	_, err := c.findTxtRecord(fqdn, value)
+	if err == errNoExistingRecord {
+		rec := cloudFlareRecord{
+			Type:    "TXT",
+			Name:    util.UnFqdn(fqdn),
+			Content: value,
+			TTL:     120,
+		}
 
-	record, err := c.findTxtRecord(fqdn)
-	if err != nil && err != errNoExistingRecord {
-		// this is a real error
-		return err
-	}
-	if record != nil {
-		if record.Content == value {
-			// the record is already set to the desired value
-			return nil
+		body, err := json.Marshal(rec)
+		if err != nil {
+			return err
 		}
 
-		_, err = c.makeRequest("DELETE", fmt.Sprintf("/zones/%s/dns_records/%s", record.ZoneID, record.ID), nil)
+		zoneID, err := c.getHostedZoneID(fqdn)
 		if err != nil {
 			return err
 		}
-	}
 
-	rec := cloudFlareRecord{
-		Type:    "TXT",
-		Name:    util.UnFqdn(fqdn),
-		Content: value,
-		TTL:     120,
-	}
+		_, err = c.makeRequest("POST", fmt.Sprintf("/zones/%s/dns_records", zoneID), bytes.NewReader(body))
+		if err != nil {
+			return err
+		}
 
-	body, err := json.Marshal(rec)
-	if err != nil {
-		return err
+		return nil
 	}
 
-	_, err = c.makeRequest("POST", fmt.Sprintf("/zones/%s/dns_records", zoneID), bytes.NewReader(body))
 	if err != nil {
 		return err
 	}
@@ -185,7 +177,7 @@ func (c *DNSProvider) Present(domain, fqdn, value string) error {
 
 // CleanUp removes the TXT record matching the specified parameters
 func (c *DNSProvider) CleanUp(domain, fqdn, value string) error {
-	record, err := c.findTxtRecord(fqdn)
+	record, err := c.findTxtRecord(fqdn, value)
 	// Nothing to cleanup
 	if err == errNoExistingRecord {
 		return nil
@@ -212,7 +204,7 @@ func (c *DNSProvider) getHostedZoneID(fqdn string) (string, error) {
 
 var errNoExistingRecord = errors.New("No existing record found")
 
-func (c *DNSProvider) findTxtRecord(fqdn string) (*cloudFlareRecord, error) {
+func (c *DNSProvider) findTxtRecord(fqdn, content string) (*cloudFlareRecord, error) {
 	zoneID, err := c.getHostedZoneID(fqdn)
 	if err != nil {
 		return nil, err
@@ -234,7 +226,7 @@ func (c *DNSProvider) findTxtRecord(fqdn string) (*cloudFlareRecord, error) {
 	}
 
 	for _, rec := range records {
-		if rec.Name == util.UnFqdn(fqdn) {
+		if rec.Name == util.UnFqdn(fqdn) && rec.Content == content {
 			return &rec, nil
 		}
 	}