You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

362 lines
13 KiB

  1. #!/usr/bin/env sh
  2. #This file name is "dns_freedns.sh"
  3. #So, here must be a method dns_freedns_add()
  4. #Which will be called by acme.sh to add the txt record to your api system.
  5. #returns 0 means success, otherwise error.
  6. #
  7. #Author: David Kerr
  8. #Report Bugs here: https://github.com/dkerr64/acme.sh
  9. #
  10. ######## Public functions #####################
  11. # Export FreeDNS userid and password in following variables...
  12. # FREEDNS_User=username
  13. # FREEDNS_Password=password
  14. # login cookie is saved in acme account config file so userid / pw
  15. # need to be set only when changed.
  16. #Usage: dns_freedns_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  17. dns_freedns_add() {
  18. fulldomain="$1"
  19. txtvalue="$2"
  20. _info "Add TXT record using FreeDNS"
  21. _debug "fulldomain: $fulldomain"
  22. _debug "txtvalue: $txtvalue"
  23. if [ -z "$FREEDNS_User" ] || [ -z "$FREEDNS_Password" ]; then
  24. FREEDNS_User=""
  25. FREEDNS_Password=""
  26. if [ -z "$FREEDNS_COOKIE" ]; then
  27. _err "You did not specify the FreeDNS username and password yet."
  28. _err "Please export as FREEDNS_User / FREEDNS_Password and try again."
  29. return 1
  30. fi
  31. using_cached_cookies="true"
  32. else
  33. FREEDNS_COOKIE="$(_freedns_login "$FREEDNS_User" "$FREEDNS_Password")"
  34. if [ -z "$FREEDNS_COOKIE" ]; then
  35. return 1
  36. fi
  37. using_cached_cookies="false"
  38. fi
  39. _debug "FreeDNS login cookies: $FREEDNS_COOKIE (cached = $using_cached_cookies)"
  40. _saveaccountconf FREEDNS_COOKIE "$FREEDNS_COOKIE"
  41. # split our full domain name into two parts...
  42. i="$(echo "$fulldomain" | tr '.' ' ' | wc -w)"
  43. i="$(_math "$i" - 1)"
  44. top_domain="$(echo "$fulldomain" | cut -d. -f "$i"-100)"
  45. i="$(_math "$i" - 1)"
  46. sub_domain="$(echo "$fulldomain" | cut -d. -f -"$i")"
  47. _debug top_domain "$top_domain"
  48. _debug sub_domain "$sub_domain"
  49. # Sometimes FreeDNS does not return the subdomain page but rather
  50. # returns a page regarding becoming a premium member. This usually
  51. # happens after a period of inactivity. Immediately trying again
  52. # returns the correct subdomain page. So, we will try twice to
  53. # load the page and obtain our domain ID
  54. attempts=2
  55. while [ "$attempts" -gt "0" ]; do
  56. attempts="$(_math "$attempts" - 1)"
  57. htmlpage="$(_freedns_retrieve_subdomain_page "$FREEDNS_COOKIE")"
  58. if [ "$?" != "0" ]; then
  59. if [ "$using_cached_cookies" = "true" ]; then
  60. _err "Has your FreeDNS username and password changed? If so..."
  61. _err "Please export as FREEDNS_User / FREEDNS_Password and try again."
  62. fi
  63. return 1
  64. fi
  65. _debug2 htmlpage "$htmlpage"
  66. subdomain_csv="$(echo "$htmlpage" | tr -d "\n\r" | _egrep_o '<form .*</form>' | sed 's/<tr>/@<tr>/g' | tr '@' '\n' | grep edit.php | grep $top_domain)"
  67. _debug2 subdomain_csv "$subdomain_csv"
  68. # The above beauty ends with striping out rows that do not have an
  69. # href to edit.php and do not have the top domain we are looking for.
  70. # So all we should be left with is CSV of table of subdomains we are
  71. # interested in.
