Quellcode durchsuchen

Merge pull request #2854 from acmesh-official/dev

sync
neil vor 5 Jahren
Ursprung
Commit
dbf659c575
7 geänderte Dateien mit 407 neuen und 6 gelöschten Zeilen
  1. 11 1
      .github/auto-comment.yml
  2. 9 1
      acme.sh
  3. 254 0
      dnsapi/dns_1984hosting.sh
  4. 1 1
      dnsapi/dns_cf.sh
  5. 2 2
      dnsapi/dns_constellix.sh
  6. 129 0
      dnsapi/dns_joker.sh
  7. 1 1
      dnsapi/dns_me.sh

+ 11 - 1
.github/auto-comment.yml

@@ -1,13 +1,21 @@
 # Comment to a new issue.
 issuesOpened: >
   If this is a bug report, please upgrade to the latest code and try again:
-  请先更新到最新版再试:
+  
+  如果有 bug, 请先更新到最新版试试:
+  
   ```sh
   acme.sh --upgrade
   ```
+  
+  please also provide the log with `--debug 2`.
+  
+  see: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
 
 
 pullRequestOpened: >
+  First, never send a PR to `master` branch, it will never be accepted. Please send to the `dev` branch instead.
+  
   If this is a PR to support new DNS API or new notification API, please read this guide first:
   https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide
   
@@ -16,3 +24,5 @@ pullRequestOpened: >
   Then add your usage here:
   https://github.com/acmesh-official/acme.sh/wiki/dnsapi
 
+
+

+ 9 - 1
acme.sh

@@ -846,6 +846,14 @@ _json_encode() {
   echo "$_j_str" | _hex_dump | _lower_case | sed 's/0a/5c 6e/g' | tr -d ' ' | _h2b | tr -d "\r\n"
 }
 
+#from: http:\/\/  to http://
+_json_decode() {
+  _j_str="$(sed 's#\\/#/#g')"
+  _debug3 "_json_decode"
+  _debug3 "_j_str" "$_j_str"
+  echo "$_j_str"
+}
+
 #options file
 _sed_i() {
   options="$1"
@@ -4019,7 +4027,7 @@ issue() {
       #for dns manual mode
       _savedomainconf "Le_OrderFinalize" "$Le_OrderFinalize"
 
-      _authorizations_seg="$(echo "$response" | _egrep_o '"authorizations" *: *\[[^\[]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')"
+      _authorizations_seg="$(echo "$response" | _json_decode | _egrep_o '"authorizations" *: *\[[^\[]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')"
       _debug2 _authorizations_seg "$_authorizations_seg"
       if [ -z "$_authorizations_seg" ]; then
         _err "_authorizations_seg not found."

