diff --git a/.travis.yml b/.travis.yml index f363dbe..7b68dfd 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,11 +1,21 @@ -language: bash +language: shell env: global: - SHFMT_URL=https://github.com/mvdan/sh/releases/download/v0.4.0/shfmt_v0.4.0_linux_amd64 +addons: + apt: + sources: + - debian-sid # Grab shellcheck from the Debian repo (o_O) + packages: + - shellcheck + script: - curl -sSL $SHFMT_URL -o ~/shfmt - chmod +x ~/shfmt - - ~/shfmt -l -w -i 2 . - - git diff --exit-code || (echo "Run shfmt to fix the formatting issues" && false) + - shellcheck -V + - shellcheck -e SC2021,SC2126,SC2034 **/*.sh && echo "shellcheck OK" + - ~/shfmt -l -w -i 2 . && echo "shfmt OK" || git diff --exit-code || (echo "Run shfmt to fix the formatting issues" && false) + + diff --git a/acme.sh b/acme.sh index e4c377d..c2f7663 100755 --- a/acme.sh +++ b/acme.sh @@ -1,6 +1,6 @@ #!/usr/bin/env sh -VER=2.6.4 +VER=2.6.5 PROJECT_NAME="acme.sh" @@ -27,7 +27,7 @@ STAGE_CA="https://acme-staging.api.letsencrypt.org" VTYPE_HTTP="http-01" VTYPE_DNS="dns-01" VTYPE_TLS="tls-sni-01" -VTYPE_TLS2="tls-sni-02" +#VTYPE_TLS2="tls-sni-02" LOCAL_ANY_ADDRESS="0.0.0.0" @@ -247,10 +247,10 @@ _exists() { _usage "Usage: _exists cmd" return 1 fi - if type command >/dev/null 2>&1; then + if command >/dev/null 2>&1; then command -v "$cmd" >/dev/null 2>&1 - else - type "$cmd" >/dev/null 2>&1 + elif which >/dev/null 2>&1; then + which "$cmd" >/dev/null 2>&1 fi ret="$?" _debug3 "$cmd exists=$ret" @@ -259,7 +259,8 @@ _exists() { #a + b _math() { - expr "$@" + _m_opts="$@" + printf "%s" "$(($_m_opts))" } _h_char_2_dec() { @@ -299,10 +300,7 @@ _h2b() { hex=$(cat) i=1 j=2 - if _exists let; then - uselet="1" - fi - _debug3 uselet "$uselet" + _debug3 _URGLY_PRINTF "$_URGLY_PRINTF" while true; do if [ -z "$_URGLY_PRINTF" ]; then @@ -310,7 +308,7 @@ _h2b() { if [ -z "$h" ]; then break fi - printf "\x$h" + printf "\x$h%s" else ic="$(printf "%s" "$hex" | cut -c $i)" jc="$(printf "%s" "$hex" | cut -c $j)" @@ -319,15 +317,12 @@ _h2b() { fi ic="$(_h_char_2_dec "$ic")" jc="$(_h_char_2_dec "$jc")" - printf '\'"$(printf "%o" "$(_math "$ic" \* 16 + $jc)")" - fi - if [ "$uselet" ]; then - let "i+=2" >/dev/null - let "j+=2" >/dev/null - else - i="$(_math "$i" + 2)" - j="$(_math "$j" + 2)" + printf '\'"$(printf "%o" "$(_math "$ic" \* 16 + $jc)")""%s" fi + + i="$(_math "$i" + 2)" + j="$(_math "$j" + 2)" + done } @@ -417,7 +412,7 @@ _digest() { outputhex="$2" - if [ "$alg" = "sha256" ] || [ "$alg" = "sha1" ]; then + if [ "$alg" = "sha256" ] || [ "$alg" = "sha1" ] || [ "$alg" = "md5" ]; then if [ "$outputhex" ]; then openssl dgst -"$alg" -hex | cut -d = -f 2 | tr -d ' ' else @@ -538,10 +533,10 @@ _createkey() { if _isEccKey "$length"; then _debug "Using ec name: $eccname" - openssl ecparam -name $eccname -genkey 2>/dev/null >"$f" + openssl ecparam -name "$eccname" -genkey 2>/dev/null >"$f" else _debug "Using RSA: $length" - openssl genrsa $length 2>/dev/null >"$f" + openssl genrsa "$length" 2>/dev/null >"$f" fi if [ "$?" != "0" ]; then @@ -554,7 +549,7 @@ _createkey() { _is_idn() { _is_idn_d="$1" _debug2 _is_idn_d "$_is_idn_d" - _idn_temp=$(printf "%s" "$_is_idn_d" | tr -d '[0-9]' | tr -d '[a-z]' | tr -d 'A-Z' | tr -d '.,-') + _idn_temp=$(printf "%s" "$_is_idn_d" | tr -d '[0-9]' | tr -d '[a-z]' | tr -d '[A-Z]' | tr -d '.,-') _debug2 _idn_temp "$_idn_temp" [ "$_idn_temp" ] } @@ -865,7 +860,8 @@ _time2str() { #Soaris if _exists adb; then - echo $(echo "0t${1}=Y" | adb) + _t_s_a=$(echo "0t${1}=Y" | adb) + echo "$_t_s_a" fi } @@ -2295,10 +2291,10 @@ _findHook() { _hookcat="$2" _hookname="$3" - if [ -f "$_SCRIPT_HOME/$_hookdomain/$_hookname" ]; then - d_api="$_SCRIPT_HOME/$_hookdomain/$_hookname" - elif [ -f "$_SCRIPT_HOME/$_hookdomain/$_hookname.sh" ]; then - d_api="$_SCRIPT_HOME/$_hookdomain/$_hookname.sh" + if [ -f "$_SCRIPT_HOME/$_hookcat/$_hookname" ]; then + d_api="$_SCRIPT_HOME/$_hookcat/$_hookname" + elif [ -f "$_SCRIPT_HOME/$_hookcat/$_hookname.sh" ]; then + d_api="$_SCRIPT_HOME/$_hookcat/$_hookname.sh" elif [ -f "$LE_WORKING_DIR/$_hookdomain/$_hookname" ]; then d_api="$LE_WORKING_DIR/$_hookdomain/$_hookname" elif [ -f "$LE_WORKING_DIR/$_hookdomain/$_hookname.sh" ]; then @@ -2324,7 +2320,7 @@ __get_domain_new_authz() { _Max_new_authz_retry_times=5 _authz_i=0 while [ "$_authz_i" -lt "$_Max_new_authz_retry_times" ]; do - _info "Try new-authz for the $_authz_i time." + _debug "Try new-authz for the $_authz_i time." if ! _send_signed_request "$API/acme/new-authz" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$(_idn "$_gdnd")\"}}"; then _err "Can not get domain new authz." return 1 @@ -2339,7 +2335,7 @@ __get_domain_new_authz() { done if [ "$_authz_i" = "$_Max_new_authz_retry_times" ]; then - _debug "new-authz retry reach the max $_Max_new_authz_retry_times times." + _err "new-authz retry reach the max $_Max_new_authz_retry_times times." fi if [ ! -z "$code" ] && [ ! "$code" = '201' ]; then @@ -3006,9 +3002,9 @@ renewAll() { _debug "_stopRenewOnError" "$_stopRenewOnError" _ret="0" - for d in "${CERT_HOME}"/*.