From e75b56073b3e412d0b85c94527a632a6de5913f1 Mon Sep 17 00:00:00 2001 From: MaomiHz Date: Mon, 11 Dec 2017 16:03:02 -0600 Subject: [PATCH 01/42] Fix digitalocean api not remove record --- dnsapi/dns_dgon.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_dgon.sh b/dnsapi/dns_dgon.sh index 7e1f1fec..1dc1a858 100755 --- a/dnsapi/dns_dgon.sh +++ b/dnsapi/dns_dgon.sh @@ -92,11 +92,11 @@ dns_dgon_rm() { domain_list="$(_get "$GURL")" ## 2) find record ## check for what we are looing for: "type":"A","name":"$_sub_domain" - record="$(echo "$domain_list" | _egrep_o "\"id\"\s*\:\s*\"*\d+\"*[^}]*\"name\"\s*\:\s*\"$_sub_domain\"[^}]*\"data\"\s*\:\s*\"$txtvalue\"")" + record="$(echo "$domain_list" | _egrep_o "\"id\"\s*\:\s*\"*[[:digit:]]+\"*[^}]*\"name\"\s*\:\s*\"$_sub_domain\"[^}]*\"data\"\s*\:\s*\"$txtvalue\"")" ## 3) check record and get next page if [ -z "$record" ]; then ## find the next page if we dont have a match - nextpage="$(echo "$domain_list" | _egrep_o "\"links\".*" | _egrep_o "\"next\".*" | _egrep_o "http.*page\=\d+")" + nextpage="$(echo "$domain_list" | _egrep_o "\"links\".*" | _egrep_o "\"next\".*" | _egrep_o "http.*page\=[[:digit:]]+")" if [ -z "$nextpage" ]; then _err "no record and no nextpage in digital ocean DNS removal" return 1 @@ -108,7 +108,7 @@ dns_dgon_rm() { done ## we found the record - rec_id="$(echo "$record" | _egrep_o "id\"\s*\:\s*\"*\d+" | _egrep_o "\d+")" + rec_id="$(echo "$record" | _egrep_o "id\"\s*\:\s*\"*[[:digit:]]+" | _egrep_o "[[:digit:]]+")" _debug rec_id "$rec_id" ## delete the record From 9c4f7aa6889a2883028673e7276b8c2b15dfaf5b Mon Sep 17 00:00:00 2001 From: MaomiHz Date: Mon, 11 Dec 2017 16:20:27 -0600 Subject: [PATCH 02/42] check for env var exist in DigitalOcean API --- dnsapi/dns_dgon.sh | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_dgon.sh b/dnsapi/dns_dgon.sh index 1dc1a858..57613349 100755 --- a/dnsapi/dns_dgon.sh +++ b/dnsapi/dns_dgon.sh @@ -20,12 +20,22 @@ dns_dgon_add() { fulldomain="$(echo "$1" | _lower_case)" txtvalue=$2 + + DO_API_KEY="${DO_API_KEY:-$(_readaccountconf_mutable DO_API_KEY)}" + # Check if API Key Exist + if [ -z "$DO_API_KEY" ]; then + DO_API_KEY="" + _err "You did not specify DigitalOcean API key." + _err "Please export DO_API_KEY and try again." + return 1 + fi + _info "Using digitalocean dns validation - add record" _debug fulldomain "$fulldomain" _debug txtvalue "$txtvalue" ## save the env vars (key and domain split location) for later automated use - _saveaccountconf DO_API_KEY "$DO_API_KEY" + _saveaccountconf_mutable DO_API_KEY "$DO_API_KEY" ## split the domain for DO API if ! _get_base_domain "$fulldomain"; then @@ -39,7 +49,7 @@ dns_dgon_add() { export _H1="Content-Type: application/json" export _H2="Authorization: Bearer $DO_API_KEY" PURL='https://api.digitalocean.com/v2/domains/'$_domain'/records' - PBODY='{"type":"TXT","name":"'$_sub_domain'","data":"'$txtvalue'"}' + PBODY='{"type":"TXT","name":"'$_sub_domain'","data":"'$txtvalue'","ttl":120}' _debug PURL "$PURL" _debug PBODY "$PBODY" @@ -65,6 +75,16 @@ dns_dgon_add() { dns_dgon_rm() { fulldomain="$(echo "$1" | _lower_case)" txtvalue=$2 + + DO_API_KEY="${DO_API_KEY:-$(_readaccountconf_mutable DO_API_KEY)}" + # Check if API Key Exist + if [ -z "$DO_API_KEY" ]; then + DO_API_KEY="" + _err "You did not specify DigitalOcean API key." + _err "Please export DO_API_KEY and try again." + return 1 + fi + _info "Using digitalocean dns validation - remove record" _debug fulldomain "$fulldomain" _debug txtvalue "$txtvalue" From c1f8ffa3861f93d624674732180f60ac1db768ed Mon Sep 17 00:00:00 2001 From: MaomiHz Date: Wed, 17 Jan 2018 21:39:13 -0600 Subject: [PATCH 03/42] Use [0-9] instead --- dnsapi/dns_dgon.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_dgon.sh b/dnsapi/dns_dgon.sh index 57613349..5d38ef76 100755 --- a/dnsapi/dns_dgon.sh +++ b/dnsapi/dns_dgon.sh @@ -112,11 +112,11 @@ dns_dgon_rm() { domain_list="$(_get "$GURL")" ## 2) find record ## check for what we are looing for: "type":"A","name":"$_sub_domain" - record="$(echo "$domain_list" | _egrep_o "\"id\"\s*\:\s*\"*[[:digit:]]+\"*[^}]*\"name\"\s*\:\s*\"$_sub_domain\"[^}]*\"data\"\s*\:\s*\"$txtvalue\"")" + record="$(echo "$domain_list" | _egrep_o "\"id\"\s*\:\s*\"*[0-9]+\"*[^}]*\"name\"\s*\:\s*\"$_sub_domain\"[^}]*\"data\"\s*\:\s*\"$txtvalue\"")" ## 3) check record and get next page if [ -z "$record" ]; then ## find the next page if we dont have a match - nextpage="$(echo "$domain_list" | _egrep_o "\"links\".*" | _egrep_o "\"next\".*" | _egrep_o "http.*page\=[[:digit:]]+")" + nextpage="$(echo "$domain_list" | _egrep_o "\"links\".*" | _egrep_o "\"next\".*" | _egrep_o "http.*page\=[0-9]+")" if [ -z "$nextpage" ]; then _err "no record and no nextpage in digital ocean DNS removal" return 1 @@ -128,7 +128,7 @@ dns_dgon_rm() { done ## we found the record - rec_id="$(echo "$record" | _egrep_o "id\"\s*\:\s*\"*[[:digit:]]+" | _egrep_o "[[:digit:]]+")" + rec_id="$(echo "$record" | _egrep_o "id\"\s*\:\s*\"*[0-9]+" | _egrep_o "[0-9]+")" _debug rec_id "$rec_id" ## delete the record From 224e0c298a6de49fa41754839855ffaf256578d8 Mon Sep 17 00:00:00 2001 From: martgras Date: Mon, 12 Mar 2018 10:27:56 +0100 Subject: [PATCH 04/42] Fix missing success return value from dns_azure_add/rm --- dnsapi/dns_azure.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_azure.sh b/dnsapi/dns_azure.sh index 677a9f75..e0d9516f 100644 --- a/dnsapi/dns_azure.sh +++ b/dnsapi/dns_azure.sh @@ -99,6 +99,7 @@ dns_azure_add() { _azure_rest PUT "$acmeRecordURI" "$body" "$accesstoken" if [ "$_code" = "200" ] || [ "$_code" = '201' ]; then _info "validation value added" + return 0 else _err "error adding validation value ($_code)" return 1 @@ -194,6 +195,7 @@ dns_azure_rm() { _azure_rest PUT "$acmeRecordURI" "$body" "$accesstoken" if [ "$_code" = "200" ] || [ "$_code" = '201' ]; then _info "validation value removed" + return 0 else _err "error removing validation value ($_code)" return 1 @@ -226,6 +228,7 @@ _azure_rest() { else response="$(_get "$ep")" fi + _ret="$?" _secure_debug2 "response $response" _code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\r\n")" _debug "http response code $_code" @@ -236,7 +239,7 @@ _azure_rest() { return 1 fi # See https://docs.microsoft.com/en-us/azure/architecture/best-practices/retry-service-specific#general-rest-and-retry-guidelines for retryable HTTP codes - if [ "$?" != "0" ] || [ -z "$_code" ] || [ "$_code" = "408" ] || [ "$_code" = "500" ] || [ "$_code" = "503" ] || [ "$_code" = "504" ]; then + if [ "$_ret" != "0" ] || [ -z "$_code" ] || [ "$_code" = "408" ] || [ "$_code" = "500" ] || [ "$_code" = "503" ] || [ "$_code" = "504" ]; then _request_retry_times="$(_math "$_request_retry_times" + 1)" _info "REST call error $_code retrying $ep in $_request_retry_times s" _sleep "$_request_retry_times" @@ -281,6 +284,7 @@ _azure_getaccess_token() { body="resource=$(printf "%s" 'https://management.core.windows.net/' | _url_encode)&client_id=$(printf "%s" "$clientID" | _url_encode)&client_secret=$(printf "%s" "$clientSecret" | _url_encode)&grant_type=client_credentials" _secure_debug2 "data $body" response="$(_post "$body" "https://login.microsoftonline.com/$tenantID/oauth2/token" "" "POST")" + _ret="$?" _secure_debug2 "response $response" response="$(echo "$response" | _normalizeJson)" accesstoken=$(echo "$response" | _egrep_o "\"access_token\":\"[^\"]*\"" | _head_n 1 | cut -d : -f 2 | tr -d \") @@ -290,7 +294,7 @@ _azure_getaccess_token() { _err "no acccess token received. Check your Azure settings see $WIKI" return 1 fi - if [ "$?" != "0" ]; then + if [ "$_ret" != "0" ]; then _err "error $response" return 1 fi From 6b26d2b62de49e59517f7f5a0d14c4c91cb6dc2a Mon Sep 17 00:00:00 2001 From: Rid Date: Thu, 15 Mar 2018 09:50:54 +0000 Subject: [PATCH 05/42] Fixed grammatical errors --- dnsapi/dns_cf.