mir/acme.sh
2
0
Fork 0
mirror of https://github.com/acmesh-official/acme.sh synced 2025-08-23 02:17:18 +00:00
Code Issues Releases Wiki Activity
acme.sh/dnsapi/dns_websupport.sh
keryfan 1f486fc9a5
Upload latest dev branch to master (#3) 
* Fix for empty error objects in response breaking extraction of domain validation types

Fix for empty error objects in the response which mess up the extraction of domain validation types due to the closing brace in the error object prematurely matching the end of the search pattern.

This seems to be a recent change with ZeroSSL in particular where "error":{} is being included in responses.

There could potentially be a related issue if there is a complex error object ever returned in the validation check response where an embedded sub-object could lead to an incomplete extraction of the error message, roughly around line 5040.

Adapted from fix suggested here: https://github.com/acmesh-official/acme.sh/issues/4933#issuecomment-1870499018

* Add new dnsapi support for OpenProvider.eu using new REST API

* Cleanup duplicate debug log output based on DNS test run

* Resolve spellcheck error

* Configure 10 second timeout to ACME_DIRECTORY API call

* add support for AIX style netstat

* add

* fix for wiki

* minor

* minor

* wiki

* wiki

* dnsapi: dns_mydnsjp.sh fix author

The @epgdatacapbon was renamed to @tkmsst

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>

* dnsapi: dns_ddnss.sh remove RaidenII from authors

He made the DuckDNS script that was used for this script but he can't support the script.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>

* dnsapi: fix authors: use @ for GitHub profiles

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>

* dnsapi: dns_vultr.sh remove empty author

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>

* dnsapi: dns_mijnhost.sh rearrange fields, use user docs instead of API docs

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>

* dnsapi: fix Structured DNS Info

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>

* Fix logged typo when running pre hook

* Run post hook when _on_before_issue errors

---------

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Co-authored-by: Ciaran Walsh <ciaran@ciaran-walsh.com>
Co-authored-by: Lambiek12 <algemeen@lambiek12.nl>
Co-authored-by: Erwin Oegema <blablaechthema@hotmail.com>
Co-authored-by: laDanz <cdanzmann@gmail.com>
Co-authored-by: neil <github@neilpang.com>
Co-authored-by: neil <gitpc@neilpang.com>
Co-authored-by: Sergey Ponomarev <stokito@gmail.com>
Co-authored-by: David Beitey <david@davidjb.com>
Co-authored-by: Jan-willem van Kampen <Lambiek12@users.noreply.github.com>
2025-08-12 11:12:09 +03:00