*/; do - _debug d "$d" - d=$(basename "$d") + for di in "${CERT_HOME}"/*.*/; do + _debug di "$di" + d=$(basename "$di") _debug d "$d" ( if _endswith "$d" "$ECC_SUFFIX"; then @@ -3129,15 +3125,15 @@ list() { _sep="|" if [ "$_raw" ]; then printf "%s\n" "Main_Domain${_sep}KeyLength${_sep}SAN_Domains${_sep}Created${_sep}Renew" - for d in "${CERT_HOME}"/*.*/; do - d=$(basename "$d") + for di in "${CERT_HOME}"/*.*/; do + d=$(basename "$di") _debug d "$d" ( if _endswith "$d" "$ECC_SUFFIX"; then _isEcc=$(echo "$d" | cut -d "$ECC_SEP" -f 2) d=$(echo "$d" | cut -d "$ECC_SEP" -f 1) fi - _initpath $d "$_isEcc" + _initpath "$d" "$_isEcc" if [ -f "$DOMAIN_CONF" ]; then . "$DOMAIN_CONF" printf "%s\n" "$Le_Domain${_sep}\"$Le_Keylength\"${_sep}$Le_Alt${_sep}$Le_CertCreateTimeStr${_sep}$Le_NextRenewTimeStr" @@ -3163,13 +3159,13 @@ deploy() { return 1 fi - _initpath $Le_Domain "$_isEcc" + _initpath "$Le_Domain" "$_isEcc" if [ ! -d "$DOMAIN_PATH" ]; then _err "Domain is not valid:'$Le_Domain'" return 1 fi - _deployApi="$(_findHook $Le_Domain deploy $Le_DeployHook)" + _deployApi="$(_findHook "$Le_Domain" deploy "$Le_DeployHook")" if [ -z "$_deployApi" ]; then _err "The deploy hook $Le_DeployHook is not found." return 1 @@ -3179,18 +3175,18 @@ deploy() { _savedomainconf Le_DeployHook "$Le_DeployHook" if ! ( - if ! . $_deployApi; then + if ! . "$_deployApi"; then _err "Load file $_deployApi error. Please check your api file and try again." return 1 fi d_command="${Le_DeployHook}_deploy" - if ! _exists $d_command; then + if ! _exists "$d_command"; then _err "It seems that your api file is not correct, it must have a function named: $d_command" return 1 fi - if ! $d_command $Le_Domain "$CERT_KEY_PATH" "$CERT_PATH" "$CA_CERT_PATH" "$CERT_FULLCHAIN_PATH"; then + if ! $d_command "$Le_Domain" "$CERT_KEY_PATH" "$CERT_PATH" "$CA_CERT_PATH" "$CERT_FULLCHAIN_PATH"; then _err "Error deploy for domain:$Le_Domain" _on_issue_err return 1 @@ -3218,7 +3214,7 @@ installcert() { Le_RealFullChainPath="$6" _isEcc="$7" - _initpath $Le_Domain "$_isEcc" + _initpath "$Le_Domain" "$_isEcc" if [ ! -d "$DOMAIN_PATH" ]; then _err "Domain is not valid:'$Le_Domain'" return 1 @@ -3228,7 +3224,6 @@ installcert() { } _installcert() { - _savedomainconf "Le_RealCertPath" "$Le_RealCertPath" _savedomainconf "Le_RealCACertPath" "$Le_RealCACertPath" _savedomainconf "Le_RealKeyPath" "$Le_RealKeyPath" @@ -3251,9 +3246,8 @@ _installcert() { Le_RealFullChainPath="" fi - _installed="0" if [ "$Le_RealCertPath" ]; then - _installed=1 + _info "Installing cert to:$Le_RealCertPath" if [ -f "$Le_RealCertPath" ] && [ ! "$IS_RENEW" ]; then cp "$Le_RealCertPath" "$Le_RealCertPath".bak @@ -3262,7 +3256,7 @@ _installcert() { fi if [ "$Le_RealCACertPath" ]; then - _installed=1 + _info "Installing CA to:$Le_RealCACertPath" if [ "$Le_RealCACertPath" = "$Le_RealCertPath" ]; then echo "" >>"$Le_RealCACertPath" @@ -3276,7 +3270,7 @@ _installcert() { fi if [ "$Le_RealKeyPath" ]; then - _installed=1 + _info "Installing key to:$Le_RealKeyPath" if [ -f "$Le_RealKeyPath" ] && [ ! "$IS_RENEW" ]; then cp "$Le_RealKeyPath" "$Le_RealKeyPath".bak @@ -3285,7 +3279,7 @@ _installcert() { fi if [ "$Le_RealFullChainPath" ]; then - _installed=1 + _info "Installing full chain to:$Le_RealFullChainPath" if [ -f "$Le_RealFullChainPath" ] && [ ! "$IS_RENEW" ]; then cp "$Le_RealFullChainPath" "$Le_RealFullChainPath".bak @@ -3294,7 +3288,7 @@ _installcert() { fi if [ "$Le_ReloadCmd" ]; then - _installed=1 + _info "Run Le_ReloadCmd: $Le_ReloadCmd" if (cd "$DOMAIN_PATH" && eval "$Le_ReloadCmd"); then _info "$(__green "Reload success")" @@ -3370,7 +3364,7 @@ revoke() { _isEcc="$2" - _initpath $Le_Domain "$_isEcc" + _initpath "$Le_Domain" "$_isEcc" if [ ! -f "$DOMAIN_CONF" ]; then _err "$Le_Domain is not a issued domain, skip." return 1 @@ -3393,10 +3387,10 @@ revoke() { if [ -f "$CERT_KEY_PATH" ]; then _info "Try