From 68b42a00e07f7e35bc777fd41a6b147233918a38 Mon Sep 17 00:00:00 2001
From: der-berni <secreteye@gmx.de>
Date: Mon, 20 May 2019 17:40:43 +0200
Subject: [PATCH] updated to work with one.com

rev command not found on OpenWrt
CURL does not work, using wget
JSESSIONID replaced with OneSIDCrmAdmin
CSRF_G_TOKEN not needed
---
 dnsapi/dns_one.sh | 139 ++++++++++++++++++++++++++++++++++------------
 1 file changed, 105 insertions(+), 34 deletions(-)

diff --git a/dnsapi/dns_one.sh b/dnsapi/dns_one.sh
index 94ac49c6..6049ca11 100644
--- a/dnsapi/dns_one.sh
+++ b/dnsapi/dns_one.sh
@@ -4,9 +4,11 @@
 # one.com ui wrapper for acme.sh
 # Author: github: @diseq
 # Created: 2019-02-17
+# Fixed by: @der-berni
+# Modified: 2019-05-20
 #
-#     export ONECOM_User="username"
-#     export ONECOM_Password="password"
+#     export ONECOM_USER="username"
+#     export ONECOM_PASSWORD="password"
 #
 # Usage:
 #     acme.sh --issue --dns dns_one -d example.com
@@ -14,38 +16,56 @@
 #     only single domain supported atm
 
 dns_one_add() {
-  mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
-  mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
+  #rev command not found on OpenWrt
+  #mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
+  #mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
+  
+  fulldomain=$1
   txtvalue=$2
+  
+  _debug "First detect the root zone"
+  if ! _get_root "$fulldomain"; then
+    _err "invalid domain"
+    return 1
+  fi
+  
+  mysubdomain=$_sub_domain
+  mydomain=$_domain
+  _debug mysubdomain "$mysubdomain"
+  _debug mydomain "$mydomain"
 
   # get credentials
-  ONECOM_User="${ONECOM_User:-$(_readaccountconf_mutable ONECOM_User)}"
-  ONECOM_Password="${ONECOM_Password:-$(_readaccountconf_mutable ONECOM_Password)}"
-  if [ -z "$ONECOM_User" ] || [ -z "$ONECOM_Password" ]; then
-    ONECOM_User=""
-    ONECOM_Password=""
+  ONECOM_USER="${ONECOM_USER:-$(_readaccountconf_mutable ONECOM_USER)}"
+  ONECOM_PASSWORD="${ONECOM_PASSWORD:-$(_readaccountconf_mutable ONECOM_PASSWORD)}"
+  if [ -z "$ONECOM_USER" ] || [ -z "$ONECOM_PASSWORD" ]; then
+    ONECOM_USER=""
+    ONECOM_PASSWORD=""
     _err "You didn't specify a one.com username and password yet."
     _err "Please create the key and try again."
     return 1
   fi
 
   #save the api key and email to the account conf file.
-  _saveaccountconf_mutable ONECOM_User "$ONECOM_User"
-  _saveaccountconf_mutable ONECOM_Password "$ONECOM_Password"
+  _saveaccountconf_mutable ONECOM_USER "$ONECOM_USER"
+  _saveaccountconf_mutable ONECOM_PASSWORD "$ONECOM_PASSWORD"
 
   # Login with user and password
   postdata="loginDomain=true"
-  postdata="$postdata&displayUsername=$ONECOM_User"
-  postdata="$postdata&username=$ONECOM_User"
+  postdata="$postdata&displayUsername=$ONECOM_USER"
+  postdata="$postdata&username=$ONECOM_USER"
   postdata="$postdata&targetDomain=$mydomain"
-  postdata="$postdata&password1=$ONECOM_Password"
+  postdata="$postdata&password1=$ONECOM_PASSWORD"
   postdata="$postdata&loginTarget="
   #_debug postdata "$postdata"
-
+  
+  #CURL does not work
+  local tmp_USE_WGET=$ACME_USE_WGET
+  ACME_USE_WGET=1
+  
   response="$(_post "$postdata" "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded")"
   #_debug response "$response"
 
-  JSESSIONID="$(grep "JSESSIONID" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'JSESSIONID=[^;]*;' | tr -d ';')"
+  JSESSIONID="$(grep "OneSIDCrmAdmin" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'OneSIDCrmAdmin=[^;]*;' | tr -d ';')"
   _debug jsessionid "$JSESSIONID"
 
   export _H1="Cookie: ${JSESSIONID}"
@@ -54,8 +74,8 @@ dns_one_add() {
   response="$(_get "https://www.one.com/admin/api/domains/$mydomain/dns/custom_records")"
   _debug response "$response"
 
-  CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';')"
-  export _H2="Cookie: ${CSRF_G_TOKEN}"
+  #CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';')"
+  #export _H2="Cookie: ${CSRF_G_TOKEN}"
 
