Browse Source

vetted by shfmt

pull/3136/head
Ed Lynes 4 years ago
parent
commit
281ee1a853
  1. 49
      dnsapi/dns_edgedns.sh

49
dnsapi/dns_edgedns.sh

@ -7,15 +7,15 @@
# Report bugs to https://control.akamai.com/apps/support-ui/#/contact-support # Report bugs to https://control.akamai.com/apps/support-ui/#/contact-support
# Values to export: # Values to export:
# --EITHER--
# --EITHER--
# *** NOT IMPLEMENTED YET *** # *** NOT IMPLEMENTED YET ***
# specify Edgegrid credentials file and section # specify Edgegrid credentials file and section
# AKAMAI_EDGERC=<full file path>
# AKAMAI_EDGERC=<full file path>
# AKAMAI_EDGERC_SECTION="default" # AKAMAI_EDGERC_SECTION="default"
## --OR-- ## --OR--
# specify indiviual credentials # specify indiviual credentials
# export AKAMAI_HOST = <host> # export AKAMAI_HOST = <host>
# export AKAMAI_ACCESS_TOKEN = <access token>
# export AKAMAI_ACCESS_TOKEN = <access token>
# export AKAMAI_CLIENT_TOKEN = <client token> # export AKAMAI_CLIENT_TOKEN = <client token>
# export AKAMAI_CLIENT_SECRET = <client secret> # export AKAMAI_CLIENT_SECRET = <client secret>
@ -32,7 +32,7 @@ dns_edgedns_add() {
_debug "ENTERING DNS_EDGEDNS_ADD" _debug "ENTERING DNS_EDGEDNS_ADD"
_debug2 "fulldomain" "$fulldomain" _debug2 "fulldomain" "$fulldomain"
_debug2 "txtvalue" "$txtvalue" _debug2 "txtvalue" "$txtvalue"
if ! _EDGEDNS_credentials; then if ! _EDGEDNS_credentials; then
_err "$@" _err "$@"
return 1 return 1
@ -42,7 +42,7 @@ dns_edgedns_add() {
return 1 return 1
fi fi
_debug2 "Add: zone" "$zone" _debug2 "Add: zone" "$zone"
acmeRecordURI=$(printf "%s/%s/names/%s/types/TXT" "$edge_endpoint" "$zone" "$fulldomain")
acmeRecordURI=$(printf "%s/%s/names/%s/types/TXT" "$edge_endpoint" "$zone" "$fulldomain")
_debug3 "Add URL" "$acmeRecordURI" _debug3 "Add URL" "$acmeRecordURI"
# Get existing TXT record # Get existing TXT record
_edge_result=$(_edgedns_rest GET "$acmeRecordURI") _edge_result=$(_edgedns_rest GET "$acmeRecordURI")
@ -68,13 +68,14 @@ dns_edgedns_add() {
_debug3 "existing TXT found" _debug3 "existing TXT found"
_debug3 "record data" "$rdlist" _debug3 "record data" "$rdlist"