domain key first." - if _send_signed_request $uri "$data" "" "$CERT_KEY_PATH"; then + if _send_signed_request "$uri" "$data" "" "$CERT_KEY_PATH"; then if [ -z "$response" ]; then _info "Revoke success." - rm -f $CERT_PATH + rm -f "$CERT_PATH" return 0 else _err "Revoke error by domain key." @@ -3409,10 +3403,10 @@ revoke() { _info "Try account key." - if _send_signed_request $uri "$data" "" "$ACCOUNT_KEY_PATH"; then + if _send_signed_request "$uri" "$data" "" "$ACCOUNT_KEY_PATH"; then if [ -z "$response" ]; then _info "Revoke success." - rm -f $CERT_PATH + rm -f "$CERT_PATH" return 0 else _err "Revoke error." @@ -3456,11 +3450,11 @@ _deactivate() { fi _vtype="$(printf "%s\n" "$entry" | _egrep_o '"type": *"[^"]*"' | cut -d : -f 2 | tr -d '"')" - _debug _vtype $_vtype + _debug _vtype "$_vtype" _info "Found $_vtype" uri="$(printf "%s\n" "$entry" | _egrep_o '"uri":"[^"]*' | cut -d : -f 2,3 | tr -d '"')" - _debug uri $uri + _debug uri "$uri" if [ "$_d_type" ] && [ "$_d_type" != "$_vtype" ]; then _info "Skip $_vtype" @@ -3499,7 +3493,7 @@ deactivate() { if [ -z "$_d_dm" ] || [ "$_d_dm" = "$NO_VALUE" ]; then continue fi - if ! _deactivate "$_d_dm" $_d_type; then + if ! _deactivate "$_d_dm" "$_d_type"; then return 1 fi done @@ -3568,7 +3562,7 @@ _initconf() { #USER_AGENT=\"$USER_AGENT\" -#USER_PATH="" +#USER_PATH= #dns api ####################### @@ -4052,7 +4046,7 @@ _process() { _dnssleep="" _listraw="" _stopRenewOnError="" - _insecure="" + #_insecure="" _ca_bundle="" _nocron="" _ecc="" @@ -4327,7 +4321,7 @@ _process() { _stopRenewOnError="1" ;; --insecure) - _insecure="1" + #_insecure="1" HTTPS_INSECURE="1" ;; --ca-bundle) diff --git a/dnsapi/dns_cf.sh b/dnsapi/dns_cf.sh index 63acb28..cacb5b3 100755 --- a/dnsapi/dns_cf.sh +++ b/dnsapi/dns_cf.sh @@ -15,6 +15,8 @@ dns_cf_add() { txtvalue=$2 if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then + CF_Key="" + CF_Email="" _err "You don't specify cloudflare api key and email yet." _err "Please create you key and try again." return 1 @@ -25,7 +27,7 @@ dns_cf_add() { _saveaccountconf CF_Email "$CF_Email" _debug "First detect the root zone" - if ! _get_root $fulldomain; then + if ! _get_root "$fulldomain"; then _err "invalid domain" return 1 fi @@ -36,17 +38,17 @@ dns_cf_add() { _debug "Getting txt records" _cf_rest GET "zones/${_domain_id}/dns_records?type=TXT&name=$fulldomain" - if ! printf "$response" | grep \"success\":true >/dev/null; then + if ! printf "%s" "$response" | grep \"success\":true >/dev/null; then _err "Error" return 1 fi - count=$(printf "%s\n" "$response" | _egrep_o \"count\":[^,]* | cut -d : -f 2) + count=$(printf "%s\n" "$response" | _egrep_o "\"count\":[^,]*" | cut -d : -f 2) _debug count "$count" if [ "$count" = "0" ]; then _info "Adding record" if _cf_rest POST "zones/$_domain_id/dns_records" "{\"type\":\"TXT\",\"name\":\"$fulldomain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then - if printf -- "%s" "$response" | grep $fulldomain >/dev/null; then + if printf -- "%s" "$response" | grep "$fulldomain" >/dev/null; then _info "Added, sleeping 10 seconds" sleep 10 #todo: check if the record takes effect @@ -59,8 +61,8 @@ dns_cf_add() { _err "Add txt record error." else _info "Updating record" - record_id=$(printf "%s\n" "$response" | _egrep_o \"id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \" | head -n 1) - _debug "record_id" $record_id + record_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | head -n 1) + _debug "record_id" "$record_id" _cf_rest PUT "zones/$_domain_id/dns_records/$record_id" "{\"id\":\"$record_id\",\"type\":\"TXT\",\"name\":\"$fulldomain\",\"content\":\"$txtvalue\",\"zone_id\":\"$_domain_id\",\"zone_name\":\"$_domain\"}" if [ "$?" = "0" ]; then @@ -91,8 +93,8 @@ _get_root() { domain=$1 i=2 p=1 - while [ '1' ]; do - h=$(printf $domain | cut -d . -f $i-100) + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) if [ -z "$h" ]; then #not valid return 1 @@ -102,17 +104,17 @@ _get_root() { return 1 fi - if printf $response | grep \"name\":\"$h\" >/dev/null; then - _domain_id=$(printf "%s\n" "$response" | _egrep_o \"id\":\"[^\"]*\" | head -n 1 | cut -d : -f 2 | tr -d \") + if printf "%s" "$response" | grep "\"name\":\"$h\"" >/dev/null; then + _domain_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":\"[^\"]*\"" | head -n 1 | cut -d : -f 2 | tr -d \") if [ "$_domain_id" ]; then - _sub_domain=$(printf $domain | cut -d . -f 1-$p) + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) _domain=$h