mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-11-18 12:21:44 +00:00
commit
132d5e8253
10
acme.sh
10
acme.sh
@ -2229,6 +2229,16 @@ _send_signed_request() {
|
||||
_debug3 _body "$_body"
|
||||
fi
|
||||
|
||||
_retryafter=$(echo "$responseHeaders" | grep -i "^Retry-After *:" | cut -d : -f 2 | tr -d ' ' | tr -d '\r')
|
||||
if [ "$code" = '503' ] || [ "$_retryafter" ]; then
|
||||
_sleep_overload_retry_sec=$_retryafter
|
||||
if [ -z "$_sleep_overload_retry_sec" ]; then
|
||||
_sleep_overload_retry_sec=5
|
||||
fi
|
||||
_info "It seems the CA server is currently overloaded, let's wait and retry. Sleeping $_sleep_overload_retry_sec seconds."
|
||||
_sleep $_sleep_overload_retry_sec
|
||||
continue
|
||||
fi
|
||||
if _contains "$_body" "JWS has invalid anti-replay nonce" || _contains "$_body" "JWS has an invalid anti-replay nonce"; then
|
||||
_info "It seems the CA server is busy now, let's wait and retry. Sleeping $_sleep_retry_sec seconds."
|
||||
_CACHED_NONCE=""
|
||||
|
157
dnsapi/dns_ipv64.sh
Executable file
157
dnsapi/dns_ipv64.sh
Executable file
@ -0,0 +1,157 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
#Created by Roman Lumetsberger, to use ipv64.net's API to add/remove text records
|
||||
#2022/11/29
|
||||
|
||||
# Pass credentials before "acme.sh --issue --dns dns_ipv64 ..."
|
||||
# --
|
||||
# export IPv64_Token="aaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||
# --
|
||||
#
|
||||
|
||||
IPv64_API="https://ipv64.net/api"
|
||||
|
||||
######## Public functions ######################
|
||||
|
||||
#Usage: dns_ipv64_add _acme-challenge.domain.ipv64.net "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||
dns_ipv64_add() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
IPv64_Token="${IPv64_Token:-$(_readaccountconf_mutable IPv64_Token)}"
|
||||
if [ -z "$IPv64_Token" ]; then
|
||||
_err "You must export variable: IPv64_Token"
|
||||
_err "The API Key for your IPv64 account is necessary."
|
||||
_err "You can look it up in your IPv64 account."
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Now save the credentials.
|
||||
_saveaccountconf_mutable IPv64_Token "$IPv64_Token"
|
||||
|
||||
if ! _get_root "$fulldomain"; then
|
||||
_err "invalid domain" "$fulldomain"
|
||||
return 1
|
||||
fi
|
||||
_debug _sub_domain "$_sub_domain"
|
||||
_debug _domain "$_domain"
|
||||
|
||||
# convert to lower case
|
||||
_domain="$(echo "$_domain" | _lower_case)"
|
||||
_sub_domain="$(echo "$_sub_domain" | _lower_case)"
|
||||
# Now add the TXT record
|
||||
_info "Trying to add TXT record"
|
||||
if _ipv64_rest "POST" "add_record=$_domain&praefix=$_sub_domain&type=TXT&content=$txtvalue"; then
|
||||
_info "TXT record has been successfully added."
|
||||
return 0
|
||||
else
|
||||
_err "Errors happened during adding the TXT record, response=$_response"
|
||||
return 1
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
#Usage: fulldomain txtvalue
|
||||
#Usage: dns_ipv64_rm _acme-challenge.domain.ipv64.net "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||
#Remove the txt record after validation.
|
||||
dns_ipv64_rm() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
IPv64_Token="${IPv64_Token:-$(_readaccountconf_mutable IPv64_Token)}"
|
||||
if [ -z "$IPv64_Token" ]; then
|
||||
_err "You must export variable: IPv64_Token"
|
||||
_err "The API Key for your IPv64 account is necessary."
|
||||
_err "You can look it up in your IPv64 account."
|
||||
return 1
|
||||
fi
|
||||
|
||||
if ! _get_root "$fulldomain"; then
|
||||
_err "invalid domain" "$fulldomain"
|
||||
return 1
|
||||
fi
|
||||
_debug _sub_domain "$_sub_domain"
|
||||
_debug _domain "$_domain"
|
||||
|
||||
# convert to lower case
|
||||
_domain="$(echo "$_domain" | _lower_case)"
|
||||
_sub_domain="$(echo "$_sub_domain" | _lower_case)"
|
||||
# Now delete the TXT record
|
||||
_info "Trying to delete TXT record"
|
||||
if _ipv64_rest "DELETE" "del_record=$_domain&praefix=$_sub_domain&type=TXT&content=$txtvalue"; then
|
||||
_info "TXT record has been successfully deleted."
