Merge pull request #3104 from acmesh-official/dev

sync

README.md

@@ -8,10 +8,6 @@
 acme.sh is being sponsored by the following tool; please help to support us by taking a look and signing up to a free trial
 
 
-<a href="https://tracking.gitads.io/?repo=acme.sh"> <img src="https://images.gitads.io/acme.sh" alt="GitAds"/> </a>
-
-
-
 - An ACME protocol client written purely in Shell (Unix shell) language.
 - Full ACME protocol implementation.
 - Support ACME v1 and ACME v2

acme.sh

@@ -52,9 +52,6 @@ DEFAULT_DOMAIN_KEY_LENGTH=2048
 
 DEFAULT_OPENSSL_BIN="openssl"
 
-_OLD_CA_HOST="https://acme-v01.api.letsencrypt.org"
-_OLD_STAGE_CA_HOST="https://acme-staging.api.letsencrypt.org"
-
 VTYPE_HTTP="http-01"
 VTYPE_DNS="dns-01"
 VTYPE_ALPN="tls-alpn-01"
@@ -2595,22 +2592,17 @@ _initpath() {
     CA_HOME="$DEFAULT_CA_HOME"
   fi
 
-  if [ "$ACME_VERSION" = "2" ]; then
-    DEFAULT_CA="$CA_LETSENCRYPT_V2"
-    DEFAULT_STAGING_CA="$CA_LETSENCRYPT_V2_TEST"
-  fi
-
   if [ -z "$ACME_DIRECTORY" ]; then
-    default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
-    _debug default_acme_server "$default_acme_server"
-    if [ "$default_acme_server" ]; then
-      ACME_DIRECTORY="$default_acme_server"
+    if [ "$STAGE" ]; then
+      ACME_DIRECTORY="$DEFAULT_STAGING_CA"
+      _info "Using stage ACME_DIRECTORY: $ACME_DIRECTORY"
     else
-      if [ -z "$STAGE" ]; then
-        ACME_DIRECTORY="$DEFAULT_CA"
+      default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
+      _debug default_acme_server "$default_acme_server"
+      if [ "$default_acme_server" ]; then
+        ACME_DIRECTORY="$default_acme_server"
       else
-        ACME_DIRECTORY="$DEFAULT_STAGING_CA"
-        _info "Using stage ACME_DIRECTORY: $ACME_DIRECTORY"
+        ACME_DIRECTORY="$DEFAULT_CA"
       fi
     fi
   fi
@@ -4088,12 +4080,9 @@ issue() {
     _cleardomainconf "Le_ChallengeAlias"
   fi
 
-  if [ "$ACME_DIRECTORY" != "$DEFAULT_CA" ]; then
-    Le_API="$ACME_DIRECTORY"
-    _savedomainconf "Le_API" "$Le_API"
-  else
-    _cleardomainconf Le_API
-  fi
+  Le_API="$ACME_DIRECTORY"
+  _savedomainconf "Le_API" "$Le_API"
+
   _info "Using CA: $ACME_DIRECTORY"
   if [ "$_alt_domains" = "$NO_VALUE" ]; then
     _alt_domains=""
@@ -4980,14 +4969,6 @@ renew() {
   fi
 
   if [ "$Le_API" ]; then
-    if [ "$_OLD_CA_HOST" = "$Le_API" ]; then
-      export Le_API="$DEFAULT_CA"
-      _savedomainconf Le_API "$Le_API"
-    fi
-    if [ "$_OLD_STAGE_CA_HOST" = "$Le_API" ]; then
-      export Le_API="$DEFAULT_STAGING_CA"
-      _savedomainconf Le_API "$Le_API"
-    fi
     export ACME_DIRECTORY="$Le_API"
     #reload ca configs
     ACCOUNT_KEY_PATH=""