+ 254 - 0
dnsapi/dns_1984hosting.sh

@@ -0,0 +1,254 @@
+#!/usr/bin/env sh
+#This file name is "dns_1984hosting.sh"
+#So, here must be a method dns_1984hosting_add()
+#Which will be called by acme.sh to add the txt record to your api system.
+#returns 0 means success, otherwise error.
+#
+#Author: Adrian Fedoreanu
+#Report Bugs here: https://github.com/acmesh-official/acme.sh
+# or here... https://github.com/acmesh-official/acme.sh/issues/2851
+#
+########  Public functions #####################
+
+# Export 1984HOSTING username and password in following variables
+#
+#  One984HOSTING_Username=username
+#  One984HOSTING_Password=password
+#
+# sessionid cookie is saved in ~/.acme.sh/account.conf
+# username/password need to be set only when changed.
+
+#Usage: dns_1984hosting_add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+dns_1984hosting_add() {
+  fulldomain=$1
+  txtvalue=$2
+
+  _info "Add TXT record using 1984Hosting"
+  _debug fulldomain "$fulldomain"
+  _debug txtvalue "$txtvalue"
+
+  if ! _1984hosting_login; then
+    _err "1984Hosting login failed for user $One984HOSTING_Username. Check $HTTP_HEADER file"
+    return 1
+  fi
+
+  _debug "First detect the root zone"
+  if ! _get_root "$fulldomain"; then
+    _err "invalid domain" "$fulldomain"
+    return 1
+  fi
+  _debug _sub_domain "$_sub_domain"
+  _debug _domain "$_domain"
+
+  _1984hosting_add_txt_record "$_domain" "$_sub_domain" "$txtvalue"
+  return $?
+}
+
+#Usage: fulldomain txtvalue
+#Remove the txt record after validation.
+dns_1984hosting_rm() {
+  fulldomain=$1
+  txtvalue=$2
+
+  _info "Delete TXT record using 1984Hosting"
+  _debug fulldomain "$fulldomain"
+  _debug txtvalue "$txtvalue"
+
+  if ! _1984hosting_login; then
+    _err "1984Hosting login failed for user $One984HOSTING_Username. Check $HTTP_HEADER file"
+    return 1
+  fi
+
+  _debug "First detect the root zone"
+  if ! _get_root "$fulldomain"; then
+    _err "invalid domain" "$fulldomain"
+    return 1
+  fi
+  _debug _sub_domain "$_sub_domain"
+  _debug _domain "$_domain"
+
+  _1984hosting_delete_txt_record "$_domain" "$_sub_domain"
+  return $?
+}
+
+####################  Private functions below ##################################
+
+# usage _1984hosting_add_txt_record domain subdomain value
+# returns 0 success
+_1984hosting_add_txt_record() {
+  _debug "Add TXT record $1 with value '$3'"
+  domain="$1"
+  subdomain="$2"
+  value="$(printf '%s' "$3" | _url_encode)"
+  url="https://management.1984hosting.com/domains/entry/"
+
+  postdata="entry=new"
+  postdata="$postdata&type=TXT"
+  postdata="$postdata&ttl=3600"
+  postdata="$postdata&zone=$domain"
+  postdata="$postdata&host=$subdomain"
+  postdata="$postdata&rdata=%22$value%22"
+  _debug2 postdata "$postdata"
+
+  _authpost "$postdata" "$url"
+  response="$(echo "$_response" | _normalizeJson)"
+  _debug2 response "$response"
+
+  if _contains "$response" '"haserrors": true'; then
+    _err "1984Hosting failed to add TXT record for $subdomain bad RC from _post"
+    return 1
+  elif _contains "$response" "<html>"; then
+    _err "1984Hosting failed to add TXT record for $subdomain. Check $HTTP_HEADER file"
+    return 1
+  elif [ "$response" = '{"auth": false, "ok": false}' ]; then
+    _err "1984Hosting failed to add TXT record for $subdomain. Invalid or expired cookie"
+    return 1
+  fi
+
+  _info "Added acme challenge TXT record for $fulldomain at 1984Hosting"
+  return 0
+}
+
+# usage _1984hosting_delete_txt_record entry_id
+# returns 0 success
+_1984hosting_delete_txt_record() {
+  _debug "Delete $fulldomain TXT record"
+  domain="$1"
+  subdomain="$2"
+  url="https://management.1984hosting.com/domains"
+
+  _htmlget "$url" "$domain"
+  _debug2 _response "$_response"
+  zone_id="$(echo "$_response" | _egrep_o 'zone\/[0-9]+')"
