destroying used token at cleverreach

5 years ago · 4b48a43318
38 changed files with 1735 additions and 1225 deletions
--- a/.github/workflows/PebbleStrict.yml
+++ b/.github/workflows/PebbleStrict.yml
@ -0,0 +1,27 @@
 name: PebbleStrict
 on: [push, pull_request]
 jobs:
  PebbleStrict:
    runs-on: ubuntu-latest
    env:
      TestingDomain: example.com
      TestingAltDomains: www.example.com
      ACME_DIRECTORY: https://localhost:14000/dir
      HTTPS_INSECURE: 1
      Le_HTTPPort: 5002
      TEST_LOCAL: 1
      TEST_CA: "Pebble Intermediate CA"
    steps:
    - uses: actions/checkout@v2
    - name: Install tools
      run: sudo apt-get install -y socat
    - name: Run Pebble
      run: cd .. && curl https://raw.githubusercontent.com/letsencrypt/pebble/master/docker-compose.yml >docker-compose.yml && docker-compose up -d
    - name: Set up Pebble
      run: curl --request POST --data '{"ip":"10.30.50.1"}' http://localhost:8055/set-default-ipv4
    - name: Clone acmetest
      run: cd .. && git clone https://github.com/acmesh-official/acmetest.git  && cp -r acme.sh acmetest/
    - name: Run acmetest
      run: cd ../acmetest && ./letest.sh
--- a/.github/workflows/dockerhub.yml
+++ b/.github/workflows/dockerhub.yml
@ -2,15 +2,45 @@
 name: Build DockerHub
 on:
  push:
    branches: [ master, dev ]
    branches:
      - '*'
    tags:
      - '*'
 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - name: trigger
      run: curl -X POST https://hub.docker.com/api/build/v1/source/1813a660-2ee5-4583-a238-dd54e9a6ebac/trigger/c8cd9f1f-f269-45bc-9750-a08327257f62/call/
      - name: checkout code
        uses: actions/checkout@v2
      - name: install buildx
        id: buildx
        uses: crazy-max/ghaction-docker-buildx@v3
        with:
          buildx-version: latest
          qemu-version: latest
      - name: login to docker hub
        run: |
          echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin
      - name: build and push the image
        run: |
          DOCKER_IMAGE=neilpang/acme.sh
          if [[ $GITHUB_REF == refs/tags/* ]]; then
            DOCKER_IMAGE_TAG=${GITHUB_REF#refs/tags/}
          fi
          if [[ $GITHUB_REF == refs/heads/* ]]; then
            DOCKER_IMAGE_TAG=${GITHUB_REF#refs/heads/}
            if [[ $DOCKER_IMAGE_TAG == master ]]; then
              DOCKER_IMAGE_TAG=latest
              AUTO_UPGRADE=1
            fi
          fi
          docker buildx build \
            --tag ${DOCKER_IMAGE}:${DOCKER_IMAGE_TAG} \
            --output "type=image,push=true" \
            --build-arg AUTO_UPGRADE=${AUTO_UPGRADE} \
            --platform linux/arm64/v8,linux/amd64,linux/arm/v6,linux/arm/v7,linux/386 .
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@ -0,0 +1,16 @@
 name: shellcheck
 on: [push, pull_request]
 jobs:
  formatCheck:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: Install Shellcheck
      run: sudo apt-get install -y shellcheck
    - name: DoShellcheck
      run: shellcheck -V  && shellcheck -e SC2181 **/*.sh && echo "shellcheck OK"
    - name: Install shfmt
      run: curl -sSL https://github.com/mvdan/sh/releases/download/v3.1.2/shfmt_v3.1.2_linux_amd64 -o ~/shfmt && chmod +x ~/shfmt
    - name: shfmt
      run: ~/shfmt -l -w -i 2 . ; git diff --exit-code && echo "shfmt OK"
--- a/.travis.yml
+++ b/.travis.yml
@ -10,7 +10,7 @@ services:
 env:
  global:
    - SHFMT_URL=https://github.com/mvdan/sh/releases/download/v0.4.0/shfmt_v0.4.0_linux_amd64
    - SHFMT_URL=https://github.com/mvdan/sh/releases/download/v3.1.2/shfmt_v3.1.2_linux_amd64
 install:
--- a/4
+++ b/4
@ -15,7 +15,9 @@ RUN apk update -f \
 ENV LE_CONFIG_HOME /acme.sh
 ENV AUTO_UPGRADE 1
 ARG AUTO_UPGRADE=1
 ENV AUTO_UPGRADE $AUTO_UPGRADE
 #Install
 ADD ./ /install_acme.sh/
--- a/README.md
+++ b/README.md
@ -1,6 +1,11 @@
 # An ACME Shell script: acme.sh [![Build Status](https://travis-ci.org/acmesh-official/acme.sh.svg?branch=master)](https://travis-ci.org/acmesh-official/acme.sh)
 # An ACME Shell script: acme.sh 
 [![Build Status](https://travis-ci.org/acmesh-official/acme.sh.svg?branch=master)](https://travis-ci.org/acmesh-official/acme.sh)
 ![shellcheck](https://github.com/acmesh-official/acme.sh/workflows/shellcheck/badge.svg)
 ![shellcheck](https://github.com/acmesh-official/acme.sh/workflows/PebbleStrict/badge.svg)
 <a href="https://opencollective.com/acmesh" alt="Financial Contributors on Open Collective"><img src="https://opencollective.com/acmesh/all/badge.svg?label=financial+contributors" /></a> [![Join the chat at https://gitter.im/acme-sh/Lobby](https://badges.gitter.im/acme-sh/Lobby.svg)](https://gitter.im/acme-sh/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 <a href="https://opencollective.com/acmesh" alt="Financial Contributors on Open Collective"><img src="https://opencollective.com/acmesh/all/badge.svg?label=financial+contributors" /></a> 
 [![Join the chat at https://gitter.im/acme-sh/Lobby](https://badges.gitter.im/acme-sh/Lobby.svg)](https://gitter.im/acme-sh/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 [![Docker stars](https://img.shields.io/docker/stars/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
 [![Docker pulls](https://img.shields.io/docker/pulls/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
@ -8,17 +13,12 @@
 acme.sh is being sponsored by the following tool; please help to support us by taking a look and signing up to a free trial
 <a href="https://tracking.gitads.io/?repo=acme.sh"> <img src="https://images.gitads.io/acme.sh" alt="GitAds"/> </a>
 - An ACME protocol client written purely in Shell (Unix shell) language.
