Commit Graph

4019 Commits

Author SHA1 Message Date
medmunds
d044545520 Rework read/save config to not save default values
Add and use _readaccountconf_mutable_default and
_saveaccountconf_mutable_default helpers to capture
common default value handling.

New approach also eliminates need for separate
underscore-prefixed version of each conf var.
2021-03-21 16:20:32 +01:00
medmunds
d1cdc1c6a0 Add _clearaccountconf_mutable() 2021-03-21 16:20:32 +01:00
medmunds
dc8d91ea39 Use PROJECT_NAME and VER for X-Mailer header
Also add X-Mailer header to Python version
2021-03-21 16:20:32 +01:00
neilpang
ae5a6d330d make the fix for rsa key only 2021-03-21 16:20:32 +01:00
neilpang
fe0bee21b0 support openssl 3.0
fix https://github.com/acmesh-official/acme.sh/issues/3399
2021-03-21 16:20:32 +01:00
Easton Man
c090c19bfe fix: fix freebsd and solaris 2021-03-21 16:20:32 +01:00
Easton Man
8fbec785e8 feat: add huaweicloud error handling 2021-03-21 16:20:32 +01:00
Mike Edmunds
06fb3d9476 Fix: Unifi deploy hook support Unifi Cloud Key (#3327)
* fix: unifi deploy hook also update Cloud Key nginx certs

When running on a Unifi Cloud Key device, also deploy to
/etc/ssl/private/cloudkey.{crt,key} and reload nginx. This
makes the new cert available for the Cloud Key management
app running via nginx on port 443 (as well as the port 8443
Unifi Controller app the deploy hook already supported).

Fixes #3326

* Improve settings documentation comments

* Improve Cloud Key pre-flight error messaging

* Fix typo

* Add support for UnifiOS (Cloud Key Gen2)

Since UnifiOS does not use the Java keystore (like a Unifi
Controller or Cloud Key Gen1 deploy), this also reworks
the settings validation and error messaging somewhat.

* PR review fixes

* Detect unsupported Cloud Key java keystore location

* Don't try to restart inactive services

(and remove extra spaces from reload command)

* Clean up error messages and internal variables

* Change to _getdeployconf/_savedeployconf

* Switch from cp to cat to preserve file permissions
2021-03-21 16:20:32 +01:00
medmunds
fe3e8a7bb6 More than one blank line is an abomination, apparently
I will not try to use whitespace to group code visually
2021-03-21 16:20:32 +01:00
medmunds
ce2ff25edd Implement curl version of smtp notify-hook 2021-03-21 16:20:32 +01:00
medmunds
65a1b892e3 Prep for curl or Python; clean up SMTP_* variable usage 2021-03-21 16:20:32 +01:00
medmunds
e272fde95e Add instructions for reporting bugs 2021-03-21 16:20:32 +01:00
medmunds
d48bff0e20 Only save config if send is successful 2021-03-21 16:20:32 +01:00
medmunds
6e61c34f0f Make shfmt happy
(I'm open to better ways of formatting the heredoc
that embeds the Python script.)
2021-03-21 16:20:32 +01:00
medmunds
2d9506eb54 Implement smtp notify hook
Support notifications via direct SMTP server connection.
Uses Python (2.7.x or 3.4+) to communicate with SMTP server.
2021-03-21 16:20:32 +01:00
jerrm
b1988c7b67 duckdns - fix "integer expression expected" errors (#3397)
* fix "integer expression expected" errors

* duckdns fix

* Update dns_duckdns.sh

* Update dns_duckdns.sh
2021-03-21 16:20:32 +01:00
neilpang
fb5d72c29b upgrade freebsd and solaris 2021-03-21 16:20:32 +01:00
neil
ac148ce0e9 Chain (#3408)
* fix https://github.com/acmesh-official/acme.sh/issues/3384
match the issuer to the root CA cert subject

* fix format

* fix https://github.com/acmesh-official/acme.sh/issues/3384

* remove the alt files. https://github.com/acmesh-official/acme.sh/issues/3384
2021-03-21 16:20:32 +01:00
manuel
016dca654e dnsapi/pdns: also normalize json response in detecting root zone 2021-03-21 16:20:32 +01:00
Gnought
6502bdecbe Updated --preferred-chain to issue ISRG properly
To support different openssl crl2pkcs7 help cli format
2021-03-21 16:20:32 +01:00
Vahid Fardi
91a739af6e change name actor 2021-03-21 16:20:32 +01:00
Vahid Fardi
e232565971 change Author name 2021-03-21 16:20:32 +01:00
Vahid Fardi
472488ebe8 change arvan api script 2021-03-21 16:20:32 +01:00
Alexander Kulumbeg
8de3698b23 Revert "Syncing with the original repo (#2)"
This reverts commit c384ed960c.
2021-03-21 16:16:38 +01:00
Alexander Kulumbeg
c384ed960c
Syncing with the original repo (#2)
* change arvan api script

