diff --git a/acme.sh b/acme.sh
index 260733a2..86e4ccf1 100755
--- a/acme.sh
+++ b/acme.sh
@@ -435,8 +435,10 @@ _secure_debug3() {
fi
}
+__USE_TR_RAW="$([ "$(echo "abc" | tr a-z A-Z 2>/dev/null)" = "ABC" ] && echo 1 || echo 0)"
+
_upper_case() {
- if _is_solaris; then
+ if [ "$__USE_TR_RAW" = "0" ]; then
tr '[:lower:]' '[:upper:]'
else
# shellcheck disable=SC2018,SC2019
@@ -445,7 +447,7 @@ _upper_case() {
}
_lower_case() {
- if _is_solaris; then
+ if [ "$__USE_TR_RAW" = "0" ]; then
tr '[:upper:]' '[:lower:]'
else
# shellcheck disable=SC2018,SC2019
@@ -5752,7 +5754,9 @@ _installcert() {
if [ -f "$_real_cert" ] && [ ! "$_ACME_IS_RENEW" ]; then
cp "$_real_cert" "$_backup_path/cert.bak"
fi
- cat "$CERT_PATH" >"$_real_cert" || return 1
+ if [ "$CERT_PATH" != "$_real_cert" ]; then
+ cat "$CERT_PATH" >"$_real_cert" || return 1
+ fi
fi
if [ "$_real_ca" ]; then
@@ -5764,7 +5768,9 @@ _installcert() {
if [ -f "$_real_ca" ] && [ ! "$_ACME_IS_RENEW" ]; then
cp "$_real_ca" "$_backup_path/ca.bak"
fi
- cat "$CA_CERT_PATH" >"$_real_ca" || return 1
+ if [ "$CA_CERT_PATH" != "$_real_ca" ]; then
+ cat "$CA_CERT_PATH" >"$_real_ca" || return 1
+ fi
fi
fi
@@ -5773,12 +5779,14 @@ _installcert() {
if [ -f "$_real_key" ] && [ ! "$_ACME_IS_RENEW" ]; then
cp "$_real_key" "$_backup_path/key.bak"
fi
- if [ -f "$_real_key" ]; then
- cat "$CERT_KEY_PATH" >"$_real_key" || return 1
- else
- touch "$_real_key" || return 1
- chmod 600 "$_real_key"
- cat "$CERT_KEY_PATH" >"$_real_key" || return 1
+ if [ "$CERT_KEY_PATH" != "$_real_key" ]; then
+ if [ -f "$_real_key" ]; then
+ cat "$CERT_KEY_PATH" >"$_real_key" || return 1
+ else
+ touch "$_real_key" || return 1
+ chmod 600 "$_real_key"
+ cat "$CERT_KEY_PATH" >"$_real_key" || return 1
+ fi
fi
fi
@@ -5787,7 +5795,9 @@ _installcert() {
if [ -f "$_real_fullchain" ] && [ ! "$_ACME_IS_RENEW" ]; then
cp "$_real_fullchain" "$_backup_path/fullchain.bak"
fi
- cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain" || return 1
+ if [ "$_real_fullchain" != "$CERT_FULLCHAIN_PATH" ]; then
+ cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain" || return 1
+ fi
fi
if [ "$_reload_cmd" ]; then
diff --git a/deploy/qiniu.sh b/deploy/qiniu.sh
index 70669917..02250ed3 100644
--- a/deploy/qiniu.sh
+++ b/deploy/qiniu.sh
@@ -53,7 +53,7 @@ qiniu_deploy() {
sslcert_access_token="$(_make_access_token "$sslcert_path")"
_debug sslcert_access_token "$sslcert_access_token"
export _H1="Authorization: QBox $sslcert_access_token"
- sslcert_response=$(_post "$sslcerl_body" "$QINIU_API_BASE$sslcert_path" 0 "POST" "application/json" | _dbase64 "multiline")
+ sslcert_response=$(_post "$sslcerl_body" "$QINIU_API_BASE$sslcert_path" 0 "POST" "application/json" | _dbase64)
if ! _contains "$sslcert_response" "certID"; then
_err "Error in creating certificate:"
@@ -75,7 +75,7 @@ qiniu_deploy() {
update_access_token="$(_make_access_token "$update_path")"
_debug update_access_token "$update_access_token"
export _H1="Authorization: QBox $update_access_token"
- update_response=$(_post "$update_body" "$QINIU_API_BASE$update_path" 0 "PUT" "application/json" | _dbase64 "multiline")
+ update_response=$(_post "$update_body" "$QINIU_API_BASE$update_path" 0 "PUT" "application/json" | _dbase64)
if _contains "$update_response" "error"; then
_err "Error in updating domain $domain httpsconf:"
diff --git a/dnsapi/dns_aws.sh b/dnsapi/dns_aws.sh
index 376936f5..50c93260 100755
--- a/dnsapi/dns_aws.sh
+++ b/dnsapi/dns_aws.sh
@@ -155,31 +155,20 @@ _get_root() {
i=1
p=1
- if aws_rest GET "2013-04-01/hostedzone"; then
- while true; do
- h=$(printf "%s" "$domain" | cut -d . -f $i-100)
- _debug2 "Checking domain: $h"
- if [ -z "$h" ]; then
- if _contains "$response" "true" && _contains "$response" ""; then
- _debug "IsTruncated"
- _nextMarker="$(echo "$response" | _egrep_o ".*" | cut -d '>' -f 2 | cut -d '<' -f 1)"
- _debug "NextMarker" "$_nextMarker"
- if aws_rest GET "2013-04-01/hostedzone" "marker=$_nextMarker"; then
- _debug "Truncated request OK"
- i=2
- p=1
- continue
- else
- _err "Truncated request error."
