|
|
@@ -4,9 +4,11 @@
|
|
|
# one.com ui wrapper for acme.sh
|
|
|
# Author: github: @diseq
|
|
|
# Created: 2019-02-17
|
|
|
+# Fixed by: @der-berni
|
|
|
+# Modified: 2019-05-20
|
|
|
#
|
|
|
-# export ONECOM_User="username"
|
|
|
-# export ONECOM_Password="password"
|
|
|
+# export ONECOM_USER="username"
|
|
|
+# export ONECOM_PASSWORD="password"
|
|
|
#
|
|
|
# Usage:
|
|
|
# acme.sh --issue --dns dns_one -d example.com
|
|
|
@@ -14,38 +16,56 @@
|
|
|
# only single domain supported atm
|
|
|
|
|
|
dns_one_add() {
|
|
|
- mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
|
|
|
- mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
|
|
|
+ #rev command not found on OpenWrt
|
|
|
+ #mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
|
|
|
+ #mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
|
|
|
+
|
|
|
+ fulldomain=$1
|
|
|
txtvalue=$2
|
|
|
+
|
|
|
+ _debug "First detect the root zone"
|
|
|
+ if ! _get_root "$fulldomain"; then
|
|
|
+ _err "invalid domain"
|
|
|
+ return 1
|
|
|
+ fi
|
|
|
+
|
|
|
+ mysubdomain=$_sub_domain
|
|
|
+ mydomain=$_domain
|
|
|
+ _debug mysubdomain "$mysubdomain"
|
|
|
+ _debug mydomain "$mydomain"
|
|
|
|
|
|
# get credentials
|
|
|
- ONECOM_User="${ONECOM_User:-$(_readaccountconf_mutable ONECOM_User)}"
|
|
|
- ONECOM_Password="${ONECOM_Password:-$(_readaccountconf_mutable ONECOM_Password)}"
|
|
|
- if [ -z "$ONECOM_User" ] || [ -z "$ONECOM_Password" ]; then
|
|
|
- ONECOM_User=""
|
|
|
- ONECOM_Password=""
|
|
|
+ ONECOM_USER="${ONECOM_USER:-$(_readaccountconf_mutable ONECOM_USER)}"
|
|
|
+ ONECOM_PASSWORD="${ONECOM_PASSWORD:-$(_readaccountconf_mutable ONECOM_PASSWORD)}"
|
|
|
+ if [ -z "$ONECOM_USER" ] || [ -z "$ONECOM_PASSWORD" ]; then
|
|
|
+ ONECOM_USER=""
|
|
|
+ ONECOM_PASSWORD=""
|
|
|
_err "You didn't specify a one.com username and password yet."
|
|
|
_err "Please create the key and try again."
|
|
|
return 1
|
|
|
fi
|
|
|
|
|
|
#save the api key and email to the account conf file.
|
|
|
- _saveaccountconf_mutable ONECOM_User "$ONECOM_User"
|
|
|
- _saveaccountconf_mutable ONECOM_Password "$ONECOM_Password"
|
|
|
+ _saveaccountconf_mutable ONECOM_USER "$ONECOM_USER"
|
|
|
+ _saveaccountconf_mutable ONECOM_PASSWORD "$ONECOM_PASSWORD"
|
|
|
|
|
|
# Login with user and password
|
|
|
postdata="loginDomain=true"
|
|
|
- postdata="$postdata&displayUsername=$ONECOM_User"
|
|
|
- postdata="$postdata&username=$ONECOM_User"
|
|
|
+ postdata="$postdata&displayUsername=$ONECOM_USER"
|
|
|
+ postdata="$postdata&username=$ONECOM_USER"
|
|
|
postdata="$postdata&targetDomain=$mydomain"
|
|
|
- postdata="$postdata&password1=$ONECOM_Password"
|
|
|
+ postdata="$postdata&password1=$ONECOM_PASSWORD"
|
|
|
postdata="$postdata&loginTarget="
|
|
|
#_debug postdata "$postdata"
|
|
|
-
|
|
|
+
|
|
|
+ #CURL does not work
|
|
|
+ local tmp_USE_WGET=$ACME_USE_WGET
|
|
|
+ ACME_USE_WGET=1
|
|
|
+
|
|
|
response="$(_post "$postdata" "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded")"
