@ -4,9 +4,11 @@
# one.com ui wrapper for acme.sh
# one.com ui wrapper for acme.sh
# Author: github: @diseq
# Author: github: @diseq
# Created: 2019-02-17
# Created: 2019-02-17
# Fixed by: @der-berni
# Modified: 2019-05-20
#
#
# export ONECOM_User="username"
# export ONECOM_Password ="password"
# export ONECOM_USER ="username"
# export ONECOM_PASSWORD ="password"
#
#
# Usage:
# Usage:
# acme.sh --issue --dns dns_one -d example.com
# acme.sh --issue --dns dns_one -d example.com
@ -14,38 +16,56 @@
# only single domain supported atm
# only single domain supported atm
dns_one_add( ) {
dns_one_add( ) {
mysubdomain = $( printf -- "%s" " $1 " | rev | cut -d"." -f3- | rev)
mydomain = $( printf -- "%s" " $1 " | rev | cut -d"." -f1-2 | rev)
#rev command not found on OpenWrt
#mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
#mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
fulldomain = $1
txtvalue = $2
txtvalue = $2
_debug "First detect the root zone"
if ! _get_root " $fulldomain " ; then
_err "invalid domain"
return 1
fi
mysubdomain = $_sub_domain
mydomain = $_domain
_debug mysubdomain " $mysubdomain "
_debug mydomain " $mydomain "
# get credentials
# get credentials
ONECOM_User = " ${ ONECOM_User :- $( _readaccountconf_mutable ONECOM_User) } "
ONECOM_Password = " ${ ONECOM_Password :- $( _readaccountconf_mutable ONECOM_Password) } "
if [ -z " $ONECOM_User " ] || [ -z " $ONECOM_Password " ] ; then
ONECOM_User = ""
ONECOM_Password = ""
ONECOM_USER = " ${ ONECOM_USER :- $( _readaccountconf_mutable ONECOM_USER ) } "
ONECOM_PASSWORD = " ${ ONECOM_PASSWORD :- $( _readaccountconf_mutable ONECOM_PASSWORD ) } "
if [ -z " $ONECOM_USER " ] || [ -z " $ONECOM_PASSWORD " ] ; then
ONECOM_USER = ""
ONECOM_PASSWORD = ""
_err "You didn't specify a one.com username and password yet."
_err "You didn't specify a one.com username and password yet."
_err "Please create the key and try again."
_err "Please create the key and try again."
return 1
return 1
fi
fi
#save the api key and email to the account conf file.
#save the api key and email to the account conf file.
_saveaccountconf_mutable ONECOM_User " $ONECOM_User "
_saveaccountconf_mutable ONECOM_Password " $ONECOM_Password "
_saveaccountconf_mutable ONECOM_USER " $ONECOM_USER "
_saveaccountconf_mutable ONECOM_PASSWORD " $ONECOM_PASSWORD "
# Login with user and password
# Login with user and password
postdata = "loginDomain=true"
postdata = "loginDomain=true"
postdata = " $postdata &displayUsername= $ONECOM_User "
postdata = " $postdata &username= $ONECOM_User "
postdata = " $postdata &displayUsername= $ONECOM_USER "
postdata = " $postdata &username= $ONECOM_USER "
postdata = " $postdata &targetDomain= $mydomain "
postdata = " $postdata &targetDomain= $mydomain "
postdata = " $postdata &password1= $ONECOM_Password "
postdata = " $postdata &password1= $ONECOM_PASSWORD "
postdata = " $postdata &loginTarget= "
postdata = " $postdata &loginTarget= "
#_debug postdata "$postdata"
#_debug postdata "$postdata"
#CURL does not work
local tmp_USE_WGET = $ACME_USE_WGET
ACME_USE_WGET = 1
response = " $( _post " $postdata " "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded" ) "
response = " $( _post " $postdata " "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded" ) "
#_debug response "$response"
#_debug response "$response"
JSESSIONID = " $( grep "JSESSIONID" " $HTTP_HEADER " | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'JSESSIONID=[^;]*;' | tr -d ';' ) "
