You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

423 lines
9.5 KiB

7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
  1. #!/usr/bin/env sh
  2. # shellcheck disable=SC2034
  3. dns_inwx_info='INWX.de
  4. Site: INWX.de
  5. Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_inwx
  6. Options:
  7. INWX_User Username
  8. INWX_Password Password
  9. '
  10. # Dependencies:
  11. # -------------
  12. # - oathtool (When using 2 Factor Authentication)
  13. INWX_Api="https://api.domrobot.com/xmlrpc/"
  14. ######## Public functions #####################
  15. #Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  16. dns_inwx_add() {
  17. fulldomain=$1
  18. txtvalue=$2
  19. INWX_User="${INWX_User:-$(_readaccountconf_mutable INWX_User)}"
  20. INWX_Password="${INWX_Password:-$(_readaccountconf_mutable INWX_Password)}"
  21. INWX_Shared_Secret="${INWX_Shared_Secret:-$(_readaccountconf_mutable INWX_Shared_Secret)}"
  22. if [ -z "$INWX_User" ] || [ -z "$INWX_Password" ]; then
  23. INWX_User=""
  24. INWX_Password=""
  25. _err "You don't specify inwx user and password yet."
  26. _err "Please create you key and try again."
  27. return 1
  28. fi
  29. #save the api key and email to the account conf file.
  30. _saveaccountconf_mutable INWX_User "$INWX_User"
  31. _saveaccountconf_mutable INWX_Password "$INWX_Password"
  32. _saveaccountconf_mutable INWX_Shared_Secret "$INWX_Shared_Secret"
  33. if ! _inwx_login; then
  34. return 1
  35. fi
  36. _debug "First detect the root zone"
  37. if ! _get_root "$fulldomain"; then
  38. _err "invalid domain"
  39. return 1
  40. fi
  41. _debug _sub_domain "$_sub_domain"
  42. _debug _domain "$_domain"
  43. _info "Adding record"
  44. _inwx_add_record "$_domain" "$_sub_domain" "$txtvalue"
  45. }
  46. #fulldomain txtvalue
  47. dns_inwx_rm() {
  48. fulldomain=$1
  49. txtvalue=$2
  50. INWX_User="${INWX_User:-$(_readaccountconf_mutable INWX_User)}"
  51. INWX_Password="${INWX_Password:-$(_readaccountconf_mutable INWX_Password)}"
  52. INWX_Shared_Secret="${INWX_Shared_Secret:-$(_readaccountconf_mutable INWX_Shared_Secret)}"
  53. if [ -z "$INWX_User" ] || [ -z "$INWX_Password" ]; then
  54. INWX_User=""
  55. INWX_Password=""
  56. _err "You don't specify inwx user and password yet."
  57. _err "Please create you key and try again."
  58. return 1
  59. fi
  60. if ! _inwx_login; then
  61. return 1
  62. fi
  63. _debug "First detect the root zone"
  64. if ! _get_root "$fulldomain"; then
  65. _err "invalid domain"
  66. return 1
  67. fi
  68. _debug _sub_domain "$_sub_domain"
  69. _debug _domain "$_domain"
  70. _debug "Getting txt records"
  71. xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  72. <methodCall>
  73. <methodName>nameserver.info</methodName>
  74. <params>
  75. <param>
  76. <value>
  77. <struct>
  78. <member>
  79. <name>domain</name>
  80. <value>
  81. <string>%s</string>
  82. </value>
  83. </member>
  84. <member>
  85. <name>type</name>
  86. <value>
  87. <string>TXT</string>
  88. </value>
  89. </member>
  90. <member>
  91. <name>name</name>
  92. <value>
  93. <string>%s</string>
  94. </value>
  95. </member>
  96. </struct>
  97. </value>
  98. </param>
  99. </params>
  100. </methodCall>' "$_domain" "$_sub_domain")
  101. response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  102. if ! _contains "$response" "Command completed successfully"; then
  103. _err "Error could not get txt records"
  104. return 1
  105. fi
  106. if ! printf "%s" "$response" | grep "count" >/dev/null; then
  107. _info "Do not need to delete record"