- fi
- fi
- #not valid
- _err "Invalid domain"
- return 1
- fi
+ # iterate over names (a.b.c.d -> b.c.d -> c.d -> d)
+ while true; do
+ h=$(printf "%s" "$domain" | cut -d . -f $i-100)
+ _debug "Checking domain: $h"
+ if [ -z "$h" ]; then
+ _error "invalid domain"
+ return 1
+ fi
+ # iterate over paginated result for list_hosted_zones
+ aws_rest GET "2013-04-01/hostedzone"
+ while true; do
if _contains "$response" "$h."; then
- hostedzone="$(echo "$response" | sed 's//#&/g' | tr '#' '\n' | _egrep_o "[^<]*<.Id>$h.<.Name>.*false<.PrivateZone>.*<.HostedZone>")"
+ hostedzone="$(echo "$response" | tr -d '\n' | sed 's//#&/g' | tr '#' '\n' | _egrep_o "[^<]*<.Id>$h.<.Name>.*false<.PrivateZone>.*<.HostedZone>")"
_debug hostedzone "$hostedzone"
if [ "$hostedzone" ]; then
_domain_id=$(printf "%s\n" "$hostedzone" | _egrep_o ".*<.Id>" | head -n 1 | _egrep_o ">.*<" | tr -d "<>")
@@ -192,10 +181,19 @@ _get_root() {
return 1
fi
fi
- p=$i
- i=$(_math "$i" + 1)
+ if _contains "$response" "true" && _contains "$response" ""; then
+ _debug "IsTruncated"
+ _nextMarker="$(echo "$response" | _egrep_o ".*" | cut -d '>' -f 2 | cut -d '<' -f 1)"
+ _debug "NextMarker" "$_nextMarker"
+ else
+ break
+ fi
+ _debug "Checking domain: $h - Next Page "
+ aws_rest GET "2013-04-01/hostedzone" "marker=$_nextMarker"
done
- fi
+ p=$i
+ i=$(_math "$i" + 1)
+ done
return 1
}
diff --git a/dnsapi/dns_cf.sh b/dnsapi/dns_cf.sh
index c2430086..cd8d9a8d 100755
--- a/dnsapi/dns_cf.sh
+++ b/dnsapi/dns_cf.sh
@@ -32,7 +32,8 @@ dns_cf_add() {
else
_saveaccountconf_mutable CF_Token "$CF_Token"
_saveaccountconf_mutable CF_Account_ID "$CF_Account_ID"
- _saveaccountconf_mutable CF_Zone_ID "$CF_Zone_ID"
+ _clearaccountconf_mutable CF_Zone_ID
+ _clearaccountconf CF_Zone_ID
fi
else
if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then
@@ -51,6 +52,14 @@ dns_cf_add() {
#save the api key and email to the account conf file.
_saveaccountconf_mutable CF_Key "$CF_Key"
_saveaccountconf_mutable CF_Email "$CF_Email"
+
+ _clearaccountconf_mutable CF_Token
+ _clearaccountconf_mutable CF_Account_ID
+ _clearaccountconf_mutable CF_Zone_ID
+ _clearaccountconf CF_Token
+ _clearaccountconf CF_Account_ID
+ _clearaccountconf CF_Zone_ID
+
fi
_debug "First detect the root zone"
