4149 Commits

Author SHA1 Message Date
Avi Miller
a41cf825e7 fix: switch to using functions instead of calling OpenSSL directly
Also reduced the number of environment variables which simplifies
the documentation and requirements. The variable names now match
those used by the OCI CLI.

Signed-off-by: Avi Miller <avi.miller@oracle.com>
2021-08-10 09:30:05 +02:00
Avi Miller
eee5341988 Add DNS API plugin for Oracle Cloud Infrastructure DNS Service
This plugin is has noticeably more required fields than most
other plugins due to the requirement that all requests to
the OCI REST API must be cryptographically signed by the client
using the draft standard proposed in draft-cavage-http-signatures-08[1].

The OCI specific implementation details of the draft standard are
documented in the Developer Guide[2].

NOTE: there is maximum allowed clock skew of five minutes between the
client and the API endpoint. Requests will be denied if the skew is
greater.

This PR also includes a minor tweak to the Solaris job in the DNS
workflow so that it uses the pre-installed GNU tools, curl and OpenSSL 1.1.1.
Without these changes, the signature generation function does not
work on Solaris.

[1]: https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures-08
[2]: https://docs.oracle.com/en-us/iaas/Content/API/Concepts/signingrequests.htm#five

Signed-off-by: Avi Miller <avi.miller@oracle.com>
2021-08-10 09:30:05 +02:00
neilpang
e3ae12c7a7 exclude test for dns api changes 2021-08-10 09:30:05 +02:00
neilpang
6e05ad4e71 fix https://github.com/acmesh-official/acme.sh/issues/3563 2021-08-10 09:30:05 +02:00
Peter Dave Hello
941a94587c Use COPY instead of ADD in Dockerfile for folder
Ref:
https://docs.docker.com/develop/develop-images/#add-or-copy
2021-08-10 09:30:05 +02:00
Peter Dave Hello
ed5e93f5a1 Simplify apk command in Dockerfile
With apk `--no-cache` parameter, there is no need to run `apk update`
and manually clean up the cache, apk will update automatically without
leaving local cache files to be cleaned up.
2021-08-10 09:30:05 +02:00
Peter Dave Hello
91d26f6037 Remove invalid "Contribute" link in README.md 2021-08-10 09:30:05 +02:00
neilpang
47bf8f959c update status 2021-08-10 09:30:05 +02:00
neilpang
e938a2cdc9 fix 2021-08-10 09:30:05 +02:00
neilpang
cd00f00eed add all Linux 2021-08-10 09:30:05 +02:00
neilpang
20b60eaa9a fix for solaris 2021-08-10 09:30:05 +02:00
neilpang
eec0442db6 fix env 2021-08-10 09:30:05 +02:00
neilpang
c701bf3e37 set ca names in the env 2021-08-10 09:30:05 +02:00
neilpang
838bf2684b fix windows 2021-08-10 09:30:05 +02:00
neilpang
f31c7e5350 add zerossl 2021-08-10 09:30:05 +02:00
neilpang
4b7ce1c3c1 change default ca to zerossl 2021-08-10 09:30:05 +02:00
Marcus Grando
d18ffdb675 Added Azion DNS API 2021-08-10 09:30:05 +02:00
neil
0ce63c79fc fix bug 2021-08-10 09:29:15 +02:00
Christophe B Billheimer
dd805d6850 fix dns_1984hosting_add() so checks for HTML responses are actually find HTML responses 2021-08-10 09:29:15 +02:00
Stéphane Parunakian
f24601bef7 Fix typo 2021-08-10 09:29:15 +02:00
neil
d419112ff8 start 3.0.0 2021-08-10 09:29:15 +02:00
neil
3580cdc87f fix bug 2021-08-10 09:29:15 +02:00
neil
3315c71947 add debug info 2021-08-10 09:29:15 +02:00
Roman Zabaluev
c3099e7ac7 Fix porkbun issues
See gh-3450
2021-08-10 09:29:15 +02:00
neil
3512b15bad add error message 2021-08-10 09:29:15 +02:00
neil
bcd2dab4a3 check initAPI error 2021-08-10 09:29:15 +02:00
Christophe B Billheimer
f0b9532f07 change "$url" -> $url so the value of $url gets passed by reference, and the string "$url" does not erroneously get passed as a variable into _post() 2021-08-10 09:29:15 +02:00
neil
95036e346e upgrade cf-tunnel 2021-08-10 09:29:15 +02:00
Brian Hartvigsen
4cc4f5e907 shellcheck cleanup
shellcheck sees '\\' as trying to escape the trailing quote (see
koalaman/shellcheck#1548 ).
2021-08-10 09:29:15 +02:00
Brian Hartvigsen
1dff1c3cc7 Make certificate descriptions sed safe
This escapes special characters used in POSIX sed to prevent mismatches.
e.g. `SYNO_Certficiate=*.example.com` would not match a description of
"*.example.com" and would look to match any number of double quotes (the
last character in the sed regex prior to certificate description),
followed by any single character, followed by "example", followed by any
character, followed by "com".