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/dnsapi/dns_cf.sh b/dnsapi/dns_cf.sh index 68264a42..3595b9b0 100755 --- a/dnsapi/dns_cf.sh +++ b/dnsapi/dns_cf.sh @@ -19,8 +19,8 @@ dns_cf_add() { if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then CF_Key="" CF_Email="" - _err "You don't specify cloudflare api key and email yet." - _err "Please create you key and try again." + _err "You didn't specify a cloudflare api key and email yet." + _err "Please create the key and try again." return 1 fi @@ -94,8 +94,8 @@ dns_cf_rm() { if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then CF_Key="" CF_Email="" - _err "You don't specify cloudflare api key and email yet." - _err "Please create you key and try again." + _err "You didn't specify a cloudflare api key and email yet." + _err "Please create the key and try again." return 1 fi From a8b62261f6a02a6601d0fec235325e48deccbd05 Mon Sep 17 00:00:00 2001 From: "Claus F. Strasburger" Date: Fri, 16 Mar 2018 11:21:03 +0100 Subject: [PATCH 06/42] Documentation: what to do when using dns-manual Change the hint that tells you how to use DNS manual (second run needs to be --renew) --- acme.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/acme.sh b/acme.sh index e7c40c01..79717ad5 100755 --- a/acme.sh +++ b/acme.sh @@ -3819,7 +3819,7 @@ $_authorizations_map" if [ "$dnsadded" = '0' ]; then _savedomainconf "Le_Vlist" "$vlist" _debug "Dns record not added yet, so, save to $DOMAIN_CONF and exit." - _err "Please add the TXT records to the domains, and retry again." + _err "Please add the TXT records to the domains, and re-run with --renew." _clearup _on_issue_err "$_post_hook" return 1 From a5c1c30368a176ec76dcb2c379ca82a24d95ab5b Mon Sep 17 00:00:00 2001 From: neilpang Date: Fri, 16 Mar 2018 21:29:38 +0800 Subject: [PATCH 07/42] update doc --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 5471c573..2898629c 100644 --- a/README.md +++ b/README.md @@ -37,6 +37,8 @@ Twitter: [@neilpangxa](https://twitter.com/neilpangxa) - [splynx](https://forum.splynx.com/t/free-ssl-cert-for-splynx-lets-encrypt/297) - [archlinux](https://aur.archlinux.org/packages/acme.sh-git/) - [opnsense.org](https://github.com/opnsense/plugins/tree/master/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient) +- [CentOS Web Panel](http://centos-webpanel.com/) +- [lnmp.org](https://lnmp.org/) - [more...](https://github.com/Neilpang/acme.sh/wiki/Blogs-and-tutorials) # Tested OS From 4ae108009c0000f3d3d1e52c6a544a51a7bf57e4 Mon Sep 17 00:00:00 2001 From: Rafael Gieschke Date: Thu, 15 Mar 2018 02:38:17 +0100 Subject: [PATCH 08/42] dns_pdns.sh: Allow "." as root zone --- dnsapi/dns_pdns.sh | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/dnsapi/dns_pdns.sh b/dnsapi/dns_pdns.sh index 7d807c81..3d99e103 100755 --- a/dnsapi/dns_pdns.sh +++ b/dnsapi/dns_pdns.sh @@ -90,7 +90,7 @@ set_record() { full=$2 txtvalue=$3 - if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root." "{\"rrsets\": [{\"changetype\": \"REPLACE\", \"name\": \"$full.\", \"type\": \"TXT\", \"ttl\": $PDNS_Ttl, \"records\": [{\"name\": \"$full.\", \"type\": \"TXT\", \"content\": \"\\\"$txtvalue\\\"\", \"disabled\": false, \"ttl\": $PDNS_Ttl}]}]}"; then + if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root" "{\"rrsets\": [{\"changetype\": \"REPLACE\", \"name\": \"$full.\", \"type\": \"TXT\", \"ttl\": $PDNS_Ttl, \"records\": [{\"name\": \"$full.\", \"type\": \"TXT\", \"content\": \"\\\"$txtvalue\\\"\", \"disabled\": false, \"ttl\": $PDNS_Ttl}]}]}"; then _err "Set txt record error." return 1 fi @@ -107,7 +107,7 @@ rm_record() { root=$1 full=$2 - if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root." "{\"rrsets\": [{\"changetype\": \"DELETE\", \"name\": \"$full.\", \"type\": \"TXT\"}]}"; then + if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root" "{\"rrsets\": [{\"changetype\": \"DELETE\", \"name\": \"$full.\", \"type\": \"TXT\"}]}"; then _err "Delete txt record error." return 1 fi @@ -122,7 +122,7 @@ rm_record() { notify_slaves() { root=$1 - if ! _pdns_rest "PUT" "/api/v1/servers/$PDNS_ServerId/zones/$root./notify"; then + if ! _pdns_rest "PUT" "/api/v1/servers/$PDNS_ServerId/zones/$root/notify"; then _err "Notify slaves error." return 1 fi @@ -144,15 +144,18 @@ _get_root() { while true; do h=$(printf "%s" "$domain" | cut -d . -f $i-100) - if [ -z "$h" ]; then - return 1 - fi if _contains "$_zones_response" "\"name\": \"$h.\""; then - _domain="$h" + _domain="$h." + if [ -z "$h" ]; then + _domain="=2E" + fi return 0 fi + if [ -z "$h" ]; then + return 1 + fi i=$(_math $i + 1) done _debug "$domain not found" From 9082862b9dd5df4d893e8bcd37c1804f446e8b6c Mon Sep 17 00:00:00 2001 From: Casper Date: Sat, 17 Mar 2018 14:45:49 +0100 Subject: [PATCH 09/42] Updated --accountemail help https://github.com/Neilpang/acme.sh/issues/1074#issuecomment-337672763 --- acme.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/acme.sh b/acme.sh index e7c40c01..d9bc701a 100755 --- a/acme.sh +++ b/acme.sh @@ -5456,8 +5456,8 @@ Parameters: --cert-home Specifies the home dir to save all the certs, only valid for '--install' command. --config-home Specifies the home dir to save all the configurations. --useragent Specifies the user agent string. it will be saved for future use too. - --accountemail Specifies the account email for registering, Only valid for the '--install' command. - --accountkey Specifies the account key path, Only valid for the '--install' command. + --accountemail Specifies the account email, only valid for the '--install' and '--update-account' command. + --accountkey Specifies the account key path, only valid for the '--install' command. --days Specifies the days to renew the cert when using '--issue' command. The max value is $MAX_RENEW days. --httpport Specifies the standalone listening port. Only valid if the server is behind a reverse proxy or load balancer. --local-address Specifies the standalone/tls server listening address, in case you have multiple ip addresses. From 32d8f349c9207226f3e030999bc8c880b73c6da5 Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 11:04:14 +0800 Subject: [PATCH 10/42] add debug info --- dnsapi/dns_yandex.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_yandex.sh b/dnsapi/dns_yandex.sh index 5fbb09d8..318dee0c 100755 --- a/dnsapi/dns_yandex.sh +++ b/dnsapi/dns_yandex.sh @@ -50,9 +50,9 @@ _PDD_get_domain() { __last=0 while [ $__last -eq 0 ]; do uri1="https://pddimp.yandex.ru/api2/admin/domain/domains?page=${__page}&on_page=20" - res1=$(_get "$uri1" | _normalizeJson) - #_debug "$res1" - __found=$(echo "$res1" | sed -n -e 's#.* "found": \([^,]*\),.*#\1#p') + res1="$(_get "$uri1" | _normalizeJson)" + _debug2 "res1" "$res1" + __found="$(echo "$res1" | sed -n -e 's#.* "found": \([^,]*\),.*#\1#p')" _debug "found: $__found results on page" if [ "$__found" -lt 20 ]; then _debug "last page: $__page" From 323febe8c78d2d17a40153c97e40e7b641747268 Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 11:14:03 +0800 Subject: [PATCH 11/42] add more debug log --- acme.