   # Update the IP address for domain entry
   postdata="{\"type\":\"dns_custom_records\",\"attributes\":{\"priority\":0,\"ttl\":600,\"type\":\"TXT\",\"prefix\":\"$mysubdomain\",\"content\":\"$txtvalue\"}}"
@@ -65,7 +85,9 @@ dns_one_add() {
   _debug response "$response"
 
   id=$(echo "$response" | sed -n "s/{\"result\":{\"data\":{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"$mysubdomain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"priority\":0,\"ttl\":600}}},\"metadata\":null}/\1/p")
-
+  
+  ACME_USE_WGET=$tmp_USE_WGET
+  
   if [ -z "$id" ]; then
     _err "Add txt record error."
     return 1
@@ -77,16 +99,30 @@ dns_one_add() {
 }
 
 dns_one_rm() {
-  mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
-  mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
+  #rev command not found on OpenWrt
+  #mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
+  #mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
+  
+  fulldomain=$1
   txtvalue=$2
+  
+  _debug "First detect the root zone"
+  if ! _get_root "$fulldomain"; then
+    _err "invalid domain"
+    return 1
+  fi
+  
+  mysubdomain=$_sub_domain
+  mydomain=$_domain
+  _debug mysubdomain "$mysubdomain"
+  _debug mydomain "$mydomain"
 
   # get credentials
-  ONECOM_User="${ONECOM_User:-$(_readaccountconf_mutable ONECOM_User)}"
-  ONECOM_Password="${ONECOM_Password:-$(_readaccountconf_mutable ONECOM_Password)}"
-  if [ -z "$ONECOM_User" ] || [ -z "$ONECOM_Password" ]; then
-    ONECOM_User=""
-    ONECOM_Password=""
+  ONECOM_USER="${ONECOM_USER:-$(_readaccountconf_mutable ONECOM_USER)}"
+  ONECOM_PASSWORD="${ONECOM_PASSWORD:-$(_readaccountconf_mutable ONECOM_PASSWORD)}"
+  if [ -z "$ONECOM_USER" ] || [ -z "$ONECOM_PASSWORD" ]; then
+    ONECOM_USER=""
+    ONECOM_PASSWORD=""
     _err "You didn't specify a one.com username and password yet."
     _err "Please create the key and try again."
     return 1
@@ -94,16 +130,20 @@ dns_one_rm() {
 
   # Login with user and password
   postdata="loginDomain=true"
-  postdata="$postdata&displayUsername=$ONECOM_User"
-  postdata="$postdata&username=$ONECOM_User"
+  postdata="$postdata&displayUsername=$ONECOM_USER"
+  postdata="$postdata&username=$ONECOM_USER"
   postdata="$postdata&targetDomain=$mydomain"
-  postdata="$postdata&password1=$ONECOM_Password"
+  postdata="$postdata&password1=$ONECOM_PASSWORD"
   postdata="$postdata&loginTarget="
-
+  
+  #CURL does not work
+  local tmp_USE_WGET=$ACME_USE_WGET
+  ACME_USE_WGET=1
+  
   response="$(_post "$postdata" "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded")"
   #_debug response "$response"
 
-  JSESSIONID="$(grep "JSESSIONID" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'JSESSIONID=[^;]*;' | tr -d ';')"
+  JSESSIONID="$(grep "OneSIDCrmAdmin" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'OneSIDCrmAdmin=[^;]*;' | tr -d ';')"
   _debug jsessionid "$JSESSIONID"
 
   export _H1="Cookie: ${JSESSIONID}"
@@ -113,13 +153,14 @@ dns_one_rm() {
   response="$(echo "$response" | _normalizeJson)"
   _debug response "$response"
 
-  CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';')"
-  export _H2="Cookie: ${CSRF_G_TOKEN}"
+  #CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';')"
+  #export _H2="Cookie: ${CSRF_G_TOKEN}"
 
   id=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"$mysubdomain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"priority\":0,\"ttl\":600}.*/\1/p")
 
   if [ -z "$id" ]; then
     _err "Txt record not found."
+	ACME_USE_WGET=$tmp_USE_WGET
     return 1
   fi
 
@@ -127,7 +168,9 @@ dns_one_rm() {
   response="$(_post "$postdata" "https://www.one.com/admin/api/domains/$mydomain/dns/custom_records/$id" "" "DELETE" "application/json")"
   response="$(echo "$response" | _normalizeJson)"
   _debug response "$response"
-
+  
+  ACME_USE_WGET=$tmp_USE_WGET
+  
   if [ "$response" = '{"result":null,"metadata":null}' ]; then
     _info "Removed, OK"
     return 0
@@ -137,3 +180,31 @@ dns_one_rm() {
   fi
 
 }
+
+#_acme-challenge.www.domain.com
+#returns
+# _sub_domain=_acme-challenge.www
+# _domain=domain.com
+_get_root() {
+  domain=$1
+  i=2
+  p=1
+  while true; do
+    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
+	
+    if [ -z "$h" ]; then
+      #not valid
+      return 1
+    fi
+	
+    if [ "$(printf "%s" "$h" | tr '.' ' ' | wc -w)" = "2" ]; then
+      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
+      _domain="$h"
+      return 0
+    fi
+    p=$i
+    i=$(_math "$i" + 1)
+  done
+  _err "Unable to parse this domain"
+  return 1
+}