mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-25 14:41:40 +00:00
Test original implementation by trgosk
This commit is contained in:
parent
cd33647087
commit
9366f4b40e
208
dnsapi/dns_websupport.sh
Normal file
208
dnsapi/dns_websupport.sh
Normal file
@ -0,0 +1,208 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
#This is the websupport.sk api wrapper for acme.sh
|
||||
#
|
||||
#Author: trgo.sk
|
||||
#Report Bugs here: https://github.com/trgosk/acme.sh
|
||||
|
||||
#WS_ApiKey="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
|
||||
#WS_ApiSecret="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
|
||||
|
||||
WS_Api="https://rest.websupport.sk"
|
||||
|
||||
######## Public functions #####################
|
||||
|
||||
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||
dns_websupport_add() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
WS_ApiKey="${WS_ApiKey:-$(_readaccountconf_mutable WS_ApiKey)}"
|
||||
WS_ApiSecret="${WS_ApiSecret:-$(_readaccountconf_mutable WS_ApiSecret)}"
|
||||
|
||||
if [ "$WS_ApiKey" ] && [ "$WS_ApiSecret" ]; then
|
||||
_saveaccountconf_mutable WS_ApiKey "$WS_ApiKey"
|
||||
_saveaccountconf_mutable WS_ApiSecret "$WS_ApiSecret"
|
||||
else
|
||||
WS_ApiKey=""
|
||||
WS_ApiSecret=""
|
||||
_err "You didn't specify a api key and/or api secret yet."
|
||||
_err "You can get yours from here https://admin.websupport.sk/en/auth/apiKey"
|
||||
return 1
|
||||
fi
|
||||
|
||||
_debug "First detect the root zone"
|
||||
if ! _get_root "$fulldomain"; then
|
||||
_err "invalid domain"
|
||||
return 1
|
||||
fi
|
||||
_debug _sub_domain "$_sub_domain"
|
||||
_debug _domain "$_domain"
|
||||
|
||||
# For wildcard cert, the main root domain and the wildcard domain have the same txt subdomain name, so
|
||||
# we can not use updating anymore.
|
||||
# count=$(printf "%s\n" "$response" | _egrep_o "\"count\":[^,]*" | cut -d : -f 2)
|
||||
# _debug count "$count"
|
||||
# if [ "$count" = "0" ]; then
|
||||
_info "Adding record"
|
||||
if _ws_rest POST "/v1/user/self/zone/$_domain/record" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
|
||||
if _contains "$response" "$txtvalue"; then
|
||||
_info "Added, OK"
|
||||
return 0
|
||||
elif _contains "$response" "The record already exists"; then
|
||||
_info "Already exists, OK"
|
||||
return 0
|
||||
else
|
||||
_err "Add txt record error."
|
||||
return 1
|
||||
fi
|
||||
fi
|
||||
_err "Add txt record error."
|
||||
return 1
|
||||
|
||||
}
|
||||
|
||||
#fulldomain txtvalue
|
||||
dns_websupport_rm() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
_debug2 fulldomain "$fulldomain"
|
||||
_debug2 txtvalue "$txtvalue"
|
||||
|
||||
_debug "First detect the root zone"
|
||||
if ! _get_root "$fulldomain"; then
|
||||
_err "invalid domain"
|
||||
return 1
|
||||
fi
|
||||
|
||||
_debug _sub_domain "$_sub_domain"
|
||||
_debug _domain "$_domain"
|
||||
|
||||
_debug "Getting txt records"
|
||||
_ws_rest GET "/v1/user/self/zone/$_domain/record"
|
||||
|
||||
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"items\")" -lt "1" ]; then
|
||||
_err "Error: $response"
|
||||
return 1
|
||||
fi
|
||||
|
||||
record_line="$(_get_from_array "$response" "$txtvalue")"
|
||||
_debug record_line "$record_line"
|
||||
if [ -z "$record_line" ]; then
|
||||
_info "Don't need to remove."
|
||||
else
|
||||
record_id=$(echo "$record_line" | _egrep_o "\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
|
||||
_debug "record_id" "$record_id"
|
||||
if [ -z "$record_id" ]; then
|
||||
_err "Can not get record id to remove."