|
||||
return 0
|
||||
else
|
||||
_err "Errors happened during deleting the TXT record, response=$_response"
|
||||
return 1
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
#################### Private functions below ##################################
|
||||
#_acme-challenge.www.domain.com
|
||||
#returns
|
||||
# _sub_domain=_acme-challenge.www
|
||||
# _domain=domain.com
|
||||
_get_root() {
|
||||
domain="$1"
|
||||
i=1
|
||||
p=1
|
||||
|
||||
_ipv64_get "get_domains"
|
||||
domain_data=$_response
|
||||
|
||||
while true; do
|
||||
h=$(printf "%s" "$domain" | cut -d . -f "$i"-100)
|
||||
if [ -z "$h" ]; then
|
||||
#not valid
|
||||
return 1
|
||||
fi
|
||||
|
||||
#if _contains "$domain_data" "\""$h"\"\:"; then
|
||||
if _contains "$domain_data" "\"""$h""\"\:"; then
|
||||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-"$p")
|
||||
_domain="$h"
|
||||
return 0
|
||||
fi
|
||||
p=$i
|
||||
i=$(_math "$i" + 1)
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
#send get request to api
|
||||
# $1 has to set the api-function
|
||||
_ipv64_get() {
|
||||
url="$IPv64_API?$1"
|
||||
export _H1="Authorization: Bearer $IPv64_Token"
|
||||
|
||||
_response=$(_get "$url")
|
||||
_response="$(echo "$_response" | _normalizeJson)"
|
||||
|
||||
if _contains "$_response" "429 Too Many Requests"; then
|
||||
_info "API throttled, sleeping to reset the limit"
|
||||
_sleep 10
|
||||
_response=$(_get "$url")
|
||||
_response="$(echo "$_response" | _normalizeJson)"
|
||||
fi
|
||||
}
|
||||
|
||||
_ipv64_rest() {
|
||||
url="$IPv64_API"
|
||||
export _H1="Authorization: Bearer $IPv64_Token"
|
||||
export _H2="Content-Type: application/x-www-form-urlencoded"
|
||||
_response=$(_post "$2" "$url" "" "$1")
|
||||
|
||||
if _contains "$_response" "429 Too Many Requests"; then
|
||||
_info "API throttled, sleeping to reset the limit"
|
||||
_sleep 10
|
||||
_response=$(_post "$2" "$url" "" "$1")
|
||||
fi
|
||||
|
||||
if ! _contains "$_response" "\"info\":\"success\""; then
|
||||
return 1
|
||||
fi
|
||||
_debug2 response "$_response"
|
||||
return 0
|
||||
}
|
59
dnsapi/dns_nanelo.sh
Normal file
59
dnsapi/dns_nanelo.sh
Normal file
@ -0,0 +1,59 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
# Official DNS API for Nanelo.com
|
||||
|
||||
# Provide the required API Key like this:
|
||||
# NANELO_TOKEN="FmD408PdqT1E269gUK57"
|
||||
|
||||
NANELO_API="https://api.nanelo.com/v1/"
|
||||
|
||||
######## Public functions #####################
|
||||
|
||||
# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||
dns_nanelo_add() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
NANELO_TOKEN="${NANELO_TOKEN:-$(_readaccountconf_mutable NANELO_TOKEN)}"
|
||||
if [ -z "$NANELO_TOKEN" ]; then
|
||||
NANELO_TOKEN=""
|
||||
_err "You didn't configure a Nanelo API Key yet."
|
||||
_err "Please set NANELO_TOKEN and try again."
|
||||
_err "Login to Nanelo.com and go to Settings > API Keys to get a Key"
|
||||
return 1
|
||||
fi
|
||||
_saveaccountconf_mutable NANELO_TOKEN "$NANELO_TOKEN"
|
||||
|
||||
_info "Adding TXT record to ${fulldomain}"
|
||||
response="$(_get "$NANELO_API$NANELO_TOKEN/dns/addrecord?type=TXT&ttl=60&name=${fulldomain}&value=${txtvalue}")"
|
||||
if _contains "${response}" 'success'; then
|
||||
return 0
|
||||
fi
|
||||
_err "Could not create resource record, please check the logs"
|
||||
_err "${response}"
|
||||
return 1
|
||||
}
|
||||
|
||||
dns_nanelo_rm() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
NANELO_TOKEN="${NANELO_TOKEN:-$(_readaccountconf_mutable NANELO_TOKEN)}"
|
||||
if [ -z "$NANELO_TOKEN" ]; then
|
||||
NANELO_TOKEN=""
|
||||
_err "You didn't configure a Nanelo API Key yet."
|
||||
_err "Please set NANELO_TOKEN and try again."
|
||||
_err "Login to Nanelo.com and go to Settings > API Keys to get a Key"
|
||||
return 1
|
||||
fi
|
||||
_saveaccountconf_mutable NANELO_TOKEN "$NANELO_TOKEN"
|
||||
|
||||
_info "Deleting resource record $fulldomain"
|
||||
response="$(_get "$NANELO_API$NANELO_TOKEN/dns/deleterecord?type=TXT&ttl=60&name=${fulldomain}&value=${txtvalue}")"
|
||||
if _contains "${response}" 'success'; then
|
||||
return 0
|
||||
fi
|
||||
_err "Could not delete resource record, please check the logs"
|
||||
_err "${response}"
|
||||
return 1
|
||||
}
|
@ -169,7 +169,7 @@ _clean_email_header() {
|
||||
# email
|
||||
_email_has_display_name() {
|
||||
_email="$1"
|
||||
expr "$_email" : '^.*[<>"]' >/dev/null
|
||||
echo "$_email" | grep -q -E '^.*[<>"]'
|
||||
}
|
||||
|
||||
##
|
||||
@ -249,7 +249,7 @@ _mime_encoded_word() {
|
||||
_text="$1"
|
||||
# (regex character ranges like [a-z] can be locale-dependent; enumerate ASCII chars to avoid that)
|
||||
_ascii='] $`"'"[!#%&'()*+,./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ~^_abcdefghijklmnopqrstuvwxyz{|}~-"
|
||||
if expr "$_text" : "^.*[^$_ascii]" >/dev/null; then
|
||||
if echo "$_text" | grep -q -E "^.*[^$_ascii]"; then
|
||||
# At least one non-ASCII char; convert entire thing to encoded word
|
||||
printf "%s" "=?UTF-8?B?$(printf "%s" "$_text" | _base64)?="
|
||||
else
|
||||
|
Loading…
Reference in New Issue
Block a user