  72. # Now we have to read through this table and extract the data we need
  73. lines="$(echo "$subdomain_csv" | wc -l)"
  74. i=0
  75. found=0
  76. while [ "$i" -lt "$lines" ]; do
  77. i="$(_math "$i" + 1)"
  78. line="$(echo "$subdomain_csv" | sed -n ${i}p)"
  79. _debug2 line "$line"
  80. if [ $found = 0 ] && _contains "$line" "<td>$top_domain</td>"; then
  81. # this line will contain DNSdomainid for the top_domain
  82. DNSdomainid="$(echo "$line" | _egrep_o "edit_domain_id *= *.*>" | cut -d = -f 2 | cut -d '>' -f 1)"
  83. _debug2 DNSdomainid "$DNSdomainid"
  84. found=1
  85. else
  86. # lines contain DNS records for all subdomains
  87. DNSname="$(echo "$line" | _egrep_o 'edit.php.*</a>' | cut -d '>' -f 2 | cut -d '<' -f 1)"
  88. _debug2 DNSname "$DNSname"
  89. DNStype="$(echo "$line" | sed 's/<td/@<td/g' | tr '@' '\n' | sed -n '4p' | cut -d '>' -f 2 | cut -d '<' -f 1)"
  90. _debug2 DNStype "$DNStype"
  91. if [ "$DNSname" = "$fulldomain" ] && [ "$DNStype" = "TXT" ]; then
  92. DNSdataid="$(echo "$line" | _egrep_o 'data_id=.*' | cut -d = -f 2 | cut -d '>' -f 1)"
  93. # Now get current value for the TXT record. This method may
  94. # not produce accurate results as the value field is truncated
  95. # on this webpage. To get full value we would need to load
  96. # another page. However we don't really need this so long as
  97. # there is only one TXT record for the acme challenge subdomain.
  98. DNSvalue="$(echo "$line" | sed 's/<td/@<td/g' | tr '@' '\n' | sed -n '5p' | cut -d '>' -f 2 | cut -d '<' -f 1)"
  99. _debug2 DNSvalue "$DNSvalue"
  100. if [ $found != 0 ]; then
  101. break
  102. # we are breaking out of the loop at the first match of DNS name
  103. # and DNS type (if we are past finding the domainid). This assumes
  104. # that there is only ever one TXT record for the LetsEncrypt/acme
  105. # challenge subdomain. This seems to be a reasonable assumption
  106. # as the acme client deletes the TXT record on successful validation.
  107. fi
  108. else
  109. DNSname=""
  110. DNStype=""
  111. fi
  112. fi
  113. done
  114. _debug "DNSname: $DNSname DNStype: $DNStype DNSdomainid: $DNSdomainid DNSdataid: $DNSdataid"
  115. _debug "DNSvalue: $DNSvalue"
  116. if [ -z "$DNSdomainid" ]; then
  117. # If domain ID is empty then something went wrong (top level
  118. # domain not found at FreeDNS).
  119. if [ "$attempts" = "0" ]; then
  120. # exhausted maximum retry attempts
  121. _debug "$htmlpage"
  122. _debug "$subdomain_csv"
  123. _err "Domain $top_domain not found at FreeDNS"
  124. return 1
  125. fi
  126. else
  127. # break out of the 'retry' loop... we have found our domain ID
  128. break
  129. fi
  130. _info "Domain $top_domain not found at FreeDNS"
  131. _info "Retry loading subdomain page ($attempts attempts remaining)"
  132. done
  133. if [ -z "$DNSdataid" ]; then
  134. # If data ID is empty then specific subdomain does not exist yet, need
  135. # to create it this should always be the case as the acme client
  136. # deletes the entry after domain is validated.
  137. _freedns_add_txt_record "$FREEDNS_COOKIE" "$DNSdomainid" "$sub_domain" "$txtvalue"
  138. return $?
  139. else
  140. if [ "$txtvalue" = "$DNSvalue" ]; then
  141. # if value in TXT record matches value requested then DNS record
  142. # does not need to be updated. But...
  143. # Testing value match fails. Website is truncating the value field.
  144. # So for now we will always go down the else path. Though in theory
  145. # should never come here anyway as the acme client deletes
  146. # the TXT record on successful validation, so we should not even
  147. # have found a TXT record !!
  148. _info "No update necessary for $fulldomain at FreeDNS"
  149. return 0
  150. else
  151. # Delete the old TXT record (with the wrong value)
  152. if _freedns_delete_txt_record "$FREEDNS_COOKIE" "$DNSdataid"; then
  153. # And add in new TXT record with the value provided
  154. _freedns_add_txt_record "$FREEDNS_COOKIE" "$DNSdomainid" "$sub_domain" "$txtvalue"
  155. fi
  156. return $?