 - Full ACME protocol implementation.
 - Support ACME v1 and ACME v2
 - Support ACME v2 wildcard certs
 - Simple, powerful and very easy to use. You only need 3 minutes to learn it.
 - Bash, dash and sh compatible.
 - Simplest shell script for Let's Encrypt free certificate client.
 - Purely written in Shell with no dependencies on python or the official Let's Encrypt client.
 - Just one script to issue, renew and install your certificates automatically.
 - DOES NOT require `root/sudoer` access.
@ -86,6 +86,7 @@ https://github.com/acmesh-official/acmetest
 # Supported CA
 - Letsencrypt.org CA(default)
 - [ZeroSSL.com CA](https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA)
 - [BuyPass.com CA](https://github.com/acmesh-official/acme.sh/wiki/BuyPass.com-CA)
 - [Pebble strict Mode](https://github.com/letsencrypt/pebble)
--- a/acme.sh
+++ b/acme.sh
--- a/deploy/cleverreach.sh
+++ b/deploy/cleverreach.sh
@ -56,6 +56,9 @@ cleverreach_deploy() {
  export _H1="Authorization: Bearer ${_access_token}"
  _add_cert_result="$(_post "$_certData" "https://rest.cleverreach.com/v3/ssl/${_cdomain}" "" "POST" "application/json")"
  _debug "Destroying token at CleverReach"
  _post "" "https://rest.cleverreach.com/v3/oauth/token.json" "" "DELETE" "application/json"  
  if ! echo "$_add_cert_result" | grep '"error":' >/dev/null; then
    _info "Uploaded certificate successfully"
    return 0
--- a/deploy/exim4.sh
+++ b/deploy/exim4.sh
@ -69,8 +69,8 @@ exim4_deploy() {
    cp "$_exim4_conf" "$_backup_conf"
    _info "Modify exim4 conf: $_exim4_conf"
    if _setopt "$_exim4_conf" "tls_certificate" "=" "$_real_fullchain" \
      && _setopt "$_exim4_conf" "tls_privatekey" "=" "$_real_key"; then
    if _setopt "$_exim4_conf" "tls_certificate" "=" "$_real_fullchain" &&
      _setopt "$_exim4_conf" "tls_privatekey" "=" "$_real_key"; then
      _info "Set config success!"
    else
      _err "Config exim4 server error, please report bug to us."
--- a/deploy/ssh.sh
+++ b/deploy/ssh.sh
@ -195,8 +195,8 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
  fi
  if [ -n "$Le_Deploy_ssh_cafile" ]; then
    _pipe=">"
    if [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_keyfile" ] \
      || [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_certfile" ]; then
    if [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_keyfile" ] ||
      [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_certfile" ]; then
      # if filename is same as previous file then append.
      _pipe=">>"
    elif [ "$Le_Deploy_ssh_backup" = "yes" ]; then
@ -222,9 +222,9 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
  fi
  if [ -n "$Le_Deploy_ssh_fullchain" ]; then
    _pipe=">"
    if [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_keyfile" ] \
      || [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_certfile" ] \
      || [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_cafile" ]; then
    if [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_keyfile" ] ||
      [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_certfile" ] ||
      [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_cafile" ]; then
      # if filename is same as previous file then append.
      _pipe=">>"
    elif [ "$Le_Deploy_ssh_backup" = "yes" ]; then
--- a/deploy/vsftpd.sh
+++ b/deploy/vsftpd.sh
@ -65,9 +65,9 @@ vsftpd_deploy() {
    cp "$_vsftpd_conf" "$_backup_conf"
    _info "Modify vsftpd conf: $_vsftpd_conf"
    if _setopt "$_vsftpd_conf" "rsa_cert_file" "=" "$_real_fullchain" \
      && _setopt "$_vsftpd_conf" "rsa_private_key_file" "=" "$_real_key" \
      && _setopt "$_vsftpd_conf" "ssl_enable" "=" "YES"; then
    if _setopt "$_vsftpd_conf" "rsa_cert_file" "=" "$_real_fullchain" &&
      _setopt "$_vsftpd_conf" "rsa_private_key_file" "=" "$_real_key" &&
      _setopt "$_vsftpd_conf" "ssl_enable" "=" "YES"; then
      _info "Set config success!"
    else
      _err "Config vsftpd server error, please report bug to us."
--- a/dnsapi/dns_aws.sh
+++ b/dnsapi/dns_aws.sh
@ -222,21 +222,21 @@ _use_instance_role() {
 _use_metadata() {
  _aws_creds="$(
    _get "$1" "" 1 \
      | _normalizeJson \
      | tr '{,}' '\n' \
      | while read -r _line; do
    _get "$1" "" 1 |
      _normalizeJson |
      tr '{,}' '\n' |
      while read -r _line; do
        _key="$(echo "${_line%%:*}" | tr -d '"')"
        _value="${_line#*:}"
        _debug3 "_key" "$_key"
        _secure_debug3 "_value" "$_value"
        case "$_key" in
          AccessKeyId) echo "AWS_ACCESS_KEY_ID=$_value" ;;
          SecretAccessKey) echo "AWS_SECRET_ACCESS_KEY=$_value" ;;
          Token) echo "AWS_SESSION_TOKEN=$_value" ;;
        AccessKeyId) echo "AWS_ACCESS_KEY_ID=$_value" ;;
        SecretAccessKey) echo "AWS_SECRET_ACCESS_KEY=$_value" ;;
        Token) echo "AWS_SESSION_TOKEN=$_value" ;;
        esac
      done \
        | paste -sd' ' -
      done |
      paste -sd' ' -
  )"
  _secure_debug "_aws_creds" "$_aws_creds"
--- a/dnsapi/dns_azure.sh
+++ b/dnsapi/dns_azure.sh
@ -220,7 +220,7 @@ _azure_rest() {
    export _H2="accept: application/json"
    export _H3="Content-Type: application/json"
    # clear headers from previous request to avoid getting wrong http code on timeouts
    :>"$HTTP_HEADER"
    : >"$HTTP_HEADER"
    _debug "$ep"
    if [ "$m" != "GET" ]; then
      _secure_debug2 "data $data"
--- a/dnsapi/dns_conoha.sh
+++ b/dnsapi/dns_conoha.sh
@ -115,9 +115,9 @@ dns_conoha_rm() {
    return 1
  fi
  record_id=$(printf "%s" "$response" | _egrep_o '{[^}]*}' \
    | grep '"type":"TXT"' | grep "\"data\":\"$txtvalue\"" | _egrep_o "\"id\":\"[^\"]*\"" \
    | _head_n 1 | cut -d : -f 2 | tr -d \")
  record_id=$(printf "%s" "$response" | _egrep_o '{[^}]*}' |
    grep '"type":"TXT"' | grep "\"data\":\"$txtvalue\"" | _egrep_o "\"id\":\"[^\"]*\"" |
    _head_n 1 | cut -d : -f 2 | tr -d \")
  if [ -z "$record_id" ]; then
    _err "Can not get record id to remove."
