plantroon
/
acme.sh
mirror of https://github.com/plantroon/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'dev' of https://github.com/acmesh-official/acme.sh into dev

This commit is contained in:
neilpang 2021-05-02 22:20:27 +08:00
parent f855862ade 91d37c7875
commit aea10a3b93
4 changed files with 383 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
acme.sh
View File

@ -2038,7 +2038,7 @@ _send_signed_request() {
if _post "" "$nonceurl" "" "HEAD" "$__request_conent_type" >/dev/null; then
_headers="$(cat "$HTTP_HEADER")"
_debug2 _headers "$_headers"
_CACHED_NONCE="$(echo "$_headers" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2)"
_CACHED_NONCE="$(echo "$_headers" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2 | cut -d , -f 1)"
fi
fi
if [ -z "$_CACHED_NONCE" ]; then
@ -2118,7 +2118,7 @@ _send_signed_request() {
fi
_debug2 response "$response"
_CACHED_NONCE="$(echo "$responseHeaders" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2)"
_CACHED_NONCE="$(echo "$responseHeaders" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2 | cut -d , -f 1)"
if ! _startswith "$code" "2"; then
_body="$response"
@ -2357,7 +2357,7 @@ _startserver() {
echo 'HTTP/1.0 200 OK'; \
echo 'Content-Length\: $_content_len'; \
echo ''; \
printf -- '$content';" &
printf '%s' '$content';" &
serverproc="$!"
}
@ -4720,7 +4720,7 @@ $_authorizations_map"
_debug2 response "$response"
status=$(echo "$response" | _egrep_o '"status":"[^"]*' | cut -d : -f 2 | tr -d '"')
if [ "$status" = "valid" ]; then
if _contains "$status" "valid"; then
_info "$(__green Success)"
_stopserver "$serverproc"
serverproc=""