diff --git a/dnsapi/dns_cyon.sh b/dnsapi/dns_cyon.sh
index 2c08812b..830e8831 100644
--- a/dnsapi/dns_cyon.sh
+++ b/dnsapi/dns_cyon.sh
@@ -44,7 +44,7 @@ dns_cyon_rm() {
_cyon_load_credentials() {
# Convert loaded password to/from base64 as needed.
if [ "${CY_Password_B64}" ]; then
- CY_Password="$(printf "%s" "${CY_Password_B64}" | _dbase64 "multiline")"
+ CY_Password="$(printf "%s" "${CY_Password_B64}" | _dbase64)"
elif [ "${CY_Password}" ]; then
CY_Password_B64="$(printf "%s" "${CY_Password}" | _base64)"
fi
diff --git a/dnsapi/dns_gcloud.sh b/dnsapi/dns_gcloud.sh
index d560996c..bda5cbd7 100755
--- a/dnsapi/dns_gcloud.sh
+++ b/dnsapi/dns_gcloud.sh
@@ -98,7 +98,7 @@ _dns_gcloud_remove_rrs() {
--ttl="$ttl" \
--type=TXT \
--zone="$managedZone" \
- --transaction-file="$tr"; then
+ --transaction-file="$tr" --; then
_debug tr "$(cat "$tr")"
rm -r "$trd"
_err "_dns_gcloud_remove_rrs: failed to remove RRs"
@@ -113,7 +113,7 @@ _dns_gcloud_add_rrs() {
--ttl="$ttl" \
--type=TXT \
--zone="$managedZone" \
- --transaction-file="$tr"; then
+ --transaction-file="$tr" --; then
_debug tr "$(cat "$tr")"
rm -r "$trd"
_err "_dns_gcloud_add_rrs: failed to add RRs"
diff --git a/dnsapi/dns_namecheap.sh b/dnsapi/dns_namecheap.sh
index d15d6b0e..dcd87723 100755
--- a/dnsapi/dns_namecheap.sh
+++ b/dnsapi/dns_namecheap.sh
@@ -259,7 +259,7 @@ _set_namecheap_TXT() {
_debug hosts "$hosts"
if [ -z "$hosts" ]; then
- _error "Hosts not found"
+ _err "Hosts not found"
return 1
fi
@@ -313,7 +313,7 @@ _del_namecheap_TXT() {
_debug hosts "$hosts"
if [ -z "$hosts" ]; then
- _error "Hosts not found"
+ _err "Hosts not found"
return 1
fi
diff --git a/dnsapi/dns_ultra.sh b/dnsapi/dns_ultra.sh
index 0100b3b7..0f26bd97 100644
--- a/dnsapi/dns_ultra.sh
+++ b/dnsapi/dns_ultra.sh
@@ -5,7 +5,8 @@
#
# ULTRA_PWD="some_password_goes_here"
-ULTRA_API="https://restapi.ultradns.com/v2/"
+ULTRA_API="https://api.ultradns.com/v3/"
+ULTRA_AUTH_API="https://api.ultradns.com/v2/"
#Usage: add _acme-challenge.www.domain.com "some_long_string_of_characters_go_here_from_lets_encrypt"
dns_ultra_add() {
@@ -121,7 +122,7 @@ _get_root() {
return 1
fi
if _contains "${response}" "${h}." >/dev/null; then
- _domain_id=$(echo "$response" | _egrep_o "${h}")
+ _domain_id=$(echo "$response" | _egrep_o "${h}" | head -1)
if [ "$_domain_id" ]; then
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
_domain="${h}"
@@ -142,23 +143,25 @@ _ultra_rest() {
ep="$2"
data="$3"
_debug "$ep"
- _debug TOKEN "${AUTH_TOKEN}"
+ if [ -z "$AUTH_TOKEN" ]; then
+ _ultra_login
+ fi
+ _debug TOKEN "$AUTH_TOKEN"
- _ultra_login
export _H1="Content-Type: application/json"
- export _H2="Authorization: Bearer ${AUTH_TOKEN}"
+ export _H2="Authorization: Bearer $AUTH_TOKEN"
if [ "$m" != "GET" ]; then
- _debug data "${data}"
- response="$(_post "${data}" "${ULTRA_API}"/"${ep}" "" "${m}")"
+ _debug data "$data"
+ response="$(_post "$data" "$ULTRA_API$ep" "" "$m")"
else
- response="$(_get "$ULTRA_API/$ep")"
+ response="$(_get "$ULTRA_API$ep")"
fi
}
_ultra_login() {
export _H1=""
export _H2=""
- AUTH_TOKEN=$(_post "grant_type=password&username=${ULTRA_USR}&password=${ULTRA_PWD}" "${ULTRA_API}authorization/token" | cut -d, -f3 | cut -d\" -f4)
+ AUTH_TOKEN=$(_post "grant_type=password&username=${ULTRA_USR}&password=${ULTRA_PWD}" "${ULTRA_AUTH_API}authorization/token" | cut -d, -f3 | cut -d\" -f4)
export AUTH_TOKEN
}