+  _debug2 zone_id "$zone_id"
+  if [ -z "$zone_id" ]; then
+    _err "Error getting zone_id for $1"
+    return 1
+  fi
+
+  _htmlget "$url/$zone_id" "$subdomain"
+  _debug2 _response "$_response"
+  entry_id="$(echo "$_response" | _egrep_o 'entry_[0-9]+' | sed 's/entry_//')"
+  _debug2 entry_id "$entry_id"
+  if [ -z "$entry_id" ]; then
+    _err "Error getting TXT entry_id for $1"
+    return 1
+  fi
+
+  _authpost "entry=$entry_id" "$url/delentry/"
+  response="$(echo "$_response" | _normalizeJson)"
+  _debug2 response "$response"
+
+  if ! _contains "$response" '"ok": true'; then
+    _err "1984Hosting failed to delete TXT record for $entry_id bad RC from _post"
+    return 1
+  fi
+
+  _info "Deleted acme challenge TXT record for $fulldomain at 1984Hosting"
+  return 0
+}
+
+# usage: _1984hosting_login username password
+# returns 0 success
+_1984hosting_login() {
+  if ! _check_credentials; then return 1; fi
+
+  if _check_cookie; then
+    _debug "Already logged in"
+    return 0
+  fi
+
+  _debug "Login to 1984Hosting as user $One984HOSTING_Username"
+  username=$(printf '%s' "$One984HOSTING_Username" | _url_encode)
+  password=$(printf '%s' "$One984HOSTING_Password" | _url_encode)
+  url="https://management.1984hosting.com/accounts/checkuserauth/"
+
+  response="$(_post "username=$username&password=$password&otpkey=" "$url")"
+  response="$(echo "$response" | _normalizeJson)"
+  _debug2 response "$response"
+
+  if [ "$response" = '{"loggedin": true, "ok": true}' ]; then
+    One984HOSTING_COOKIE="$(grep '^Set-Cookie:' "$HTTP_HEADER" | _tail_n 1 | _egrep_o 'sessionid=[^;]*;' | tr -d ';')"
+    export One984HOSTING_COOKIE
+    _saveaccountconf_mutable One984HOSTING_COOKIE "$One984HOSTING_COOKIE"
+    return 0
+  fi
+  return 1
+}
+
+_check_credentials() {
+  if [ -z "$One984HOSTING_Username" ] || [ -z "$One984HOSTING_Password" ]; then
+    One984HOSTING_Username=""
+    One984HOSTING_Password=""
+    _err "You haven't specified 1984Hosting username or password yet."
+    _err "Please export as One984HOSTING_Username / One984HOSTING_Password and try again."
+    return 1
+  fi
+  return 0
+}
+
+_check_cookie() {
+  One984HOSTING_COOKIE="${One984HOSTING_COOKIE:-$(_readaccountconf_mutable One984HOSTING_COOKIE)}"
+  if [ -z "$One984HOSTING_COOKIE" ]; then
+    _debug "No cached cookie found"
+    return 1
+  fi
+
+  _authget "https://management.1984hosting.com/accounts/loginstatus/"
+  response="$(echo "$_response" | _normalizeJson)"
+  if [ "$_response" = '{"ok": true}' ]; then
+    _debug "Cached cookie still valid"
+    return 0
+  fi
+  _debug "Cached cookie no longer valid"
+  One984HOSTING_COOKIE=""
+  _saveaccountconf_mutable One984HOSTING_COOKIE "$One984HOSTING_COOKIE"
+  return 1
+}
+
+#_acme-challenge.www.domain.com
+#returns
+# _sub_domain=_acme-challenge.www
+# _domain=domain.com
+_get_root() {
+  domain="$1"
+  i=2
+  p=1
+  while true; do
+    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
+
+    if [ -z "$h" ]; then
+      #not valid
+      return 1
+    fi
+
+    _authget "https://management.1984hosting.com/domains/soacheck/?zone=$h&nameserver=ns0.1984.is."
+    if _contains "$_response" "serial"; then
+      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
+      _domain="$h"
+      return 0
+    fi
+    p=$i
+    i=$(_math "$i" + 1)
+  done
+  return 1
+}
+
+# add extra headers to request
+_authget() {
+  export _H1="Cookie: $One984HOSTING_COOKIE"
+  _response=$(_get "$1")
+}
+
+# truncate huge HTML response
+# echo: Argument list too long
+_htmlget() {
+  export _H1="Cookie: $One984HOSTING_COOKIE"
+  _response=$(_get "$1" | grep "$2" | _head_n 1)
+}
+
+# add extra headers to request
+_authpost() {
+  export _H1="Cookie: $One984HOSTING_COOKIE"
+  _response=$(_post "$1" "$2")
+}