JSESSIONID = " $( grep "OneSIDCrmAdmin " " $HTTP_HEADER " | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'OneSIDCrmAdmin =[^;]*;' | tr -d ';' ) "
_debug jsessionid " $JSESSIONID "
_debug jsessionid " $JSESSIONID "
export _H1 = " Cookie: ${ JSESSIONID } "
export _H1 = " Cookie: ${ JSESSIONID } "
@ -54,8 +74,8 @@ dns_one_add() {
response = " $( _get " https://www.one.com/admin/api/domains/ $mydomain /dns/custom_records " ) "
response = " $( _get " https://www.one.com/admin/api/domains/ $mydomain /dns/custom_records " ) "
_debug response " $response "
_debug response " $response "
CSRF_G_TOKEN = " $( grep "CSRF_G_TOKEN=" " $HTTP_HEADER " | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';' ) "
export _H2 = " Cookie: ${ CSRF_G_TOKEN } "
#CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';') "
#export _H2="Cookie: ${CSRF_G_TOKEN} "
# Update the IP address for domain entry
# Update the IP address for domain entry
postdata = " {\"type\":\"dns_custom_records\",\"attributes\":{\"priority\":0,\"ttl\":600,\"type\":\"TXT\",\"prefix\":\" $mysubdomain \",\"content\":\" $txtvalue \"}} "
postdata = " {\"type\":\"dns_custom_records\",\"attributes\":{\"priority\":0,\"ttl\":600,\"type\":\"TXT\",\"prefix\":\" $mysubdomain \",\"content\":\" $txtvalue \"}} "
@ -66,6 +86,8 @@ dns_one_add() {
id = $( echo " $response " | sed -n " s/{\"result\":{\"data\":{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\" $mysubdomain \",\"type\":\"TXT\",\"content\":\" $txtvalue \",\"priority\":0,\"ttl\":600}}},\"metadata\":null}/\1/p " )
id = $( echo " $response " | sed -n " s/{\"result\":{\"data\":{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\" $mysubdomain \",\"type\":\"TXT\",\"content\":\" $txtvalue \",\"priority\":0,\"ttl\":600}}},\"metadata\":null}/\1/p " )
ACME_USE_WGET = $tmp_USE_WGET
if [ -z " $id " ] ; then
if [ -z " $id " ] ; then
_err "Add txt record error."
_err "Add txt record error."
return 1
return 1
@ -77,16 +99,30 @@ dns_one_add() {
}
}
dns_one_rm( ) {
dns_one_rm( ) {
mysubdomain = $( printf -- "%s" " $1 " | rev | cut -d"." -f3- | rev)
mydomain = $( printf -- "%s" " $1 " | rev | cut -d"." -f1-2 | rev)
#rev command not found on OpenWrt
#mysubdomain=$(printf -- "%s" "$1" | rev | cut -d"." -f3- | rev)
#mydomain=$(printf -- "%s" "$1" | rev | cut -d"." -f1-2 | rev)
fulldomain = $1
txtvalue = $2
txtvalue = $2
_debug "First detect the root zone"
if ! _get_root " $fulldomain " ; then
_err "invalid domain"
return 1
fi
mysubdomain = $_sub_domain
mydomain = $_domain
_debug mysubdomain " $mysubdomain "
_debug mydomain " $mydomain "
# get credentials
# get credentials
ONECOM_User = " ${ ONECOM_User :- $( _readaccountconf_mutable ONECOM_User) } "
ONECOM_Password = " ${ ONECOM_Password :- $( _readaccountconf_mutable ONECOM_Password) } "
if [ -z " $ONECOM_User " ] || [ -z " $ONECOM_Password " ] ; then
ONECOM_User = ""
ONECOM_Password = ""
ONECOM_USER = " ${ ONECOM_USER :- $( _readaccountconf_mutable ONECOM_USER ) } "
ONECOM_PASSWORD = " ${ ONECOM_PASSWORD :- $( _readaccountconf_mutable ONECOM_PASSWORD ) } "
if [ -z " $ONECOM_USER " ] || [ -z " $ONECOM_PASSWORD " ] ; then
ONECOM_USER = ""
ONECOM_PASSWORD = ""
_err "You didn't specify a one.com username and password yet."
_err "You didn't specify a one.com username and password yet."
_err "Please create the key and try again."
