mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-11-14 18:31:44 +00:00
commit
132d5e8253
10
acme.sh
10
acme.sh
@ -2229,6 +2229,16 @@ _send_signed_request() {
|
|||||||
_debug3 _body "$_body"
|
_debug3 _body "$_body"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
_retryafter=$(echo "$responseHeaders" | grep -i "^Retry-After *:" | cut -d : -f 2 | tr -d ' ' | tr -d '\r')
|
||||||
|
if [ "$code" = '503' ] || [ "$_retryafter" ]; then
|
||||||
|
_sleep_overload_retry_sec=$_retryafter
|
||||||
|
if [ -z "$_sleep_overload_retry_sec" ]; then
|
||||||
|
_sleep_overload_retry_sec=5
|
||||||
|
fi
|
||||||
|
_info "It seems the CA server is currently overloaded, let's wait and retry. Sleeping $_sleep_overload_retry_sec seconds."
|
||||||
|
_sleep $_sleep_overload_retry_sec
|
||||||
|
continue
|
||||||
|
fi
|
||||||
if _contains "$_body" "JWS has invalid anti-replay nonce" || _contains "$_body" "JWS has an invalid anti-replay nonce"; then
|
if _contains "$_body" "JWS has invalid anti-replay nonce" || _contains "$_body" "JWS has an invalid anti-replay nonce"; then
|
||||||
_info "It seems the CA server is busy now, let's wait and retry. Sleeping $_sleep_retry_sec seconds."
|
_info "It seems the CA server is busy now, let's wait and retry. Sleeping $_sleep_retry_sec seconds."
|
||||||
_CACHED_NONCE=""
|
_CACHED_NONCE=""
|
||||||
|
157
dnsapi/dns_ipv64.sh
Executable file
157
dnsapi/dns_ipv64.sh
Executable file
@ -0,0 +1,157 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
#Created by Roman Lumetsberger, to use ipv64.net's API to add/remove text records
|
||||||
|
#2022/11/29
|
||||||
|
|
||||||
|
# Pass credentials before "acme.sh --issue --dns dns_ipv64 ..."
|
||||||
|
# --
|
||||||
|
# export IPv64_Token="aaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
# --
|
||||||
|
#
|
||||||
|
|
||||||
|
IPv64_API="https://ipv64.net/api"
|
||||||
|
|
||||||
|
######## Public functions ######################
|
||||||
|
|
||||||
|
#Usage: dns_ipv64_add _acme-challenge.domain.ipv64.net "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_ipv64_add() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
IPv64_Token="${IPv64_Token:-$(_readaccountconf_mutable IPv64_Token)}"
|
||||||
|
if [ -z "$IPv64_Token" ]; then
|
||||||
|
_err "You must export variable: IPv64_Token"
|
||||||
|
_err "The API Key for your IPv64 account is necessary."
|
||||||
|
_err "You can look it up in your IPv64 account."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Now save the credentials.
|
||||||
|
_saveaccountconf_mutable IPv64_Token "$IPv64_Token"
|
||||||
|
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain" "$fulldomain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
# convert to lower case
|
||||||
|
_domain="$(echo "$_domain" | _lower_case)"
|
||||||
|
_sub_domain="$(echo "$_sub_domain" | _lower_case)"
|
||||||
|
# Now add the TXT record
|
||||||
|
_info "Trying to add TXT record"
|
||||||
|
if _ipv64_rest "POST" "add_record=$_domain&praefix=$_sub_domain&type=TXT&content=$txtvalue"; then
|
||||||
|
_info "TXT record has been successfully added."