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/acme.sh b/acme.sh index 90627c8d..07cfb0ec 100755 --- a/acme.sh +++ b/acme.sh @@ -4105,7 +4105,7 @@ $_authorizations_map" fi else if ! _send_signed_request "${ACME_NEW_ORDER}" "{\"resource\": \"$ACME_NEW_ORDER_RES\", \"csr\": \"$der\"}" "needbase64"; then - _err "Sign failed." + _err "Sign failed. $response" _on_issue_err "$_post_hook" return 1 fi From f2aa5c02352308a24d784e1abac08015e0f3e6b3 Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 11:18:37 +0800 Subject: [PATCH 12/42] update doc --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2898629c..8a12d9fe 100644 --- a/README.md +++ b/README.md @@ -400,7 +400,7 @@ Valid values are: It's simple, just give a wildcard domain as the `-d` parameter. ```sh -acme.sh --issue -d example.com -d *.example.com --dns dns_cf +acme.sh --issue -d example.com -d '*.example.com' --dns dns_cf ``` From 5d8d217a133977899ebdf62db3eb5462304af422 Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 11:36:04 +0800 Subject: [PATCH 13/42] add more debug info --- acme.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/acme.sh b/acme.sh index 07cfb0ec..db2547dd 100755 --- a/acme.sh +++ b/acme.sh @@ -3247,6 +3247,7 @@ _regAccount() { return 1 fi + _debug2 responseHeaders "$responseHeaders" _accUri="$(echo "$responseHeaders" | grep "^Location:" | _head_n 1 | cut -d ' ' -f 2 | tr -d "\r\n")" _debug "_accUri" "$_accUri" _savecaconf "ACCOUNT_URL" "$_accUri" From 7e0b334b384e09e50f50c7b94553191513466ba4 Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 18:20:29 +0800 Subject: [PATCH 14/42] fix empty ACCOUNT_URL for v2 for the first time use --- acme.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/acme.sh b/acme.sh index db2547dd..4a2f8253 100755 --- a/acme.sh +++ b/acme.sh @@ -3250,8 +3250,13 @@ _regAccount() { _debug2 responseHeaders "$responseHeaders" _accUri="$(echo "$responseHeaders" | grep "^Location:" | _head_n 1 | cut -d ' ' -f 2 | tr -d "\r\n")" _debug "_accUri" "$_accUri" + if [ -z "$_accUri" ]; then + _err "Can not find account id url." + _err "$responseHeaders" + return 1 + fi _savecaconf "ACCOUNT_URL" "$_accUri" - export ACCOUNT_URL="$ACCOUNT_URL" + export ACCOUNT_URL="$_accUri" CA_KEY_HASH="$(__calcAccountKeyHash)" _debug "Calc CA_KEY_HASH" "$CA_KEY_HASH" From 36a7a84080c25eec363e5de9bc35f084a6ea6133 Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 18:34:35 +0800 Subject: [PATCH 15/42] fix https://github.com/Neilpang/acme.sh/issues/1411 --- acme.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/acme.sh b/acme.sh index 4a2f8253..fafd514a 100755 --- a/acme.sh +++ b/acme.sh @@ -4116,7 +4116,7 @@ $_authorizations_map" return 1 fi _rcert="$response" - Le_LinkCert="$(grep -i '^Location.*$' "$HTTP_HEADER" | _head_n 1 | tr -d "\r\n" | cut -d " " -f 2)" + Le_LinkCert="$(grep -i '^Location.*$' "$HTTP_HEADER" | _tail_n 1 | tr -d "\r\n" | cut -d " " -f 2)" echo "$BEGIN_CERT" >"$CERT_PATH" #if ! _get "$Le_LinkCert" | _base64 "multiline" >> "$CERT_PATH" ; then From 6a66ba8a21c7c4ecef5860c48a22186349f60766 Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 18:57:56 +0800 Subject: [PATCH 16/42] fix https://github.com/Neilpang/acme.sh/issues/1411 --- acme.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/acme.sh b/acme.sh index fafd514a..4cc9483f 100755 --- a/acme.sh +++ b/acme.sh @@ -1617,6 +1617,7 @@ _post() { _debug $httpmethod _debug "_post_url" "$_post_url" _debug2 "body" "$body" + _debug2 "_postContentType" "$_postContentType" _inithttp @@ -1785,6 +1786,11 @@ _send_signed_request() { return 1 fi + if [ "$ACME_VERSION" = "2" ]; then + __request_conent_type="$CONTENT_TYPE_JSON" + else + __request_conent_type="" + fi payload64=$(printf "%s" "$payload" | _base64 | _url_replace) _debug3 payload64 "$payload64" @@ -1797,7 +1803,7 @@ _send_signed_request() { if [ "$ACME_NEW_NONCE" ]; then _debug2 "Get nonce. ACME_NEW_NONCE" "$ACME_NEW_NONCE" nonceurl="$ACME_NEW_NONCE" - if _post "" "$nonceurl" "" "HEAD" "$CONTENT_TYPE_JSON"; then + if _post "" "$nonceurl" "" "HEAD" "$__request_conent_type"; then _headers="$(cat "$HTTP_HEADER")" fi fi @@ -1852,7 +1858,7 @@ _send_signed_request() { fi _debug3 body "$body" - response="$(_post "$body" "$url" "$needbase64" "POST" "$CONTENT_TYPE_JSON")" + response="$(_post "$body" "$url" "$needbase64" "POST" "$__request_conent_type")" _CACHED_NONCE="" if [ "$?" != "0" ]; then From 39852662a62b428d6de14a6bf5fbfb26a744cd9b Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 19:29:02 +0800 Subject: [PATCH 17/42] fix content type --- acme.sh | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/acme.sh b/acme.sh index 4cc9483f..6d4223eb 100755 --- a/acme.sh +++ b/acme.sh @@ -1626,14 +1626,19 @@ _post() { if [ "$HTTPS_INSECURE" ]; then _CURL="$_CURL --insecure " fi - if [ "$_postContentType" ]; then - _CURL="$_CURL -H \"Content-Type: $_postContentType\" " - fi _debug "_CURL" "$_CURL" if [ "$needbase64" ]; then - response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url" | _base64)" + if [ "$_postContentType" ]; then + response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url" | _base64)" + else + response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url" | _base64)" + fi else - response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url")" + if [ "$_postContentType" ]; then + response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url")" + else + response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url")" + fi fi _ret="$?" if [ "$_ret" != "0" ]; then From e8b54a50876e687c52c572afd87736df08547a9d Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 19:32:45 +0800 Subject: [PATCH 18/42] fix ACCOUNT_URL --- acme.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/acme.sh b/acme.sh index 6d4223eb..72d0e2af 100755 --- a/acme.sh +++ b/acme.sh @@ -3538,7 +3538,7 @@ issue() { _saved_account_key_hash="$(_readcaconf "CA_KEY_HASH")" _debug2 _saved_account_key_hash "$_saved_account_key_hash" - if [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ]; then + if [ -z "$ACCOUNT_URL" ] || [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ]; then if ! _regAccount "$_accountkeylength"; then _on_issue_err "$_post_hook" return 1 From 668c43abf36d3ba42216faee096e7e18c8adacda Mon Sep 17 00:00:00 2001 From: neilpang Date: Sun, 18 Mar 2018 21:06:37 +0800 Subject: [PATCH 19/42] add more debug info --- acme.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/acme.sh b/acme.sh index 72d0e2af..a69d4bb0 100755 --- a/acme.sh +++ b/acme.sh @@ -4100,13 +4100,15 @@ $_authorizations_map" fi if [ "$code" != "200" ]; then _err "Sign failed, code is not 200." + _err "$response" _on_issue_err "$_post_hook" return 1 fi Le_LinkCert="$(echo "$response" | tr -d '\r\n' | _egrep_o '"certificate" *: *"[^"]*"' | cut -d '"' -f 4)" if ! _get "$Le_LinkCert" >"$CERT_PATH"; then - _err "Sign failed, code is not 200." + _err "Sign failed, can not download cert:$Le_LinkCert." + _err "$response" _on_issue_err "$_post_hook" return 1 fi From 912bcf94873bc4e5906af188e60210517fdcda39 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Chris=20G=C3=A5rdenberg?= Date: Mon, 19 Mar 2018 11:15:25 +0100 Subject: [PATCH 20/42] Fixed HTTPS-url with regard to #1192 --- dnsapi/dns_freedns.