Home Explore Help
Register Sign In
Apq
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

make ip-whitelisting configurable for DNS TransIP and download keyfile if it is an url

Dennis Koot 3 years ago
parent
2454ac8ef1
commit
7122a960fa
1 changed files with 23 additions and 2 deletions
Split View Show Diff Stats
  1. 23 2
      dnsapi/dns_transip.sh

+ 23 - 2
dnsapi/dns_transip.sh
View File 

@@ -1,7 +1,6 @@
 
 #!/usr/bin/env sh
 
 TRANSIP_Api_Url="https://api.transip.nl/v6"
 
 TRANSIP_Token_Read_Only="false"
 
-TRANSIP_Token_Global_Key="false"
 
 TRANSIP_Token_Expiration="30 minutes"
 
 # You can't reuse a label token, so we leave this empty normally
 
 TRANSIP_Token_Label=""
 
@@ -96,7 +95,11 @@ _transip_get_token() {
 
   nonce=$(echo "TRANSIP$(_time)" | _digest sha1 hex | cut -c 1-32)
 
   _debug nonce "$nonce"
 
 
-  data="{\"login\":\"${TRANSIP_Username}\",\"nonce\":\"${nonce}\",\"read_only\":\"${TRANSIP_Token_Read_Only}\",\"expiration_time\":\"${TRANSIP_Token_Expiration}\",\"label\":\"${TRANSIP_Token_Label}\",\"global_key\":\"${TRANSIP_Token_Global_Key}\"}"
 
+  # make IP whitelisting configurable
 
+  TRANSIP_Token_Global_Key="${TRANSIP_Token_Global_Key:-$(_readaccountconf_mutable TRANSIP_Token_Global_Key)}"
 
+  _saveaccountconf_mutable TRANSIP_Token_Global_Key "$TRANSIP_Token_Global_Key"
 
+
 
+  data="{\"login\":\"${TRANSIP_Username}\",\"nonce\":\"${nonce}\",\"read_only\":\"${TRANSIP_Token_Read_Only}\",\"expiration_time\":\"${TRANSIP_Token_Expiration}\",\"label\":\"${TRANSIP_Token_Label}\",\"global_key\":\"${TRANSIP_Token_Global_Key:-false}\"}"
 
   _debug data "$data"
 
 
   #_signature=$(printf "%s" "$data" | openssl dgst -sha512 -sign "$TRANSIP_Key_File" | _base64)
 
@@ -139,6 +142,18 @@ _transip_setup() {
 
   _saveaccountconf_mutable TRANSIP_Username "$TRANSIP_Username"
 
   _saveaccountconf_mutable TRANSIP_Key_File "$TRANSIP_Key_File"
 
 
+  # download key file if it's an URL
 
+  if _startswith "$TRANSIP_Key_File" "http"; then
 
+    _debug "download transip key file"
 
+    TRANSIP_Key_URL=$TRANSIP_Key_File
 
+    TRANSIP_Key_File="$(_mktemp)"
 
+    chmod 600 "$TRANSIP_Key_File"
 
+    if ! _get "$TRANSIP_Key_URL" >"$TRANSIP_Key_File"; then
 
+      _err "Error getting key file from : $TRANSIP_Key_URL"
 
+      return 1
 
+    fi
 
+  fi
 
+
 
   if [ -f "$TRANSIP_Key_File" ]; then
 
     if ! grep "BEGIN PRIVATE KEY" "$TRANSIP_Key_File" >/dev/null 2>&1; then
 
       _err "Key file doesn't seem to be a valid key: ${TRANSIP_Key_File}"
 
@@ -156,6 +171,12 @@ _transip_setup() {
 
     fi
 
   fi
 
 
+  if [ -n "${TRANSIP_Key_URL}" ]; then
 
+    _debug "delete transip key file"
 
+    rm "${TRANSIP_Key_File}"
 
+    TRANSIP_Key_File=$TRANSIP_Key_URL
 
+  fi
 
+
 
   _get_root "$fulldomain" || return 1
 
 
   return 0