|
|
|
#_debug response "$response"
|
|
|
|
|
|
- JSESSIONID="$(grep "JSESSIONID" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'JSESSIONID=[^;]*;' | tr -d ';')"
|
|
|
+ JSESSIONID="$(grep "OneSIDCrmAdmin" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'OneSIDCrmAdmin=[^;]*;' | tr -d ';')"
|
|
|
_debug jsessionid "$JSESSIONID"
|
|
|
|
|
|
export _H1="Cookie: ${JSESSIONID}"
|
|
|
@@ -54,8 +74,8 @@ dns_one_add() {
|
|
|
response="$(_get "https://www.one.com/admin/api/domains/$mydomain/dns/custom_records")"
|
|
|
_debug response "$response"
|
|
|
|
|
|
- CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';')"
|
|
|
- export _H2="Cookie: ${CSRF_G_TOKEN}"
|
|
|
+ #CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';')"
|
|
|
+ #export _H2="Cookie: ${CSRF_G_TOKEN}"
|
|
|
|
|
|
# Update the IP address for domain entry
|
|
|
postdata="{\"type\":\"dns_custom_records\",\"attributes\":{\"priority\":0,\"ttl\":600,\"type\":\"TXT\",\"prefix\":\"$mysubdomain\",\"content\":\"$txtvalue\"}}"
|
|
|
@@ -65,7 +85,9 @@ dns_one_add() {
|
|
|
_debug response "$response"
|
|
|
|
|
|
id=$(echo "$response" | sed -n "s/{\"result\":{\"data\":{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"$mysubdomain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"priority\":0,\"ttl\":600}}},\"metadata\":null}/\1/p")
|
|
|
-
|
|
|
+
|
|
|
+ ACME_USE_WGET=$tmp_USE_WGET
|
|
|
+
|
|
|
if [ -z "$id" ]; then
|
|
|
_err "Add txt record error."
|
|
|
return 1
|
|
|
@@ -77,16 +99,30 @@ dns_one_add() {
|
|
|
}
|
|
|
|
|
|
dns_one_rm() {
|
|
|
- mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
|
|
|
- mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
|
|
|
+ #rev command not found on OpenWrt
|
|
|
+ #mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
|
|
|
+ #mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
|
|
|
+
|
|
|
+ fulldomain=$1
|
|
|
txtvalue=$2
|
|
|
+
|
|
|
+ _debug "First detect the root zone"
|
|
|
+ if ! _get_root "$fulldomain"; then
|
|
|
+ _err "invalid domain"
|
|
|
+ return 1
|
|
|
+ fi
|
|
|
+
|
|
|
+ mysubdomain=$_sub_domain
|
|
|
+ mydomain=$_domain
|
|
|
+ _debug mysubdomain "$mysubdomain"
|
|
|
+ _debug mydomain "$mydomain"
|
|
|
|
|
|
# get credentials
|
|
|
- ONECOM_User="${ONECOM_User:-$(_readaccountconf_mutable ONECOM_User)}"
|
|
|
- ONECOM_Password="${ONECOM_Password:-$(_readaccountconf_mutable ONECOM_Password)}"
|
|
|
- if [ -z "$ONECOM_User" ] || [ -z "$ONECOM_Password" ]; then
|
|
|
- ONECOM_User=""
|
|
|
- ONECOM_Password=""
|
|
|
+ ONECOM_USER="${ONECOM_USER:-$(_readaccountconf_mutable ONECOM_USER)}"
|
|
|
+ ONECOM_PASSWORD="${ONECOM_PASSWORD:-$(_readaccountconf_mutable ONECOM_PASSWORD)}"
|
|
|
+ if [ -z "$ONECOM_USER" ] || [ -z "$ONECOM_PASSWORD" ]; then
|
|
|
+ ONECOM_USER=""
|
|
|
+ ONECOM_PASSWORD=""
|
|
|
_err "You didn't specify a one.com username and password yet."
|
|
|
_err "Please create the key and try again."
