Skip to content
Permalink
Browse files

Merge pull request #2689 from Neilpang/dev

sync
  • Loading branch information
Neilpang committed Jan 12, 2020
2 parents ef15e55 + 0712e98 commit 8dea51923583b9ac7c9e336e0957a920ca458018
Showing with 433 additions and 61 deletions.
  1. +19 −8 acme.sh
  2. +13 −13 deploy/routeros.sh
  3. +172 −0 dnsapi/dns_easydns.sh
  4. +10 −0 dnsapi/dns_lexicon.sh
  5. +159 −0 dnsapi/dns_misaka.sh
  6. +57 −37 dnsapi/dns_nic.sh
  7. +1 −1 dnsapi/dns_unoeuro.sh
  8. +2 −2 dnsapi/dns_zone.sh
27 acme.sh
@@ -2019,7 +2019,7 @@ _send_signed_request() {
_debug code "$code"

_debug2 original "$response"
if echo "$responseHeaders" | grep -i "Content-Type: application/json" >/dev/null 2>&1; then
if echo "$responseHeaders" | grep -i "Content-Type: *application/json" >/dev/null 2>&1; then
response="$(echo "$response" | _normalizeJson)"
fi
_debug2 response "$response"
@@ -2040,8 +2040,10 @@ _send_signed_request() {
continue
fi
fi
break
return 0
done
_info "Giving up sending to CA server after $MAX_REQUEST_RETRY_TIMES retries."
return 1

}

@@ -3445,7 +3447,7 @@ _regAccount() {
fi

_debug2 responseHeaders "$responseHeaders"
_accUri="$(echo "$responseHeaders" | grep -i "^Location:" | _head_n 1 | cut -d ' ' -f 2 | tr -d "\r\n")"
_accUri="$(echo "$responseHeaders" | grep -i "^Location:" | _head_n 1 | cut -d ':' -f 2- | tr -d "\r\n ")"
_debug "_accUri" "$_accUri"
if [ -z "$_accUri" ]; then
_err "Can not find account id url."
@@ -3819,9 +3821,11 @@ _check_dns_entries() {
_sleep 10
else
_info "All success, let's return"
break
return 0
fi
done
_info "Timed out waiting for DNS."
return 1

}

@@ -4002,7 +4006,7 @@ issue() {
_on_issue_err "$_post_hook"
return 1
fi
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n" | cut -d " " -f 2)"
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n" | cut -d ":" -f 2-)"
_debug Le_LinkOrder "$Le_LinkOrder"
Le_OrderFinalize="$(echo "$response" | _egrep_o '"finalize" *: *"[^"]*"' | cut -d '"' -f 4)"
_debug Le_OrderFinalize "$Le_OrderFinalize"
@@ -4082,7 +4086,7 @@ $_authorizations_map"

if [ "$ACME_VERSION" = "2" ]; then
_idn_d="$(_idn "$d")"
_candindates="$(echo "$_authorizations_map" | grep "^$_idn_d,")"
_candindates="$(echo "$_authorizations_map" | grep -i "^$_idn_d,")"
_debug2 _candindates "$_candindates"
if [ "$(echo "$_candindates" | wc -l)" -gt 1 ]; then
for _can in $_candindates; do
@@ -4517,7 +4521,7 @@ $_authorizations_map"
return 1
fi
if [ -z "$Le_LinkOrder" ]; then
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n" | cut -d " " -f 2)"
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n" | cut -d ":" -f 2-)"
fi

_savedomainconf "Le_LinkOrder" "$Le_LinkOrder"
@@ -5568,7 +5572,7 @@ _deactivate() {
return 1
fi

authzUri="$(echo "$responseHeaders" | grep "^Location:" | _head_n 1 | cut -d ' ' -f 2 | tr -d "\r\n")"
authzUri="$(echo "$responseHeaders" | grep "^Location:" | _head_n 1 | cut -d ':' -f 2- | tr -d "\r\n")"
_debug "authzUri" "$authzUri"
if [ "$code" ] && [ ! "$code" = '201' ]; then
_err "new-authz error: $response"
@@ -6299,6 +6303,7 @@ _installOnline() {
chmod +x $PROJECT_ENTRY
if ./$PROJECT_ENTRY install "$_nocron" "" "$_noprofile"; then
_info "Install success!"
_saveaccountconf "UPGRADE_HASH" "$(_getMasterHash)"
fi