  108. else
  109. _record_id=$(printf '%s' "$response" | _egrep_o '.*(<member><name>record){1}(.*)([0-9]+){1}' | _egrep_o '<name>id<\/name><value><int>[0-9]+' | _egrep_o '[0-9]+')
  110. _info "Deleting record"
  111. _inwx_delete_record "$_record_id"
  112. fi
  113. }
  114. #################### Private functions below ##################################
  115. _inwx_check_cookie() {
  116. INWX_Cookie="${INWX_Cookie:-$(_readaccountconf_mutable INWX_Cookie)}"
  117. if [ -z "$INWX_Cookie" ]; then
  118. _debug "No cached cookie found"
  119. return 1
  120. fi
  121. _H1="$INWX_Cookie"
  122. export _H1
  123. xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  124. <methodCall>
  125. <methodName>account.info</methodName>
  126. </methodCall>')
  127. response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  128. if _contains "$response" "<member><name>code</name><value><int>1000</int></value></member>"; then
  129. _debug "Cached cookie still valid"
  130. return 0
  131. fi
  132. _debug "Cached cookie no longer valid"
  133. _H1=""
  134. export _H1
  135. INWX_Cookie=""
  136. _saveaccountconf_mutable INWX_Cookie "$INWX_Cookie"
  137. return 1
  138. }
  139. _inwx_login() {
  140. if _inwx_check_cookie; then
  141. _debug "Already logged in"
  142. return 0
  143. fi
  144. xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  145. <methodCall>
  146. <methodName>account.login</methodName>
  147. <params>
  148. <param>
  149. <value>
  150. <struct>
  151. <member>
  152. <name>user</name>
  153. <value>
  154. <string>%s</string>
  155. </value>
  156. </member>
  157. <member>
  158. <name>pass</name>
  159. <value>
  160. <string>%s</string>
  161. </value>
  162. </member>
  163. </struct>
  164. </value>
  165. </param>
  166. </params>
  167. </methodCall>' "$INWX_User" "$INWX_Password")
  168. response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  169. INWX_Cookie=$(printf "Cookie: %s" "$(grep "domrobot=" "$HTTP_HEADER" | grep -i "^Set-Cookie:" | _tail_n 1 | _egrep_o 'domrobot=[^;]*;' | tr -d ';')")
  170. _H1=$INWX_Cookie
  171. export _H1
  172. export INWX_Cookie
  173. _saveaccountconf_mutable INWX_Cookie "$INWX_Cookie"
  174. if ! _contains "$response" "<member><name>code</name><value><int>1000</int></value></member>"; then
  175. _err "INWX API: Authentication error (username/password correct?)"
  176. return 1
  177. fi
  178. #https://github.com/inwx/php-client/blob/master/INWX/Domrobot.php#L71
  179. if _contains "$response" "<member><name>tfa</name><value><string>GOOGLE-AUTH</string></value></member>"; then
  180. if [ -z "$INWX_Shared_Secret" ]; then
  181. _err "INWX API: Mobile TAN detected."
  182. _err "Please define a shared secret."
  183. return 1
  184. fi
  185. if ! _exists oathtool; then
  186. _err "Please install oathtool to use 2 Factor Authentication."
  187. _err ""
  188. return 1
  189. fi
  190. tan="$(oathtool --base32 --totp "${INWX_Shared_Secret}" 2>/dev/null)"
  191. xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  192. <methodCall>
  193. <methodName>account.unlock</methodName>
  194. <params>
  195. <param>
  196. <value>
  197. <struct>
  198. <member>
  199. <name>tan</name>
  200. <value>
  201. <string>%s</string>
  202. </value>
  203. </member>
  204. </struct>
  205. </value>
  206. </param>
  207. </params>
  208. </methodCall>' "$tan")
  209. response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  210. if ! _contains "$response" "<member><name>code</name><value><int>1000</int></value></member>"; then
  211. _err "INWX API: Mobile TAN not correct."