    return 1
--- a/dnsapi/dns_cyon.sh
+++ b/dnsapi/dns_cyon.sh
@ -18,23 +18,23 @@
 ########
 dns_cyon_add() {
  _cyon_load_credentials \
    && _cyon_load_parameters "$@" \
    && _cyon_print_header "add" \
    && _cyon_login \
    && _cyon_change_domain_env \
    && _cyon_add_txt \
    && _cyon_logout
  _cyon_load_credentials &&
    _cyon_load_parameters "$@" &&
    _cyon_print_header "add" &&
    _cyon_login &&
    _cyon_change_domain_env &&
    _cyon_add_txt &&
    _cyon_logout
 }
 dns_cyon_rm() {
  _cyon_load_credentials \
    && _cyon_load_parameters "$@" \
    && _cyon_print_header "delete" \
    && _cyon_login \
    && _cyon_change_domain_env \
    && _cyon_delete_txt \
    && _cyon_logout
  _cyon_load_credentials &&
    _cyon_load_parameters "$@" &&
    _cyon_print_header "delete" &&
    _cyon_login &&
    _cyon_change_domain_env &&
    _cyon_delete_txt &&
    _cyon_logout
 }
 #########################
--- a/dnsapi/dns_da.sh
+++ b/dnsapi/dns_da.sh
@ -115,23 +115,23 @@ _da_api() {
  _debug response "$response"
  case "${cmd}" in
    CMD_API_DNS_CONTROL)
      # Parse the result in general
      # error=0&text=Records Deleted&details=
      # error=1&text=Cannot View Dns Record&details=No domain provided
      err_field="$(_getfield "$response" 1 '&')"
      txt_field="$(_getfield "$response" 2 '&')"
      details_field="$(_getfield "$response" 3 '&')"
      error="$(_getfield "$err_field" 2 '=')"
      text="$(_getfield "$txt_field" 2 '=')"
      details="$(_getfield "$details_field" 2 '=')"
      _debug "error: ${error}, text: ${text}, details: ${details}"
      if [ "$error" != "0" ]; then
        _err "error $response"
        return 1
      fi
      ;;
    CMD_API_SHOW_DOMAINS) ;;
  CMD_API_DNS_CONTROL)
    # Parse the result in general
    # error=0&text=Records Deleted&details=
    # error=1&text=Cannot View Dns Record&details=No domain provided
    err_field="$(_getfield "$response" 1 '&')"
    txt_field="$(_getfield "$response" 2 '&')"
    details_field="$(_getfield "$response" 3 '&')"
    error="$(_getfield "$err_field" 2 '=')"
    text="$(_getfield "$txt_field" 2 '=')"
    details="$(_getfield "$details_field" 2 '=')"
    _debug "error: ${error}, text: ${text}, details: ${details}"
    if [ "$error" != "0" ]; then
      _err "error $response"
      return 1
    fi
    ;;
  CMD_API_SHOW_DOMAINS) ;;
  esac
  return 0
 }
--- a/dnsapi/dns_do.sh
+++ b/dnsapi/dns_do.sh
@ -67,14 +67,14 @@ _dns_do_list_rrs() {
    _err "getRRList origin ${_domain} failed"
    return 1
  fi
  _rr_list="$(echo "${response}" \
    | tr -d "\n\r\t" \
    | sed -e 's/<item xsi:type="ns2:Map">/\n/g' \
    | grep ">$(_regexcape "$fulldomain")</value>" \
    | sed -e 's/<\/item>/\n/g' \
    | grep '>id</key><value' \
    | _egrep_o '>[0-9]{1,16}<' \
    | tr -d '><')"
  _rr_list="$(echo "${response}" |
    tr -d "\n\r\t" |
    sed -e 's/<item xsi:type="ns2:Map">/\n/g' |
    grep ">$(_regexcape "$fulldomain")</value>" |
    sed -e 's/<\/item>/\n/g' |
    grep '>id</key><value' |
    _egrep_o '>[0-9]{1,16}<' |
    tr -d '><')"
  [ "${_rr_list}" ]
 }
@ -120,10 +120,10 @@ _get_root() {
  i=1
  _dns_do_soap getDomainList
  _all_domains="$(echo "${response}" \
    | tr -d "\n\r\t " \
    | _egrep_o 'domain</key><value[^>]+>[^<]+' \
    | sed -e 's/^domain<\/key><value[^>]*>//g')"
  _all_domains="$(echo "${response}" |
    tr -d "\n\r\t " |
    _egrep_o 'domain</key><value[^>]+>[^<]+' |
    sed -e 's/^domain<\/key><value[^>]*>//g')"
  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
--- a/dnsapi/dns_dynv6.sh
+++ b/dnsapi/dns_dynv6.sh
@ -80,7 +80,7 @@ _generate_new_key() {
 _get_domain() {
  _full_domain="$1"
  _debug "getting domain for $_full_domain"
  if ! _contains "$_full_domain" 'dynv6.net' && ! _contains "$_full_domain" 'dns.army' && ! _contains "$_full_domain" 'dns.navy' && ! _contains "$_full_domain" 'v6.rocks' ; then
  if ! _contains "$_full_domain" 'dynv6.net' && ! _contains "$_full_domain" 'dns.army' && ! _contains "$_full_domain" 'dns.navy' && ! _contains "$_full_domain" 'v6.rocks'; then
    _err "The hosts does not seem to be a dynv6 host"
    return 1
  fi
--- a/dnsapi/dns_freedns.sh
+++ b/dnsapi/dns_freedns.sh
@ -303,10 +303,10 @@ _freedns_domain_id() {
      return 1
    fi
    domain_id="$(echo "$htmlpage" | tr -d " \t\r\n\v\f" | sed 's/<tr>/@<tr>/g' | tr '@' '\n' \
      | grep "<td>$search_domain</td>\|<td>$search_domain(.*)</td>" \
      | sed -n 's/.*\(edit\.php?edit_domain_id=[0-9a-zA-Z]*\).*/\1/p' \
      | cut -d = -f 2)"
    domain_id="$(echo "$htmlpage" | tr -d " \t\r\n\v\f" | sed 's/<tr>/@<tr>/g' | tr '@' '\n' |
      grep "<td>$search_domain</td>\|<td>$search_domain(.*)</td>" |
      sed -n 's/.*\(edit\.php?edit_domain_id=[0-9a-zA-Z]*\).*/\1/p' |
      cut -d = -f 2)"