After this change, it will properly match `*.example.com` and not
`""zexamplefcom`.

Additionally we now store the certificate description as base64 encoded
to prevent issues with single quotes.

Tested on DSM 7.0-41222 (VDSM) and DSM 6.2.4-25556 (DS1515+).
2021-08-10 09:29:15 +02:00
neilpang
ac73e78554 add debug info 2021-08-10 09:29:15 +02:00
neil
4687e4d8fc remove ngrok token 2021-08-10 09:29:15 +02:00
neil
2cd7fc40b6 use cloudflare tunnel to test 2021-08-10 09:29:15 +02:00
neil
dfdca2f94f fix format 2021-08-10 09:29:15 +02:00
neil
67917940d8 remove ACME v1 support 2021-08-10 09:29:15 +02:00
Brian Hartvigsen
2d5597c534 Better fix for Synology DSM setting wrong default
As noted by @buxm, previous fix didn't work for all versions of DSM 6.
The better fix appears to be simply not outputting the "as_default"
parameter unless we are doing something with the default certificate.
2021-08-10 09:29:15 +02:00
Will Browning
bbe338db74 Remove DEDYN_NAME variable from dns_desec.sh 2021-08-10 09:29:15 +02:00
neilpang
484c3293c9 minor 2021-08-10 09:29:15 +02:00
neilpang
f6d190d15e fix https://github.com/acmesh-official/acme.sh/issues/3504
check invalid status first.
2021-08-10 09:29:15 +02:00
tyahin
0dc619ecdc deploy gcore_cdn fix syntax 2021-08-10 09:29:15 +02:00
tyahin
5838ee221b deploy gcore_cdn fix api 2021-08-10 09:29:15 +02:00
tyahin
929d7bbd1d deploy gcore_cdn fix auth 2021-08-10 09:29:15 +02:00
neilpang
65c0db2158 fix https://github.com/acmesh-official/acme.sh/issues/3504 2021-08-10 09:29:15 +02:00
neilpang
2824db2758 start 2.9.0 2021-08-10 09:29:15 +02:00
neil
514e3de871 minor 2021-08-10 09:29:15 +02:00
neil
5a9ff82287 fix nginx relative path issue:
https://github.com/acmesh-official/acme.sh/issues/1743
https://github.com/acmesh-official/acme.sh/issues/1914
2021-08-10 09:29:15 +02:00
neil
4bd0872322 minor 2021-08-10 09:29:15 +02:00
neil
cd06f8478f fix https://github.com/acmesh-official/acme.sh/issues/3487
suppor Ali doh and dnspod doh.
2021-08-10 09:29:15 +02:00
Brian Hartvigsen
12558414d4 FIX: Synology sets "default" on wrong certificate
For some DSM installs, it appears that setting the "default" flag to the
string "false" actually sets it to true.  This causes Synology to set
the last updated certificate to be the default certificate.  Using an
empty string appears to still be accepted as a false-y value for DSMs
where this isn't happening and corrects the behavior in the cases that
it was.

Credit to @Run-King for identifying the fix and @buxm for reporting.
2021-08-10 09:29:15 +02:00
neil
dc1526130f fix https://github.com/acmesh-official/acme.sh/issues/3421 2021-08-10 09:29:15 +02:00