Commit Graph

4186 Commits

Author SHA1 Message Date
Avi Miller
946c8b498a
feat: enable automatic configuration from an OCI configuration file
The individual parameters can still be overridden via the
corresponding OCI_CLI environment variable.

Signed-off-by: Avi Miller <avi.miller@oracle.com>
2021-06-20 09:10:24 +10:00
Avi Miller
ed971df93a
fix: add missing else/return 1 to if block
Signed-off-by: Avi Miller <avi.miller@oracle.com>
2021-06-19 15:41:34 +10:00
Avi Miller
017a10189c
fix: switch to using functions instead of calling OpenSSL directly
Also reduced the number of environment variables which simplifies
the documentation and requirements. The variable names now match
those used by the OCI CLI.

Signed-off-by: Avi Miller <avi.miller@oracle.com>
2021-06-18 12:00:42 +10:00
Avi Miller
6f88c81616
Add DNS API plugin for Oracle Cloud Infrastructure DNS Service
This plugin is has noticeably more required fields than most
other plugins due to the requirement that all requests to
the OCI REST API must be cryptographically signed by the client
using the draft standard proposed in draft-cavage-http-signatures-08[1].

The OCI specific implementation details of the draft standard are
documented in the Developer Guide[2].

NOTE: there is maximum allowed clock skew of five minutes between the
client and the API endpoint. Requests will be denied if the skew is
greater.

This PR also includes a minor tweak to the Solaris job in the DNS
workflow so that it uses the pre-installed GNU tools, curl and OpenSSL 1.1.1.
Without these changes, the signature generation function does not
work on Solaris.

[1]: https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures-08
[2]: https://docs.oracle.com/en-us/iaas/Content/API/Concepts/signingrequests.htm#five

Signed-off-by: Avi Miller <avi.miller@oracle.com>
2021-06-05 21:55:40 +10:00
neil
43cb230f19
Merge pull request #3535 from sparunakian/dev
Fix typo (#3521)
2021-06-02 23:06:36 +08:00
neil
fd6a59202d start 3.0.0 2021-06-02 23:06:12 +08:00
Stéphane Parunakian
e353f66eaa Fix typo 2021-06-02 16:06:08 +02:00
neil
d154118600 fix bug 2021-06-01 22:21:17 +08:00
neil
c2273d2c8e add debug info 2021-06-01 22:15:53 +08:00
neil
495ba01d8e
Merge pull request #3529 from Haarolean/bugfix/porkbun-fixes
Porkbun DNS API fixes
2021-06-01 21:29:14 +08:00
neil
f627a02886 add error message 2021-06-01 21:24:37 +08:00
neil
5f9daa6640 check initAPI error 2021-06-01 21:23:00 +08:00
neil
9edda556de
Merge pull request #3530 from DerVerruckteFuchs/1984-login-fix
1984 login fix
2021-06-01 21:10:52 +08:00
Christophe B Billheimer
3891a52aeb change "$url" -> $url so the value of $url gets passed by reference, and the string "$url" does not erroneously get passed as a variable into _post() 2021-05-31 15:24:41 -04:00
Roman Zabaluev
1e5e3353f3 Fix porkbun issues
See gh-3450
2021-05-30 18:23:13 +03:00
neil
7aa4b8247c upgrade cf-tunnel 2021-05-29 15:17:34 +08:00
neil
37339ddafc
Merge pull request #3525 from tresni/synology_dsm
Synology DSM - Make certificate descriptions sed safe
2021-05-27 21:04:24 +08:00
Brian Hartvigsen
dcb51683c5
shellcheck cleanup
shellcheck sees '\\' as trying to escape the trailing quote (see
koalaman/shellcheck#1548 ).
2021-05-26 15:25:58 -06:00
Brian Hartvigsen
74a4a788b1
Make certificate descriptions sed safe
This escapes special characters used in POSIX sed to prevent mismatches.
e.g. `SYNO_Certficiate=*.example.com` would not match a description of
"*.example.com" and would look to match any number of double quotes (the
last character in the sed regex prior to certificate description),
followed by any single character, followed by "example", followed by any
character, followed by "com".

After this change, it will properly match `*.example.com` and not
`""zexamplefcom`.

Additionally we now store the certificate description as base64 encoded
to prevent issues with single quotes.