    # The above beauty extracts domain ID from the html page...
    # strip out all blank space and new lines. Then insert newlines
    # before each table row <tr>
@ -349,11 +349,11 @@ _freedns_data_id() {
      return 1
    fi
    data_id="$(echo "$htmlpage" | tr -d " \t\r\n\v\f" | sed 's/<tr>/@<tr>/g' | tr '@' '\n' \
      | grep "<td[a-zA-Z=#]*>$record_type</td>" \
      | grep "<ahref.*>$search_domain</a>" \
      | sed -n 's/.*\(edit\.php?data_id=[0-9a-zA-Z]*\).*/\1/p' \
      | cut -d = -f 2)"
    data_id="$(echo "$htmlpage" | tr -d " \t\r\n\v\f" | sed 's/<tr>/@<tr>/g' | tr '@' '\n' |
      grep "<td[a-zA-Z=#]*>$record_type</td>" |
      grep "<ahref.*>$search_domain</a>" |
      sed -n 's/.*\(edit\.php?data_id=[0-9a-zA-Z]*\).*/\1/p' |
      cut -d = -f 2)"
    # The above beauty extracts data ID from the html page...
    # strip out all blank space and new lines. Then insert newlines
    # before each table row <tr>
--- a/dnsapi/dns_gandi_livedns.sh
+++ b/dnsapi/dns_gandi_livedns.sh
@ -69,9 +69,9 @@ dns_gandi_livedns_rm() {
  _gandi_livedns_rest PUT \
    "domains/$_domain/records/$_sub_domain/TXT" \
    "{\"rrset_ttl\": 300, \"rrset_values\": $_new_rrset_values}" \
    && _contains "$response" '{"message": "DNS Record Created"}' \
    && _info "Removing record $(__green "success")"
    "{\"rrset_ttl\": 300, \"rrset_values\": $_new_rrset_values}" &&
    _contains "$response" '{"message": "DNS Record Created"}' &&
    _info "Removing record $(__green "success")"
 }
 ####################  Private functions below ##################################
@ -125,9 +125,9 @@ _dns_gandi_append_record() {
  fi
  _debug new_rrset_values "$_rrset_values"
  _gandi_livedns_rest PUT "domains/$_domain/records/$sub_domain/TXT" \
    "{\"rrset_ttl\": 300, \"rrset_values\": $_rrset_values}" \
    && _contains "$response" '{"message": "DNS Record Created"}' \
    && _info "Adding record $(__green "success")"
    "{\"rrset_ttl\": 300, \"rrset_values\": $_rrset_values}" &&
    _contains "$response" '{"message": "DNS Record Created"}' &&
    _info "Adding record $(__green "success")"
 }
 _dns_gandi_existing_rrset_values() {
@ -145,8 +145,8 @@ _dns_gandi_existing_rrset_values() {
    return 1
  fi
  _debug "Already has TXT record."
  _rrset_values=$(echo "$response" | _egrep_o 'rrset_values.*\[.*\]' \
    | _egrep_o '\[".*\"]')
  _rrset_values=$(echo "$response" | _egrep_o 'rrset_values.*\[.*\]' |
    _egrep_o '\[".*\"]')
  return 0
 }
--- a/dnsapi/dns_gcloud.sh
+++ b/dnsapi/dns_gcloud.sh
@ -78,8 +78,8 @@ _dns_gcloud_execute_tr() {
  for i in $(seq 1 120); do
    if gcloud dns record-sets changes list \
      --zone="$managedZone" \
      --filter='status != done' \
      | grep -q '^.*'; then
      --filter='status != done' |
      grep -q '^.*'; then
      _info "_dns_gcloud_execute_tr: waiting for transaction to be comitted ($i/120)..."
      sleep 5
    else
@ -137,11 +137,11 @@ _dns_gcloud_find_zone() {
  # List domains and find the zone with the deepest sub-domain (in case of some levels of delegation)
  if ! match=$(gcloud dns managed-zones list \
    --format="value(name, dnsName)" \
    --filter="$filter" \
    | while read -r dnsName name; do
    --filter="$filter" |
    while read -r dnsName name; do
      printf "%s\t%s\t%s\n" "$(echo "$name" | awk -F"." '{print NF-1}')" "$dnsName" "$name"
    done \
      | sort -n -r | _head_n 1 | cut -f2,3 | grep '^.*'); then
    done |
    sort -n -r | _head_n 1 | cut -f2,3 | grep '^.*'); then
    _err "_dns_gcloud_find_zone: Can't find a matching managed zone! Perhaps wrong project or gcloud credentials?"
    return 1
  fi
--- a/dnsapi/dns_he.sh
+++ b/dnsapi/dns_he.sh
@ -101,8 +101,8 @@ dns_he_rm() {
  body="$body&hosted_dns_editzone=1"
  body="$body&hosted_dns_delrecord=1"
  body="$body&hosted_dns_delconfirm=delete"
  _post "$body" "https://dns.he.net/" \
    | grep '<div id="dns_status" onClick="hideThis(this);">Successfully removed record.</div>' \
  _post "$body" "https://dns.he.net/" |
    grep '<div id="dns_status" onClick="hideThis(this);">Successfully removed record.</div>' \
      >/dev/null
  exit_code="$?"