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_freedns.sh b/dnsapi/dns_freedns.sh index 0d8fae73..7262755e 100755 --- a/dnsapi/dns_freedns.sh +++ b/dnsapi/dns_freedns.sh @@ -279,7 +279,7 @@ _freedns_add_txt_record() { domain_id="$2" subdomain="$3" value="$(printf '%s' "$4" | _url_encode)" - url="http://freedns.afraid.org/subdomain/save.php?step=2" + url="https://freedns.afraid.org/subdomain/save.php?step=2" htmlpage="$(_post "type=TXT&domain_id=$domain_id&subdomain=$subdomain&address=%22$value%22&send=Save%21" "$url")" From ae329385316511db8a4f377f3c630b2ba31e01d7 Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 19 Mar 2018 12:17:47 -0300 Subject: [PATCH 21/42] added dnsapi/dns_kinghost.sh --- dnsapi/dns_kinghost.sh | 110 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 110 insertions(+) create mode 100644 dnsapi/dns_kinghost.sh diff --git a/dnsapi/dns_kinghost.sh b/dnsapi/dns_kinghost.sh new file mode 100644 index 00000000..3697e4ae --- /dev/null +++ b/dnsapi/dns_kinghost.sh @@ -0,0 +1,110 @@ +#!/usr/bin/env sh + +#KINGHOST_username="xxxx@sss.com" +#KINGHOST_Password="sdfsdfsdfljlbjkljlkjsdfoiwje" + +KING_Api="https://api.kinghost.net/acme" + +# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" +# Used to add txt record +dns_kinghost_add() { + fulldomain=$1 + txtvalue=$2 + + KINGHOST_username="${KINGHOST_username:-$(_readaccountconf_mutable KINGHOST_username)}" + KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}" + if [ -z "$KINGHOST_username" ] || [ -z "$KINGHOST_Password" ]; then + KINGHOST_username="" + KINGHOST_Password="" + _err "You don't specify KingHost api password and email yet." + _err "Please create you key and try again." + return 1 + fi + + #save the credentials to the account conf file. + _saveaccountconf_mutable KINGHOST_username "$KINGHOST_username" + _saveaccountconf_mutable KINGHOST_Password "$KINGHOST_Password" + + _debug "Getting txt records" + _kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue" + + #This API call returns "status":"ok" if dns record does not exists + #We are creating a new txt record here, so we expect the "ok" status + if ! printf "%s" "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi + + _kinghost_rest POST "dns" "name=$fulldomain&content=$txtvalue" + if ! printf "%s" "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi + + return 0; +} + +# Usage: fulldomain txtvalue +# Used to remove the txt record after validation +dns_kinghost_rm() { + fulldomain=$1 + txtvalue=$2 + + KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}" + KINGHOST_username="${KINGHOST_username:-$(_readaccountconf_mutable KINGHOST_username)}" + if [ -z "$KINGHOST_Password" ] || [ -z "$KINGHOST_username" ]; then + KINGHOST_Password="" + KINGHOST_username="" + _err "You don't specify KingHost api key and email yet." + _err "Please create you key and try again." + return 1 + fi + + _debug "Getting txt records" + _kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue" + + #This API call returns "status":"ok" if dns record does not exists + #We are removing a txt record here, so the record must exists + if printf "%s" "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi + + _kinghost_rest DELETE "dns" "name=$fulldomain&content=$txtvalue" + if ! printf "%s" "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi + + return 0; +} + + +#################### Private functions below ################################## +_kinghost_rest() { + method=$1 + uri="$2" + data="$3" + _debug "$uri" + + export _H1="X-Auth-Email: $KINGHOST_username" + export _H2="X-Auth-Key: $KINGHOST_Password" + + if [ "$method" != "GET" ]; then + _debug data "$data" + response="$(_post "$data" "$KING_Api/$uri.json" "" "$method")" + else + response="$(_get "$KING_Api/$uri.json?$data")" + fi + + if [ "$?" != "0" ]; then + _err "error $uri" + return 1 + fi + _debug2 response "$response" + return 0 +} From 2ff6f4d3cfe9494f552fdd0fd72e418a75ece7e5 Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 19 Mar 2018 12:26:54 -0300 Subject: [PATCH 22/42] updated docs for dns_kinghost api usage --- README.md | 1 + dnsapi/README.md | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/README.md b/README.md index 5471c573..0faea3ed 100644 --- a/README.md +++ b/README.md @@ -313,6 +313,7 @@ You don't have to do anything manually! 1. zonomi.com DNS API 1. DreamHost.com API 1. DirectAdmin API +1. KingHost (https://www.kinghost.com.br/) And: diff --git a/dnsapi/README.md b/dnsapi/README.md index 8b4a8358..caae7cff 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -784,6 +784,17 @@ acme.sh --issue --dns dns_da -d example.com -d www.example.com The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. +## 42. Use KingHost DNS API + +API access must be enabled at https://painel.kinghost.com.br/painel.api.php + +``` +export KINGHOST_username="yourusername" +export KINGHOST_Password="yourpassword" +acme.sh --issue --dns dns_kinghost -d example.com -d *.example.com +``` + +The `KINGHOST_username` and `KINGHOST_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. # Use custom API From 48bdfa23771393bfe62d858aacb1110ed1eb5639 Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 19 Mar 2018 13:49:58 -0300 Subject: [PATCH 23/42] added doc header to dns_kinghost.sh --- dnsapi/dns_kinghost.sh | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_kinghost.sh b/dnsapi/dns_kinghost.sh index 3697e4ae..5d3a4935 100644 --- a/dnsapi/dns_kinghost.sh +++ b/dnsapi/dns_kinghost.sh @@ -1,7 +1,16 @@ #!/usr/bin/env sh -#KINGHOST_username="xxxx@sss.com" -#KINGHOST_Password="sdfsdfsdfljlbjkljlkjsdfoiwje" +############################################################ +# KingHost API support # +# http://api.kinghost.net/doc/ # +# # +# Author: Felipe Keller Braz # +# Report Bugs here: https://github.com/kinghost/acme.sh # +# # +# Values to export: # +# export KINGHOST_username="email@provider.com" # +# export KINGHOST_Password="xxxxxxxxxx" # +############################################################ KING_Api="https://api.kinghost.net/acme" @@ -83,7 +92,6 @@ dns_kinghost_rm() { return 0; } - #################### Private functions below ################################## _kinghost_rest() { method=$1 From 6787c81abe86a8339d917069f74e2601b4f878ff Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Tue, 20 Mar 2018 09:58:10 -0300 Subject: [PATCH 24/42] renamed KINGHOST_username => KINGHOST_Username --- dnsapi/dns_kinghost.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/dnsapi/dns_kinghost.sh b/dnsapi/dns_kinghost.sh index 5d3a4935..fc436bbd 100644 --- a/dnsapi/dns_kinghost.sh +++ b/dnsapi/dns_kinghost.sh @@ -8,7 +8,7 @@ # Report Bugs here: https://github.com/kinghost/acme.sh # # # # Values to export: # -# export KINGHOST_username="email@provider.com" # +# export KINGHOST_Username="email@provider.com" # # export KINGHOST_Password="xxxxxxxxxx" # ############################################################ @@ -20,10 +20,10 @@ dns_kinghost_add() { fulldomain=$1 txtvalue=$2 - KINGHOST_username="${KINGHOST_username:-$(_readaccountconf_mutable KINGHOST_username)}" + KINGHOST_Username="${KINGHOST_Username:-$(_readaccountconf_mutable KINGHOST_Username)}" KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}" - if [ -z "$KINGHOST_username" ] || [ -z "$KINGHOST_Password" ]; then - KINGHOST_username="" + if [ -z "$KINGHOST_Username" ] || [ -z "$KINGHOST_Password" ]; then + KINGHOST_Username="" KINGHOST_Password="" _err "You don't specify KingHost api password and email yet." _err "Please create you key and try again." @@ -31,7 +31,7 @@ dns_kinghost_add() { fi #save the credentials to the account conf file. - _saveaccountconf_mutable