mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-22 05:01:40 +00:00
commit
e3cd96bf19
32
acme.sh
32
acme.sh
@ -435,8 +435,10 @@ _secure_debug3() {
|
||||
fi
|
||||
}
|
||||
|
||||
__USE_TR_RAW="$([ "$(echo "abc" | tr a-z A-Z 2>/dev/null)" = "ABC" ] && echo 1 || echo 0)"
|
||||
|
||||
_upper_case() {
|
||||
if _is_solaris; then
|
||||
if [ "$__USE_TR_RAW" = "0" ]; then
|
||||
tr '[:lower:]' '[:upper:]'
|
||||
else
|
||||
# shellcheck disable=SC2018,SC2019
|
||||
@ -445,7 +447,7 @@ _upper_case() {
|
||||
}
|
||||
|
||||
_lower_case() {
|
||||
if _is_solaris; then
|
||||
if [ "$__USE_TR_RAW" = "0" ]; then
|
||||
tr '[:upper:]' '[:lower:]'
|
||||
else
|
||||
# shellcheck disable=SC2018,SC2019
|
||||
@ -5752,7 +5754,9 @@ _installcert() {
|
||||
if [ -f "$_real_cert" ] && [ ! "$_ACME_IS_RENEW" ]; then
|
||||
cp "$_real_cert" "$_backup_path/cert.bak"
|
||||
fi
|
||||
cat "$CERT_PATH" >"$_real_cert" || return 1
|
||||
if [ "$CERT_PATH" != "$_real_cert" ]; then
|
||||
cat "$CERT_PATH" >"$_real_cert" || return 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$_real_ca" ]; then
|
||||
@ -5764,7 +5768,9 @@ _installcert() {
|
||||
if [ -f "$_real_ca" ] && [ ! "$_ACME_IS_RENEW" ]; then
|
||||
cp "$_real_ca" "$_backup_path/ca.bak"
|
||||
fi
|
||||
cat "$CA_CERT_PATH" >"$_real_ca" || return 1
|
||||
if [ "$CA_CERT_PATH" != "$_real_ca" ]; then
|
||||
cat "$CA_CERT_PATH" >"$_real_ca" || return 1
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -5773,12 +5779,14 @@ _installcert() {
|
||||
if [ -f "$_real_key" ] && [ ! "$_ACME_IS_RENEW" ]; then
|
||||
cp "$_real_key" "$_backup_path/key.bak"
|
||||
fi
|
||||
if [ -f "$_real_key" ]; then
|
||||
cat "$CERT_KEY_PATH" >"$_real_key" || return 1
|
||||
else
|
||||
touch "$_real_key" || return 1
|
||||
chmod 600 "$_real_key"
|
||||
cat "$CERT_KEY_PATH" >"$_real_key" || return 1
|
||||
if [ "$CERT_KEY_PATH" != "$_real_key" ]; then
|
||||
if [ -f "$_real_key" ]; then
|
||||
cat "$CERT_KEY_PATH" >"$_real_key" || return 1
|
||||
else
|
||||
touch "$_real_key" || return 1
|
||||
chmod 600 "$_real_key"
|
||||
cat "$CERT_KEY_PATH" >"$_real_key" || return 1
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -5787,7 +5795,9 @@ _installcert() {
|
||||
if [ -f "$_real_fullchain" ] && [ ! "$_ACME_IS_RENEW" ]; then
|
||||
cp "$_real_fullchain" "$_backup_path/fullchain.bak"
|
||||
fi
|
||||
cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain" || return 1
|
||||
if [ "$_real_fullchain" != "$CERT_FULLCHAIN_PATH" ]; then
|
||||
cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain" || return 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$_reload_cmd" ]; then
|
||||
|
@ -53,7 +53,7 @@ qiniu_deploy() {
|
||||
sslcert_access_token="$(_make_access_token "$sslcert_path")"
|
||||
_debug sslcert_access_token "$sslcert_access_token"
|
||||
export _H1="Authorization: QBox $sslcert_access_token"
|
||||
sslcert_response=$(_post "$sslcerl_body" "$QINIU_API_BASE$sslcert_path" 0 "POST" "application/json" | _dbase64 "multiline")
|
||||
sslcert_response=$(_post "$sslcerl_body" "$QINIU_API_BASE$sslcert_path" 0 "POST" "application/json" | _dbase64)
|
||||
|
||||
if ! _contains "$sslcert_response" "certID"; then
|
||||
_err "Error in creating certificate:"
|
||||
@ -75,7 +75,7 @@ qiniu_deploy() {
|
||||
update_access_token="$(_make_access_token "$update_path")"
|
||||
_debug update_access_token "$update_access_token"
|
||||
export _H1="Authorization: QBox $update_access_token"
|
||||
update_response=$(_post "$update_body" "$QINIU_API_BASE$update_path" 0 "PUT" "application/json" | _dbase64 "multiline")
|
||||
update_response=$(_post "$update_body" "$QINIU_API_BASE$update_path" 0 "PUT" "application/json" | _dbase64)
|
||||
|
||||
if _contains "$update_response" "error"; then
|
||||
_err "Error in updating domain $domain httpsconf:"
|
||||
|
@ -155,31 +155,20 @@ _get_root() {
|
||||
i=1
|
||||
p=1
|
||||
|
||||
if aws_rest GET "2013-04-01/hostedzone"; then
|
||||
while true; do
|
||||
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||
_debug2 "Checking domain: $h"
|
||||
if [ -z "$h" ]; then
|
||||
if _contains "$response" "<IsTruncated>true</IsTruncated>" && _contains "$response" "<NextMarker>"; then
|
||||
_debug "IsTruncated"
|
||||
_nextMarker="$(echo "$response" | _egrep_o "<NextMarker>.*</NextMarker>" | cut -d '>' -f 2 | cut -d '<' -f 1)"
|
||||
_debug "NextMarker" "$_nextMarker"
|
||||
if aws_rest GET "2013-04-01/hostedzone" "marker=$_nextMarker"; then
|
||||
_debug "Truncated request OK"
|
||||
i=2
|
||||
p=1
|
||||
continue
|
||||
else
|
||||
_err "Truncated request error."