  157. fi
  158. fi
  159. return 0
  160. }
  161. #Usage: fulldomain txtvalue
  162. #Remove the txt record after validation.
  163. dns_freedns_rm() {
  164. fulldomain="$1"
  165. txtvalue="$2"
  166. _info "Delete TXT record using FreeDNS"
  167. _debug "fulldomain: $fulldomain"
  168. _debug "txtvalue: $txtvalue"
  169. # Need to read cookie from conf file again in case new value set
  170. # during login to FreeDNS when TXT record was created.
  171. # acme.sh does not have a _readaccountconf() function
  172. FREEDNS_COOKIE="$(_read_conf "$ACCOUNT_CONF_PATH" "FREEDNS_COOKIE")"
  173. _debug "FreeDNS login cookies: $FREEDNS_COOKIE"
  174. # Sometimes FreeDNS does not return the subdomain page but rather
  175. # returns a page regarding becoming a premium member. This usually
  176. # happens after a period of inactivity. Immediately trying again
  177. # returns the correct subdomain page. So, we will try twice to
  178. # load the page and obtain our TXT record.
  179. attempts=2
  180. while [ "$attempts" -gt "0" ]; do
  181. attempts="$(_math "$attempts" - 1)"
  182. htmlpage="$(_freedns_retrieve_subdomain_page "$FREEDNS_COOKIE")"
  183. if [ "$?" != "0" ]; then
  184. return 1
  185. fi
  186. subdomain_csv="$(echo "$htmlpage" | tr -d "\n\r" | _egrep_o '<form .*</form>' | sed 's/<tr>/@<tr>/g' | tr '@' '\n' | grep edit.php | grep $fulldomain)"
  187. _debug2 subdomain_csv "$subdomain_csv"
  188. # The above beauty ends with striping out rows that do not have an
  189. # href to edit.php and do not have the domain name we are looking for.
  190. # So all we should be left with is CSV of table of subdomains we are
  191. # interested in.
  192. # Now we have to read through this table and extract the data we need
  193. lines="$(echo "$subdomain_csv" | wc -l)"
  194. i=0
  195. found=0
  196. while [ "$i" -lt "$lines" ]; do
  197. i="$(_math "$i" + 1)"
  198. line="$(echo "$subdomain_csv" | sed -n ${i}p)"
  199. _debug2 line "$line"
  200. DNSname="$(echo "$line" | _egrep_o 'edit.php.*</a>' | cut -d '>' -f 2 | cut -d '<' -f 1)"
  201. _debug2 DNSname "$DNSname"
  202. DNStype="$(echo "$line" | sed 's/<td/@<td/g' | tr '@' '\n' | sed -n '4p' | cut -d '>' -f 2 | cut -d '<' -f 1)"
  203. _debug2 DNStype "$DNStype"
  204. if [ "$DNSname" = "$fulldomain" ] && [ "$DNStype" = "TXT" ]; then
  205. DNSdataid="$(echo "$line" | _egrep_o 'data_id=.*' | cut -d = -f 2 | cut -d '>' -f 1)"
  206. _debug2 DNSdataid "$DNSdataid"
  207. DNSvalue="$(echo "$line" | sed 's/<td/@<td/g' | tr '@' '\n' | sed -n '5p' | cut -d '>' -f 2 | cut -d '<' -f 1)"
  208. _debug2 DNSvalue "$DNSvalue"
  209. # if [ "$DNSvalue" = "$txtvalue" ]; then
  210. # Testing value match fails. Website is truncating the value
  211. # field. So for now we will assume that there is only one TXT
  212. # field for the sub domain and just delete it. Currently this
  213. # is a safe assumption.
  214. _freedns_delete_txt_record "$FREEDNS_COOKIE" "$DNSdataid"
  215. return $?
  216. # fi
  217. fi
  218. done
  219. done
  220. # If we get this far we did not find a match (after two attempts)
  221. # Not necessarily an error, but log anyway.
  222. _debug2 "$subdomain_csv"
  223. _info "Cannot delete TXT record for $fulldomain/$txtvalue. Does not exist at FreeDNS"
  224. return 0
  225. }
  226. #################### Private functions below ##################################
  227. # usage: _freedns_login username password
  228. # print string "cookie=value" etc.