  if [ "$exit_code" -eq 0 ]; then
--- a/dnsapi/dns_hetzner.sh
+++ b/dnsapi/dns_hetzner.sh
@ -123,10 +123,10 @@ _find_record() {
    return 1
  else
    _record_id=$(
      echo "$response" \
        | grep -o "{[^\{\}]*\"name\":\"$_record_name\"[^\}]*}" \
        | grep "\"value\":\"$_record_value\"" \
        | while read -r record; do
      echo "$response" |
        grep -o "{[^\{\}]*\"name\":\"$_record_name\"[^\}]*}" |
        grep "\"value\":\"$_record_value\"" |
        while read -r record; do
          # test for type and
          if [ -n "$(echo "$record" | _egrep_o '"type":"TXT"')" ]; then
            echo "$record" | _egrep_o '"id":"[^"]*"' | cut -d : -f 2 | tr -d \"
--- a/dnsapi/dns_ispconfig.sh
+++ b/dnsapi/dns_ispconfig.sh
@ -95,29 +95,29 @@ _ISPC_getZoneInfo() {
    server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
    _debug "Server ID: '${server_id}'"
    case "${server_id}" in
      '' | *[!0-9]*)
        _err "Server ID is not numeric."
        return 1
        ;;
      *) _info "Retrieved Server ID" ;;
    '' | *[!0-9]*)
      _err "Server ID is not numeric."
      return 1
      ;;
    *) _info "Retrieved Server ID" ;;
    esac
    zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
    _debug "Zone: '${zone}'"
    case "${zone}" in
      '' | *[!0-9]*)
        _err "Zone ID is not numeric."
        return 1
        ;;
      *) _info "Retrieved Zone ID" ;;
    '' | *[!0-9]*)
      _err "Zone ID is not numeric."
      return 1
      ;;
    *) _info "Retrieved Zone ID" ;;
    esac
    client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
    _debug "Client ID: '${client_id}'"
    case "${client_id}" in
      '' | *[!0-9]*)
        _err "Client ID is not numeric."
        return 1
        ;;
      *) _info "Retrieved Client ID." ;;
    '' | *[!0-9]*)
      _err "Client ID is not numeric."
      return 1
      ;;
    *) _info "Retrieved Client ID." ;;
    esac
    zoneFound=""
    zoneEnd=""
@ -135,11 +135,11 @@ _ISPC_addTxt() {
  record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
  _debug "Record ID: '${record_id}'"
  case "${record_id}" in
    '' | *[!0-9]*)
      _err "Couldn't add ACME Challenge TXT record to zone."
      return 1
      ;;
    *) _info "Added ACME Challenge TXT record to zone." ;;
  '' | *[!0-9]*)
    _err "Couldn't add ACME Challenge TXT record to zone."
    return 1
    ;;
  *) _info "Added ACME Challenge TXT record to zone." ;;
  esac
 }
@ -153,24 +153,24 @@ _ISPC_rmTxt() {
    record_id=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
    _debug "Record ID: '${record_id}'"
    case "${record_id}" in
      '' | *[!0-9]*)
        _err "Record ID is not numeric."
    '' | *[!0-9]*)
      _err "Record ID is not numeric."
      return 1
      ;;
    *)
      unset IFS
      _info "Retrieved Record ID."
      curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\",\"update_serial\":true}"
      curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")"
      _debug "Calling _ISPC_rmTxt: '${curData}' '${ISPC_Api}?dns_txt_delete'"
      _debug "Result of _ISPC_rmTxt: '$curResult'"
      if _contains "${curResult}" '"code":"ok"'; then
        _info "Removed ACME Challenge TXT record from zone."
      else
        _err "Couldn't remove ACME Challenge TXT record from zone."
        return 1
        ;;
      *)
        unset IFS
        _info "Retrieved Record ID."
        curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\",\"update_serial\":true}"
        curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")"
        _debug "Calling _ISPC_rmTxt: '${curData}' '${ISPC_Api}?dns_txt_delete'"
        _debug "Result of _ISPC_rmTxt: '$curResult'"
        if _contains "${curResult}" '"code":"ok"'; then
          _info "Removed ACME Challenge TXT record from zone."
        else
          _err "Couldn't remove ACME Challenge TXT record from zone."
          return 1
        fi
        ;;
      fi
      ;;
    esac
  fi
 }
--- a/dnsapi/dns_kappernet.sh
+++ b/dnsapi/dns_kappernet.sh
@ -0,0 +1,150 @@
 #!/usr/bin/env sh
 # kapper.net domain api
 # for further questions please contact: support@kapper.net
 # please report issues here: https://github.com/acmesh-official/acme.sh/issues/2977
 #KAPPERNETDNS_Key="yourKAPPERNETapikey"
 #KAPPERNETDNS_Secret="yourKAPPERNETapisecret"
 KAPPERNETDNS_Api="https://dnspanel.kapper.net/API/1.2?APIKey=$KAPPERNETDNS_Key&APISecret=$KAPPERNETDNS_Secret"
 ###############################################################################
 # called with
 # fullhostname: something.example.com
 # txtvalue:     someacmegenerated string
 dns_kappernet_add() {
  fullhostname=$1
  txtvalue=$2
  KAPPERNETDNS_Key="${KAPPERNETDNS_Key:-$(_readaccountconf_mutable KAPPERNETDNS_Key)}"
  KAPPERNETDNS_Secret="${KAPPERNETDNS_Secret:-$(_readaccountconf_mutable KAPPERNETDNS_Secret)}"
  if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
    KAPPERNETDNS_Key=""
    KAPPERNETDNS_Secret=""
    _err "Please specify your kapper.net api key and secret."
    _err "If you have not received yours - send your mail to"
    _err "support@kapper.net to get  your key and secret."
    return 1
  fi
  #store the api key and email to the account conf file.