KINGHOST_username "$KINGHOST_username" + _saveaccountconf_mutable KINGHOST_Username "$KINGHOST_Username" _saveaccountconf_mutable KINGHOST_Password "$KINGHOST_Password" _debug "Getting txt records" @@ -62,10 +62,10 @@ dns_kinghost_rm() { txtvalue=$2 KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}" - KINGHOST_username="${KINGHOST_username:-$(_readaccountconf_mutable KINGHOST_username)}" - if [ -z "$KINGHOST_Password" ] || [ -z "$KINGHOST_username" ]; then + KINGHOST_Username="${KINGHOST_Username:-$(_readaccountconf_mutable KINGHOST_Username)}" + if [ -z "$KINGHOST_Password" ] || [ -z "$KINGHOST_Username" ]; then KINGHOST_Password="" - KINGHOST_username="" + KINGHOST_Username="" _err "You don't specify KingHost api key and email yet." _err "Please create you key and try again." return 1 @@ -99,7 +99,7 @@ _kinghost_rest() { data="$3" _debug "$uri" - export _H1="X-Auth-Email: $KINGHOST_username" + export _H1="X-Auth-Email: $KINGHOST_Username" export _H2="X-Auth-Key: $KINGHOST_Password" if [ "$method" != "GET" ]; then From aa9975ad0d03d08a7cd7beaad60b4ff29adc3277 Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Tue, 20 Mar 2018 10:08:52 -0300 Subject: [PATCH 25/42] dns_kinghost.sh :: changed printf to echo --- dnsapi/dns_kinghost.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/dnsapi/dns_kinghost.sh b/dnsapi/dns_kinghost.sh index fc436bbd..2dc57cb8 100644 --- a/dnsapi/dns_kinghost.sh +++ b/dnsapi/dns_kinghost.sh @@ -39,14 +39,14 @@ dns_kinghost_add() { #This API call returns "status":"ok" if dns record does not exists #We are creating a new txt record here, so we expect the "ok" status - if ! printf "%s" "$response" | grep '"status":"ok"' >/dev/null; then + if ! echo "$response" | grep '"status":"ok"' >/dev/null; then _err "Error" _err "$response" return 1 fi _kinghost_rest POST "dns" "name=$fulldomain&content=$txtvalue" - if ! printf "%s" "$response" | grep '"status":"ok"' >/dev/null; then + if ! echo "$response" | grep '"status":"ok"' >/dev/null; then _err "Error" _err "$response" return 1 @@ -76,14 +76,14 @@ dns_kinghost_rm() { #This API call returns "status":"ok" if dns record does not exists #We are removing a txt record here, so the record must exists - if printf "%s" "$response" | grep '"status":"ok"' >/dev/null; then + if echo "$response" | grep '"status":"ok"' >/dev/null; then _err "Error" _err "$response" return 1 fi _kinghost_rest DELETE "dns" "name=$fulldomain&content=$txtvalue" - if ! printf "%s" "$response" | grep '"status":"ok"' >/dev/null; then + if ! echo "$response" | grep '"status":"ok"' >/dev/null; then _err "Error" _err "$response" return 1 From a0923622aea8f650be8d92116f464d1c426e49ba Mon Sep 17 00:00:00 2001 From: neilpang Date: Wed, 21 Mar 2018 20:30:52 +0800 Subject: [PATCH 26/42] fix https://github.com/Neilpang/acme.sh/issues/1029 https://github.com/Neilpang/acme.sh/wiki/dns-manual-mode --- acme.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/acme.sh b/acme.sh index a69d4bb0..c1298c44 100755 --- a/acme.sh +++ b/acme.sh @@ -110,10 +110,14 @@ _STATELESS_WIKI="https://github.com/Neilpang/acme.sh/wiki/Stateless-Mode" _DNS_ALIAS_WIKI="https://github.com/Neilpang/acme.sh/wiki/DNS-alias-mode" +_DNS_MANUAL_WIKI="https://github.com/Neilpang/acme.sh/wiki/dns-manual-mode" + _DNS_MANUAL_ERR="The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead." _DNS_MANUAL_WARN="It seems that you are using dns manual mode. please take care: $_DNS_MANUAL_ERR" +_DNS_MANUAL_ERROR="It seems that you are using dns manual mode. Read this link first: $_DNS_MANUAL_WIKI" + __INTERACTIVE="" if [ -t 1 ]; then __INTERACTIVE="1" @@ -3477,6 +3481,11 @@ issue() { mkdir -p "$DOMAIN_PATH" fi + if _hasfield "$_web_roots" "$W_DNS" && [ -z "$FORCE_DNS_MANUAL" ]; then + _err "$_DNS_MANUAL_ERROR" + return 1 + fi + _debug "Using ACME_DIRECTORY: $ACME_DIRECTORY" _initAPI @@ -5500,6 +5509,7 @@ Parameters: --listen-v6 Force standalone/tls server to listen at ipv6. --openssl-bin Specifies a custom openssl bin location. --use-wget Force to use wget, if you have both curl and wget installed. + --yes-I-know-dns-manual-mode-enough-go-ahead-please Force to use dns manual mode: $_DNS_MANUAL_WIKI " } @@ -5988,6 +5998,9 @@ _process() { shift fi ;; + --yes-I-know-dns-manual-mode-enough-go-ahead-please) + export FORCE_DNS_MANUAL=1 + ;; --log | --logfile) _log="1" _logfile="$2" From 46ac97a3ff455b6c16b9fabfc4b42f331d9cc7ef Mon Sep 17 00:00:00 2001 From: neilpang Date: Wed, 21 Mar 2018 20:57:48 +0800 Subject: [PATCH 27/42] update doc --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 8a12d9fe..6a268350 100644 --- a/README.md +++ b/README.md @@ -331,6 +331,8 @@ For more details: [How to use DNS API](dnsapi) # 8. Use DNS manual mode: +See: https://github.com/Neilpang/acme.sh/wiki/dns-manual-mode first. + If your dns provider doesn't support any api access, you can add the txt record by your hand. ```bash From fbd8ab47eab3b62515978e17bac8609336c32cd5 Mon Sep 17 00:00:00 2001 From: pyriand3r Date: Thu, 22 Mar 2018 11:23:16 +0100 Subject: [PATCH 28/42] only reseller can use do.de's reseller interface --- dnsapi/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dnsapi/README.md b/dnsapi/README.md index 8b4a8358..504a8b57 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -325,6 +325,8 @@ The `CY_Username`, `CY_Password` and `CY_OTP_Secret` will be saved in `~/.acme.s ## 17. Use Domain-Offensive/Resellerinterface/Domainrobot API +ATTENTION: You need to be a registered Reseller to be able to use the ResellerInterface. As a normal user you can not use this method. + You will need your login credentials (Partner ID+Password) to the Resellerinterface, and export them before you run `acme.sh`: ``` export DO_PID="KD-1234567" From 6b15cf3f722632bf183a2a2c081652dba531738b Mon Sep 17 00:00:00 2001 From: Alex Date: Thu, 22 Mar 2018 13:45:43 -0400 Subject: [PATCH 29/42] Remove template text --- deploy/keychain.sh | 6 ------ 1 file changed, 6 deletions(-) diff --git a/deploy/keychain.sh b/deploy/keychain.sh index a99ed465..d86b4d03 100644 --- a/deploy/keychain.sh +++ b/deploy/keychain.sh @@ -1,11 +1,5 @@ #!/usr/bin/env sh -#Here is a sample custom api script. -#This file name is "myapi.sh" -#So, here must be a method myapi_deploy() -#Which will be called by acme.sh to deploy the cert -#returns 0 means success, otherwise error. - ######## Public functions ##################### #domain keyfile certfile cafile fullchain From ba9e7fbf64b907c4bd53864b6a938b885201e346 Mon Sep 17 00:00:00 2001 From: James Gibson Date: Thu, 22 Mar 2018 22:46:21 -0600 Subject: [PATCH 30/42] Clarified the language around the Name.com steps Name.com has simplified the process to obtain API tokens, this clarifies the language around requesting a key. --- dnsapi/README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/dnsapi/README.md b/dnsapi/README.md index 8b4a8358..ffd61dc6 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -525,8 +525,9 @@ For issues, please report to https://github.com/raidenii/acme.sh/issues. ## 28. Use Name.com API -You'll need to fill out the form at https://www.name.com/reseller/apply to apply -for API username and token. +Create your API token here: https://www.name.com/account/settings/api + +Note: `Namecom_Username` should be your Name.com username and not the token name. If you accidentally run the script with the token name as the username see `~/.acme.sh/account.conf` to fix the issue ``` export Namecom_Username="testuser" From aad309ee4f41da300daf61ac303d4eb6fd3d6bca Mon Sep 17 00:00:00 2001 From: neilpang Date: Sat, 24 Mar 2018 00:06:39 +0800 Subject: [PATCH 31/42] fix https://github.com/Neilpang/acme.sh/issues/1430 --- acme.