  229. # returns 0 success
  230. _freedns_login() {
  231. export _H1="Accept-Language:en-US"
  232. username="$1"
  233. password="$2"
  234. url="https://freedns.afraid.org/zc.php?step=2"
  235. _debug "Login to FreeDNS as user $username"
  236. htmlpage="$(_post "username=$(printf '%s' "$username" | _url_encode)&password=$(printf '%s' "$password" | _url_encode)&submit=Login&action=auth" "$url")"
  237. if [ "$?" != "0" ]; then
  238. _err "FreeDNS login failed for user $username bad RC from _post"
  239. return 1
  240. fi
  241. cookies="$(grep -i '^Set-Cookie.*dns_cookie.*$' "$HTTP_HEADER" | _head_n 1 | tr -d "\r\n" | cut -d " " -f 2)"
  242. # if cookies is not empty then logon successful
  243. if [ -z "$cookies" ]; then
  244. _debug "$htmlpage"
  245. _err "FreeDNS login failed for user $username. Check $HTTP_HEADER file"
  246. return 1
  247. fi
  248. printf "%s" "$cookies"
  249. return 0
  250. }
  251. # usage _freedns_retrieve_subdomain_page login_cookies
  252. # echo page retrieved (html)
  253. # returns 0 success
  254. _freedns_retrieve_subdomain_page() {
  255. export _H1="Cookie:$1"
  256. export _H2="Accept-Language:en-US"
  257. url="https://freedns.afraid.org/subdomain/"
  258. _debug "Retrieve subdomain page from FreeDNS"
  259. htmlpage="$(_get "$url")"
  260. if [ "$?" != "0" ]; then
  261. _err "FreeDNS retrieve subdomains failed bad RC from _get"
  262. return 1
  263. elif [ -z "$htmlpage" ]; then
  264. _err "FreeDNS returned empty subdomain page"
  265. return 1
  266. fi
  267. _debug2 "$htmlpage"
  268. printf "%s" "$htmlpage"
  269. return 0
  270. }
  271. # usage _freedns_add_txt_record login_cookies domain_id subdomain value
  272. # returns 0 success
  273. _freedns_add_txt_record() {
  274. export _H1="Cookie:$1"
  275. export _H2="Accept-Language:en-US"
  276. domain_id="$2"
  277. subdomain="$3"
  278. value="$(printf '%s' "$4" | _url_encode)"
  279. url="http://freedns.afraid.org/subdomain/save.php?step=2"
  280. htmlpage="$(_post "type=TXT&domain_id=$domain_id&subdomain=$subdomain&address=%22$value%22&send=Save%21" "$url")"
  281. if [ "$?" != "0" ]; then
  282. _err "FreeDNS failed to add TXT record for $subdomain bad RC from _post"
  283. return 1
  284. elif ! grep "200 OK" "$HTTP_HEADER" >/dev/null; then
  285. _debug "$htmlpage"
  286. _err "FreeDNS failed to add TXT record for $subdomain. Check $HTTP_HEADER file"
  287. return 1
  288. elif _contains "$htmlpage" "security code was incorrect"; then
  289. _debug "$htmlpage"
  290. _err "FreeDNS failed to add TXT record for $subdomain as FreeDNS requested security code"
  291. _err "Note that you cannot use automatic DNS validation for FreeDNS public domains"
  292. return 1
  293. fi
  294. _debug2 "$htmlpage"
  295. _info "Added acme challenge TXT record for $fulldomain at FreeDNS"
  296. return 0
  297. }
  298. # usage _freedns_delete_txt_record login_cookies data_id
  299. # returns 0 success
  300. _freedns_delete_txt_record() {
  301. export _H1="Cookie:$1"
  302. export _H2="Accept-Language:en-US"
  303. data_id="$2"
  304. url="https://freedns.afraid.org/subdomain/delete2.php"
  305. htmlheader="$(_get "$url?data_id%5B%5D=$data_id&submit=delete+selected" "onlyheader")"
  306. if [ "$?" != "0" ]; then
  307. _err "FreeDNS failed to delete TXT record for $data_id bad RC from _get"
  308. return 1
  309. elif ! _contains "$htmlheader" "200 OK"; then
  310. _debug "$htmlheader"
  311. _err "FreeDNS failed to delete TXT record $data_id"
  312. return 1
  313. fi
  314. _info "Deleted acme challenge TXT record for $fulldomain at FreeDNS"
  315. return 0
  316. }