|
|
|
return 1
|
|
|
@@ -94,16 +130,20 @@ dns_one_rm() {
|
|
|
|
|
|
# Login with user and password
|
|
|
postdata="loginDomain=true"
|
|
|
- postdata="$postdata&displayUsername=$ONECOM_User"
|
|
|
- postdata="$postdata&username=$ONECOM_User"
|
|
|
+ postdata="$postdata&displayUsername=$ONECOM_USER"
|
|
|
+ postdata="$postdata&username=$ONECOM_USER"
|
|
|
postdata="$postdata&targetDomain=$mydomain"
|
|
|
- postdata="$postdata&password1=$ONECOM_Password"
|
|
|
+ postdata="$postdata&password1=$ONECOM_PASSWORD"
|
|
|
postdata="$postdata&loginTarget="
|
|
|
-
|
|
|
+
|
|
|
+ #CURL does not work
|
|
|
+ local tmp_USE_WGET=$ACME_USE_WGET
|
|
|
+ ACME_USE_WGET=1
|
|
|
+
|
|
|
response="$(_post "$postdata" "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded")"
|
|
|
#_debug response "$response"
|
|
|
|
|
|
- JSESSIONID="$(grep "JSESSIONID" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'JSESSIONID=[^;]*;' | tr -d ';')"
|
|
|
+ JSESSIONID="$(grep "OneSIDCrmAdmin" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'OneSIDCrmAdmin=[^;]*;' | tr -d ';')"
|
|
|
_debug jsessionid "$JSESSIONID"
|
|
|
|
|
|
export _H1="Cookie: ${JSESSIONID}"
|
|
|
@@ -113,13 +153,14 @@ dns_one_rm() {
|
|
|
response="$(echo "$response" | _normalizeJson)"
|
|
|
_debug response "$response"
|
|
|
|
|
|
- CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';')"
|
|
|
- export _H2="Cookie: ${CSRF_G_TOKEN}"
|
|
|
+ #CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';')"
|
|
|
+ #export _H2="Cookie: ${CSRF_G_TOKEN}"
|
|
|
|
|
|
id=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"$mysubdomain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"priority\":0,\"ttl\":600}.*/\1/p")
|
|
|
|
|
|
if [ -z "$id" ]; then
|
|
|
_err "Txt record not found."
|
|
|
+ ACME_USE_WGET=$tmp_USE_WGET
|
|
|
return 1
|
|
|
fi
|
|
|
|
|
|
@@ -127,7 +168,9 @@ dns_one_rm() {
|
|
|
response="$(_post "$postdata" "https://www.one.com/admin/api/domains/$mydomain/dns/custom_records/$id" "" "DELETE" "application/json")"
|
|
|
response="$(echo "$response" | _normalizeJson)"
|
|
|
_debug response "$response"
|
|
|
-
|
|
|
+
|
|
|
+ ACME_USE_WGET=$tmp_USE_WGET
|
|
|
+
|
|
|
if [ "$response" = '{"result":null,"metadata":null}' ]; then
|
|
|
_info "Removed, OK"
|
|
|
return 0
|
|
|
@@ -137,3 +180,31 @@ dns_one_rm() {
|
|
|
fi
|
|
|
|
|
|
}
|
|
|
+
|
|
|
+#_acme-challenge.www.domain.com
|
|
|
+#returns
|
|
|
+# _sub_domain=_acme-challenge.www
|
|
|
+# _domain=domain.com
|
|
|
+_get_root() {
|
|
|
+ domain=$1
|
|
|
+ i=2
|
|
|
+ p=1
|
|
|
+ while true; do
|
|
|
+ h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
|
|
+
|
|
|
+ if [ -z "$h" ]; then
|
|
|
+ #not valid
|
|
|
+ return 1
|
|
|
+ fi
|
|
|
+
|
|
|
+ if [ "$(printf "%s" "$h" | tr '.' ' ' | wc -w)" = "2" ]; then
|
|
|
+ _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
|
|
+ _domain="$h"
|
|
|
+ return 0
|
|
|
+ fi
|
|
|
+ p=$i
|
|
|
+ i=$(_math "$i" + 1)
|
|
|
+ done
|
|
|
+ _err "Unable to parse this domain"
|
|
|
+ return 1
|
|
|
+}
|
der-berni