return 0 fi return 1 fi p=$i - i=$(expr $i + 1) + i=$(_math "$i" + 1) done return 1 } @@ -121,7 +123,7 @@ _cf_rest() { m=$1 ep="$2" data="$3" - _debug $ep + _debug "$ep" _H1="X-Auth-Email: $CF_Email" _H2="X-Auth-Key: $CF_Key" @@ -129,7 +131,7 @@ _cf_rest() { if [ "$data" ]; then _debug data "$data" - response="$(_post "$data" "$CF_Api/$ep" "" $m)" + response="$(_post "$data" "$CF_Api/$ep" "" "$m")" else response="$(_get "$CF_Api/$ep")" fi diff --git a/dnsapi/dns_cx.sh b/dnsapi/dns_cx.sh index 81eb896..0caf0c0 100755 --- a/dnsapi/dns_cx.sh +++ b/dnsapi/dns_cx.sh @@ -17,24 +17,26 @@ dns_cx_add() { txtvalue=$2 if [ -z "$CX_Key" ] || [ -z "$CX_Secret" ]; then + CX_Key="" + CX_Secret="" _err "You don't specify cloudxns.com api key or secret yet." _err "Please create you key and try again." return 1 fi - REST_API=$CX_Api + REST_API="$CX_Api" #save the api key and email to the account conf file. _saveaccountconf CX_Key "$CX_Key" _saveaccountconf CX_Secret "$CX_Secret" _debug "First detect the root zone" - if ! _get_root $fulldomain; then + if ! _get_root "$fulldomain"; then _err "invalid domain" return 1 fi - existing_records $_domain $_sub_domain + existing_records "$_domain" "$_sub_domain" _debug count "$count" if [ "$?" != "0" ]; then _err "Error get existing records." @@ -42,9 +44,9 @@ dns_cx_add() { fi if [ "$count" = "0" ]; then - add_record $_domain $_sub_domain $txtvalue + add_record "$_domain" "$_sub_domain" "$txtvalue" else - update_record $_domain $_sub_domain $txtvalue + update_record "$_domain" "$_sub_domain" "$txtvalue" fi if [ "$?" = "0" ]; then @@ -78,9 +80,9 @@ existing_records() { return 0 fi - if printf "$response" | grep '"type":"TXT"' >/dev/null; then + if printf "%s" "$response" | grep '"type":"TXT"' >/dev/null; then count=1 - record_id=$(printf "%s\n" "$seg" | _egrep_o \"record_id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \") + record_id=$(printf "%s\n" "$seg" | _egrep_o "\"record_id\":\"[^\"]*\"" | cut -d : -f 2 | tr -d \") _debug record_id "$record_id" return 0 fi @@ -93,7 +95,7 @@ add_record() { root=$1 sub=$2 txtvalue=$3 - fulldomain=$sub.$root + fulldomain="$sub.$root" _info "Adding record" @@ -110,7 +112,7 @@ update_record() { root=$1 sub=$2 txtvalue=$3 - fulldomain=$sub.$root + fulldomain="$sub.$root" _info "Updating record" @@ -136,30 +138,30 @@ _get_root() { return 1 fi - while [ '1' ]; do - h=$(printf $domain | cut -d . -f $i-100) + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) _debug h "$h" if [ -z "$h" ]; then #not valid return 1 fi - if printf "$response" | grep "$h." >/dev/null; then + if _contains "$response" "$h."; then seg=$(printf "%s" "$response" | _egrep_o "\{[^\{]*\"$h\.\"[^\}]*\}") _debug seg "$seg" - _domain_id=$(printf "%s" "$seg" | _egrep_o \"id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \") + _domain_id=$(printf "%s" "$seg" | _egrep_o "\"id\":\"[^\"]*\"" | cut -d : -f 2 | tr -d \") _debug _domain_id "$_domain_id" if [ "$_domain_id" ]; then - _sub_domain=$(printf $domain | cut -d . -f 1-$p) - _debug _sub_domain $_sub_domain - _domain=$h - _debug _domain $_domain + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _debug _sub_domain "$_sub_domain" + _domain="$h" + _debug _domain "$_domain" return 0 fi return 1 fi - p=$i - i=$(expr $i + 1) + p="$i" + i=$(_math "$i" + 1) done return 1 } @@ -168,7 +170,7 @@ _get_root() { _rest() { m=$1 ep="$2" - _debug $ep + _debug "$ep" url="$REST_API/$ep" _debug url "$url" @@ -180,7 +182,7 @@ _rest() { sec="$CX_Key$url$data$cdate$CX_Secret" _debug sec "$sec" - hmac=$(printf "$sec" | openssl md5 | cut -d " " -f 2) + hmac=$(printf "%s" "$sec" | _digest md5 hex) _debug hmac "$hmac" _H1="API-KEY: $CX_Key" @@ -189,7 +191,7 @@ _rest() { _H4="Content-Type: application/json" if [ "$data" ]; then - response="$(_post "$data" "$url" "" $m)" + response="$(_post "$data" "$url" "" "$m")" else response="$(_get "$url")" fi @@ -199,7 +201,7 @@ _rest() { return 1 fi _debug2 response "$response" - if ! printf "$response" | grep '"message":"success"' >/dev/null; then + if ! _contains "$response" '"message":"success"'; then return 1 fi return 0 diff --git a/dnsapi/dns_dp.sh b/dnsapi/dns_dp.sh index 8861bfc..aa06d5f 100755 --- a/dnsapi/dns_dp.sh +++ b/dnsapi/dns_dp.sh @@ -17,24 +17,26 @@ dns_dp_add() { txtvalue=$2 if [ -z "$DP_Id" ] || [ -z "$DP_Key" ]; then + DP_Id="" + DP_Key="" _err "You don't specify dnspod api key and key id yet." _err "Please create you key and try