cd ..
@@ -6308,9 +6313,15 @@ _installOnline() {
)
}

_getMasterHash() {
_hash_url="https://api.github.com/repos/Neilpang/acme.sh/git/refs/heads/master"
_get $_hash_url | tr -d "\r\n" | tr '{},' '\n' | grep '"sha":' | cut -d '"' -f 4
}

upgrade() {
if (
_initpath
[ -z "$FORCE" ] && [ "$(_getMasterHash)" = "$(_readaccountconf "UPGRADE_HASH")" ] && _info "Already uptodate!" && exit 0
export LE_WORKING_DIR
cd "$LE_WORKING_DIR"
_installOnline "nocron" "noprofile"
@@ -85,19 +85,19 @@ routeros_deploy() {
scp "$_ckey" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.key"
_info "Trying to push cert '$_cfullchain' to router"
scp "$_cfullchain" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.cer"
DEPLOY_SCRIPT_CMD="/system script add name=\"LE Cert Deploy - $_cdomain\" owner=admin policy=ftp,read,write,password,sensitive
source=\"## generated by routeros deploy script in acme.sh
\n/certificate remove [ find name=$_cdomain.cer_0 ]
\n/certificate remove [ find name=$_cdomain.cer_1 ]
\ndelay 1
\n/certificate import file-name=$_cdomain.cer passphrase=\\\"\\\"
\n/certificate import file-name=$_cdomain.key passphrase=\\\"\\\"
\ndelay 1
\n/file remove $_cdomain.cer
\n/file remove $_cdomain.key
\ndelay 2
\n/ip service set www-ssl certificate=$_cdomain.cer_0
\n$ROUTER_OS_ADDITIONAL_SERVICES
DEPLOY_SCRIPT_CMD="/system script add name=\"LE Cert Deploy - $_cdomain\" owner=admin policy=ftp,read,write,password,sensitive \
source=\"## generated by routeros deploy script in acme.sh;\
\n/certificate remove [ find name=$_cdomain.cer_0 ];\
\n/certificate remove [ find name=$_cdomain.cer_1 ];\
\ndelay 1;\
\n/certificate import file-name=$_cdomain.cer passphrase=\\\"\\\";\
\n/certificate import file-name=$_cdomain.key passphrase=\\\"\\\";\
\ndelay 1;\
\n/file remove $_cdomain.cer;\
\n/file remove $_cdomain.key;\
\ndelay 2;\
\n/ip service set www-ssl certificate=$_cdomain.cer_0;\
\n$ROUTER_OS_ADDITIONAL_SERVICES;\
\n\"
"
# shellcheck disable=SC2029
@@ -0,0 +1,172 @@
#!/usr/bin/env sh

#######################################################
#
# easyDNS REST API for acme.sh by Neilpang based on dns_cf.sh
#
# Please note: # API is currently beta and subject to constant change
# http://sandbox.rest.easydns.net:3000/
#
# Author: wurzelpanzer [wurzelpanzer@maximolider.net]
# Report Bugs here: https://github.com/Neilpang/acme.sh/issues/2647
#
#################### Public functions #################

#EASYDNS_Key="xxxxxxxxxxxxxxxxxxxxxxxx"
#EASYDNS_Token="xxxxxxxxxxxxxxxxxxxxxxxx"
EASYDNS_Api="https://rest.easydns.net"

#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_easydns_add() {
fulldomain=$1
txtvalue=$2

EASYDNS_Token="${EASYDNS_Token:-$(_readaccountconf_mutable EASYDNS_Token)}"
EASYDNS_Key="${EASYDNS_Key:-$(_readaccountconf_mutable EASYDNS_Key)}"

if [ -z "$EASYDNS_Token" ] || [ -z "$EASYDNS_Key" ]; then
_err "You didn't specify an easydns.net token or api key. Please sign up at http://docs.sandbox.rest.easydns.net/beta_signup.php"
return 1
else
_saveaccountconf_mutable EASYDNS_Token "$EASYDNS_Token"
_saveaccountconf_mutable EASYDNS_Key "$EASYDNS_Key"
fi

_debug "First detect the root zone"
if ! _get_root "$fulldomain"; then
_err "invalid domain"
return 1
fi
_debug _sub_domain "$_sub_domain"
_debug _domain "$_domain"

