Commit Graph

68 Commits

Author SHA1 Message Date
Scruel Tao
6af5293315 doc: adjust 2024-02-28 02:00:07 +08:00
Scruel Tao
ff090d2f74 fix lint 2024-02-26 23:45:19 +08:00
Scruel Tao
68e3a12a91 feat: improve robustness of the usage of DSM tool synogroup 2024-02-26 23:38:44 +08:00
Scruel Tao
50eda6b678 fix: lint 2024-02-26 21:07:15 +08:00
Scruel Tao
192ec598a3 feat: add SYNO_LOCAL_HOSTNAME to prevent remote deploy via temp admin method 2024-02-26 21:03:26 +08:00
Scruel Tao
5b449999a5 refactor: unify variable naming convention again (revert some changes) 2024-02-26 20:55:49 +08:00
Scruel Tao
afed62f6de fix: should save SYNO_UseTempAdmin only after login success. 2024-02-26 07:05:00 +08:00
Scruel Tao
59d1e16f9c feat: bypass enforce temp admin 2FA 2024-02-26 06:23:47 +08:00
Scruel Tao
dbe0d477d6 feat: more user-friendly logic & error messages. 2024-02-26 06:23:46 +08:00
Scruel Tao
7248560169 feat: support DSM 6.x 2024-02-26 06:23:45 +08:00
Scruel Tao
f840f7d75b refactor: unify variable naming convention 2024-02-26 06:23:42 +08:00
Scruel Tao
cf3839ecec
doc(deploy): update usage doc 2024-02-22 12:38:51 +08:00
neil
aa8cf76fb1
Merge pull request #4706 from scruel/syno-patch
Add SYNO_USE_TEMP_ADMIN variable & Fix broken logic
2024-02-13 09:57:51 +08:00
LordDarkneo
6992659ba9
Update synology_dsm.sh 2023-12-22 14:36:52 -05:00
LordDarkneo
05696d443a
Update synology_dsm.sh
#2727 issue when logging out on older version - using variables to unlog only for CERT user
2023-12-22 14:34:35 -05:00
LordDarkneo
f59a925897
Update synology_dsm.sh
Issue for lougout
2023-12-22 09:09:29 -05:00
Romeo Dumitrescu
87a7bde618 fix: Synology DSM API path regex
Fix the regex for looking up the API path value from the Synology API query.
2023-09-25 18:43:01 +03:00
Scruel Tao
29b2960805
Optimze comment & remove tail space 2023-09-07 15:01:37 +08:00
Scruel Tao
f7f3a0bf0d
Merge branch 'dev' into syno-patch 2023-09-07 14:57:53 +08:00
Martin Arndt
b793dbf977
Fix device ID property name for DSM 6 2023-08-11 17:55:45 +02:00
Martin Arndt
d52b38777a
Fix Auth API access for DSM 6 2023-08-09 19:52:37 +02:00
Scruel Tao
ba468bb5e4
Fix for shfmt check 2023-07-20 13:38:36 +08:00
Scruel Tao
cf86d57a9f
Fix for shfmt check 2023-07-20 13:34:57 +08:00
Scruel Tao
9e958f4e32
Fix shellcheck 2023-07-20 13:09:21 +08:00
Scruel Tao
c7f6f20c9d
Add SYNO_USE_TEMP_ADMIN variable & Fix broken logic
1. Fix the broken logic in (Sorry for including fix commit in same PR, I'm feeling quite tired and would like to go to sleep right away...)
2. Provides new method to obtain credential info for authentication, it will create a temp admin user if SYNO_USE_TEMP_ADMIN is set, instead of requiring the user's own credentials which will be saved in disk.