again." return 1 fi - REST_API=$DP_Api + REST_API="$DP_Api" #save the api key and email to the account conf file. _saveaccountconf DP_Id "$DP_Id" _saveaccountconf DP_Key "$DP_Key" _debug "First detect the root zone" - if ! _get_root $fulldomain; then + if ! _get_root "$fulldomain"; then _err "invalid domain" return 1 fi - existing_records $_domain $_sub_domain + existing_records "$_domain" "$_sub_domain" _debug count "$count" if [ "$?" != "0" ]; then _err "Error get existing records." @@ -42,9 +44,9 @@ dns_dp_add() { fi if [ "$count" = "0" ]; then - add_record $_domain $_sub_domain $txtvalue + add_record "$_domain" "$_sub_domain" "$txtvalue" else - update_record $_domain $_sub_domain $txtvalue + update_record "$_domain" "$_sub_domain" "$txtvalue" fi } @@ -67,14 +69,14 @@ existing_records() { return 1 fi - if printf "$response" | grep 'No records'; then + if _contains "$response" 'No records'; then count=0 return 0 fi - if printf "$response" | grep "Action completed successful" >/dev/null; then - count=$(printf "$response" | grep 'TXT' | wc -l) - record_id=$(printf "$response" | grep '^' | tail -1 | cut -d '>' -f 2 | cut -d '<' -f 1) + if _contains "$response" "Action completed successful"; then + count=$(printf "%s" "$response" | grep 'TXT' | wc -l) + record_id=$(printf "%s" "$response" | grep '^' | tail -1 | cut -d '>' -f 2 | cut -d '<' -f 1) return 0 else _err "get existing records error." @@ -90,7 +92,7 @@ add_record() { root=$1 sub=$2 txtvalue=$3 - fulldomain=$sub.$root + fulldomain="$sub.$root" _info "Adding record" @@ -98,7 +100,7 @@ add_record() { return 1 fi - if printf "$response" | grep "Action completed successful"; then + if _contains "$response" "Action completed successful"; then return 0 fi @@ -112,7 +114,7 @@ update_record() { root=$1 sub=$2 txtvalue=$3 - fulldomain=$sub.$root + fulldomain="$sub.$root" _info "Updating record" @@ -120,7 +122,7 @@ update_record() { return 1 fi - if printf "$response" | grep "Action completed successful"; then + if _contains "$response" "Action completed successful"; then return 0 fi @@ -138,8 +140,8 @@ _get_root() { domain=$1 i=2 p=1 - while [ '1' ]; do - h=$(printf $domain | cut -d . -f $i-100) + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) if [ -z "$h" ]; then #not valid return 1 @@ -149,20 +151,20 @@ _get_root() { return 1 fi - if printf "$response" | grep "Action completed successful" >/dev/null; then - _domain_id=$(printf "%s\n" "$response" | _egrep_o \"id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \") + if _contains "$response" "Action completed successful"; then + _domain_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":\"[^\"]*\"" | cut -d : -f 2 | tr -d \") _debug _domain_id "$_domain_id" if [ "$_domain_id" ]; then - _sub_domain=$(printf $domain | cut -d . -f 1-$p) - _debug _sub_domain $_sub_domain - _domain=$h - _debug _domain $_domain + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _debug _sub_domain "$_sub_domain" + _domain="$h" + _debug _domain "$_domain" return 0 fi return 1 fi - p=$i - i=$(expr $i + 1) + p="$i" + i=$(_math "$i" + 1) done return 1 } @@ -172,14 +174,14 @@ _rest() { m=$1 ep="$2" data="$3" - _debug $ep + _debug "$ep" url="$REST_API/$ep" _debug url "$url" if [ "$data" ]; then _debug2 data "$data" - response="$(_post $data "$url")" + response="$(_post "$data" "$url")" else response="$(_get "$url")" fi diff --git a/dnsapi/dns_gd.sh b/dnsapi/dns_gd.sh index 51ca8db..9470ed2 100755 --- a/dnsapi/dns_gd.sh +++ b/dnsapi/dns_gd.sh @@ -16,6 +16,8 @@ dns_gd_add() { txtvalue=$2 if [ -z "$GD_Key" ] || [ -z "$GD_Secret" ]; then + GD_Key="" + GD_Secret="" _err "You don't specify godaddy api key and secret yet." _err "Please create you key and try again." return 1 @@ -26,11 +28,11 @@ dns_gd_add() { _saveaccountconf GD_Secret "$GD_Secret" _debug "First detect the root zone" - if ! _get_root $fulldomain; then + if ! _get_root "$fulldomain"; then _err "invalid domain" return 1 fi - _debug _domain_id "$_domain_id" + _debug _sub_domain "$_sub_domain" _debug _domain "$_domain" @@ -62,13 +64,12 @@ dns_gd_rm() { #returns # _sub_domain=_acme-challenge.www # _domain=domain.com -# _domain_id=sdjkglgdfewsdfg _get_root() { domain=$1 i=2 p=1 - while [ '1' ]; do - h=$(printf $domain | cut -d . -f $i-100) + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) if [ -z "$h" ]; then #not valid return 1 @@ -78,15 +79,15 @@ _get_root() { return 1 fi - if printf "$response" | grep '"code":"NOT_FOUND"' >/dev/null; then + if _contains "$response" '"code":"NOT_FOUND"'; then _debug "$h not found" else - _sub_domain=$(printf $domain | cut -d . -f 1-$p) - _domain=$h + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _domain="$h" return 0 fi - p=$i - i=$(expr $i + 1) + p="$i" + i=$(_math "$i" + 1) done return 1 } @@ -95,14 +96,14 @@ _gd_rest() { m=$1 ep="$2" data="$3" - _debug $ep + _debug "$ep" _H1="Authorization: sso-key $GD_Key:$GD_Secret" _H2="Content-Type: application/json" if [ "$data" ]; then _debug data "$data" - response="$(_post "$data" "$GD_Api/$ep" "" $m)" + response="$(_post "$data" "$GD_Api/$ep" "" "$m")" else response="$(_get "$GD_Api/$ep")" fi diff --git a/dnsapi/dns_lexicon.sh b/dnsapi/dns_lexicon.sh index 847b999..4ab6564 100755 --- a/dnsapi/dns_lexicon.sh +++ b/dnsapi/dns_lexicon.sh @@ -14,14 +14,15 @@ dns_lexicon_add() { fulldomain=$1 txtvalue=$2 - domain=$(printf "$fulldomain" | cut -d . -f 2-999) + domain=$(printf "%s" "$fulldomain" | cut -d . -f 2-999) - if ! _exists $lexicon_cmd; then + if ! _exists "$lexicon_cmd"; then _err "Please install $lexicon_cmd first: $wiki" return 1 fi if [ -z "$PROVIDER" ]; then + PROVIDER="" _err "Please define env PROVIDER first: $wiki" return 1 fi @@ -29,39 +30,39 @@ dns_lexicon_add() { _savedomainconf PROVIDER "$PROVIDER" export PROVIDER - Lx_name=$(echo LEXICON_${PROVIDER}_USERNAME | tr [a-z] [A-Z]) - eval Lx_name_v="\$$Lx_name" + Lx_name=$(echo LEXICON_"${PROVIDER}"_USERNAME | tr '[a-z]' '[A-Z]') + Lx_name_v=$(eval echo \$"$Lx_name") _debug "$Lx_name" "$Lx_name_v" if [ "$Lx_name_v" ]; then - _saveaccountconf $Lx_name "$Lx_name_v" - export "$Lx_name" + _saveaccountconf "$Lx_name" "$Lx_name_v" + eval export "$Lx_name" fi - Lx_token=$(echo LEXICON_${PROVIDER}_TOKEN | tr [a-z] [A-Z]) - eval Lx_token_v="\$$Lx_token" + Lx_token=$(echo LEXICON_"${PROVIDER}"_TOKEN | tr '[a-z]' '[A-Z]') + Lx_token_v=$(eval echo \$"$Lx_token") _debug "$Lx_token" "$Lx_token_v" if [ "$Lx_token_v" ]; then - _saveaccountconf $Lx_token "$Lx_token_v" - export "$Lx_token" + _saveaccountconf "$Lx_token" "$Lx_token_v" + eval export "$Lx_token" fi - Lx_password=$(echo LEXICON_${PROVIDER}_PASSWORD | tr [a-z] [A-Z]) - eval Lx_password_v="\$$Lx_password" + Lx_password=$(echo LEXICON_"${PROVIDER}"_PASSWORD | tr '[a-z]' '[A-Z]') + Lx_password_v=$(eval echo \$"$Lx_password") _debug "$Lx_password" "$Lx_password_v" if [ "$Lx_password_v" ]; then - _saveaccountconf $Lx_password "$Lx_password_v" - export "$Lx_password" + _saveaccountconf "$Lx_password" "$Lx_password_v" + eval export "$Lx_password" fi - Lx_domaintoken=$(echo LEXICON_${PROVIDER}_DOMAINTOKEN | tr [a-z] [A-Z]) - eval Lx_domaintoken_v="\$$Lx_domaintoken" + Lx_domaintoken=$(echo LEXICON_"${PROVIDER}"_DOMAINTOKEN | tr '[a-z]' '[A-Z]') + Lx_domaintoken_v=$(eval echo \$"$Lx_domaintoken") _debug "$Lx_domaintoken" "$Lx_domaintoken_v" if [ "$Lx_domaintoken_v" ]; then - export "$Lx_domaintoken" - _saveaccountconf $Lx_domaintoken "$Lx_domaintoken_v" + eval export "$Lx_domaintoken" + _saveaccountconf "$Lx_domaintoken" "$Lx_domaintoken_v" fi - $lexicon_cmd "$PROVIDER" create ${domain} TXT --name="_acme-challenge.${domain}." --content="${txtvalue}" + $lexicon_cmd "$PROVIDER" create "${domain}" TXT --name="_acme-challenge.${domain}." --content="${txtvalue}" } diff --git a/dnsapi/dns_lua.sh b/dnsapi/dns_lua.sh index efd197c..2c7ec4b 100755 --- a/dnsapi/dns_lua.sh +++ b/dnsapi/dns_lua.sh @@ -8,7 +8,7 @@ #LUA_Email="user@luadns.net" LUA_Api="https://api.luadns.com/v1" -LUA_auth=$(printf $LUA_Email:$LUA_Key | _base64) +LUA_auth=$(printf "%s" "$LUA_Email:$LUA_Key" | _base64) ######## Public functions ##################### @@ -18,6 +18,8 @@ dns_lua_add() { txtvalue=$2 if [ -z "$LUA_Key" ] || [ -z "$LUA_Email" ]; then + LUA_Key="" + LUA_Email="" _err "You don't specify luadns api key and email yet." _err "Please create you key and try again." return 1 @@ -28,7 +30,7 @@ dns_lua_add() { _saveaccountconf LUA_Email "$LUA_Email" _debug "First detect the root zone" - if ! _get_root $fulldomain; then + if ! _get_root "$fulldomain"; then _err "invalid domain" return 1 fi @@ -39,17 +41,17 @@ dns_lua_add() { _debug "Getting txt records" _LUA_rest GET "zones/${_domain_id}/records" - if ! printf "$response" | grep \"id\": >/dev/null; then + if ! _contains "$response" "\"id\":"; then _err "Error" return 1 fi - count=$(printf "%s\n" "$response" | _egrep_o \"name\":\"$fulldomain\" | wc -l) + count=$(printf "%s\n" "$response" | _egrep_o "\"name\":\"$fulldomain\"" | wc -l) _debug count "$count" if [ "$count" = "0" ]; then _info "Adding record" if _LUA_rest POST "zones/$_domain_id/records" "{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"content\":\"$txtvalue\",\"ttl\":120}"; then - if printf -- "%s" "$response" | grep $fulldomain >/dev/null; then + if printf -- "%s" "$response" | grep "$fulldomain" >/dev/null; then _info "Added" #todo: check if the record takes effect return 0 @@ -61,8 +63,8 @@ dns_lua_add() { _err "Add txt record error." else _info "Updating record" - record_id=$(printf "%s\n" "$response" | _egrep_o \"id\":[^,]*,\"name\":\"$fulldomain.