# value already there? # value already there?
if _contains "$rdlist" "$txtvalue" ; then
if _contains "$rdlist" "$txtvalue"; then
return 0 return 0
fi fi
_txt_val="" _txt_val=""
while [ "$_txt_val" != "$rdlist" ] && [ "${rdlist}" ]; do while [ "$_txt_val" != "$rdlist" ] && [ "${rdlist}" ]; do
_txt_val="${rdlist%%,*}"; rdlist="${rdlist#*,}"
rdata="${rdata},\"${_txt_val}\""
_txt_val="${rdlist%%,*}"
rdlist="${rdlist#*,}"
rdata="${rdata},\"${_txt_val}\""
done done
fi fi
# Add the txtvalue TXT Record # Add the txtvalue TXT Record
@ -139,10 +140,11 @@ dns_edgedns_rm() {
rdata="" rdata=""
_txt_val="" _txt_val=""
while [ "$_txt_val" != "$rdlist" ] && [ "$rdlist" ]; do while [ "$_txt_val" != "$rdlist" ] && [ "$rdlist" ]; do
_txt_val="${rdlist%%,*}"; rdlist="${rdlist#*,}"
_txt_val="${rdlist%%,*}"
rdlist="${rdlist#*,}"
_debug3 "_txt_val" "$_txt_val" _debug3 "_txt_val" "$_txt_val"
_debug3 "txtvalue" "$txtvalue" _debug3 "txtvalue" "$txtvalue"
if ! _contains "$_txt_val" "$txtvalue" ; then
if ! _contains "$_txt_val" "$txtvalue"; then
rdata="${rdata}${comma}\"${_txt_val}\"" rdata="${rdata}${comma}\"${_txt_val}\""
comma="," comma=","
fi fi
@ -170,7 +172,7 @@ dns_edgedns_rm() {
#################### Private functions below ################################## #################### Private functions below ##################################
_EDGEDNS_credentials() { _EDGEDNS_credentials() {
_debug "GettingEdge DNS credentials"
_debug "GettingEdge DNS credentials"
_log "$(printf "ACME DNSAPI Edge DNS version %s" ${ACME_EDGEDNS_VERSION})" _log "$(printf "ACME DNSAPI Edge DNS version %s" ${ACME_EDGEDNS_VERSION})"
args_missing=0 args_missing=0
if [ -z "$AKAMAI_ACCESS_TOKEN" ]; then if [ -z "$AKAMAI_ACCESS_TOKEN" ]; then
@ -216,7 +218,7 @@ _EDGEDNS_credentials() {
_saveaccountconf_mutable AKAMAI_CLIENT_SECRET "$AKAMAI_CLIENT_SECRET" _saveaccountconf_mutable AKAMAI_CLIENT_SECRET "$AKAMAI_CLIENT_SECRET"
# Set whether curl should use secure or insecure mode # Set whether curl should use secure or insecure mode
fi fi
export HTTPS_INSECURE=0 # All Edgegrid API calls are secure
export HTTPS_INSECURE=0 # All Edgegrid API calls are secure
edge_endpoint=$(printf "https://%s/config-dns/v2/zones" "$AKAMAI_HOST") edge_endpoint=$(printf "https://%s/config-dns/v2/zones" "$AKAMAI_HOST")
_debug3 "Edge API Endpoint:" "$edge_endpoint" _debug3 "Edge API Endpoint:" "$edge_endpoint"
@ -244,7 +246,7 @@ _EDGEDNS_getZoneInfo() {
return 1 return 1
fi fi
fi fi
if _contains "$curResult" "\"zone\":" ; then
if _contains "$curResult" "\"zone\":"; then
_debug2 "Zone data" "${curResult}" _debug2 "Zone data" "${curResult}"
zone=$(echo "${curResult}" | _egrep_o "\"zone\"\\s*:\\s*\"[^\"]*\"" | _head_n 1 | cut -d : -f 2 | tr -d "\"") zone=$(echo "${curResult}" | _egrep_o "\"zone\"\\s*:\\s*\"[^\"]*\"" | _head_n 1 | cut -d : -f 2 | tr -d "\"")
_debug3 "Zone" "${zone}" _debug3 "Zone" "${zone}"
@ -283,7 +285,7 @@ _edgedns_rest() {
# Set in acme.sh _post/_get # Set in acme.sh _post/_get
#_edgedns_headers="${_edgedns_headers}${tab}User-Agent:ACME DNSAPI Edge DNS version ${ACME_EDGEDNS_VERSION}" #_edgedns_headers="${_edgedns_headers}${tab}User-Agent:ACME DNSAPI Edge DNS version ${ACME_EDGEDNS_VERSION}"