  _saveaccountconf_mutable KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
  _saveaccountconf_mutable KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
  _debug "Checking Domain ..."
  if ! _get_root "$fullhostname"; then
    _err "invalid domain"
    return 1
  fi
  _debug _sub_domain "SUBDOMAIN: $_sub_domain"
  _debug _domain "DOMAIN: $_domain"
  _info "Trying to add TXT DNS Record"
  data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"
  if _kappernet_api GET "action=new&subject=$_domain&data=$data"; then
    if _contains "$response" "{\"OK\":true"; then
      _info "Waiting 120 seconds for DNS to spread the new record"
      _sleep 120
      return 0
    else
      _err "Error creating a TXT DNS Record: $fullhostname TXT $txtvalue"
      _err "Error Message: $response"
      return 1
    fi
  fi
  _err "Failed creating TXT Record"
 }
 ###############################################################################
 # called with
 # fullhostname: something.example.com
 dns_kappernet_rm() {
  fullhostname=$1
  txtvalue=$2
  KAPPERNETDNS_Key="${KAPPERNETDNS_Key:-$(_readaccountconf_mutable KAPPERNETDNS_Key)}"
  KAPPERNETDNS_Secret="${KAPPERNETDNS_Secret:-$(_readaccountconf_mutable KAPPERNETDNS_Secret)}"
  if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
    KAPPERNETDNS_Key=""
    KAPPERNETDNS_Secret=""
    _err "Please specify your kapper.net api key and secret."
    _err "If you have not received yours - send your mail to"
    _err "support@kapper.net to get  your key and secret."
    return 1
  fi
  #store the api key and email to the account conf file.
  _saveaccountconf_mutable KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
  _saveaccountconf_mutable KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
  _info "Trying to remove the TXT Record: $fullhostname containing $txtvalue"
  data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"
  if _kappernet_api GET "action=del&subject=$fullhostname&data=$data"; then
    if _contains "$response" "{\"OK\":true"; then
      return 0
    else
      _err "Error deleting DNS Record: $fullhostname containing $txtvalue"
      _err "Problem: $response"
      return 1
    fi
  fi
  _err "Problem deleting TXT DNS record"
 }
 ####################  Private functions below ##################################
 # called with hostname
 # e.g._acme-challenge.www.domain.com returns
 # _sub_domain=_acme-challenge.www
 # _domain=domain.com
 _get_root() {
  domain=$1
  i=2
  p=1
  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
    if [ -z "$h" ]; then
      #not valid
      return 1
    fi
    if ! _kappernet_api GET "action=list&subject=$h"; then
      return 1
    fi
    if _contains "$response" '"OK":false'; then
      _debug "$h not found"
    else
      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
      _domain="$h"
      return 0
    fi
    p="$i"
    i=$(_math "$i" + 1)
  done
  return 1
 }
 ################################################################################
 # calls the kapper.net DNS Panel API
 # with
 # method
 # param
 _kappernet_api() {
  method=$1
  param="$2"
  _debug param "PARAMETER=$param"
  url="$KAPPERNETDNS_Api&$param"
  _debug url "URL=$url"
  if [ "$method" = "GET" ]; then
    response="$(_get "$url")"
  else
    _err "Unsupported method"
    return 1
  fi
  _debug2 response "$response"
  return 0
 }
--- a/dnsapi/dns_netlify.sh
+++ b/dnsapi/dns_netlify.sh
@ -57,6 +57,8 @@ dns_netlify_add() {
 #Remove the txt record after validation.
 dns_netlify_rm() {
  _info "Using Netlify"
  txtdomain="$1"
  txt="$2"
  _debug txtdomain "$txtdomain"
  _debug txt "$txt"
@ -75,7 +77,7 @@ dns_netlify_rm() {
  _netlify_rest GET "$dnsRecordURI" "" "$NETLIFY_ACCESS_TOKEN"
  _record_id=$(echo "$response" | _egrep_o "\"type\":\"TXT\",[^\}]*\"value\":\"$txt\"" | head -n 1 | _egrep_o "\"id\":\"[^\"\}]*\"" | cut -d : -f 2 | tr -d \" )
  _record_id=$(echo "$response" | _egrep_o "\"type\":\"TXT\",[^\}]*\"value\":\"$txt\"" | head -n 1 | _egrep_o "\"id\":\"[^\"\}]*\"" | cut -d : -f 2 | tr -d \")
  _debug _record_id "$_record_id"
  if [ "$_record_id" ]; then
    _netlify_rest DELETE "$dnsRecordURI/$_record_id" "" "$NETLIFY_ACCESS_TOKEN"
@ -112,7 +114,7 @@ _get_root() {
    fi
    if _contains "$response" "\"name\":\"$h\"" >/dev/null; then
      _domain_id=$(echo "$response" | _egrep_o "\"[^\"]*\",\"name\":\"$h" | cut -d , -f 1 | tr -d \" )
      _domain_id=$(echo "$response" | _egrep_o "\"[^\"]*\",\"name\":\"$h" | cut -d , -f 1 | tr -d \")
      if [ "$_domain_id" ]; then
        if [ "$i" = 1 ]; then
          #create the record at the domain apex (@) if only the domain name was provided as --domain-alias
@ -142,7 +144,7 @@ _netlify_rest() {
  export _H1="Content-Type: application/json"
  export _H2="Authorization: Bearer $token_trimmed"