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err "Errors happened during adding the TXT record, response=$_response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
#Usage: fulldomain txtvalue
|
||||||
|
#Usage: dns_ipv64_rm _acme-challenge.domain.ipv64.net "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
#Remove the txt record after validation.
|
||||||
|
dns_ipv64_rm() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
IPv64_Token="${IPv64_Token:-$(_readaccountconf_mutable IPv64_Token)}"
|
||||||
|
if [ -z "$IPv64_Token" ]; then
|
||||||
|
_err "You must export variable: IPv64_Token"
|
||||||
|
_err "The API Key for your IPv64 account is necessary."
|
||||||
|
_err "You can look it up in your IPv64 account."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain" "$fulldomain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
# convert to lower case
|
||||||
|
_domain="$(echo "$_domain" | _lower_case)"
|
||||||
|
_sub_domain="$(echo "$_sub_domain" | _lower_case)"
|
||||||
|
# Now delete the TXT record
|
||||||
|
_info "Trying to delete TXT record"
|
||||||
|
if _ipv64_rest "DELETE" "del_record=$_domain&praefix=$_sub_domain&type=TXT&content=$txtvalue"; then
|
||||||
|
_info "TXT record has been successfully deleted."
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err "Errors happened during deleting the TXT record, response=$_response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
#################### Private functions below ##################################
|
||||||
|
#_acme-challenge.www.domain.com
|
||||||
|
#returns
|
||||||
|
# _sub_domain=_acme-challenge.www
|
||||||
|
# _domain=domain.com
|
||||||
|
_get_root() {
|
||||||
|
domain="$1"
|
||||||
|
i=1
|
||||||
|
p=1
|
||||||
|
|
||||||
|
_ipv64_get "get_domains"
|
||||||
|
domain_data=$_response
|
||||||
|
|
||||||
|
while true; do
|
||||||
|
h=$(printf "%s" "$domain" | cut -d . -f "$i"-100)
|
||||||
|
if [ -z "$h" ]; then
|
||||||
|
#not valid
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
#if _contains "$domain_data" "\""$h"\"\:"; then
|
||||||
|
if _contains "$domain_data" "\"""$h""\"\:"; then
|
||||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-"$p")
|
||||||
|
_domain="$h"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
p=$i
|
||||||
|
i=$(_math "$i" + 1)
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
#send get request to api
|
||||||
|
# $1 has to set the api-function
|
||||||
|
_ipv64_get() {
|
||||||
|
url="$IPv64_API?$1"
|
||||||
|
export _H1="Authorization: Bearer $IPv64_Token"
|
||||||
|
|
||||||
|
_response=$(_get "$url")
|
||||||
|
_response="$(echo "$_response" | _normalizeJson)"
|
||||||
|
|
||||||
|
if _contains "$_response" "429 Too Many Requests"; then
|
||||||
|
_info "API throttled, sleeping to reset the limit"
|
||||||
|
_sleep 10
|
||||||
|
_response=$(_get "$url")
|
||||||
|
_response="$(echo "$_response" | _normalizeJson)"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
_ipv64_rest() {
|
||||||
|
url="$IPv64_API"
|
||||||
|
export _H1="Authorization: Bearer $IPv64_Token"
|
||||||
|
export _H2="Content-Type: application/x-www-form-urlencoded"
|
||||||
|
_response=$(_post "$2" "$url" "" "$1")
|
||||||
|
|
||||||
|
if _contains "$_response" "429 Too Many Requests"; then
|
||||||
|
_info "API throttled, sleeping to reset the limit"
|
||||||
|
_sleep 10
|
||||||
|
_response=$(_post "$2" "$url" "" "$1")
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! _contains "$_response" "\"info\":\"success\""; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug2 response "$_response"
|
||||||
|
return 0
|
||||||
|
}
|
59
dnsapi/dns_nanelo.sh
Normal file
59
dnsapi/dns_nanelo.sh
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
# Official DNS API for Nanelo.com
|
||||||
|
|
||||||
|
# Provide the required API Key like this:
|
||||||
|
# NANELO_TOKEN="FmD408PdqT1E269gUK57"
|
||||||
|
|
||||||
|
NANELO_API="https://api.nanelo.com/v1/"
|
||||||
|
|
||||||
|
######## Public functions #####################
|
||||||
|
|
||||||
|
# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_nanelo_add() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
NANELO_TOKEN="${NANELO_TOKEN:-$(_readaccountconf_mutable NANELO_TOKEN)}"
|
||||||
|
if [ -z "$NANELO_TOKEN" ]; then
|
||||||
|
NANELO_TOKEN=""
|
||||||
|
_err "You didn't configure a Nanelo API Key yet."
