Merge pull request #742 from jasonkeller/dev

Add infoblox api support

README.md

@@ -310,6 +310,7 @@ You don't have to do anything manually!
 1. Knot DNS API
 1. DigitalOcean API (native)
 1. ClouDNS.net API
+1. Infoblox NIOS API (https://www.infoblox.com/)
 
 **More APIs coming soon...**
 

dnsapi/README.md

@@ -421,6 +421,23 @@ Ok, let's issue a cert now:
 acme.sh --issue --dns dns_cloudns -d example.com -d www.example.com
 ```
 
+## 22. Use Infoblox API
+ 
+First you need to create/obtain API credentials on your Infoblox appliance.
+ 
+```
+export Infoblox_Creds="username:password"
+export Infoblox_Server="ip or fqdn of infoblox appliance"
+```
+ 
+Ok, let's issue a cert now:
+```
+acme.sh --issue --dns dns_infoblox -d example.com -d www.example.com
+```
+ 
+Note: This script will automatically create and delete the ephemeral txt record.
+The `Infoblox_Creds` and `Infoblox_Server` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
+
 # Use custom API
 
 If your API is not supported yet, you can write your own DNS API.

dnsapi/dns_infoblox.sh

@@ -0,0 +1,97 @@
+#!/usr/bin/env sh
+
+## Infoblox API integration by Jason Keller and Elijah Tenai
+##
+## Report any bugs via https://github.com/jasonkeller/acme.sh
+
+dns_infoblox_add() {
+
+  ## Nothing to see here, just some housekeeping
+  fulldomain=$1
+  txtvalue=$2
+  baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue"
+
+  _info "Using Infoblox API"
+  _debug fulldomain "$fulldomain"
+  _debug txtvalue "$txtvalue"
+
+  ## Check for the credentials
+  if [ -z "$Infoblox_Creds" ] || [ -z "$Infoblox_Server" ]; then
+    Infoblox_Creds=""
+    Infoblox_Server=""
+    _err "You didn't specify the credentials or server yet (Infoblox_Creds and Infoblox_Server)."
+    _err "Please set them via EXPORT ([username:password] and [ip or hostname]) and try again."
+    return 1
+  fi
+
+  ## Save the credentials to the account file
+  _saveaccountconf Infoblox_Creds "$Infoblox_Creds"
+  _saveaccountconf Infoblox_Server "$Infoblox_Server"
+
+  ## Base64 encode the credentials
+  Infoblox_CredsEncoded=$(printf "%b" "$Infoblox_Creds" | _base64)
+
+  ## Construct the HTTP Authorization header
+  export _H1="Accept-Language:en-US"
+  export _H2="Authorization: Basic $Infoblox_CredsEncoded"
+
+  ## Add the challenge record to the Infoblox grid member
+  result=$(_post "" "$baseurlnObject" "" "POST")
+
+  ## Let's see if we get something intelligible back from the unit
+  if echo "$result" | egrep 'record:txt/.*:.*/default'; then
+    _info "Successfully created the txt record"
+    return 0
+  else
+    _err "Error encountered during record addition"
+    _err "$result"
+    return 1
+  fi
+
+}
+
+dns_infoblox_rm() {
+
+  ## Nothing to see here, just some housekeeping
+  fulldomain=$1
+  txtvalue=$2
+
+  _info "Using Infoblox API"
+  _debug fulldomain "$fulldomain"
+  _debug txtvalue "$txtvalue"
+
+  ## Base64 encode the credentials
+  Infoblox_CredsEncoded=$(printf "%b" "$Infoblox_Creds" | _base64)
+
+  ## Construct the HTTP Authorization header
+  export _H1="Accept-Language:en-US"
+  export _H2="Authorization: Basic $Infoblox_CredsEncoded"
+
+  ## Does the record exist?  Let's check.
+  baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty"
+  result=$(_get "$baseurlnObject")
+
+  ## Let's see if we get something intelligible back from the grid
+  if echo "$result" | egrep 'record:txt/.*:.*/default'; then
+    ## Extract the object reference
+    objRef=$(printf "%b" "$result" | _egrep_o 'record:txt/.*:.*/default')
+    objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef"
+    ## Delete them! All the stale records!
+    rmResult=$(_post "" "$objRmUrl" "" "DELETE")
+    ## Let's see if that worked
+    if echo "$rmResult" | egrep 'record:txt/.*:.*/default'; then
+      _info "Successfully deleted $objRef"
+      return 0
+    else
+      _err "Error occurred during txt record delete"
+      _err "$rmResult"
+      return 1
+    fi
+  else
+    _err "Record to delete didn't match an existing record"
+    _err "$result"
+    return 1
+  fi
+}
+
+####################  Private functions below ##################################