[pve-devel] [Patch V2 acme 04/12] Add funtion to set DNSAPI variable

Fabian Grünbichler f.gruenbichler at proxmox.com
Wed Apr 1 15:25:52 CEST 2020


On March 31, 2020 12:08 pm, Wolfgang Link wrote:
> acme.sh DNS plugins expect a configuration in which the login information
> is stored.
> We pass the credentials with the command.
> This function supports the expected behavior of the plugins.
> 
> Signed-off-by: Wolfgang Link <w.link at proxmox.com>
> ---
>  src/proxmox-acme | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/src/proxmox-acme b/src/proxmox-acme
> index 662c39a..f7a6757 100644
> --- a/src/proxmox-acme
> +++ b/src/proxmox-acme
> @@ -568,3 +568,16 @@ _source_plugin_config() {
>    return
>  }
>  
> +# Proxmox implementation to inject the DNSAPI variables
> +_load_plugin_config() {
> +    tmp_str="${plugin_conf_sting//[^,]}"

s/sting/string/

> +    index="$(_math ${#tmp_str} + 1)"
> +    while [ "$index" -gt "0" ]
> +    do
> +	field=$(_getfield $plugin_conf_sting "$index" ",")
> +	key=$(_getfield $field 1 "=")
> +	value=$(_getfield $field 2 "=")
> +	eval "$key"="$value"

this (among other things) might be dangerous, and is probably a reason 
why we should run this plugin as nobody:nobody at least. I assume the 
eval is mainly there to support putting variables into values here?

e.g.,

FOO="bar"
BAZ="${FOO}_barbaz"

or the like? are there acme.sh plugins that actually do anything fancy, or could 
we limit this to plain strings for now and drop the 'eval'?

> +	index="$(_math "$index" - 1)"
> +    done
> +}
> -- 
> 2.20.1
> 
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
> 
> 




More information about the pve-devel mailing list