Tested on DSM 7.0-41222 (VDSM) and DSM 6.2.4-25556 (DS1515+).
2021-05-26 15:25:58 -06:00
neilpang
7909273a21 add debug info 2021-05-25 21:57:15 +08:00
neil
130e8dbd40
Merge pull request #3522 from acmesh-official/dev
sync
2021-05-23 23:55:23 +08:00
neil
40e2ebed95 remove ngrok token 2021-05-23 23:16:04 +08:00
neil
bf9b33acec use cloudflare tunnel to test 2021-05-23 23:12:46 +08:00
neil
7710a33b6c fix format 2021-05-22 23:48:39 +08:00
neil
af3ea2d4fd remove ACME v1 support 2021-05-22 23:45:50 +08:00
neil
52a3255936
Merge pull request #3520 from tresni/synology_dsm
Better fix for Synology DSM setting wrong default
2021-05-20 23:05:34 +08:00
Brian Hartvigsen
5ab9ca1c0d
Better fix for Synology DSM setting wrong default
As noted by @buxm, previous fix didn't work for all versions of DSM 6.
The better fix appears to be simply not outputting the "as_default"
parameter unless we are doing something with the default certificate.
2021-05-19 13:21:34 -06:00
neil
461f602992
Merge pull request #3505 from willbrowningme/patch-1
dnsapi/dns_desec.sh remove DEDYN_NAME variable
2021-05-08 21:12:56 +08:00
neilpang
46180435cc minor 2021-05-08 21:09:56 +08:00
neil
7f2699c6da
Merge pull request #3511 from acmesh-official/dev
Dev
2021-05-08 21:00:02 +08:00
neilpang
aede5c486b fix https://github.com/acmesh-official/acme.sh/issues/3504
check invalid status first.
2021-05-07 22:02:40 +08:00
neilpang
fb2407386f Merge branch 'dev' of https://github.com/acmesh-official/acme.sh into dev 2021-05-07 21:50:22 +08:00
neilpang
aa59c46c4c fix https://github.com/acmesh-official/acme.sh/issues/3504 2021-05-07 21:49:47 +08:00
Will Browning
c5557fc488
Remove DEDYN_NAME variable from dns_desec.sh 2021-05-06 16:51:43 +01:00
neil
8c14150536
Merge pull request #3350 from temoffey/deploy-gcore_cdn
Deploy gcore_cdn fix
2021-05-05 23:48:37 +08:00
neilpang
0881cf1379 start 2.9.0 2021-05-04 13:32:59 +08:00
neil
d0a16b0ec0
Merge pull request #3499 from acmesh-official/dev
sync
2021-05-03 22:20:20 +08:00
neil
290beb90a7 minor 2021-05-03 17:14:54 +08:00
neil
0a4ef17135 fix nginx relative path issue:
https://github.com/acmesh-official/acme.sh/issues/1743
https://github.com/acmesh-official/acme.sh/issues/1914
2021-05-03 17:11:02 +08:00
neil
e0c32ce700 minor 2021-05-03 16:42:09 +08:00
neil
e65144a105 fix https://github.com/acmesh-official/acme.sh/issues/3487
suppor Ali doh and dnspod doh.
2021-05-03 16:37:13 +08:00
neil
ae40445dba
Merge pull request #3498 from tresni/synology_dsm
FIX: Synology sets "default" on wrong certificate
2021-05-03 15:57:09 +08:00
neil
25a8240d12 fix https://github.com/acmesh-official/acme.sh/issues/3421 2021-05-03 15:52:56 +08:00
Brian Hartvigsen
1a4a180e8c
FIX: Synology sets "default" on wrong certificate
For some DSM installs, it appears that setting the "default" flag to the
string "false" actually sets it to true.  This causes Synology to set
the last updated certificate to be the default certificate.  Using an
empty string appears to still be accepted as a false-y value for DSMs
where this isn't happening and corrects the behavior in the cases that
it was.

Credit to @Run-King for identifying the fix and @buxm for reporting.
2021-05-02 13:37:59 -06:00
neilpang
aea10a3b93 Merge branch 'dev' of https://github.com/acmesh-official/acme.sh into dev 2021-05-02 22:20:27 +08:00
neilpang
f855862ade upgrade freebsd 2021-05-02 22:20:04 +08:00
neil
91d37c7875 fix compatibility issue 2021-05-01 22:32:44 +08:00
neil
5707b93110
Merge pull request #3493 from goekesmi/master
Pass content via printf string format and argument
2021-05-01 10:16:30 +08:00
Jeff Goeke-Smith
81b2d0732f
arguments passed to printf are more generic
On systems that /bin/sh is served by shells other than bash, or 
shells that don't implement the same syntax as the bash printf builtin,
printf -- fails to produce the output necessary for standalone operation.

The test case for this was SmartOS, which uses ksh93 as its /bin/sh.

This change uses the more generic method of passing a format parameter
of a single string, and then the argument to replace it with.
2021-04-29 16:46:32 -04:00
neil
ec0538d251
Merge pull request #3455 from ecm75/notify_fix
fix _exists error message if MAIL_BIN env variable is not set
2021-04-29 22:34:11 +08:00