  :>"$HTTP_HEADER"
  : >"$HTTP_HEADER"
  if [ "$m" != "GET" ]; then
    _debug data "$data"
--- a/dnsapi/dns_nic.sh
+++ b/dnsapi/dns_nic.sh
@ -166,7 +166,7 @@ _get_root() {
    if _contains "$_all_domains" "^$h$"; then
      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
      _domain=$h
      _service=$(printf "%s" "$response" | grep "idn-name=\"$_domain\"" | sed -r "s/.*service=\"(.*)\".*$/\1/")
      _service=$(printf "%s" "$response" | grep -m 1 "idn-name=\"$_domain\"" | sed -r "s/.*service=\"(.*)\".*$/\1/")
      return 0
    fi
    p="$i"
--- a/dnsapi/dns_openstack.sh
+++ b/dnsapi/dns_openstack.sh
--- a/dnsapi/dns_ovh.sh
+++ b/dnsapi/dns_ovh.sh
@ -41,40 +41,40 @@ _ovh_get_api() {
  case "${_ogaep}" in
    ovh-eu | ovheu)
      printf "%s" $OVH_EU
      return
      ;;
    ovh-ca | ovhca)
      printf "%s" $OVH_CA
      return
      ;;
    kimsufi-eu | kimsufieu)
      printf "%s" $KSF_EU
      return
      ;;
    kimsufi-ca | kimsufica)
      printf "%s" $KSF_CA
      return
      ;;
    soyoustart-eu | soyoustarteu)
      printf "%s" $SYS_EU
      return
      ;;
    soyoustart-ca | soyoustartca)
      printf "%s" $SYS_CA
      return
      ;;
    runabove-ca | runaboveca)
      printf "%s" $RAV_CA
      return
      ;;
    *)
      _err "Unknown parameter : $1"
      return 1
      ;;
  ovh-eu | ovheu)
    printf "%s" $OVH_EU
    return
    ;;
  ovh-ca | ovhca)
    printf "%s" $OVH_CA
    return
    ;;
  kimsufi-eu | kimsufieu)
    printf "%s" $KSF_EU
    return
    ;;
  kimsufi-ca | kimsufica)
    printf "%s" $KSF_CA
    return
    ;;
  soyoustart-eu | soyoustarteu)
    printf "%s" $SYS_EU
    return
    ;;
  soyoustart-ca | soyoustartca)
    printf "%s" $SYS_CA
    return
    ;;
  runabove-ca | runaboveca)
    printf "%s" $RAV_CA
    return
    ;;
  *)
    _err "Unknown parameter : $1"
    return 1
    ;;
  esac
 }
--- a/dnsapi/dns_pleskxml.sh
+++ b/dnsapi/dns_pleskxml.sh
@ -136,11 +136,12 @@ dns_pleskxml_rm() {
  # Reduce output to one line per DNS record, filtered for TXT records with a record ID only (which they should all have)
  # Also strip out spaces between tags, redundant <data> and </data> group tags and any <self-closing/> tags
  reclist="$(_api_response_split "$pleskxml_prettyprint_result" 'result' '<status>ok</status>' \
    | sed 's# \{1,\}<\([a-zA-Z]\)#<\1#g;s#</\{0,1\}data>##g;s#<[a-z][^/<>]*/>##g' \
    | grep "<site-id>${root_domain_id}</site-id>" \
    | grep '<id>[0-9]\{1,\}</id>' \
    | grep '<type>TXT</type>'
  reclist="$(
    _api_response_split "$pleskxml_prettyprint_result" 'result' '<status>ok</status>' |
      sed 's# \{1,\}<\([a-zA-Z]\)#<\1#g;s#</\{0,1\}data>##g;s#<[a-z][^/<>]*/>##g' |
      grep "<site-id>${root_domain_id}</site-id>" |
      grep '<id>[0-9]\{1,\}</id>' |
      grep '<type>TXT</type>'
  )"
  if [ -z "$reclist" ]; then
@ -151,10 +152,11 @@ dns_pleskxml_rm() {
  _debug "Got list of DNS TXT records for root domain '$root_domain_name':"
  _debug "$reclist"
  recid="$(_value "$reclist" \
    | grep "<host>${fulldomain}.</host>" \
    | grep "<value>${txtvalue}</value>" \
    | sed 's/^.*<id>\([0-9]\{1,\}\)<\/id>.*$/\1/'
  recid="$(
    _value "$reclist" |
      grep "<host>${fulldomain}.</host>" |
      grep "<value>${txtvalue}</value>" |
      sed 's/^.*<id>\([0-9]\{1,\}\)<\/id>.*$/\1/'
  )"
  if ! _value "$recid" | grep '^[0-9]\{1,\}$' >/dev/null; then
@ -220,11 +222,11 @@ _countdots() {
 #       Last line could change to <sed -n '/.../p'> instead, with suitable escaping of ['"/$],
 #       if future Plesk XML API changes ever require extended regex
 _api_response_split() {
  printf '%s' "$1" \
    | sed 's/^ +//;s/ +$//' \
    | tr -d '\n\r' \
    | sed "s/<\/\{0,1\}$2>/${NEWLINE}/g" \
    | grep "$3"
  printf '%s' "$1" |
    sed 's/^ +//;s/ +$//' |
    tr -d '\n\r' |
    sed "s/<\/\{0,1\}$2>/${NEWLINE}/g" |
    grep "$3"
 }
 ####################  Private functions below (DNS functions) ##################################
@ -265,10 +267,11 @@ _call_api() {
    #   - filter output to keep only lines like this: "SPACES<TAG>text</TAG>SPACES" (shouldn't be necessary with prettyprint but guarantees subsequent code is ok)
    #   - then edit the 3 "useful" error tokens individually and remove closing tags on all lines
    #   - then filter again to remove all lines not edited (which will be the lines not starting A-Z)
    errtext="$(_value "$pleskxml_prettyprint_result" \
      | grep '^ *<[a-z]\{1,\}>[^<]*<\/[a-z]\{1,\}> *$' \
      | sed 's/^ *<status>/Status:     /;s/^ *<errcode>/Error code: /;s/^ *<errtext>/Error text: /;s/<\/.*$//' \
      | grep '^[A-Z]'
    errtext="$(
      _value "$pleskxml_prettyprint_result" |
        grep '^ *<[a-z]\{1,\}>[^<]*<\/[a-z]\{1,\}> *$' |