|
||||
return 1
|
||||
fi
|
||||
if ! _ws_rest DELETE "/v1/user/self/zone/$_domain/record/$record_id"; then
|
||||
_err "Delete record error."
|
||||
return 1
|
||||
fi
|
||||
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"success\")" -lt "1" ]; then
|
||||
return 1
|
||||
else
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
#################### Private functions below ##################################
|
||||
#_acme-challenge.www.domain.com
|
||||
#returns
|
||||
# _sub_domain=_acme-challenge.www
|
||||
# _domain=domain.com
|
||||
_get_root() {
|
||||
domain=$1
|
||||
i=1
|
||||
p=1
|
||||
|
||||
while true; do
|
||||
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||
_debug h "$h"
|
||||
if [ -z "$h" ]; then
|
||||
#not valid
|
||||
return 1
|
||||
fi
|
||||
|
||||
if ! _ws_rest GET "/v1/user/self/zone"; then
|
||||
return 1
|
||||
fi
|
||||
|
||||
if _contains "$response" "\"name\":\"$h\""; then
|
||||
_domain_id=$(echo "$response" | _egrep_o "\[.\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
|
||||
if [ "$_domain_id" ]; then
|
||||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||
_domain=$h
|
||||
return 0
|
||||
fi
|
||||
return 1
|
||||
fi
|
||||
p=$i
|
||||
i=$(_math "$i" + 1)
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
_ws_rest() {
|
||||
me=$1
|
||||
pa="$2"
|
||||
da="$3"
|
||||
|
||||
_debug2 api_key "$WS_ApiKey"
|
||||
_debug2 api_secret "$WS_ApiSecret"
|
||||
|
||||
timestamp="$(date +%s)"
|
||||
datez=$(date -u -r "$timestamp" +%Y-%m-%dT%H:%M:%S%z 2>/dev/null || date -u -d@"$timestamp" +%Y-%m-%dT%H:%M:%S%z)
|
||||
canonical_request="${me} ${pa} ${timestamp}"
|
||||
alg="sha1"
|
||||
signature_hash=$( (printf "%s" "$canonical_request" | ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -mac HMAC -macopt "key:$WS_ApiSecret" 2>/dev/null || printf "%s" "$canonical_request" | ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -hmac "$(printf "%s" "$WS_ApiSecret" | _h2b)") | cut -d = -f 2 | tr -d ' ')
|
||||
basicauth="$(printf "%s:%s" "$WS_ApiKey" "$signature_hash" | _base64)"
|
||||
|
||||
_debug2 method "$me"
|
||||
_debug2 path "$pa"
|
||||
_debug2 data "$da"
|
||||
_debug2 timestamp "$timestamp"
|
||||
_debug2 datez "$datez"
|
||||
_debug2 canonical_request "$canonical_request"
|
||||
_debug2 alg "$alg"
|
||||
_debug2 signature_hash "$signature_hash"
|
||||
_debug2 basicauth "$basicauth"
|
||||
|
||||
export _H1="Accept: application/json"
|
||||
export _H2="Content-Type: application/json"
|
||||
export _H3="Authorization: Basic ${basicauth}"
|
||||
export _H4="Date: ${datez}"
|
||||
|
||||
_debug2 H1 "$_H1"
|
||||
_debug2 H2 "$_H2"
|
||||
_debug2 H3 "$_H3"
|
||||
_debug2 H4 "$_H4"
|
||||
|
||||
if [ "$me" != "GET" ]; then
|
||||
_debug2 "${me} $WS_Api${pa}"
|
||||
_debug data "$da"
|
||||
response="$(_post "$da" "${WS_Api}${pa}" "" "$me")"
|
||||
else
|
||||
_debug2 "GET $WS_Api${pa}"
|
||||
response="$(_get "$WS_Api${pa}")"
|
||||
fi
|
||||
|
||||
_debug2 response "$response"
|
||||
return "$?"
|
||||
}
|
||||
|
||||
_get_from_array() {
|
||||
va="$1"
|
||||
fi="$2"
|
||||
for i in $(echo "$va" | sed "s/{/ /g"); do
|
||||
if _contains "$i" "$fi"; then
|
||||
echo "$i"
|
||||
break
|
||||
fi
|
||||
done
|
||||
}
|
Loading…
Reference in New Issue
Block a user