Acme.sh: DNS API password with special characters

Created on 23 Oct 2016  路  4Comments  路  Source: acmesh-official/acme.sh

I've made a custom DNS API script and have a problem saving passwords with special characters, namely $ and ". This problem occurs for any DNS API script!

My simple PR #334 fixes it for these characters, but introduces the problem for '.
I know this is edge case, but $ signs are quite popular in passwords, so I'd opt for the case where ' isn't allowed.

After some playing around, it would work if the ' characters were saved as '"'"' (single-double-single-double-single quote), or as it would need to be for _saveaccountconf: '\'\"\'\"\'' to escape properly. (reference)

@Neilpang Before this goes too far, what do you think about this?

picture noplanman

Most helpful comment

Another workaround.
In your api file, base64 encode the password before using _saveaccountconf, and base64 decode it when renewing.

#restoring from the account conf file
if [ "$My_API_Password_Base64" ] ; then
   My_API_Password="$(_dbase64 "$My_API_Password_Base64")"
fi


if [ "$My_API_Password" ] ; then
  My_API_Password_Base64="$(_base64 "$My_API_Password")"
else
  _err "Please specify "My_API_Password, and try again."
  return 1
fi

#saving to the account conf file.
 _saveaccountconf   My_API_Password_Base64     "$My_API_Password_Base64"
picture Neilpang on 23 Oct 2016
🎉1 👍1

All 4 comments

I think you pr is good.
Using single quote is better than double quota.

But I need some more time to test can merge the code.

For the edge case that the password contains single quota, just forget it now.

If there are too many complains about it, let's come back to this case then.

Neilpang picture Neilpang on 23 Oct 2016

Another workaround.
In your api file, base64 encode the password before using _saveaccountconf, and base64 decode it when renewing.

#restoring from the account conf file
if [ "$My_API_Password_Base64" ] ; then
   My_API_Password="$(_dbase64 "$My_API_Password_Base64")"
fi


if [ "$My_API_Password" ] ; then
  My_API_Password_Base64="$(_base64 "$My_API_Password")"
else
  _err "Please specify "My_API_Password, and try again."
  return 1
fi

#saving to the account conf file.
 _saveaccountconf   My_API_Password_Base64     "$My_API_Password_Base64"
Neilpang picture Neilpang on 23 Oct 2016
🎉1 👍1

Thanks for the Base64 idea, brilliant!

if [ "$mypw_Base64" ] ; then
  mypw="$(echo $mypw_Base64 | _dbase64)"
elif [ "$mypw" ] ; then
  mypw_Base64="$(echo $mypw | _base64)"
else
  _err "Please specify mypw, and try again."
  return 1
fi

#saving to the account conf file.
_saveaccountconf mypw_Base64 "$mypw_Base64"
noplanman picture noplanman on 23 Oct 2016

merged

Neilpang picture Neilpang on 25 Oct 2016
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

haiopaii picture haiopaii  路  3Comments
vitaly80 picture vitaly80  路  4Comments
hxx-fetch picture hxx-fetch  路  4Comments
caruccio picture caruccio  路  5Comments
centminmod picture centminmod  路  4Comments