mirror of
https://github.com/acmesh-official/acme.sh.git
synced 2025-05-05 15:42:45 +00:00
193 lines
4.2 KiB
Bash
193 lines
4.2 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
Ali_API='https://alidns.aliyuncs.com/'
|
|
|
|
#Usage: dns_ali_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
|
dns_ali_add() {
|
|
fulldomain=$1
|
|
txtvalue=$2
|
|
|
|
if [ -z "$Ali_Key" ] || [ -z "$Ali_Secret" ]; then
|
|
Ali_Key=""
|
|
Ali_Secret=""
|
|
_err "You don't specify aliyun api key and secret yet."
|
|
return 1
|
|
fi
|
|
|
|
#save the api key and secret to the account conf file.
|
|
_saveaccountconf Ali_Key "$Ali_Key"
|
|
_saveaccountconf Ali_Secret "$Ali_Secret"
|
|
|
|
_debug "First detect the root zone"
|
|
if ! _get_root "$fulldomain"; then
|
|
return 1
|
|
fi
|
|
|
|
_check_exist_query "$_domain" "$_sub_domain"
|
|
|
|
_rest
|
|
|
|
record_id=$(_process_check_result)
|
|
|
|
if [ $record_id == 0 ]; then
|
|
#Add
|
|
_add_record_query "$_domain" "$_sub_domain" "$txtvalue"
|
|
else
|
|
#Update
|
|
_update_record_query "$record_id" "$_sub_domain" "$txtvalue"
|
|
fi
|
|
|
|
_rest
|
|
|
|
echo $response
|
|
|
|
return 0
|
|
}
|
|
|
|
|
|
dns_ali_rm() {
|
|
fulldomain=$1
|
|
}
|
|
|
|
#################### Private functions bellow ##################################
|
|
|
|
_get_root() {
|
|
domain=$1
|
|
i=2
|
|
p=1
|
|
while true; do
|
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
|
if [ -z "$h" ]; then
|
|
#not valid
|
|
return 1
|
|
fi
|
|
|
|
_describe_records_query $h
|
|
if ! _rest; then
|
|
return 1
|
|
fi
|
|
|
|
if _contains "$response" "PageNumber"; then
|
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
|
_debug _sub_domain "$_sub_domain"
|
|
_domain="$h"
|
|
_debug _domain "$_domain"
|
|
return 0
|
|
fi
|
|
p="$i"
|
|
i=$(_math "$i" + 1)
|
|
done
|
|
return 1
|
|
}
|
|
|
|
_rest() {
|
|
signature=$(_sign $query)
|
|
signature=$(_urlencode $signature)
|
|
url= ${Ali_API}?${query}'&Signature='$signature
|
|
|
|
response="$(_get "$url")"
|
|
|
|
if [ "$?" != "0" ]; then
|
|
_err "error!"
|
|
return 1
|
|
fi
|
|
_debug2 response "$response"
|
|
return 0
|
|
}
|
|
|
|
_urlencode() {
|
|
python -c "import sys, urllib as ul;print ul.quote_plus('$1')"
|
|
}
|
|
|
|
|
|
_check_exist_query() {
|
|
query=''
|
|
query=$query'AccessKeyId='$Ali_Key
|
|
query=$query'&Action=DescribeDomainRecords'
|
|
query=$query'&DomainName='$1
|
|
query=$query'&Format=json'
|
|
query=$query'&RRKeyWord='$2
|
|
query=$query'&SignatureMethod=HMAC-SHA1'
|
|
query=$query'&SignatureNonce='$RANDOM
|
|
query=$query'&SignatureVersion=1.0'
|
|
query=$query'&Timestamp='$(_time)
|
|
query=$query'&TypeKeyWord=TXT'
|
|
query=$query'&Version=2015-01-09'
|
|
}
|
|
|
|
_add_record_query() {
|
|
query=''
|
|
query=$query'AccessKeyId='$Ali_Key
|
|
query=$query'&Action=AddDomainRecord'
|
|
query=$query'&DomainName='$1
|
|
query=$query'&Format=json'
|
|
query=$query'&RR='$2
|
|
query=$query'&SignatureMethod=HMAC-SHA1'
|
|
query=$query'&SignatureNonce='$RANDOM
|
|
query=$query'&SignatureVersion=1.0'
|
|
query=$query'&Timestamp='$(_time)
|
|
query=$query'&Type=TXT'
|
|
query=$query'&Value='$3
|
|
query=$query'&Version=2015-01-09'
|
|
}
|
|
|
|
_update_record_query() {
|
|
query=''
|
|
query=$query'AccessKeyId='$Ali_Key
|
|
query=$query'&Action=UpdateDomainRecord'
|
|
query=$query'&Format=json'
|
|
query=$query'&RecordId='$1
|
|
query=$query'&RR='$2
|
|
query=$query'&SignatureMethod=HMAC-SHA1'
|
|
query=$query'&SignatureNonce='$RANDOM
|
|
query=$query'&SignatureVersion=1.0'
|
|
query=$query'&Timestamp='$(_time)
|
|
query=$query'&Type=TXT'
|
|
query=$query'&Value='$3
|
|
query=$query'&Version=2015-01-09'
|
|
}
|
|
|
|
_describe_records_query() {
|
|
query=''
|
|
query=$query'AccessKeyId='$Ali_Key
|
|
query=$query'&Action=DescribeDomainRecords'
|
|
query=$query'&DomainName='$1
|
|
query=$query'&Format=json'
|
|
query=$query'&SignatureMethod=HMAC-SHA1'
|
|
query=$query'&SignatureNonce='$RANDOM
|
|
query=$query'&SignatureVersion=1.0'
|
|
query=$query'&Timestamp='$(_time)
|
|
query=$query'&Version=2015-01-09'
|
|
}
|
|
|
|
_time() {
|
|
zone=$(date +%Z)
|
|
sec=$(date +%s)
|
|
t=$(date -d "1970-01-01 $zone $sec sec" +%Y-%m-%dT%H:%M:%SZ)
|
|
t=$(_urlencode $t)
|
|
echo $t
|
|
}
|
|
|
|
_sign() {
|
|
StringToSign='GET&'$(_urlencode '/')'&'
|
|
StringToSign=$StringToSign$(_urlencode $1)
|
|
echo -n $StringToSign | openssl sha1 -hmac $Ali_Secret'&' -binary | openssl base64
|
|
}
|
|
|
|
_process_check_result() {
|
|
python -c \
|
|
"
|
|
import json;
|
|
result=json.loads('$response');
|
|
if result.has_key('Message'):
|
|
print(result['Message']);
|
|
quit(1);
|
|
records=result['DomainRecords']['Record'];
|
|
for r in result['DomainRecords']['Record']:
|
|
if r['RR'] == '_acme-challenge.passport':
|
|
print(r['RecordId']);
|
|
quit();
|
|
print(0);
|
|
"
|
|
}
|