doorxp

#!/bin/bash

SERVER_URL="https://alidns.aliyuncs.com"

# 阿里云 API 设置
ACCESS_KEY_ID=$1
ACCESS_KEY_SECRET=$2
DOMAIN_NAME=$1
IP=$3

domain_parts=(${DOMAIN_NAME//./ })
length=${#domain_parts[@]}

if [ $length -lt 3 ]; then
echo "错误：无效的域名格式"
return 1
else
DOMAIN="${domain_parts[$((length-2))]}.${domain_parts[$((length-1))]}"
SUB_DOMAIN=(${DOMAIN_NAME//.$DOMAIN/ })
fi




# API 版本
VERSION="2015-01-09"

# 生成时间戳和随机字符串
TIMESTAMP=$(date -u "+%Y-%m-%dT%H:%M:%SZ")
NONCE=$(cat /dev/urandom | head -n 10 | md5sum | head -c 8)

# URL 编码函数
urlencode() {
local length="${#1}"
for (( i = 0; i < length; i++ )); do
local c="${1:i:1}"
case $c in
[a-zA-Z0-9.~_-]) printf "$c" ;;
*) printf '%%%02X' "'$c" ;;
esac
done
}

# 生成时间戳和随机字符串
TIMESTAMP=$(date -u "+%Y-%m-%dT%H:%M:%SZ")
NONCE=$(cat /dev/urandom | head -n 10 | md5sum | head -c 8)

# URL 编码函数
urlencode() {
local length="${#1}"
for (( i = 0; i < length; i++ )); do
local c="${1:i:1}"
case $c in
[a-zA-Z0-9.~_-]) printf "$c" ;;
*) printf '%%%02X' "'$c" ;;
esac
done
}


# 函数：发送 API 请求
send_request() {
local query="$1"
local string_to_sign="GET&%2F&$(urlencode "$query")"
local signature=$(echo -n "$string_to_sign" | openssl dgst -sha1 -hmac "${ACCESS_KEY_SECRET}&" -binary | base64)
local url="${SERVER_URL}/?${query}&Signature=$(urlencode "$signature")"
curl -s "$url"
}

# 获取 RecordId
get_record_id() {
local query="AccessKeyId=$ACCESS_KEY_ID&Action=DescribeDomainRecords&DomainName=$DOMAIN&Format=JSON&RRKeyWord=$SUB_DOMAIN&SignatureMethod=HMAC-SHA1&SignatureNonce=$NONCE&SignatureVersion=1.0&Timestamp=$(urlencode $TIMESTAMP)&Type=A&Version=$VERSION"
local sorted_query=$(echo $query | tr '&' '\n' | sort | tr '\n' '&' | sed 's/&$//')
local result=$(send_request "$sorted_query")
echo "$result" | grep -o '"RecordId":"[^"]*' | cut -d'"' -f4
}

# 获取 RecordId
RECORD_ID=$(get_record_id)

if [ -z "$RECORD_ID" ]; then
echo "nohost"
exit 1
fi

# 构建参数字符串
QUERY_PARAMS="AccessKeyId=$ACCESS_KEY_ID&Action=UpdateDomainRecord&DomainName=$DOMAIN&Format=JSON&RecordId=$RECORD_ID&RR=$SUB_DOMAIN&SignatureMethod=HMAC-SHA1&SignatureNonce=$NONCE&SignatureVersion=1.0&Timestamp=$(urlencode $TIMESTAMP)&Type=A&Value=$IP&Version=$VERSION"

# 对参数进行排序
SORTED_QUERY_PARAMS=$(echo $QUERY_PARAMS | tr '&' '\n' | sort | tr '\n' '&' | sed 's/&$//')

# 构建待签名字符串
STRING_TO_SIGN="GET&%2F&$(urlencode $SORTED_QUERY_PARAMS)"

# 生成签名
SIGNATURE=$(echo -n "$STRING_TO_SIGN" | openssl dgst -sha1 -hmac "${ACCESS_KEY_SECRET}&" -binary | base64)

# 发送请求
URL="${SERVER_URL}/?${SORTED_QUERY_PARAMS}&Signature=$(urlencode $SIGNATURE)"
RESULT=$(curl -s "$URL")

# 检查结果
if [[ $RESULT == *"RecordId"* ]]; then
echo "good"
exit 0
elif [[ $RESULT == *"DomainRecordDuplicate"* ]]; then
echo "nochg"
exit 0
else
echo "abuse"
exit 1
fi