\",\"type\":\"TXT\" | cut -d: -f2 | cut -d, -f1) - _debug "record_id" $record_id + record_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[^,]*,\"name\":\"$fulldomain.\",\"type\":\"TXT\"" | cut -d: -f2 | cut -d, -f1) + _debug "record_id" "$record_id" _LUA_rest PUT "zones/$_domain_id/records/$record_id" "{\"id\":\"$record_id\",\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"content\":\"$txtvalue\",\"zone_id\":\"$_domain_id\",\"ttl\":120}" if [ "$?" = "0" ]; then @@ -95,24 +97,24 @@ _get_root() { if ! _LUA_rest GET "zones"; then return 1 fi - while [ '1' ]; do - h=$(printf $domain | cut -d . -f $i-100) + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) if [ -z "$h" ]; then #not valid return 1 fi - if printf $response | grep \"name\":\"$h\" >/dev/null; then - _domain_id=$(printf "%s\n" "$response" | _egrep_o \"id\":[^,]*,\"name\":\"$h\" | cut -d : -f 2 | cut -d , -f 1) + if _contains "$response" "\"name\":\"$h\""; then + _domain_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[^,]*,\"name\":\"$h\"" | cut -d : -f 2 | cut -d , -f 1) if [ "$_domain_id" ]; then - _sub_domain=$(printf $domain | cut -d . -f 1-$p) - _domain=$h + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _domain="$h" return 0 fi return 1 fi p=$i - i=$(expr $i + 1) + i=$(_math "$i" + 1) done return 1 } @@ -121,13 +123,13 @@ _LUA_rest() { m=$1 ep="$2" data="$3" - _debug $ep + _debug "$ep" _H1="Accept: application/json" _H2="Authorization: Basic $LUA_auth" if [ "$data" ]; then _debug data "$data" - response="$(_post "$data" "$LUA_Api/$ep" "" $m)" + response="$(_post "$data" "$LUA_Api/$ep" "" "$m")" else response="$(_get "$LUA_Api/$ep")" fi diff --git a/dnsapi/dns_me.sh b/dnsapi/dns_me.sh index abc1747..edd88d9 100755 --- a/dnsapi/dns_me.sh +++ b/dnsapi/dns_me.sh @@ -15,6 +15,8 @@ dns_me_add() { txtvalue=$2 if [ -z "$ME_Key" ] || [ -z "$ME_Secret" ]; then + ME_Key="" + ME_Secret="" _err "You didn't specify DNSMadeEasy api key and secret yet." _err "Please create you key and try again." return 1 @@ -25,7 +27,7 @@ dns_me_add() { _saveaccountconf ME_Secret "$ME_Secret" _debug "First detect the root zone" - if ! _get_root $fulldomain; then + if ! _get_root "$fulldomain"; then _err "invalid domain" return 1 fi @@ -36,12 +38,12 @@ dns_me_add() { _debug "Getting txt records" _me_rest GET "${_domain_id}/records?recordName=$_sub_domain&type=TXT" - if ! printf "$response" | grep \"totalRecords\": >/dev/null; then + if ! _contains "$response" "\"totalRecords\":"; then _err "Error" return 1 fi - count=$(printf "%s\n" "$response" | _egrep_o \"totalRecords\":[^,]* | cut -d : -f 2) + count=$(printf "%s\n" "$response" | _egrep_o "\"totalRecords\":[^,]*" | cut -d : -f 2) _debug count "$count" if [ "$count" = "0" ]; then _info "Adding record" @@ -58,8 +60,8 @@ dns_me_add() { _err "Add txt record error." else _info "Updating record" - record_id=$(printf "%s\n" "$response" | _egrep_o \"id\":[^,]* | cut -d : -f 2 | head -n 1) - _debug "record_id" $record_id + record_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[^,]*" | cut -d : -f 2 | head -n 1) + _debug "record_id" "$record_id" _me_rest PUT "$_domain_id/records/$record_id/" "{\"id\":\"$record_id\",\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"value\":\"$txtvalue\",\"gtdLocation\":\"DEFAULT\",\"ttl\":120}" if [ "$?" = "0" ]; then @@ -89,8 +91,8 @@ _get_root() { domain=$1 i=2 p=1 - while [ '1' ]; do - h=$(printf $domain | cut -d . -f $i-100) + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) if [ -z "$h" ]; then #not valid return 1 @@ -100,17 +102,17 @@ _get_root() { return 1 fi - if printf $response | grep \"name\":\"$h\" >/dev/null; then - _domain_id=$(printf "%s\n" "$response" | _egrep_o \"id\":[^,]* | head -n 1 | cut -d : -f 2) + if _contains "$response" "\"name\":\"$h\""; then + _domain_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[^,]*" | head -n 1 | cut -d : -f 2) if [ "$_domain_id" ]; then - _sub_domain=$(printf $domain | cut -d . -f 1-$p) - _domain=$h + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _domain="$h" return 0 fi return 1 fi p=$i - i=$(expr $i + 1) + i=$(_math "$i" + 1) done return 1 } @@ -119,10 +121,10 @@ _me_rest() { m=$1 ep="$2" data="$3" - _debug $ep + _debug "$ep" cdate=$(date -u +"%a, %d %b %Y %T %Z") - hmac=$(printf "$cdate" | _hmac sha1 "$ME_Secret" 1) + hmac=$(printf "%s" "$cdate" | _hmac sha1 "$ME_Secret" 1) _H1="x-dnsme-apiKey: $ME_Key" _H2="x-dnsme-requestDate: $cdate" @@ -130,7 +132,7 @@ _me_rest() { if [ "$data" ]; then _debug data "$data" - response="$(_post "$data" "$ME_Api/$ep" "" $m)" + response="$(_post "$data" "$ME_Api/$ep" "" "$m")" else response="$(_get "$ME_Api/$ep")" fi diff --git a/dnsapi/dns_ovh.sh b/dnsapi/dns_ovh.sh index 782c083..377b3de 100755 --- a/dnsapi/dns_ovh.sh +++ b/dnsapi/dns_ovh.sh @@ -86,6 +86,8 @@ dns_ovh_add() { txtvalue=$2 if [ -z "$OVH_AK" ] || [ -z "$OVH_AS" ]; then + OVH_AK="" + OVH_AS="" _err "You don't specify OVH application key and application secret yet." _err "Please create you key and try again." return 1 @@ -127,11 +129,11 @@ dns_ovh_add() { _info "Consumer key is ok." _debug "First detect the root zone" - if ! _get_root $fulldomain; then + if ! _get_root "$fulldomain"; then _err "invalid domain" return 1 fi - _debug _domain_id "$_domain_id" + _debug _sub_domain "$_sub_domain" _debug _domain "$_domain" @@ -157,7 +159,7 @@ dns_ovh_add() { _err "Can not get record id." return 1 fi - _debug "record_id" $record_id + _debug "record_id" "$record_id" if _ovh_rest PUT "domain/zone/$_domain/record/$record_id" "{\"target\":\"$txtvalue\",\"subDomain\":\"$_sub_domain\",\"ttl\":60}"; then if _contains "$response" "null"; then @@ -221,13 +223,12 @@ _ovh_authentication() { #returns # _sub_domain=_acme-challenge.www # _domain=domain.com -# _domain_id=sdjkglgdfewsdfg _get_root() { domain=$1 i=2 p=1 - while [ '1' ]; do - h=$(printf $domain | cut -d . -f $i-100) + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) if [ -z "$h" ]; then #not valid return 1 @@ -238,12 +239,12 @@ _get_root() { fi if ! _contains "$response" "This service does not exist" >/dev/null; then - _sub_domain=$(printf $domain | cut -d . -f 1-$p) - _domain=$h + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _domain="$h" return 0 fi p=$i - i=$(expr $i + 1) + i=$(_math "$i" + 1) done return 1 } @@ -261,7 +262,7 @@ _ovh_rest() { m=$1 ep="$2" data="$3" - _debug $ep + _debug "$ep" _ovh_url="$OVH_API/$ep" _debug2 _ovh_url "$_ovh_url" @@ -280,7 +281,7 @@ _ovh_rest() { _H5="Content-Type: application/json;charset=utf-8" if [ "$data" ] || [ "$m" = "POST" ] || [ "$m" = "PUT" ]; then _debug data "$data" - response="$(_post "$data" "$_ovh_url" "" $m)" + response="$(_post "$data" "$_ovh_url" "" "$m")" else response="$(_get "$_ovh_url")" fi diff --git a/dnsapi/dns_pdns.sh b/dnsapi/dns_pdns.sh index ec82bfe..5d6d99f 100755 --- a/dnsapi/dns_pdns.sh +++ b/dnsapi/dns_pdns.sh @@ -17,25 +17,28 @@ dns_pdns_add() { txtvalue=$2 if [ -z "$PDNS_Url" ]; then + PDNS_Url="" _err "You don't specify PowerDNS address." _err "Please set PDNS_Url and try again." return 1 fi if [ -z "$PDNS_ServerId" ]; then + PDNS_ServerId="" _err "You don't specify PowerDNS server id." _err "Please set you PDNS_ServerId and try again." return 1 fi if [ -z "$PDNS_Token" ]; then + PDNS_Token="" _err "You don't specify PowerDNS token." _err "Please create you PDNS_Token and try again." return 1 fi if [ -z "$PDNS_Ttl" ]; then - PDNS_Ttl=$DEFAULT_PDNS_TTL + PDNS_Ttl="$DEFAULT_PDNS_TTL" fi #save the api addr and key to the account conf file. @@ -48,7 +51,7 @@ dns_pdns_add() { fi _debug "First detect the root zone" - if ! _get_root $fulldomain; then + if ! _get_root "$fulldomain"; then _err "invalid domain" return 1 fi @@ -91,25 +94,23 @@ set_record() { _get_root() { domain=$1 i=1 - p=1 if _pdns_rest "GET" "/api/v1/servers/$PDNS_ServerId/zones"; then - _zones_response=$response + _zones_response="$response" fi - while [ '1' ]; do - h=$(printf $domain | cut -d . -f $i-100) + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) if [ -z "$h" ]; then return 1 fi - if printf "$_zones_response" | grep "\"name\": \"$h.\"" >/dev/null; then - _domain=$h + if _contains "$_zones_response" "\"name\": \"$h.\""; then + _domain="$h" return 0 fi - p=$i - i=$(expr $i + 1) + i=$(_math $i + 1) done _debug "$domain not found" return 1