|
||||||
|
_err "Please set NANELO_TOKEN and try again."
|
||||||
|
_err "Login to Nanelo.com and go to Settings > API Keys to get a Key"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_saveaccountconf_mutable NANELO_TOKEN "$NANELO_TOKEN"
|
||||||
|
|
||||||
|
_info "Adding TXT record to ${fulldomain}"
|
||||||
|
response="$(_get "$NANELO_API$NANELO_TOKEN/dns/addrecord?type=TXT&ttl=60&name=${fulldomain}&value=${txtvalue}")"
|
||||||
|
if _contains "${response}" 'success'; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
_err "Could not create resource record, please check the logs"
|
||||||
|
_err "${response}"
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
dns_nanelo_rm() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
NANELO_TOKEN="${NANELO_TOKEN:-$(_readaccountconf_mutable NANELO_TOKEN)}"
|
||||||
|
if [ -z "$NANELO_TOKEN" ]; then
|
||||||
|
NANELO_TOKEN=""
|
||||||
|
_err "You didn't configure a Nanelo API Key yet."
|
||||||
|
_err "Please set NANELO_TOKEN and try again."
|
||||||
|
_err "Login to Nanelo.com and go to Settings > API Keys to get a Key"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_saveaccountconf_mutable NANELO_TOKEN "$NANELO_TOKEN"
|
||||||
|
|
||||||
|
_info "Deleting resource record $fulldomain"
|
||||||
|
response="$(_get "$NANELO_API$NANELO_TOKEN/dns/deleterecord?type=TXT&ttl=60&name=${fulldomain}&value=${txtvalue}")"
|
||||||
|
if _contains "${response}" 'success'; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
_err "Could not delete resource record, please check the logs"
|
||||||
|
_err "${response}"
|
||||||
|
return 1
|
||||||
|
}
|
@ -169,7 +169,7 @@ _clean_email_header() {
|
|||||||
# email
|
# email
|
||||||
_email_has_display_name() {
|
_email_has_display_name() {
|
||||||
_email="$1"
|
_email="$1"
|
||||||
expr "$_email" : '^.*[<>"]' >/dev/null
|
echo "$_email" | grep -q -E '^.*[<>"]'
|
||||||
}
|
}
|
||||||
|
|
||||||
##
|
##
|
||||||
@ -249,7 +249,7 @@ _mime_encoded_word() {
|
|||||||
_text="$1"
|
_text="$1"
|
||||||
# (regex character ranges like [a-z] can be locale-dependent; enumerate ASCII chars to avoid that)
|
# (regex character ranges like [a-z] can be locale-dependent; enumerate ASCII chars to avoid that)
|
||||||
_ascii='] $`"'"[!#%&'()*+,./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ~^_abcdefghijklmnopqrstuvwxyz{|}~-"
|
_ascii='] $`"'"[!#%&'()*+,./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ~^_abcdefghijklmnopqrstuvwxyz{|}~-"
|
||||||
if expr "$_text" : "^.*[^$_ascii]" >/dev/null; then
|
if echo "$_text" | grep -q -E "^.*[^$_ascii]"; then
|
||||||
# At least one non-ASCII char; convert entire thing to encoded word
|
# At least one non-ASCII char; convert entire thing to encoded word
|
||||||
printf "%s" "=?UTF-8?B?$(printf "%s" "$_text" | _base64)?="
|
printf "%s" "=?UTF-8?B?$(printf "%s" "$_text" | _base64)?="
|
||||||
else
|
else
|
||||||
|
Loading…
Reference in New Issue
Block a user