+ 1 - 1
dnsapi/dns_cf.sh

@@ -111,7 +111,7 @@ dns_cf_rm() {
   _cf_rest GET "zones/${_domain_id}/dns_records?type=TXT&name=$fulldomain&content=$txtvalue"
 
   if ! printf "%s" "$response" | grep \"success\":true >/dev/null; then
-    _err "Error"
+    _err "Error: $response"
     return 1
   fi
 

+ 2 - 2
dnsapi/dns_constellix.sh

@@ -86,12 +86,12 @@ _get_root() {
       return 1
     fi
 
-    if ! _constellix_rest GET "domains"; then
+    if ! _constellix_rest GET "domains/search?exact=$h"; then
       return 1
     fi
 
     if _contains "$response" "\"name\":\"$h\""; then
-      _domain_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[^,]*" | head -n 1 | cut -d ':' -f 2 | tr -d '}')
+      _domain_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[0-9]+" | cut -d ':' -f 2)
       if [ "$_domain_id" ]; then
         _sub_domain=$(printf "%s" "$domain" | cut -d '.' -f 1-$p)
         _domain="$h"

+ 129 - 0
dnsapi/dns_joker.sh

@@ -0,0 +1,129 @@
+#!/usr/bin/env sh
+
+# Joker.com API for acme.sh
+#
+# This script adds the necessary TXT record to a domain in Joker.com.
+#
+# You must activate Dynamic DNS in Joker.com DNS configuration first.
+# Username and password below refer to Dynamic DNS authentication,
+# not your Joker.com login credentials.
+# See: https://joker.com/faq/content/11/427/en/what-is-dynamic-dns-dyndns.html
+#
+# NOTE: This script does not support wildcard certificates, because
+# Joker.com API does not support adding two TXT records with the same
+# subdomain. Adding the second record will overwrite the first one.
+# See: https://joker.com/faq/content/6/496/en/let_s-encrypt-support.html
+#   "... this request will replace all TXT records for the specified
+#    label by the provided content"
+#
+# Author: aattww (https://github.com/aattww/)
+#
+# Report bugs to https://github.com/acmesh-official/acme.sh/issues/2840
+#
+# JOKER_USERNAME="xxxx"
+# JOKER_PASSWORD="xxxx"
+
+JOKER_API="https://svc.joker.com/nic/replace"
+
+########  Public functions #####################
+
+#Usage: dns_joker_add  _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+dns_joker_add() {
+  fulldomain=$1
+  txtvalue=$2
+
+  JOKER_USERNAME="${JOKER_USERNAME:-$(_readaccountconf_mutable JOKER_USERNAME)}"
+  JOKER_PASSWORD="${JOKER_PASSWORD:-$(_readaccountconf_mutable JOKER_PASSWORD)}"
+
+  if [ -z "$JOKER_USERNAME" ] || [ -z "$JOKER_PASSWORD" ]; then
+    _err "No Joker.com username and password specified."
+    return 1
+  fi
+
+  _saveaccountconf_mutable JOKER_USERNAME "$JOKER_USERNAME"
+  _saveaccountconf_mutable JOKER_PASSWORD "$JOKER_PASSWORD"
+
+  if ! _get_root "$fulldomain"; then
+    _err "Invalid domain"
+    return 1
+  fi
+
+  _info "Adding TXT record"
+  if _joker_rest "username=$JOKER_USERNAME&password=$JOKER_PASSWORD&zone=$_domain&label=$_sub_domain&type=TXT&value=$txtvalue"; then
+    if _startswith "$response" "OK"; then
+      _info "Added, OK"
+      return 0
+    fi
+  fi
+  _err "Error adding TXT record."
+  return 1
+}
+
+#fulldomain txtvalue
+dns_joker_rm() {
+  fulldomain=$1
+  txtvalue=$2
+
+  JOKER_USERNAME="${JOKER_USERNAME:-$(_readaccountconf_mutable JOKER_USERNAME)}"
+  JOKER_PASSWORD="${JOKER_PASSWORD:-$(_readaccountconf_mutable JOKER_PASSWORD)}"
+
+  if ! _get_root "$fulldomain"; then
+    _err "Invalid domain"
+    return 1
+  fi
+
+  _info "Removing TXT record"
+  # TXT record is removed by setting its value to empty.
+  if _joker_rest "username=$JOKER_USERNAME&password=$JOKER_PASSWORD&zone=$_domain&label=$_sub_domain&type=TXT&value="; then
+    if _startswith "$response" "OK"; then
+      _info "Removed, OK"
+      return 0
+    fi
+  fi
+  _err "Error removing TXT record."
+  return 1
+}
+
+####################  Private functions below ##################################
+#_acme-challenge.www.domain.com
+#returns
+# _sub_domain=_acme-challenge.www
+# _domain=domain.com
+_get_root() {
+  fulldomain=$1
+  i=1
+  while true; do
+    h=$(printf "%s" "$fulldomain" | cut -d . -f $i-100)
+    _debug h "$h"
+    if [ -z "$h" ]; then
+      return 1
+    fi
+
+    # Try to remove a test record. With correct root domain, username and password this will return "OK: ..." regardless
+    # of record in question existing or not. 
+    if _joker_rest "username=$JOKER_USERNAME&password=$JOKER_PASSWORD&zone=$h&label=jokerTXTUpdateTest&type=TXT&value="; then
+      if _startswith "$response" "OK"; then
+        _sub_domain="$(echo "$fulldomain" | sed "s/\\.$h\$//")"
+        _domain=$h
+        return 0
+      fi
+    fi
+
+    i=$(_math "$i" + 1)
+  done
+
+  _debug "Root domain not found"
+  return 1
+}
+
+_joker_rest() {
+  data="$1"
+  _debug data "$data"
+
+  if ! response="$(_post "$data" "$JOKER_API" "" "POST")"; then
+    _err "Error POSTing"
+    return 1
+  fi
+  _debug response "$response"
+  return 0
+}

+ 1 - 1
dnsapi/dns_me.sh

@@ -114,7 +114,7 @@ _get_root() {
     fi
 
     if _contains "$response" "\"name\":\"$h\""; then
-      _domain_id=$(printf "%s\n" "$response" | cut -c 2- | head -c -2 | sed 's/{.*}//' | sed -r 's/^.*"id":([0-9]+).*$/\1/')
+      _domain_id=$(printf "%s\n" "$response" | sed 's/^{//; s/}$//; s/{.*}//' | sed -r 's/^.*"id":([0-9]+).*$/\1/')
       if [ "$_domain_id" ]; then
         _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
         _domain="$h"