_debug "Getting txt records"
_EASYDNS_rest GET "zones/records/all/${_domain}/search/${_sub_domain}"

if ! printf "%s" "$response" | grep \"status\":200 >/dev/null; then
_err "Error"
return 1
fi

_info "Adding record"
if _EASYDNS_rest PUT "zones/records/add/$_domain/TXT" "{\"host\":\"$_sub_domain\",\"rdata\":\"$txtvalue\"}"; then
if _contains "$response" "\"status\":201"; then
_info "Added, OK"
return 0
elif _contains "$response" "Record already exists"; then
_info "Already exists, OK"
return 0
else
_err "Add txt record error."
return 1
fi
fi
_err "Add txt record error."
return 1

}

dns_easydns_rm() {
fulldomain=$1
txtvalue=$2

EASYDNS_Token="${EASYDNS_Token:-$(_readaccountconf_mutable EASYDNS_Token)}"
EASYDNS_Key="${EASYDNS_Key:-$(_readaccountconf_mutable EASYDNS_Key)}"

_debug "First detect the root zone"
if ! _get_root "$fulldomain"; then
_err "invalid domain"
return 1
fi
_debug _sub_domain "$_sub_domain"
_debug _domain "$_domain"

_debug "Getting txt records"
_EASYDNS_rest GET "zones/records/all/${_domain}/search/${_sub_domain}"

if ! printf "%s" "$response" | grep \"status\":200 >/dev/null; then
_err "Error"
return 1
fi

count=$(printf "%s\n" "$response" | _egrep_o "\"count\":[^,]*" | cut -d : -f 2)
_debug count "$count"
if [ "$count" = "0" ]; then
_info "Don't need to remove."
else
record_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | head -n 1)
_debug "record_id" "$record_id"
if [ -z "$record_id" ]; then
_err "Can not get record id to remove."
return 1
fi
if ! _EASYDNS_rest DELETE "zones/records/$_domain/$record_id"; then
_err "Delete record error."
return 1
fi
_contains "$response" "\"status\":200"
fi

}

#################### Private functions below ##################################
#_acme-challenge.www.domain.com
#returns
# _sub_domain=_acme-challenge.www
# _domain=domain.com
_get_root() {
domain=$1
i=1
p=1
while true; do
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
_debug h "$h"
if [ -z "$h" ]; then
#not valid
return 1
fi

if ! _EASYDNS_rest GET "zones/records/all/$h"; then
return 1
fi

if _contains "$response" "\"status\":200"; then
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
_domain=$h
return 0
fi

p=$i
i=$(_math "$i" + 1)
done
return 1
}

_EASYDNS_rest() {
m=$1
ep="$2"
data="$3"
_debug "$ep"

basicauth=$(printf "%s" "$EASYDNS_Token":"$EASYDNS_Key" | _base64)

export _H1="accept: application/json"
if [ "$basicauth" ]; then
export _H2="Authorization: Basic $basicauth"
fi

if [ "$m" != "GET" ]; then
export _H3="Content-Type: application/json"
_debug data "$data"
response="$(_post "$data" "$EASYDNS_Api/$ep" "" "$m")"
else
response="$(_get "$EASYDNS_Api/$ep")"
fi

if [ "$?" != "0" ]; then
_err "error $ep"
return 1
fi
_debug2 response "$response"
return 0
}
@@ -63,6 +63,16 @@ _lexicon_init() {
_saveaccountconf_mutable "$Lx_domaintoken" "$Lx_domaintoken_v"
eval export "$Lx_domaintoken"
fi

# shellcheck disable=SC2018,SC2019
Lx_api_key=$(echo LEXICON_"${PROVIDER}"_API_KEY | tr 'a-z' 'A-Z')
eval "$Lx_api_key=\${$Lx_api_key:-$(_readaccountconf_mutable "$Lx_api_key")}"
Lx_api_key_v=$(eval echo \$"$Lx_api_key")
_secure_debug "$Lx_api_key" "$Lx_api_key_v"
if [ "$Lx_api_key_v" ]; then
_saveaccountconf_mutable "$Lx_api_key" "$Lx_api_key_v"
eval export "$Lx_api_key"
fi
}

######## Public functions #####################

0 comments on commit 8dea519

Please sign in to comment.
You can’t perform that action at this time.