* change Author name

* change name actor

* Updated --preferred-chain to issue ISRG properly

To support different openssl crl2pkcs7 help cli format

* dnsapi/pdns: also normalize json response in detecting root zone

* Chain (#3408)

* fix https://github.com/acmesh-official/acme.sh/issues/3384
match the issuer to the root CA cert subject

* fix format

* fix https://github.com/acmesh-official/acme.sh/issues/3384

* remove the alt files. https://github.com/acmesh-official/acme.sh/issues/3384

* upgrade freebsd and solaris

* duckdns - fix "integer expression expected" errors (#3397)

* fix "integer expression expected" errors

* duckdns fix

* Update dns_duckdns.sh

* Update dns_duckdns.sh

* Implement smtp notify hook

Support notifications via direct SMTP server connection.
Uses Python (2.7.x or 3.4+) to communicate with SMTP server.

* Make shfmt happy

(I'm open to better ways of formatting the heredoc
that embeds the Python script.)

* Only save config if send is successful

* Add instructions for reporting bugs

* Prep for curl or Python; clean up SMTP_* variable usage

* Implement curl version of smtp notify-hook

* More than one blank line is an abomination, apparently

I will not try to use whitespace to group code visually

* Fix: Unifi deploy hook support Unifi Cloud Key (#3327)

* fix: unifi deploy hook also update Cloud Key nginx certs

When running on a Unifi Cloud Key device, also deploy to
/etc/ssl/private/cloudkey.{crt,key} and reload nginx. This
makes the new cert available for the Cloud Key management
app running via nginx on port 443 (as well as the port 8443
Unifi Controller app the deploy hook already supported).

Fixes #3326

* Improve settings documentation comments

* Improve Cloud Key pre-flight error messaging

* Fix typo

* Add support for UnifiOS (Cloud Key Gen2)

Since UnifiOS does not use the Java keystore (like a Unifi
Controller or Cloud Key Gen1 deploy), this also reworks
the settings validation and error messaging somewhat.

* PR review fixes

* Detect unsupported Cloud Key java keystore location

* Don't try to restart inactive services

(and remove extra spaces from reload command)

* Clean up error messages and internal variables

* Change to _getdeployconf/_savedeployconf

* Switch from cp to cat to preserve file permissions

* feat: add huaweicloud error handling

* fix: fix freebsd and solaris

* support openssl 3.0
fix https://github.com/acmesh-official/acme.sh/issues/3399

* make the fix for rsa key only

* Use PROJECT_NAME and VER for X-Mailer header

Also add X-Mailer header to Python version

* Add _clearaccountconf_mutable()

* Rework read/save config to not save default values

Add and use _readaccountconf_mutable_default and
_saveaccountconf_mutable_default helpers to capture
common default value handling.

New approach also eliminates need for separate
underscore-prefixed version of each conf var.

* Implement _rfc2822_date helper

* Clean email headers and warn on unsupported address format

Just in case, make sure CR or NL don't end up in
an email header.

* Clarify _readaccountconf_mutable_default

* Add Date email header in Python implementation

* Use email.policy.default in Python 3 implementation

Improves standards compatibility and utf-8 handling
in Python 3.3-3.8. (email.policy.default becomes the
default in Python 3.9.)

* Prefer Python to curl when both available

* Change default SMTP_SECURE to "tls"

Secure by default. Also try to minimize configuration errors.
(Many ESPs/ISPs require STARTTLS, and most support it.)

* Update dns_dp.sh

没有encode中文字符会导致提交失败

* No need to include EC parameters explicitly with the private key.
(they are embedded)

* Fixes response handling and thereby allow issuing of subdomain certs

* Adds comment

* fix https://github.com/acmesh-official/acme.sh/issues/3402

* dnsapi/ionos: Use POST instead of PATCH for adding TXT record

The API now supports a POST route for adding records. Therefore
checking for already existing records and including them in a PATCH
request is no longer necessary.

* fix https://github.com/acmesh-official/acme.sh/issues/3433

* fix https://github.com/acmesh-official/acme.sh/issues/3019

* fix format

* Update dns_servercow.sh to support wildcard certs

Updated dns_servercow.sh to support txt records with multiple entries. This supports wildcard certificates that require txt records with the same name and different contents.

* Update dns_servercow.sh to support wildcard certs

Updated dns_servercow.sh to support txt records with multiple entries. This supports wildcard certificates that require txt records with the same name and different contents.