I do really don't like to have plaintext credentials be saved in disk, and I noticed that you've spent a lot of time fighting with 2FA related stuffs, so why not just get rid of the whole old way. :)
2023-07-20 02:48:29 +08:00
Martin Arndt
0d7b831661
Fix variable initialization 2023-07-04 16:58:14 +02:00
Martin Arndt
0c9e4f67a8
Update synology_dsm.sh
Split "[ && ]" into "[ ] && [ ]" to make ShellCheck happy
2023-07-04 15:55:44 +02:00
Martin Arndt
db3f131dfc
Re-add deprecated SYNO_TOTP_SECRET part for legacy compatibility
As requested in acmesh-official/acme.sh/pull/4646 by Neil Pang
2023-07-04 15:47:19 +02:00
Martin Arndt
0548ad2fc6
Fix debug output of session ID 2023-05-28 22:33:15 +02:00
Martin Arndt
623d615cd7
Remove external OTP dependency from synology_dsm.sh
Also adapt to DSM 7's API improvements.
2023-05-28 21:42:53 +02:00
Markus Lippert
a7dd86de71
fix(deploy-synology_dsm): support DID with DSM 7 2022-09-29 12:22:45 +02:00
John Elliott
3a99a77104 Update return statement 2022-02-07 21:55:12 -08:00
John Elliott
5ce8050e46 Update missing oathtool check 2022-02-07 11:58:14 -08:00
John Elliott
5ae3a020bd Add err log for missing oathtool in Synology
Alerts the user that the oathtool is missing and the TOTP can't be
generated.
2022-02-07 11:53:24 -08:00
Nasser Alansari
4635dacf7f Add SYNO_TOTP_SECRET for user with two-factor authentication 2021-11-13 13:01:38 +03:00
Miguel Angelo
a31ed4a723 Notify user about a possible problem when using synology_dsm.sh with 2fa enabled user account 2021-11-01 01:40:14 -03:00
Brian Hartvigsen
dcb51683c5
shellcheck cleanup
shellcheck sees '\\' as trying to escape the trailing quote (see
koalaman/shellcheck#1548 ).
2021-05-26 15:25:58 -06:00
Brian Hartvigsen
74a4a788b1
Make certificate descriptions sed safe
This escapes special characters used in POSIX sed to prevent mismatches.
e.g. `SYNO_Certficiate=*.example.com` would not match a description of
"*.example.com" and would look to match any number of double quotes (the
last character in the sed regex prior to certificate description),
followed by any single character, followed by "example", followed by any
character, followed by "com".

After this change, it will properly match `*.example.com` and not
`""zexamplefcom`.

Additionally we now store the certificate description as base64 encoded
to prevent issues with single quotes.

Tested on DSM 7.0-41222 (VDSM) and DSM 6.2.4-25556 (DS1515+).
2021-05-26 15:25:58 -06:00
Brian Hartvigsen
5ab9ca1c0d
Better fix for Synology DSM setting wrong default
As noted by @buxm, previous fix didn't work for all versions of DSM 6.
The better fix appears to be simply not outputting the "as_default"
parameter unless we are doing something with the default certificate.
2021-05-19 13:21:34 -06:00
Brian Hartvigsen
1a4a180e8c
FIX: Synology sets "default" on wrong certificate
For some DSM installs, it appears that setting the "default" flag to the
string "false" actually sets it to true.  This causes Synology to set
the last updated certificate to be the default certificate.  Using an
empty string appears to still be accepted as a false-y value for DSMs
where this isn't happening and corrects the behavior in the cases that
it was.

Credit to @Run-King for identifying the fix and @buxm for reporting.
2021-05-02 13:37:59 -06:00
Brian Hartvigsen
2635dfef96
Shellcheck linting
Also removed unused code
2020-12-09 21:01:44 -07:00
Brian Hartvigsen
7d7789ae96
Support DSM 6 and 7
Small changes for DSM 6:

All fields (except enable_syno_token as explained below) must either be in the GET params or the POST params, you can't mix GET and POST params
enable_syno_token=yes must be in both the GET and POST params.
If enable_syno_token=yes is only in the POST fields, then DSM6 returns a synotoken of --------. If enable_syno_token=yes is only in the GET params, then it returns no synotoken at all. It must be in both to work.
Need to use /webapi/auth.cgi instead of /webapi/entry.cgi
Verified with DSM 6.2.3-25426 Update 2 and DSM 7.0-40850
2020-12-09 20:35:50 -07:00
Thijn
cc69285420
Fix synology_dsm deployhook for DSM 7 2020-12-09 19:47:31 -07:00
Brian Hartvigsen
99d3a283ef
Use POST for login
This allows us to get the cookie and the token (as it appears to be only in the body in DSM 7.)  HTTP_HEADERS is only guarenteed to be output with POST for both wget and curl.
2020-12-09 19:44:14 -07:00
Brian Hartvigsen
5f5096e1d4
Addressing issues found in DS218+ DSM
DS218+ appears to have a slighly different DSM that sends back headers in lowercase.

Reported by @BartSiwek in #2727
2020-07-25 21:56:18 -06:00
neil
341f000b9c
Merge pull request #2947 from kref/patch-1
fix octal escapes for printf %b format
2020-05-19 13:45:42 +08:00
kref
0deea53931
fix octal escapes for printf %b format
Stop it from misinterpreting a following digit as part of the escape sequence
2020-05-19 13:27:00 +08:00
Brian Hartvigsen
694194be2f
Shellcheck fix
SYNO_Certificate gets set by _getdeployconf, so this may be an empty string but that's fine
2020-05-16 02:25:53 -06:00
Brian Hartvigsen
c7f61f8b80
Allow rotating the default certificate which has no description
This means, by default, we will rotate the default certificate that comes with the DSM
2020-05-16 02:02:23 -06:00
Brian Hartvigsen
3a7c7fe4e8
Fix shellcheck issues 2020-05-16 00:19:18 -06:00