yacloud/acme.sh
1
0
Fork 0
mirror of https://github.com/acmesh-official/acme.sh.git synced 2025-05-07 16:46:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow NSUPDATE_KEY to be inline string

Browse Source 
The nsupdate command allows keys to be passed directly as strings with the -y argument. Format for strings is hmac-hash_type:key_name:base64_encoded_key
This commit is contained in:
damium 2022-04-28 10:21:12 -07:00 committed by GitHub
parent c8c1c09189
commit 07ef388d84
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
dnsapi/dns_nsupdate.sh
View File

@ -11,6 +11,7 @@ dns_nsupdate_add() {
NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"
_nsupdate_cmd="nsupdate -k"
_checkKeyFile || return 1
# save the dns server and key to the account conf file.
@ -26,13 +27,13 @@ dns_nsupdate_add() {
[ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
[ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
if [ -z "${NSUPDATE_ZONE}" ]; then
nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
$_nsupdate_cmd "${NSUPDATE_KEY}" $nsdebug <<EOF
server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
update add ${fulldomain}. 60 in txt "${txtvalue}"
send
EOF
else
nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
$_nsupdate_cmd "${NSUPDATE_KEY}" $nsdebug <<EOF
server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
zone ${NSUPDATE_ZONE}.
update add ${fulldomain}. 60 in txt "${txtvalue}"
@ -56,6 +57,7 @@ dns_nsupdate_rm() {
NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"
_nsupdate_cmd="nsupdate -k"
_checkKeyFile || return 1
[ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost"
[ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53
@ -63,13 +65,13 @@ dns_nsupdate_rm() {
[ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
[ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
if [ -z "${NSUPDATE_ZONE}" ]; then
nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
$_nsupdate_cmd "${NSUPDATE_KEY}" $nsdebug <<EOF
server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
update delete ${fulldomain}. txt
send
EOF
else
nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
$_nsupdate_cmd "${NSUPDATE_KEY}" $nsdebug <<EOF
server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
zone ${NSUPDATE_ZONE}.
update delete ${fulldomain}. txt
@ -92,6 +94,11 @@ _checkKeyFile() {
return 1
fi
if [ ! -r "${NSUPDATE_KEY}" ]; then
#check for key as string
if [ -z "${NSUPDATE_KEY##hmac-*}" ]; then
_nsupdate_cmd="nsupdate -y"
return 0
fi
_err "key ${NSUPDATE_KEY} is unreadable"
return 1
fi