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/acme.sh b/acme.sh index c1298c44..da8e60c9 100755 --- a/acme.sh +++ b/acme.sh @@ -1806,6 +1806,7 @@ _send_signed_request() { MAX_REQUEST_RETRY_TIMES=5 _request_retry_times=0 while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do + _request_retry_times=$(_math "$_request_retry_times" + 1) _debug3 _request_retry_times "$_request_retry_times" if [ -z "$_CACHED_NONCE" ]; then _headers="" @@ -1836,7 +1837,11 @@ _send_signed_request() { fi nonce="$_CACHED_NONCE" _debug2 nonce "$nonce" - + if [ -z "$nonce" ]; then + _info "Could not get nonce, let's try again." + _sleep 2 + continue + fi if [ "$ACME_VERSION" = "2" ]; then if [ "$url" = "$ACME_NEW_ACCOUNT" ] || [ "$url" = "$ACME_REVOKE_CERT" ]; then protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}' @@ -1894,7 +1899,6 @@ _send_signed_request() { if _contains "$_body" "JWS has invalid anti-replay nonce"; then _info "It seems the CA server is busy now, let's wait and retry." - _request_retry_times=$(_math "$_request_retry_times" + 1) _sleep 5 continue fi From fe843bc466b3d3267ac0b1866bf3e3365663c505 Mon Sep 17 00:00:00 2001 From: martgras Date: Sun, 25 Mar 2018 14:32:51 +0200 Subject: [PATCH 32/42] dns_he - proposed fix for #1438 if you have more than one zone of a domain (e.g. example.com and subdomain.example.com) _find_zone fails. This fix removes partials matches. --- dnsapi/dns_he.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_he.sh b/dnsapi/dns_he.sh index f42d56af..d196fbec 100755 --- a/dnsapi/dns_he.sh +++ b/dnsapi/dns_he.sh @@ -143,7 +143,7 @@ _find_zone() { _debug "Looking for zone \"${_attempted_zone}\"" - line_num="$(echo "$_zone_names" | grep -n "$_attempted_zone" | cut -d : -f 1)" + line_num="$(echo "$_zone_names" | grep -n "^$_attempted_zone" | cut -d : -f 1)" if [ "$line_num" ]; then _zone_id=$(echo "$_zone_ids" | sed -n "${line_num}p") From 7588fc0989dcfb5f99da70a3ad70621b54cef533 Mon Sep 17 00:00:00 2001 From: Chris Date: Mon, 26 Mar 2018 09:32:41 +0200 Subject: [PATCH 33/42] Fixes DNSimple for Wildcard certificates --- dnsapi/dns_dnsimple.sh | 49 +++++++++++++++++++++--------------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/dnsapi/dns_dnsimple.sh b/dnsapi/dns_dnsimple.sh index 0bfe2b99..0a5b79bb 100644 --- a/dnsapi/dns_dnsimple.sh +++ b/dnsapi/dns_dnsimple.sh @@ -39,7 +39,7 @@ dns_dnsimple_add() { _get_records "$_account_id" "$_domain" "$_sub_domain" - if [ "$_records_count" = "0" ]; then +# if [ "$_records_count" = "0" ]; then _info "Adding record" if _dnsimple_rest POST "$_account_id/zones/$_domain/records" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then if printf -- "%s" "$response" | grep "\"name\":\"$_sub_domain\"" >/dev/null; then @@ -51,22 +51,22 @@ dns_dnsimple_add() { fi fi _err "Add txt record error." - else - _info "Updating record" - _extract_record_id "$_records" "$_sub_domain" +# else +# _info "Updating record" +# _extract_record_id "$_records" "$_sub_domain" - if _dnsimple_rest \ - PATCH \ - "$_account_id/zones/$_domain/records/$_record_id" \ - "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then +# if _dnsimple_rest \ +# PATCH \ +# "$_account_id/zones/$_domain/records/$_record_id" \ +# "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then - _info "Updated!" - return 0 - fi +# _info "Updated!" +# return 0 +# fi - _err "Update error" - return 1 - fi +# _err "Update error" +# return 1 +# fi } # fulldomain @@ -84,19 +84,20 @@ dns_dnsimple_rm() { fi _get_records "$_account_id" "$_domain" "$_sub_domain" + _extract_record_id "$_records" "$_sub_domain" - if [ "$_record_id" ]; then - - if _dnsimple_rest DELETE "$_account_id/zones/$_domain/records/$_record_id"; then - _info "removed record" "$_record_id" - return 0 - fi + echo "$_record_id" | while read -r item + do + if _dnsimple_rest DELETE "$_account_id/zones/$_domain/records/$item"; then + _info "removed record" "$item" + return 0 + else + _err "failed to remove record" "$item" + return 1 + fi + done fi - - _err "failed to remove record" "$_record_id" - return 1 - } #################### Private functions bellow ################################## From 30283282d2f99afcfd39c45e4b3cdbaa0fef4035 Mon Sep 17 00:00:00 2001 From: Chris Date: Mon, 26 Mar 2018 09:40:33 +0200 Subject: [PATCH 34/42] Fixing code style according to Travis --- dnsapi/dns_dnsimple.sh | 40 +++++++++++----------------------------- 1 file changed, 11 insertions(+), 29 deletions(-) diff --git a/dnsapi/dns_dnsimple.sh b/dnsapi/dns_dnsimple.sh index 0a5b79bb..0dd3918a 100644 --- a/dnsapi/dns_dnsimple.sh +++ b/dnsapi/dns_dnsimple.sh @@ -39,34 +39,17 @@ dns_dnsimple_add() { _get_records "$_account_id" "$_domain" "$_sub_domain" -# if [ "$_records_count" = "0" ]; then - _info "Adding record" - if _dnsimple_rest POST "$_account_id/zones/$_domain/records" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then - if printf -- "%s" "$response" | grep "\"name\":\"$_sub_domain\"" >/dev/null; then - _info "Added" - return 0 - else - _err "Unexpected response while adding text record." - return 1 - fi + _info "Adding record" + if _dnsimple_rest POST "$_account_id/zones/$_domain/records" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then + if printf -- "%s" "$response" | grep "\"name\":\"$_sub_domain\"" >/dev/null; then + _info "Added" + return 0 + else + _err "Unexpected response while adding text record." + return 1 fi - _err "Add txt record error." -# else -# _info "Updating record" -# _extract_record_id "$_records" "$_sub_domain" - -# if _dnsimple_rest \ -# PATCH \ -# "$_account_id/zones/$_domain/records/$_record_id" \ -# "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then - -# _info "Updated!" -# return 0 -# fi - -# _err "Update error" -# return 1 -# fi + fi + _err "Add txt record error." } # fulldomain @@ -87,8 +70,7 @@ dns_dnsimple_rm() { _extract_record_id "$_records" "$_sub_domain" if [ "$_record_id" ]; then - echo "$_record_id" | while read -r item - do + echo "$_record_id" | while read -r item; do if _dnsimple_rest DELETE "$_account_id/zones/$_domain/records/$item"; then _info "removed record" "$item" return 0 From 4d2a0697edfbded749df960e0cbb8a770794bcfc Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 26 Mar 2018 10:49:34 -0300 Subject: [PATCH 35/42] fix identation dnsapi/dns_kinghost.sh --- .gitignore | 2 + dnsapi/dns_kinghost.sh | 116 ++++++++++++++++++++--------------------- 2 files changed, 60 insertions(+), 58 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..a13ea469 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.idea +ae.sh diff --git a/dnsapi/dns_kinghost.sh b/dnsapi/dns_kinghost.sh index 2dc57cb8..ddf9f899 100644 --- a/dnsapi/dns_kinghost.sh +++ b/dnsapi/dns_kinghost.sh @@ -17,79 +17,79 @@ KING_Api="https://api.kinghost.net/acme" # Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" # Used to add txt record dns_kinghost_add() { - fulldomain=$1 - txtvalue=$2 + fulldomain=$1 + txtvalue=$2 - KINGHOST_Username="${KINGHOST_Username:-$(_readaccountconf_mutable KINGHOST_Username)}" - KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}" - if [ -z "$KINGHOST_Username" ] || [ -z "$KINGHOST_Password" ]; then - KINGHOST_Username="" - KINGHOST_Password="" - _err "You don't specify KingHost api password and email yet." - _err "Please create you key and try again." - return 1 - fi - - #save the credentials to the account conf file. - _saveaccountconf_mutable KINGHOST_Username "$KINGHOST_Username" - _saveaccountconf_mutable KINGHOST_Password "$KINGHOST_Password" + KINGHOST_Username="${KINGHOST_Username:-$(_readaccountconf_mutable KINGHOST_Username)}" + KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}" + if [ -z "$KINGHOST_Username" ] || [ -z "$KINGHOST_Password" ]; then + KINGHOST_Username="" + KINGHOST_Password="" + _err "You don't specify KingHost api password and email yet." + _err "Please create you key and try again." + return 1 + fi - _debug "Getting txt records" - _kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue" + #save the credentials to the account conf file. + _saveaccountconf_mutable KINGHOST_Username "$KINGHOST_Username" + _saveaccountconf_mutable KINGHOST_Password "$KINGHOST_Password" - #This API call returns "status":"ok" if dns record does not exists - #We are creating a new txt record here, so we expect the "ok" status - if ! echo "$response" | grep '"status":"ok"' >/dev/null; then - _err "Error" - _err "$response" - return 1 - fi + _debug "Getting txt records" + _kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue" - _kinghost_rest POST "dns" "name=$fulldomain&content=$txtvalue" - if ! echo "$response" | grep '"status":"ok"' >/dev/null; then - _err "Error" - _err "$response" - return 1 - fi + #This API call returns "status":"ok" if dns record does not exists + #We are creating a new txt record here, so we expect the "ok" status + if ! echo "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi - return 0; + _kinghost_rest POST "dns" "name=$fulldomain&content=$txtvalue" + if ! echo "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi + + return 0; } # Usage: fulldomain txtvalue # Used to remove the txt record after validation dns_kinghost_rm() { - fulldomain=$1 - txtvalue=$2 + fulldomain=$1 + txtvalue=$2 - KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}" - KINGHOST_Username="${KINGHOST_Username:-$(_readaccountconf_mutable KINGHOST_Username)}" - if [ -z "$KINGHOST_Password" ] || [ -z "$KINGHOST_Username" ]; then - KINGHOST_Password="" - KINGHOST_Username="" - _err "You don't specify KingHost api key and email yet." - _err "Please create you key and try again." - return 1 - fi + KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}" + KINGHOST_Username="${KINGHOST_Username:-$(_readaccountconf_mutable KINGHOST_Username)}" + if [ -z "$KINGHOST_Password" ] || [ -z "$KINGHOST_Username" ]; then + KINGHOST_Password="" + KINGHOST_Username="" + _err "You don't specify KingHost api key and email yet." + _err "Please create you key and try again." + return 1 + fi - _debug "Getting txt records" - _kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue" + _debug "Getting txt records" + _kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue" - #This API call returns "status":"ok" if dns record does not exists - #We are removing a txt record here, so the record must exists - if echo "$response" | grep '"status":"ok"' >/dev/null; then - _err "Error" - _err "$response" - return 1 - fi + #This API call returns "status":"ok" if dns record does not exists + #We are removing a txt record here, so the record must exists + if echo "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi - _kinghost_rest DELETE "dns" "name=$fulldomain&content=$txtvalue" - if ! echo "$response" | grep '"status":"ok"' >/dev/null; then - _err "Error" - _err "$response" - return 1 - fi + _kinghost_rest DELETE "dns" "name=$fulldomain&content=$txtvalue" + if ! echo "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi - return 0; + return 0; } #################### Private functions below ################################## From 7efa54666559b797d38a676f3d8ac9d1a7e61b09 Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 26 Mar 2018 10:58:22 -0300 Subject: [PATCH 36/42] removed local .gitignore file --- .gitignore | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 .gitignore diff --git a/.gitignore b/.gitignore deleted file mode 100644 index a13ea469..00000000 --- a/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -.idea -ae.sh From e8fd373e6c68a7044a90b82690b917c1b9ce530e Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 26 Mar 2018 10:58:56 -0300 Subject: [PATCH 37/42] removed blank space at ending of dnsapi/dns_kinghost.sh --- dnsapi/dns_kinghost.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_kinghost.sh b/dnsapi/dns_kinghost.sh index ddf9f899..d3a8fb3a 100644 --- a/dnsapi/dns_kinghost.sh +++ b/dnsapi/dns_kinghost.sh @@ -115,4 +115,4 @@ _kinghost_rest() { fi _debug2 response "$response" return 0 -} +} \ No newline at end of file From 86ef6e6987d6f8413f0f9184d008a6a5ea7e62b5 Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 26 Mar 2018 11:21:12 -0300 Subject: [PATCH 38/42] fixes on dnsapi/dns_kinghost.sh and dnsapi/README.md --- dnsapi/README.md | 2 +- dnsapi/dns_kinghost.sh | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/dnsapi/README.md b/dnsapi/README.md index f99671e0..e459094e 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -792,7 +792,7 @@ The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` an API access must be enabled at https://painel.kinghost.com.br/painel.api.php ``` -export KINGHOST_username="yourusername" +export KINGHOST_Username="yourusername" export KINGHOST_Password="yourpassword" acme.sh --issue --dns dns_kinghost -d example.com -d *.example.com ``` diff --git a/dnsapi/dns_kinghost.sh b/dnsapi/dns_kinghost.sh index d3a8fb3a..7c0d159b 100644 --- a/dnsapi/dns_kinghost.sh +++ b/dnsapi/dns_kinghost.sh @@ -31,8 +31,8 @@ dns_kinghost_add() { fi #save the credentials to the account conf file. - _saveaccountconf_mutable KINGHOST_Username "$KINGHOST_Username" - _saveaccountconf_mutable KINGHOST_Password "$KINGHOST_Password" + _saveaccountconf_mutable KINGHOST_Username "$KINGHOST_Username" + _saveaccountconf_mutable KINGHOST_Password "$KINGHOST_Password" _debug "Getting txt records" _kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue" @@ -52,7 +52,7 @@ dns_kinghost_add() { return 1 fi - return 0; + return 0 } # Usage: fulldomain txtvalue @@ -63,7 +63,7 @@ dns_kinghost_rm() { KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}" KINGHOST_Username="${KINGHOST_Username:-$(_readaccountconf_mutable KINGHOST_Username)}" - if [ -z "$KINGHOST_Password" ] || [ -z "$KINGHOST_Username" ]; then + if [ -z "$KINGHOST_Password" ] || [ -z "$KINGHOST_Username" ]; then KINGHOST_Password="" KINGHOST_Username="" _err "You don't specify KingHost api key and email yet." @@ -89,7 +89,7 @@ dns_kinghost_rm() { return 1 fi - return 0; + return 0 } #################### Private functions below ################################## @@ -115,4 +115,4 @@ _kinghost_rest() { fi _debug2 response "$response" return 0 -} \ No newline at end of file +} From f8fb0e67b458821a913e981111b26196001e3a61 Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 26 Mar 2018 12:17:10 -0300 Subject: [PATCH 39/42] fix dnsapi/dns_kinghost.sh with shfmt utility --- dnsapi/dns_kinghost.