        sed 's/^ *<status>/Status:     /;s/^ *<errcode>/Error code: /;s/^ *<errtext>/Error text: /;s/<\/.*$//' |
        grep '^[A-Z]'
    )"
  fi
--- a/dnsapi/dns_regru.sh
+++ b/dnsapi/dns_regru.sh
@ -33,8 +33,11 @@ dns_regru_add() {
  fi
  _debug _domain "$_domain"
  _subdomain=$(echo "$fulldomain" | sed -r "s/.$_domain//")
  _debug _subdomain "$_subdomain"
  _info "Adding TXT record to ${fulldomain}"
  _regru_rest POST "zone/add_txt" "input_data={%22username%22:%22${REGRU_API_Username}%22,%22password%22:%22${REGRU_API_Password}%22,%22domains%22:[{%22dname%22:%22${_domain}%22}],%22subdomain%22:%22_acme-challenge%22,%22text%22:%22${txtvalue}%22,%22output_content_type%22:%22plain%22}&input_format=json"
  _regru_rest POST "zone/add_txt" "input_data={%22username%22:%22${REGRU_API_Username}%22,%22password%22:%22${REGRU_API_Password}%22,%22domains%22:[{%22dname%22:%22${_domain}%22}],%22subdomain%22:%22${_subdomain}%22,%22text%22:%22${txtvalue}%22,%22output_content_type%22:%22plain%22}&input_format=json"
  if ! _contains "${response}" 'error'; then
    return 0
@ -64,8 +67,11 @@ dns_regru_rm() {
  fi
  _debug _domain "$_domain"
  _subdomain=$(echo "$fulldomain" | sed -r "s/.$_domain//")
  _debug _subdomain "$_subdomain"
  _info "Deleting resource record $fulldomain"
  _regru_rest POST "zone/remove_record" "input_data={%22username%22:%22${REGRU_API_Username}%22,%22password%22:%22${REGRU_API_Password}%22,%22domains%22:[{%22dname%22:%22${_domain}%22}],%22subdomain%22:%22_acme-challenge%22,%22content%22:%22${txtvalue}%22,%22record_type%22:%22TXT%22,%22output_content_type%22:%22plain%22}&input_format=json"
  _regru_rest POST "zone/remove_record" "input_data={%22username%22:%22${REGRU_API_Username}%22,%22password%22:%22${REGRU_API_Password}%22,%22domains%22:[{%22dname%22:%22${_domain}%22}],%22subdomain%22:%22${_subdomain}%22,%22content%22:%22${txtvalue}%22,%22record_type%22:%22TXT%22,%22output_content_type%22:%22plain%22}&input_format=json"
  if ! _contains "${response}" 'error'; then
    return 0
@ -87,11 +93,11 @@ _get_root() {
  for ITEM in ${domains_list}; do
    case "${domain}" in
      *${ITEM}*)
        _domain=${ITEM}
        _debug _domain "${_domain}"
        return 0
        ;;
    *${ITEM}*)
      _domain=${ITEM}
      _debug _domain "${_domain}"
      return 0
      ;;
    esac
  done
--- a/notify/mail.sh
+++ b/notify/mail.sh
@ -98,24 +98,24 @@ _mail_cmnd() {
  _MAIL_ARGS=""
  case $(basename "$_MAIL_BIN") in
    sendmail)
      if [ -n "$MAIL_FROM" ]; then
        _MAIL_ARGS="-f '$MAIL_FROM'"
      fi
      ;;
    mutt | mail)
      _MAIL_ARGS="-s '$_subject'"
      ;;
    msmtp)
      if [ -n "$MAIL_FROM" ]; then
        _MAIL_ARGS="-f '$MAIL_FROM'"
      fi
      if [ -n "$MAIL_MSMTP_ACCOUNT" ]; then
        _MAIL_ARGS="$_MAIL_ARGS -a '$MAIL_MSMTP_ACCOUNT'"
      fi
      ;;
    *) ;;
  sendmail)
    if [ -n "$MAIL_FROM" ]; then
      _MAIL_ARGS="-f '$MAIL_FROM'"
    fi
    ;;
  mutt | mail)
    _MAIL_ARGS="-s '$_subject'"
    ;;
  msmtp)
    if [ -n "$MAIL_FROM" ]; then
      _MAIL_ARGS="-f '$MAIL_FROM'"
    fi
    if [ -n "$MAIL_MSMTP_ACCOUNT" ]; then
      _MAIL_ARGS="$_MAIL_ARGS -a '$MAIL_MSMTP_ACCOUNT'"
    fi
    ;;
  *) ;;
  esac
  echo "'$_MAIL_BIN' $_MAIL_ARGS '$MAIL_TO'"
@ -123,16 +123,16 @@ _mail_cmnd() {
 _mail_body() {
  case $(basename "$_MAIL_BIN") in
    sendmail | ssmtp | msmtp)
      if [ -n "$MAIL_FROM" ]; then
        echo "From: $MAIL_FROM"
      fi
      echo "To: $MAIL_TO"
      echo "Subject: $subject"
      echo "Content-Type: $contenttype"
      echo
      ;;
  sendmail | ssmtp | msmtp)
    if [ -n "$MAIL_FROM" ]; then
      echo "From: $MAIL_FROM"
    fi
    echo "To: $MAIL_TO"
    echo "Subject: $subject"
    echo "Content-Type: $contenttype"
    echo
    ;;
  esac
  echo "$_content"
--- a/notify/teams.sh
+++ b/notify/teams.sh
@ -52,15 +52,15 @@ teams_send() {
  _content=$(echo "$_content" | _json_encode)
  case "$_statusCode" in
    0)
      _color="${TEAMS_SUCCESS_COLOR:-$_color_success}"
      ;;
    1)
      _color="${TEAMS_ERROR_COLOR:-$_color_danger}"
      ;;
    2)
      _color="${TEAMS_SKIP_COLOR:-$_color_muted}"
      ;;
  0)
    _color="${TEAMS_SUCCESS_COLOR:-$_color_success}"
    ;;
  1)
    _color="${TEAMS_ERROR_COLOR:-$_color_danger}"
    ;;
  2)
    _color="${TEAMS_SKIP_COLOR:-$_color_muted}"
    ;;
  esac
  _color=$(echo "$_color" | tr -cd 'a-fA-F0-9')
--- a/notify/xmpp.sh
+++ b/notify/xmpp.sh
@ -71,13 +71,13 @@ _xmpp_bin() {
 _xmpp_cmnd() {
  case $(basename "$_XMPP_BIN") in
    sendxmpp)
      echo "'$_XMPP_BIN' '$XMPP_TO' $XMPP_BIN_ARGS"
      ;;
    *)
      _err "Command $XMPP_BIN is not supported, use sendxmpp."
      return 1
      ;;
  sendxmpp)
    echo "'$_XMPP_BIN' '$XMPP_TO' $XMPP_BIN_ARGS"
    ;;
  *)
    _err "Command $XMPP_BIN is not supported, use sendxmpp."
    return 1
    ;;
  esac
 }