171
dnsapi/dns_aurora.sh Normal file
View File

@ -0,0 +1,171 @@
#!/usr/bin/env sh
#
#AURORA_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
#
#AURORA_Secret="sdfsdfsdfljlbjkljlkjsdfoiwje"
AURORA_Api="https://api.auroradns.eu"
######## Public functions #####################
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_aurora_add() {
fulldomain=$1
txtvalue=$2
AURORA_Key="${AURORA_Key:-$(_readaccountconf_mutable AURORA_Key)}"
AURORA_Secret="${AURORA_Secret:-$(_readaccountconf_mutable AURORA_Secret)}"
if [ -z "$AURORA_Key" ] || [ -z "$AURORA_Secret" ]; then
AURORA_Key=""
AURORA_Secret=""
_err "You didn't specify an Aurora api key and secret yet."
_err "You can get yours from here https://cp.pcextreme.nl/auroradns/users."
return 1
fi
#save the api key and secret to the account conf file.
_saveaccountconf_mutable AURORA_Key "$AURORA_Key"
_saveaccountconf_mutable AURORA_Secret "$AURORA_Secret"
_debug "First detect the root zone"
if ! _get_root "$fulldomain"; then
_err "invalid domain"
return 1
fi
_debug _domain_id "$_domain_id"
_debug _sub_domain "$_sub_domain"
_debug _domain "$_domain"
_info "Adding record"
if _aurora_rest POST "zones/$_domain_id/records" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":300}"; then
if _contains "$response" "$txtvalue"; then
_info "Added, OK"
return 0
elif _contains "$response" "RecordExistsError"; then
_info "Already exists, OK"
return 0
else
_err "Add txt record error."
return 1
fi
fi
_err "Add txt record error."
return 1
}
#fulldomain txtvalue
dns_aurora_rm() {
fulldomain=$1
txtvalue=$2
AURORA_Key="${AURORA_Key:-$(_readaccountconf_mutable AURORA_Key)}"
AURORA_Secret="${AURORA_Secret:-$(_readaccountconf_mutable AURORA_Secret)}"
_debug "First detect the root zone"
if ! _get_root "$fulldomain"; then
_err "invalid domain"
return 1
fi
_debug _domain_id "$_domain_id"
_debug _sub_domain "$_sub_domain"
_debug _domain "$_domain"
_debug "Getting records"
_aurora_rest GET "zones/${_domain_id}/records"
if ! _contains "$response" "$txtvalue"; then
_info "Don't need to remove."
else
records=$(echo "$response" | _normalizeJson | tr -d "[]" | sed "s/},{/}|{/g" | tr "|" "\n")
if [ "$(echo "$records" | wc -l)" -le 2 ]; then
_err "Can not parse records."
return 1
fi
record_id=$(echo "$records" | grep "\"type\": *\"TXT\"" | grep "\"name\": *\"$_sub_domain\"" | grep "\"content\": *\"$txtvalue\"" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | _head_n 1 | tr -d " ")
_debug "record_id" "$record_id"
if [ -z "$record_id" ]; then
_err "Can not get record id to remove."
return 1
fi
if ! _aurora_rest DELETE "zones/$_domain_id/records/$record_id"; then
_err "Delete record error."
return 1
fi
fi
return 0
}
#################### Private functions below ##################################
#_acme-challenge.www.domain.com
#returns
# _sub_domain=_acme-challenge.www
# _domain=domain.com
# _domain_id=sdjkglgdfewsdfg
_get_root() {
domain=$1
i=1
p=1
while true; do
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
_debug h "$h"
if [ -z "$h" ]; then
#not valid
return 1
fi
if ! _aurora_rest GET "zones/$h"; then
return 1
fi
if _contains "$response" "\"name\": \"$h\""; then
_domain_id=$(echo "$response" | _normalizeJson | tr -d "{}" | tr "," "\n" | grep "\"id\": *\"" | cut -d : -f 2 | tr -d \" | _head_n 1 | tr -d " ")
_debug _domain_id "$_domain_id"
if [ "$_domain_id" ]; then
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
_domain=$h
return 0
fi
return 1
fi
p=$i
i=$(_math "$i" + 1)
done
return 1
}
_aurora_rest() {
m=$1
ep="$2"
data="$3"
_debug "$ep"
key_trimmed=$(echo "$AURORA_Key" | tr -d '"')
secret_trimmed=$(echo "$AURORA_Secret" | tr -d '"')
timestamp=$(date -u +"%Y%m%dT%H%M%SZ")
signature=$(printf "%s/%s%s" "$m" "$ep" "$timestamp" | _hmac sha256 "$(printf "%s" "$secret_trimmed" | _hex_dump | tr -d " ")" | _base64)
authorization=$(printf "AuroraDNSv1 %s" "$(printf "%s:%s" "$key_trimmed" "$signature" | _base64)")
export _H1="Content-Type: application/json; charset=UTF-8"
export _H2="X-AuroraDNS-Date: $timestamp"
export _H3="Authorization: $authorization"
if [ "$m" != "GET" ]; then
_debug data "$data"
response="$(_post "$data" "$AURORA_Api/$ep" "" "$m")"
else
response="$(_get "$AURORA_Api/$ep")"
fi
if [ "$?" != "0" ]; then
_err "error $ep"
return 1
fi
_debug2 response "$response"
return 0
}