|
||||
fi
|
||||
fi
|
||||
#not valid
|
||||
_err "Invalid domain"
|
||||
return 1
|
||||
fi
|
||||
# iterate over names (a.b.c.d -> b.c.d -> c.d -> d)
|
||||
while true; do
|
||||
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||
_debug "Checking domain: $h"
|
||||
if [ -z "$h" ]; then
|
||||
_error "invalid domain"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# iterate over paginated result for list_hosted_zones
|
||||
aws_rest GET "2013-04-01/hostedzone"
|
||||
while true; do
|
||||
if _contains "$response" "<Name>$h.</Name>"; then
|
||||
hostedzone="$(echo "$response" | sed 's/<HostedZone>/#&/g' | tr '#' '\n' | _egrep_o "<HostedZone><Id>[^<]*<.Id><Name>$h.<.Name>.*<PrivateZone>false<.PrivateZone>.*<.HostedZone>")"
|
||||
hostedzone="$(echo "$response" | tr -d '\n' | sed 's/<HostedZone>/#&/g' | tr '#' '\n' | _egrep_o "<HostedZone><Id>[^<]*<.Id><Name>$h.<.Name>.*<PrivateZone>false<.PrivateZone>.*<.HostedZone>")"
|
||||
_debug hostedzone "$hostedzone"
|
||||
if [ "$hostedzone" ]; then
|
||||
_domain_id=$(printf "%s\n" "$hostedzone" | _egrep_o "<Id>.*<.Id>" | head -n 1 | _egrep_o ">.*<" | tr -d "<>")
|
||||
@ -192,10 +181,19 @@ _get_root() {
|
||||
return 1
|
||||
fi
|
||||
fi
|
||||
p=$i
|
||||
i=$(_math "$i" + 1)
|
||||
if _contains "$response" "<IsTruncated>true</IsTruncated>" && _contains "$response" "<NextMarker>"; then
|
||||
_debug "IsTruncated"
|
||||
_nextMarker="$(echo "$response" | _egrep_o "<NextMarker>.*</NextMarker>" | cut -d '>' -f 2 | cut -d '<' -f 1)"
|
||||
_debug "NextMarker" "$_nextMarker"
|
||||
else
|
||||
break
|
||||
fi
|
||||
_debug "Checking domain: $h - Next Page "
|
||||
aws_rest GET "2013-04-01/hostedzone" "marker=$_nextMarker"
|
||||
done
|
||||
fi
|
||||
p=$i
|
||||
i=$(_math "$i" + 1)
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
|
@ -32,7 +32,8 @@ dns_cf_add() {
|
||||
else
|
||||
_saveaccountconf_mutable CF_Token "$CF_Token"
|
||||
_saveaccountconf_mutable CF_Account_ID "$CF_Account_ID"
|
||||
_saveaccountconf_mutable CF_Zone_ID "$CF_Zone_ID"
|
||||
_clearaccountconf_mutable CF_Zone_ID
|
||||
_clearaccountconf CF_Zone_ID
|
||||
fi
|
||||
else
|
||||
if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then
|
||||
@ -51,6 +52,14 @@ dns_cf_add() {
|
||||
#save the api key and email to the account conf file.