dnsapi/dns_kappernet.sh

@@ -0,0 +1,150 @@
+#!/usr/bin/env sh
+
+# kapper.net domain api
+# for further questions please contact: [email protected]
+# please report issues here: https://github.com/acmesh-official/acme.sh/issues/2977
+
+#KAPPERNETDNS_Key="yourKAPPERNETapikey"
+#KAPPERNETDNS_Secret="yourKAPPERNETapisecret" 
+
+KAPPERNETDNS_Api="https://dnspanel.kapper.net/API/1.2?APIKey=$KAPPERNETDNS_Key&APISecret=$KAPPERNETDNS_Secret"
+
+###############################################################################
+# called with 
+# fullhostname: something.example.com
+# txtvalue:     someacmegenerated string
+dns_kappernet_add() {
+  fullhostname=$1
+  txtvalue=$2
+
+  KAPPERNETDNS_Key="${KAPPERNETDNS_Key:-$(_readaccountconf_mutable KAPPERNETDNS_Key)}"
+  KAPPERNETDNS_Secret="${KAPPERNETDNS_Secret:-$(_readaccountconf_mutable KAPPERNETDNS_Secret)}"
+
+  if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
+    KAPPERNETDNS_Key=""
+    KAPPERNETDNS_Secret=""
+    _err "Please specify your kapper.net api key and secret."
+    _err "If you have not received yours - send your mail to"
+	_err "[email protected] to get  your key and secret."
+    return 1
+  fi
+
+  #store the api key and email to the account conf file.
+  _saveaccountconf_mutable KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
+  _saveaccountconf_mutable KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
+  _debug "Checking Domain ..."
+  if ! _get_root "$fullhostname"; then
+    _err "invalid domain"
+    return 1
+  fi
+  _debug _sub_domain "SUBDOMAIN: $_sub_domain"
+  _debug _domain "DOMAIN: $_domain"
+
+  _info "Trying to add TXT DNS Record"
+  data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"
+  if _kappernet_api GET "action=new&subject=$_domain&data=$data"; then
+
+    if _contains "$response" "{\"OK\":true"; then
+      _info "Waiting 120 seconds for DNS to spread the new record"
+      _sleep 120
+      return 0
+    else
+      _err "Error creating a TXT DNS Record: $fullhostname TXT $txtvalue"
+      _err "Error Message: $response"
+      return 1
+    fi
+  fi
+  _err "Failed creating TXT Record"
+}
+
+###############################################################################
+# called with
+# fullhostname: something.example.com
+dns_kappernet_rm() {
+  fullhostname=$1
+  txtvalue=$2
+
+  KAPPERNETDNS_Key="${KAPPERNETDNS_Key:-$(_readaccountconf_mutable KAPPERNETDNS_Key)}"
+  KAPPERNETDNS_Secret="${KAPPERNETDNS_Secret:-$(_readaccountconf_mutable KAPPERNETDNS_Secret)}"
+
+  if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
+    KAPPERNETDNS_Key=""
+    KAPPERNETDNS_Secret=""
+    _err "Please specify your kapper.net api key and secret."
+    _err "If you have not received yours - send your mail to"
+	_err "[email protected] to get  your key and secret."
+    return 1
+  fi
+
+  #store the api key and email to the account conf file.
+  _saveaccountconf_mutable KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
+  _saveaccountconf_mutable KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
+
+  _info "Trying to remove the TXT Record: $fullhostname containing $txtvalue"
+  data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"
+  if _kappernet_api GET "action=del&subject=$fullhostname&data=$data"; then
+    if _contains "$response" "{\"OK\":true"; then
+      return 0
+    else
+      _err "Error deleting DNS Record: $fullhostname containing $txtvalue"
+      _err "Problem: $response"
+      return 1
+    fi
+  fi
+  _err "Problem deleting TXT DNS record"
+}
+
+####################  Private functions below ##################################
+# called with hostname
+# e.g._acme-challenge.www.domain.com returns
+# _sub_domain=_acme-challenge.www 
+# _domain=domain.com
+_get_root() {
+  domain=$1
+  i=2
+  p=1
+  while true; do
+    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
+    if [ -z "$h" ]; then
+      #not valid
+      return 1
+    fi
+    if ! _kappernet_api GET "action=list&subject=$h"; then
+      return 1
+    fi
+    if _contains "$response" '"OK":false'; then
+      _debug "$h not found"
+    else
+      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
+      _domain="$h"
+      return 0
+    fi
+    p="$i"
+    i=$(_math "$i" + 1)
+  done
+  return 1
+}
+
+################################################################################
+# calls the kapper.net DNS Panel API
+# with 
+# method
+# param
+_kappernet_api() {
+  method=$1
+  param="$2"
+
+  _debug param "PARAMETER=$param"
+  url="$KAPPERNETDNS_Api&$param"
+  _debug url "URL=$url"
+
+  if [ "$method" = "GET" ]; then
+    response="$(_get "$url")"
+  else
+    _err "Unsupported method"
+    return 1
+  fi
+
+  _debug2 response "$response"
+  return 0
+}