206 lines
5.3 KiB
Bash
Raw Permalink Blame History

#!/usr/bin/env sh
# shellcheck disable=SC2034
dns_websupport_info='Websupport.sk
Site: Websupport.sk
Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_websupport
Options:
WS_ApiKey API Key. Called "Identifier" in the WS Admin
WS_ApiSecret API Secret. Called "Secret key" in the WS Admin
Issues: github.com/acmesh-official/acme.sh/issues/3486
Author: trgo.sk <@trgosk>, @akulumbeg
'
# Requirements: API Key and Secret from https://admin.websupport.sk/en/auth/apiKey
WS_Api="https://rest.websupport.sk"
######## Public functions #####################
dns_websupport_add() {
fulldomain=$1
txtvalue=$2
WS_ApiKey="${WS_ApiKey:-$(_readaccountconf_mutable WS_ApiKey)}"
WS_ApiSecret="${WS_ApiSecret:-$(_readaccountconf_mutable WS_ApiSecret)}"
if [ "$WS_ApiKey" ] && [ "$WS_ApiSecret" ]; then
_saveaccountconf_mutable WS_ApiKey "$WS_ApiKey"
_saveaccountconf_mutable WS_ApiSecret "$WS_ApiSecret"
else
WS_ApiKey=""
WS_ApiSecret=""
_err "You did not specify the API Key and/or API Secret"
_err "You can get the API login credentials from https://admin.websupport.sk/en/auth/apiKey"
return 1
fi
_debug "First detect the root zone"
if ! _get_root "$fulldomain"; then
_err "invalid domain"
return 1
fi
_debug _sub_domain "$_sub_domain"
_debug _domain "$_domain"
# For wildcard cert, the main root domain and the wildcard domain have the same txt subdomain name, so
# we can not use updating anymore.
# count=$(printf "%s\n" "$response" | _egrep_o "\"count\":[^,]*" | cut -d : -f 2)
# _debug count "$count"
# if [ "$count" = "0" ]; then
_info "Adding record"
if _ws_rest POST "/v1/user/self/zone/$_domain/record" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
if _contains "$response" "$txtvalue"; then
_info "Added, OK"
return 0
elif _contains "$response" "The record already exists"; then
_info "Already exists, OK"
return 0
else
_err "Add txt record error."
return 1
fi
fi
_err "Add txt record error."
return 1
}
dns_websupport_rm() {
fulldomain=$1
txtvalue=$2
_debug2 fulldomain "$fulldomain"
_debug2 txtvalue "$txtvalue"
_debug "First detect the root zone"
if ! _get_root "$fulldomain"; then
_err "invalid domain"
return 1
fi
_debug _sub_domain "$_sub_domain"
_debug _domain "$_domain"
_debug "Getting txt records"
_ws_rest GET "/v1/user/self/zone/$_domain/record"
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"items\")" -lt "1" ]; then
_err "Error: $response"
return 1
fi
record_line="$(_get_from_array "$response" "$txtvalue")"
_debug record_line "$record_line"
if [ -z "$record_line" ]; then
_info "Don't need to remove."
else
record_id=$(echo "$record_line" | _egrep_o "\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
_debug "record_id" "$record_id"
if [ -z "$record_id" ]; then
_err "Can not get record id to remove."
return 1
fi
if ! _ws_rest DELETE "/v1/user/self/zone/$_domain/record/$record_id"; then
_err "Delete record error."
return 1
fi
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"success\")" -lt "1" ]; then
return 1
else
return 0
fi
fi
}
#################### Private Functions ##################################
_get_root() {
domain=$1
i=1
p=1
while true; do
h=$(printf "%s" "$domain" | cut -d . -f "$i"-100)
_debug h "$h"
if [ -z "$h" ]; then
#not valid
return 1
fi
if ! _ws_rest GET "/v1/user/self/zone"; then
return 1
fi
if _contains "$response" "\"name\":\"$h\""; then
_domain_id=$(echo "$response" | _egrep_o "\[.\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
if [ "$_domain_id" ]; then
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-"$p")
_domain=$h
return 0
fi
return 1
fi
p=$i
i=$(_math "$i" + 1)
done
return 1
}
_ws_rest() {
me=$1
pa="$2"
da="$3"
_debug2 api_key "$WS_ApiKey"
_debug2 api_secret "$WS_ApiSecret"
timestamp=$(_time)
datez="$(_utc_date | sed "s/ /T/" | sed "s/$/+0000/")"
canonical_request="${me} ${pa} ${timestamp}"
signature_hash=$(printf "%s" "$canonical_request" | _hmac sha1 "$(printf "%s" "$WS_ApiSecret" | _hex_dump | tr -d " ")" hex)
basicauth="$(printf "%s:%s" "$WS_ApiKey" "$signature_hash" | _base64)"
_debug2 method "$me"
_debug2 path "$pa"
_debug2 data "$da"
_debug2 timestamp "$timestamp"
_debug2 datez "$datez"
_debug2 canonical_request "$canonical_request"
_debug2 signature_hash "$signature_hash"
_debug2 basicauth "$basicauth"
export _H1="Accept: application/json"
export _H2="Content-Type: application/json"
export _H3="Authorization: Basic ${basicauth}"
export _H4="Date: ${datez}"
_debug2 H1 "$_H1"
_debug2 H2 "$_H2"
_debug2 H3 "$_H3"
_debug2 H4 "$_H4"
if [ "$me" != "GET" ]; then
_debug2 "${me} $WS_Api${pa}"
_debug data "$da"
response="$(_post "$da" "${WS_Api}${pa}" "" "$me")"
else
_debug2 "GET $WS_Api${pa}"
response="$(_get "$WS_Api${pa}")"
fi
_debug2 response "$response"
return "$?"
}
_get_from_array() {
va="$1"
fi="$2"
for i in $(echo "$va" | sed "s/{/ /g"); do
if _contains "$i" "$fi"; then
echo "$i"
break
fi
done
}
Reference in New Issue View Git Blame Copy Permalink