  212. return 1
  213. fi
  214. fi
  215. }
  216. _get_root() {
  217. domain=$1
  218. _debug "get root"
  219. domain=$1
  220. i=2
  221. p=1
  222. xml_content='<?xml version="1.0" encoding="UTF-8"?>
  223. <methodCall>
  224. <methodName>nameserver.list</methodName>
  225. <params>
  226. <param>
  227. <value>
  228. <struct>
  229. <member>
  230. <name>pagelimit</name>
  231. <value>
  232. <int>9999</int>
  233. </value>
  234. </member>
  235. </struct>
  236. </value>
  237. </param>
  238. </params>
  239. </methodCall>'
  240. response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  241. while true; do
  242. h=$(printf "%s" "$domain" | cut -d . -f $i-100)
  243. _debug h "$h"
  244. if [ -z "$h" ]; then
  245. #not valid
  246. return 1
  247. fi
  248. if _contains "$response" "$h"; then
  249. _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
  250. _domain="$h"
  251. return 0
  252. fi
  253. p=$i
  254. i=$(_math "$i" + 1)
  255. done
  256. return 1
  257. }
  258. _inwx_delete_record() {
  259. record_id=$1
  260. xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  261. <methodCall>
  262. <methodName>nameserver.deleteRecord</methodName>
  263. <params>
  264. <param>
  265. <value>
  266. <struct>
  267. <member>
  268. <name>id</name>
  269. <value>
  270. <int>%s</int>
  271. </value>
  272. </member>
  273. </struct>
  274. </value>
  275. </param>
  276. </params>
  277. </methodCall>' "$record_id")
  278. response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  279. if ! printf "%s" "$response" | grep "Command completed successfully" >/dev/null; then
  280. _err "Error"
  281. return 1
  282. fi
  283. return 0
  284. }
  285. _inwx_update_record() {
  286. record_id=$1
  287. txtval=$2
  288. xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  289. <methodCall>
  290. <methodName>nameserver.updateRecord</methodName>
  291. <params>
  292. <param>
  293. <value>
  294. <struct>
  295. <member>
  296. <name>content</name>
  297. <value>
  298. <string>%s</string>
  299. </value>
  300. </member>
  301. <member>
  302. <name>id</name>
  303. <value>
  304. <int>%s</int>
  305. </value>
  306. </member>
  307. </struct>
  308. </value>
  309. </param>
  310. </params>
  311. </methodCall>' "$txtval" "$record_id")
  312. response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  313. if ! printf "%s" "$response" | grep "Command completed successfully" >/dev/null; then
  314. _err "Error"
  315. return 1
  316. fi
  317. return 0
  318. }
  319. _inwx_add_record() {
  320. domain=$1
  321. sub_domain=$2
  322. txtval=$3
  323. xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  324. <methodCall>
  325. <methodName>nameserver.createRecord</methodName>
  326. <params>
  327. <param>
  328. <value>
  329. <struct>
  330. <member>
  331. <name>domain</name>
  332. <value>
  333. <string>%s</string>
  334. </value>
  335. </member>
  336. <member>
  337. <name>type</name>
  338. <value>
  339. <string>TXT</string>
  340. </value>
  341. </member>
  342. <member>
  343. <name>content</name>
  344. <value>
  345. <string>%s</string>
  346. </value>
  347. </member>
  348. <member>
  349. <name>name</name>
  350. <value>
  351. <string>%s</string>
  352. </value>
  353. </member>
  354. </struct>
  355. </value>
  356. </param>
  357. </params>
  358. </methodCall>' "$domain" "$txtval" "$sub_domain")
  359. response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  360. if ! printf "%s" "$response" | grep "Command completed successfully" >/dev/null; then
  361. _err "Error"
  362. return 1
  363. fi
  364. return 0
  365. }