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_kinghost.sh b/dnsapi/dns_kinghost.sh index 7c0d159b..2ac8e6df 100644 --- a/dnsapi/dns_kinghost.sh +++ b/dnsapi/dns_kinghost.sh @@ -31,8 +31,8 @@ dns_kinghost_add() { fi #save the credentials to the account conf file. - _saveaccountconf_mutable KINGHOST_Username "$KINGHOST_Username" - _saveaccountconf_mutable KINGHOST_Password "$KINGHOST_Password" + _saveaccountconf_mutable KINGHOST_Username "$KINGHOST_Username" + _saveaccountconf_mutable KINGHOST_Password "$KINGHOST_Password" _debug "Getting txt records" _kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue" From 37bc099d393f661bce904097be027e4ccef87a9a Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 26 Mar 2018 14:27:21 -0300 Subject: [PATCH 40/42] removed redundant api call --- dnsapi/dns_infraws.sh | 102 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 dnsapi/dns_infraws.sh diff --git a/dnsapi/dns_infraws.sh b/dnsapi/dns_infraws.sh new file mode 100644 index 00000000..30abcbfb --- /dev/null +++ b/dnsapi/dns_infraws.sh @@ -0,0 +1,102 @@ +#!/usr/bin/env sh + +############################################################ +# Plugin para criação automática da entrada de DNS txt # +# Uso com o sistema acme.sh # +# # +# Author: Felipe Keller Braz # +# Report Bugs here: infra_interno@kinghost.com.br # +# # +# Values to export: # +# export INFRAWS_Hash="PASSWORD" # +############################################################ + +INFRAWS_Api="http://infra-ws.kinghost.net/serverbackend/acme" + +# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" +# Used to add txt record +dns_infraws_add() { + fulldomain=$1 + txtvalue=$2 + + INFRAWS_Hash="${INFRAWS_Hash:-$(_readaccountconf_mutable INFRAWS_Hash)}" + + if [ -z "$INFRAWS_Hash" ]; then + INFRAWS_Hash="" + _err "You don't specify KingHost api password and email yet." + _err "Please create you key and try again." + return 1 + fi + + #save the credentials to the account conf file. + _saveaccountconf_mutable INFRAWS_Hash "$INFRAWS_Hash" + + _debug "Getting txt records" + infraws_rest GET "dns" "name=$fulldomain&content=$txtvalue" + + #This API call returns "status":"ok" if dns record does not exists + #We are creating a new txt record here, so we expect the "ok" status + if ! echo "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi + + infraws_rest POST "dns" "name=$fulldomain&content=$txtvalue" + if ! echo "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi + + return 0 +} + +# Usage: fulldomain txtvalue +# Used to remove the txt record after validation +dns_infraws_rm() { + fulldomain=$1 + txtvalue=$2 + + INFRAWS_Hash="${INFRAWS_Hash:-$(_readaccountconf_mutable INFRAWS_Hash)}" + if [ -z "$INFRAWS_Hash" ]; then + INFRAWS_Hash="" + _err "You don't specify KingHost api key and email yet." + _err "Please create you key and try again." + return 1 + fi + + _debug "Getting txt records" + infraws_rest GET "dns" "name=$fulldomain&content=$txtvalue" + + infraws_rest DELETE "dns" "name=$fulldomain&content=$txtvalue" + if ! echo "$response" | grep '"status":"ok"' >/dev/null; then + _err "Error" + _err "$response" + return 1 + fi + + return 0 +} + +#################### Private functions below ################################## +infraws_rest() { + method=$1 + uri="$2" + data="$3" + _debug "$uri" + + if [ "$method" != "GET" ]; then + _debug data "$data" + response="$(_post "$data" "$INFRAWS_Api/hash/$INFRAWS_Hash/" "" "$method")" + else + response="$(_get "$INFRAWS_Api/hash/$INFRAWS_Hash/?$data")" + fi + + if [ "$?" != "0" ]; then + _err "error $uri" + return 1 + fi + _debug2 response "$response" + return 0 +} From 2d1d512d0f968f0bdbca36aafdd043ec427a7bed Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Mon, 26 Mar 2018 14:28:52 -0300 Subject: [PATCH 41/42] removed redundant api call --- dnsapi/dns_kinghost.sh | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/dnsapi/dns_kinghost.sh b/dnsapi/dns_kinghost.sh index 2ac8e6df..898ab286 100644 --- a/dnsapi/dns_kinghost.sh +++ b/dnsapi/dns_kinghost.sh @@ -71,17 +71,6 @@ dns_kinghost_rm() { return 1 fi - _debug "Getting txt records" - _kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue" - - #This API call returns "status":"ok" if dns record does not exists - #We are removing a txt record here, so the record must exists - if echo "$response" | grep '"status":"ok"' >/dev/null; then - _err "Error" - _err "$response" - return 1 - fi - _kinghost_rest DELETE "dns" "name=$fulldomain&content=$txtvalue" if ! echo "$response" | grep '"status":"ok"' >/dev/null; then _err "Error" From 986f61ac92bcb38b95d7eaff3612d8fb1ec6a5eb Mon Sep 17 00:00:00 2001 From: Felipe Braz Date: Wed, 28 Mar 2018 10:18:43 -0300 Subject: [PATCH 42/42] deleted wrog file --- dnsapi/dns_infraws.sh | 102 ------------------------------------------ 1 file changed, 102 deletions(-) delete mode 100644 dnsapi/dns_infraws.sh diff --git a/dnsapi/dns_infraws.sh b/dnsapi/dns_infraws.sh deleted file mode 100644 index 30abcbfb..00000000 --- a/dnsapi/dns_infraws.sh +++ /dev/null @@ -1,102 +0,0 @@ -#!/usr/bin/env sh - -############################################################ -# Plugin para criação automática da entrada de DNS txt # -# Uso com o sistema acme.sh # -# # -# Author: Felipe Keller Braz # -# Report Bugs here: infra_interno@kinghost.com.br # -# # -# Values to export: # -# export INFRAWS_Hash="PASSWORD" # -############################################################ - -INFRAWS_Api="http://infra-ws.kinghost.net/serverbackend/acme" - -# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" -# Used to add txt record -dns_infraws_add() { - fulldomain=$1 - txtvalue=$2 - - INFRAWS_Hash="${INFRAWS_Hash:-$(_readaccountconf_mutable INFRAWS_Hash)}" - - if [ -z "$INFRAWS_Hash" ]; then - INFRAWS_Hash="" - _err "You don't specify KingHost api password and email yet." - _err "Please create you key and try again." - return 1 - fi - - #save the credentials to the account conf file. - _saveaccountconf_mutable INFRAWS_Hash "$INFRAWS_Hash" - - _debug "Getting txt records" - infraws_rest GET "dns" "name=$fulldomain&content=$txtvalue" - - #This API call returns "status":"ok" if dns record does not exists - #We are creating a new txt record here, so we expect the "ok" status - if ! echo "$response" | grep '"status":"ok"' >/dev/null; then - _err "Error" - _err "$response" - return 1 - fi - - infraws_rest POST "dns" "name=$fulldomain&content=$txtvalue" - if ! echo "$response" | grep '"status":"ok"' >/dev/null; then - _err "Error" - _err "$response" - return 1 - fi - - return 0 -} - -# Usage: fulldomain txtvalue -# Used to remove the txt record after validation -dns_infraws_rm() { - fulldomain=$1 - txtvalue=$2 - - INFRAWS_Hash="${INFRAWS_Hash:-$(_readaccountconf_mutable INFRAWS_Hash)}" - if [ -z "$INFRAWS_Hash" ]; then - INFRAWS_Hash="" - _err "You don't specify KingHost api key and email yet." - _err "Please create you key and try again." - return 1 - fi - - _debug "Getting txt records" - infraws_rest GET "dns" "name=$fulldomain&content=$txtvalue" - - infraws_rest DELETE "dns" "name=$fulldomain&content=$txtvalue" - if ! echo "$response" | grep '"status":"ok"' >/dev/null; then - _err "Error" - _err "$response" - return 1 - fi - - return 0 -} - -#################### Private functions below ################################## -infraws_rest() { - method=$1 - uri="$2" - data="$3" - _debug "$uri" - - if [ "$method" != "GET" ]; then - _debug data "$data" - response="$(_post "$data" "$INFRAWS_Api/hash/$INFRAWS_Hash/" "" "$method")" - else - response="$(_get "$INFRAWS_Api/hash/$INFRAWS_Hash/?$data")" - fi - - if [ "$?" != "0" ]; then - _err "error $uri" - return 1 - fi - _debug2 response "$response" - return 0 -}