|
||||
_saveaccountconf_mutable CF_Key "$CF_Key"
|
||||
_saveaccountconf_mutable CF_Email "$CF_Email"
|
||||
|
||||
_clearaccountconf_mutable CF_Token
|
||||
_clearaccountconf_mutable CF_Account_ID
|
||||
_clearaccountconf_mutable CF_Zone_ID
|
||||
_clearaccountconf CF_Token
|
||||
_clearaccountconf CF_Account_ID
|
||||
_clearaccountconf CF_Zone_ID
|
||||
|
||||
fi
|
||||
|
||||
_debug "First detect the root zone"
|
||||
|
@ -44,7 +44,7 @@ dns_cyon_rm() {
|
||||
_cyon_load_credentials() {
|
||||
# Convert loaded password to/from base64 as needed.
|
||||
if [ "${CY_Password_B64}" ]; then
|
||||
CY_Password="$(printf "%s" "${CY_Password_B64}" | _dbase64 "multiline")"
|
||||
CY_Password="$(printf "%s" "${CY_Password_B64}" | _dbase64)"
|
||||
elif [ "${CY_Password}" ]; then
|
||||
CY_Password_B64="$(printf "%s" "${CY_Password}" | _base64)"
|
||||
fi
|
||||
|
@ -98,7 +98,7 @@ _dns_gcloud_remove_rrs() {
|
||||
--ttl="$ttl" \
|
||||
--type=TXT \
|
||||
--zone="$managedZone" \
|
||||
--transaction-file="$tr"; then
|
||||
--transaction-file="$tr" --; then
|
||||
_debug tr "$(cat "$tr")"
|
||||
rm -r "$trd"
|
||||
_err "_dns_gcloud_remove_rrs: failed to remove RRs"
|
||||
@ -113,7 +113,7 @@ _dns_gcloud_add_rrs() {
|
||||
--ttl="$ttl" \
|
||||
--type=TXT \
|
||||
--zone="$managedZone" \
|
||||
--transaction-file="$tr"; then
|
||||
--transaction-file="$tr" --; then
|
||||
_debug tr "$(cat "$tr")"
|
||||
rm -r "$trd"
|
||||
_err "_dns_gcloud_add_rrs: failed to add RRs"
|
||||
|
@ -259,7 +259,7 @@ _set_namecheap_TXT() {
|
||||
_debug hosts "$hosts"
|
||||
|
||||
if [ -z "$hosts" ]; then
|
||||
_error "Hosts not found"
|
||||
_err "Hosts not found"
|
||||
return 1
|
||||
fi
|
||||
|
||||
@ -313,7 +313,7 @@ _del_namecheap_TXT() {
|
||||
_debug hosts "$hosts"
|
||||
|
||||
if [ -z "$hosts" ]; then
|
||||
_error "Hosts not found"
|
||||
_err "Hosts not found"
|
||||
return 1
|
||||
fi
|
||||
|
||||
|
@ -5,7 +5,8 @@
|
||||
#
|
||||
# ULTRA_PWD="some_password_goes_here"
|
||||
|
||||
ULTRA_API="https://restapi.ultradns.com/v2/"
|
||||
ULTRA_API="https://api.ultradns.com/v3/"
|
||||
ULTRA_AUTH_API="https://api.ultradns.com/v2/"
|
||||
|
||||
#Usage: add _acme-challenge.www.domain.com "some_long_string_of_characters_go_here_from_lets_encrypt"
|
||||
dns_ultra_add() {
|
||||
@ -121,7 +122,7 @@ _get_root() {
|
||||
return 1
|
||||
fi
|
||||
if _contains "${response}" "${h}." >/dev/null; then
|
||||
_domain_id=$(echo "$response" | _egrep_o "${h}")
|
||||
_domain_id=$(echo "$response" | _egrep_o "${h}" | head -1)
|
||||
if [ "$_domain_id" ]; then
|
||||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||
_domain="${h}"
|
||||
@ -142,23 +143,25 @@ _ultra_rest() {
|
||||
ep="$2"
|
||||
data="$3"
|
||||
_debug "$ep"
|
||||
_debug TOKEN "${AUTH_TOKEN}"
|
||||
if [ -z "$AUTH_TOKEN" ]; then
|
||||
_ultra_login
|
||||
fi
|
||||
_debug TOKEN "$AUTH_TOKEN"
|
||||
|
||||
_ultra_login
|
||||
export _H1="Content-Type: application/json"
|
||||
export _H2="Authorization: Bearer ${AUTH_TOKEN}"
|
||||
export _H2="Authorization: Bearer $AUTH_TOKEN"
|
||||
|
||||
if [ "$m" != "GET" ]; then
|
||||
_debug data "${data}"
|
||||
response="$(_post "${data}" "${ULTRA_API}"/"${ep}" "" "${m}")"
|
||||
_debug data "$data"
|
||||
response="$(_post "$data" "$ULTRA_API$ep" "" "$m")"
|
||||
else
|
||||
response="$(_get "$ULTRA_API/$ep")"
|
||||
response="$(_get "$ULTRA_API$ep")"
|
||||
fi
|
||||
}
|
||||
|
||||
_ultra_login() {
|
||||
export _H1=""
|
||||
export _H2=""
|
||||
AUTH_TOKEN=$(_post "grant_type=password&username=${ULTRA_USR}&password=${ULTRA_PWD}" "${ULTRA_API}authorization/token" | cut -d, -f3 | cut -d\" -f4)
|
||||
AUTH_TOKEN=$(_post "grant_type=password&username=${ULTRA_USR}&password=${ULTRA_PWD}" "${ULTRA_AUTH_API}authorization/token" | cut -d, -f3 | cut -d\" -f4)
|
||||
export AUTH_TOKEN
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user