* fix https://github.com/acmesh-official/acme.sh/issues/3312

* fix format

* feat: add dns_porkbun

* fix: prevent rate limit

Co-authored-by: Vahid Fardi <vahid.fardi@snapp.cab>
Co-authored-by: neil <github@neilpang.com>
Co-authored-by: Gnought <1684105+gnought@users.noreply.github.com>
Co-authored-by: manuel <manuel@mausz.at>
Co-authored-by: jerrm <jerrm@users.noreply.github.com>
Co-authored-by: medmunds <medmunds@gmail.com>
Co-authored-by: Mike Edmunds <github@to.mikeedmunds.com>
Co-authored-by: Easton Man <manyang.me@outlook.com>
Co-authored-by: czeming <loser_wind@163.com>
Co-authored-by: Geert Hendrickx <geert@hendrickx.be>
Co-authored-by: Kristian Johansson <kristian.johansson86@gmail.com>
Co-authored-by: Lukas Brocke <lukas@brocke.net>
Co-authored-by: anom-human <80478363+anom-human@users.noreply.github.com>
Co-authored-by: neil <win10@neilpang.com>
Co-authored-by: Quentin Dreyer <quentin.dreyer@rgsystem.com>
2021-03-20 16:01:09 +01:00
Alexander Kulumbeg
2386d2e299
String change 2021-03-20 15:26:32 +01:00
Alexander Kulumbeg
aa479948f9
Final try, leaving _hmac as before 2021-02-04 19:03:35 +01:00
Alexander Kulumbeg
fa3cee9d58
Update dns_websupport.sh 2021-02-04 18:38:40 +01:00
Alexander Kulumbeg
0021fb8a33
Changing the _hmac auth back
It only works this way, apparently
2021-02-04 17:27:39 +01:00
Alexander Kulumbeg
c8c727e6c6
added hex param to _hmac
but removed "printf "s%" ...
2021-02-04 17:21:33 +01:00
Alexander Kulumbeg
b8494ab3cc
Update dns_websupport.sh 2021-02-04 17:15:22 +01:00
Alexander Kulumbeg
2eda03f5de
Changing the _hmac call into Neil's suggestion 2021-02-04 15:32:51 +01:00
Alexander Kulumbeg
3a38358946
Trying the original solution
_hmac sha1 "$(printf "%s" "$WS_ApiSecret" | _hex_dump | tr -d " ")" hex)
2021-02-04 15:22:53 +01:00
Alexander Kulumbeg
6c9845b9f3
adding the hex parameter to _hmac call 2021-02-04 15:18:39 +01:00
Alexander Kulumbeg
9e146a8a5a
Typo
Forgot a quotation mark on line 161
2021-02-04 15:15:17 +01:00
Alexander Kulumbeg
433d9bfb02
Implementing/testing Neil's suggestions 2021-02-04 15:11:53 +01:00
Alexander Kulumbeg
94917e315e
Testing double 2>/dev/null into _utc_date with sed 2021-02-04 11:18:22 +01:00
Alexander Kulumbeg
ced6852735
2>/dev/null/ to 2>/dev/null
Silly mistake with a "/" -.-
2021-02-04 11:15:13 +01:00
Alexander Kulumbeg
8dc55f417d
Extra test - adding date -u -d
Adding this to at least partially prevent the virtually nonexistent possibility of timestamp and _utc_date() mismatch. If the normal date -u -d does not get converted (looking at you Solaris!), the poor man's method with manipulating the _utc_date() string output kicks in.
2021-02-04 10:13:36 +01:00
Alexander Kulumbeg
3d338bba3c
Fixing the shebang accident 2021-02-04 00:31:46 +01:00
Alexander Kulumbeg
631398f700
sed workaround for "datez" 2021-02-04 00:21:08 +01:00
Alexander Kulumbeg
7984d8cdfb
And again 2021-02-01 20:43:22 +01:00
Alexander Kulumbeg
783a6110ef
Yet another Solaris test 2021-02-01 20:31:05 +01:00
Alexander Kulumbeg
5d4d53c3a1
Testing datez change for Solaris 2021-02-01 18:37:17 +01:00
Alexander Kulumbeg
3014955ece
Fix comments, error msg and time formatting 2021-02-01 18:16:15 +01:00
Alexander Kulumbeg
0481f20c6b
"datez" var and comments 2021-02-01 00:30:36 +01:00
Alexander Kulumbeg
76309601eb
Update dns_websupport.sh 2021-01-31 22:25:13 +01:00
Alexander Kulumbeg
84dd864886
Simplified approach for the HMAC method 2021-01-31 22:16:00 +01:00
Alexander Kulumbeg
7924e01b15
Added a forgotten ")" 2021-01-31 22:04:53 +01:00
Alexander Kulumbeg
dadc70630b
Testing HMAC 2021-01-31 22:02:11 +01:00