_err "Please create the key and try again."
return 1
return 1
@ -94,16 +130,20 @@ dns_one_rm() {
# Login with user and password
# Login with user and password
postdata = "loginDomain=true"
postdata = "loginDomain=true"
postdata = " $postdata &displayUsername= $ONECOM_User "
postdata = " $postdata &username= $ONECOM_User "
postdata = " $postdata &displayUsername= $ONECOM_USER "
postdata = " $postdata &username= $ONECOM_USER "
postdata = " $postdata &targetDomain= $mydomain "
postdata = " $postdata &targetDomain= $mydomain "
postdata = " $postdata &password1= $ONECOM_Password "
postdata = " $postdata &password1= $ONECOM_PASSWORD "
postdata = " $postdata &loginTarget= "
postdata = " $postdata &loginTarget= "
#CURL does not work
local tmp_USE_WGET = $ACME_USE_WGET
ACME_USE_WGET = 1
response = " $( _post " $postdata " "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded" ) "
response = " $( _post " $postdata " "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded" ) "
#_debug response "$response"
#_debug response "$response"
JSESSIONID = " $( grep "JSESSIONID" " $HTTP_HEADER " | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'JSESSIONID=[^;]*;' | tr -d ';' ) "
JSESSIONID = " $( grep "OneSIDCrmAdmin " " $HTTP_HEADER " | grep "^[Ss]et-[Cc]ookie:" | _tail_n 1 | _egrep_o 'OneSIDCrmAdmin =[^;]*;' | tr -d ';' ) "
_debug jsessionid " $JSESSIONID "
_debug jsessionid " $JSESSIONID "
export _H1 = " Cookie: ${ JSESSIONID } "
export _H1 = " Cookie: ${ JSESSIONID } "
@ -113,13 +153,14 @@ dns_one_rm() {
response = " $( echo " $response " | _normalizeJson) "
response = " $( echo " $response " | _normalizeJson) "
_debug response " $response "
_debug response " $response "
CSRF_G_TOKEN = " $( grep "CSRF_G_TOKEN=" " $HTTP_HEADER " | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';' ) "
export _H2 = " Cookie: ${ CSRF_G_TOKEN } "
#CSRF_G_TOKEN="$(grep "CSRF_G_TOKEN=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'CSRF_G_TOKEN=[^;]*;' | tr -d ';') "
#export _H2="Cookie: ${CSRF_G_TOKEN} "
id = $( printf -- "%s" " $response " | sed -n " s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\" $mysubdomain \",\"type\":\"TXT\",\"content\":\" $txtvalue \",\"priority\":0,\"ttl\":600}.*/\1/p " )
id = $( printf -- "%s" " $response " | sed -n " s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\" $mysubdomain \",\"type\":\"TXT\",\"content\":\" $txtvalue \",\"priority\":0,\"ttl\":600}.*/\1/p " )
if [ -z " $id " ] ; then
if [ -z " $id " ] ; then
_err "Txt record not found."
_err "Txt record not found."
ACME_USE_WGET = $tmp_USE_WGET
return 1
return 1
fi
fi
@ -128,6 +169,8 @@ dns_one_rm() {
response = " $( echo " $response " | _normalizeJson) "
response = " $( echo " $response " | _normalizeJson) "
_debug response " $response "
_debug response " $response "
ACME_USE_WGET = $tmp_USE_WGET
if [ " $response " = '{"result":null,"metadata":null}' ] ; then
if [ " $response " = '{"result":null,"metadata":null}' ] ; then
_info "Removed, OK"
_info "Removed, OK"
return 0
return 0
@ -137,3 +180,31 @@ dns_one_rm() {
fi
fi
}
}
#_acme-challenge.www.domain.com
#returns
# _sub_domain=_acme-challenge.www
# _domain=domain.com
_get_root( ) {
domain = $1
i = 2
p = 1
while true; do
h = $( printf "%s" " $domain " | cut -d . -f $i -100)
if [ -z " $h " ] ; then
#not valid
return 1
fi
if [ " $( printf "%s" " $h " | tr '.' ' ' | wc -w) " = "2" ] ; then
_sub_domain = $( printf "%s" " $domain " | cut -d . -f 1-$p )
_domain = " $h "
return 0
fi
p = $i
i = $( _math " $i " + 1)
done
_err "Unable to parse this domain"
return 1
}