_edgedns_headers="${_edgedns_headers}${tab}Accept: application/json,*/*" _edgedns_headers="${_edgedns_headers}${tab}Accept: application/json,*/*"
if [ "$m" != "GET" ] && [ "$m" != "DELETE" ] ; then
if [ "$m" != "GET" ] && [ "$m" != "DELETE" ]; then
_edgedns_content_type="application/json" _edgedns_content_type="application/json"
_debug3 "_request_body" "$_request_body" _debug3 "_request_body" "$_request_body"
_body_len=$(echo "$_request_body" | tr -d "\n\r" | awk '{print length}') _body_len=$(echo "$_request_body" | tr -d "\n\r" | awk '{print length}')
@ -295,13 +297,14 @@ _edgedns_rest() {
hdr_indx=1 hdr_indx=1
work_header="${_edgedns_headers}${tab}" work_header="${_edgedns_headers}${tab}"
_debug3 "work_header" "$work_header" _debug3 "work_header" "$work_header"
while [ "$work_header" ]; do
entry="${work_header%%\\t*}"; work_header="${work_header#*\\t}"
while [ "$work_header" ]; do
entry="${work_header%%\\t*}"
work_header="${work_header#*\\t}"
export "$(printf "_H%s=%s" "$hdr_indx" "$entry")" export "$(printf "_H%s=%s" "$hdr_indx" "$entry")"
_debug2 "Request Header " "$entry" _debug2 "Request Header " "$entry"
hdr_indx=$(( hdr_indx + 1 ))
hdr_indx=$((hdr_indx + 1))
done done
# clear headers from previous request to avoid getting wrong http code on timeouts # clear headers from previous request to avoid getting wrong http code on timeouts
: >"$HTTP_HEADER" : >"$HTTP_HEADER"
_debug2 "$ep" _debug2 "$ep"
@ -360,15 +363,15 @@ _edgedns_new_nonce() {
_edgedns_make_auth_header() { _edgedns_make_auth_header() {
_debug "Constructing Auth Header" _debug "Constructing Auth Header"
_edgedns_eg_timestamp
_edgedns_new_nonce
_edgedns_eg_timestamp
_edgedns_new_nonce
# "Unsigned authorization header: 'EG1-HMAC-SHA256 client_token=block;access_token=block;timestamp=20200806T14:16:33+0000;nonce=72cde72c-82d9-4721-9854-2ba057929d67;'" # "Unsigned authorization header: 'EG1-HMAC-SHA256 client_token=block;access_token=block;timestamp=20200806T14:16:33+0000;nonce=72cde72c-82d9-4721-9854-2ba057929d67;'"
_auth_header="$(printf "EG1-HMAC-SHA256 client_token=%s;access_token=%s;timestamp=%s;nonce=%s;" "$AKAMAI_CLIENT_TOKEN" "$AKAMAI_ACCESS_TOKEN" "$_eg_timestamp" "$_nonce")"
_auth_header="$(printf "EG1-HMAC-SHA256 client_token=%s;access_token=%s;timestamp=%s;nonce=%s;" "$AKAMAI_CLIENT_TOKEN" "$AKAMAI_ACCESS_TOKEN" "$_eg_timestamp" "$_nonce")"
_secure_debug2 "Unsigned Auth Header: " "$_auth_header" _secure_debug2 "Unsigned Auth Header: " "$_auth_header"
_edgedns_sign_request _edgedns_sign_request
_signed_auth_header="$(printf "%ssignature=%s" "$_auth_header" "$_signed_req")" _signed_auth_header="$(printf "%ssignature=%s" "$_auth_header" "$_signed_req")"
_secure_debug2 "Signed Auth Header: " "${_signed_auth_header}"
_secure_debug2 "Signed Auth Header: " "${_signed_auth_header}"
} }
_edgedns_sign_request() { _edgedns_sign_request() {
@ -444,5 +447,3 @@ _edgedns_base64_sha256() {
# filepath=$1 # filepath=$1
# section=$2 # section=$2
#} #}
Loading…
Cancel
Save