207
dnsapi/dns_websupport.sh Normal file
View File

@ -0,0 +1,207 @@
#!/usr/bin/env sh
# Acme.sh DNS API wrapper for websupport.sk
#
# Original author: trgo.sk (https://github.com/trgosk)
# Tweaks by: akulumbeg (https://github.com/akulumbeg)
# Report Bugs here: https://github.com/akulumbeg/acme.sh
# Requirements: API Key and Secret from https://admin.websupport.sk/en/auth/apiKey
#
# WS_ApiKey="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
# (called "Identifier" in the WS Admin)
#
# WS_ApiSecret="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
# (called "Secret key" in the WS Admin)
WS_Api="https://rest.websupport.sk"
######## Public functions #####################
dns_websupport_add() {
fulldomain=$1
txtvalue=$2
WS_ApiKey="${WS_ApiKey:-$(_readaccountconf_mutable WS_ApiKey)}"
WS_ApiSecret="${WS_ApiSecret:-$(_readaccountconf_mutable WS_ApiSecret)}"
if [ "$WS_ApiKey" ] && [ "$WS_ApiSecret" ]; then
_saveaccountconf_mutable WS_ApiKey "$WS_ApiKey"
_saveaccountconf_mutable WS_ApiSecret "$WS_ApiSecret"
else
WS_ApiKey=""
WS_ApiSecret=""
_err "You did not specify the API Key and/or API Secret"
_err "You can get the API login credentials from https://admin.websupport.sk/en/auth/apiKey"
return 1
fi
_debug "First detect the root zone"
if ! _get_root "$fulldomain"; then
_err "invalid domain"
return 1
fi
_debug _sub_domain "$_sub_domain"
_debug _domain "$_domain"
# For wildcard cert, the main root domain and the wildcard domain have the same txt subdomain name, so
# we can not use updating anymore.
# count=$(printf "%s\n" "$response" | _egrep_o "\"count\":[^,]*" | cut -d : -f 2)
# _debug count "$count"
# if [ "$count" = "0" ]; then
_info "Adding record"
if _ws_rest POST "/v1/user/self/zone/$_domain/record" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
if _contains "$response" "$txtvalue"; then
_info "Added, OK"
return 0
elif _contains "$response" "The record already exists"; then
_info "Already exists, OK"
return 0
else
_err "Add txt record error."
return 1
fi
fi
_err "Add txt record error."
return 1
}
dns_websupport_rm() {
fulldomain=$1
txtvalue=$2
_debug2 fulldomain "$fulldomain"
_debug2 txtvalue "$txtvalue"
_debug "First detect the root zone"
if ! _get_root "$fulldomain"; then
_err "invalid domain"
return 1
fi
_debug _sub_domain "$_sub_domain"
_debug _domain "$_domain"
_debug "Getting txt records"
_ws_rest GET "/v1/user/self/zone/$_domain/record"
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"items\")" -lt "1" ]; then
_err "Error: $response"
return 1
fi
record_line="$(_get_from_array "$response" "$txtvalue")"
_debug record_line "$record_line"
if [ -z "$record_line" ]; then
_info "Don't need to remove."
else
record_id=$(echo "$record_line" | _egrep_o "\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
_debug "record_id" "$record_id"
if [ -z "$record_id" ]; then
_err "Can not get record id to remove."
return 1
fi
if ! _ws_rest DELETE "/v1/user/self/zone/$_domain/record/$record_id"; then
_err "Delete record error."
return 1
fi
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"success\")" -lt "1" ]; then
return 1
else
return 0
fi
fi
}
#################### Private Functions ##################################
_get_root() {
domain=$1
i=1
p=1
while true; do
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
_debug h "$h"
if [ -z "$h" ]; then
#not valid
return 1
fi
if ! _ws_rest GET "/v1/user/self/zone"; then
return 1
fi
if _contains "$response" "\"name\":\"$h\""; then
_domain_id=$(echo "$response" | _egrep_o "\[.\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
if [ "$_domain_id" ]; then
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
_domain=$h
return 0
fi
return 1
fi
p=$i
i=$(_math "$i" + 1)
done
return 1
}
_ws_rest() {
me=$1
pa="$2"
da="$3"
_debug2 api_key "$WS_ApiKey"
_debug2 api_secret "$WS_ApiSecret"
timestamp=$(_time)
datez="$(_utc_date | sed "s/ /T/" | sed "s/$/+0000/")"
canonical_request="${me} ${pa} ${timestamp}"
signature_hash=$(printf "%s" "$canonical_request" | _hmac sha1 "$(printf "%s" "$WS_ApiSecret" | _hex_dump | tr -d " ")" hex)
basicauth="$(printf "%s:%s" "$WS_ApiKey" "$signature_hash" | _base64)"
_debug2 method "$me"
_debug2 path "$pa"
_debug2 data "$da"
_debug2 timestamp "$timestamp"
_debug2 datez "$datez"
_debug2 canonical_request "$canonical_request"
_debug2 signature_hash "$signature_hash"
_debug2 basicauth "$basicauth"
export _H1="Accept: application/json"
export _H2="Content-Type: application/json"
export _H3="Authorization: Basic ${basicauth}"
export _H4="Date: ${datez}"
_debug2 H1 "$_H1"
_debug2 H2 "$_H2"
_debug2 H3 "$_H3"
_debug2 H4 "$_H4"
if [ "$me" != "GET" ]; then
_debug2 "${me} $WS_Api${pa}"
_debug data "$da"
response="$(_post "$da" "${WS_Api}${pa}" "" "$me")"
else
_debug2 "GET $WS_Api${pa}"
response="$(_get "$WS_Api${pa}")"
fi
_debug2 response "$response"
return "$?"
}
_get_from_array() {
va="$1"
fi="$2"
for i in $(echo "$va" | sed "s/{/ /g"); do
if _contains "$i" "$fi"; then
echo "$i"
break
fi
done
}

2
notify/mail.sh
View File

@ -79,7 +79,7 @@ mail_send() {
_mail_bin() {
_MAIL_BIN=""
for b in "$MAIL_BIN" sendmail ssmtp mutt mail msmtp; do
for b in $MAIL_BIN sendmail ssmtp mutt mail msmtp; do
if _exists "$b"; then
_MAIL_BIN="$b"
break