search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
38.9k stars 4.93k forks source link

HE.net doesn't work with more than one zone #1315

Closed wolrah closed 6 years ago

wolrah commented 6 years ago

The HE.net DNS script can not see more than just my first zone. I have "seanharlow.com", "seanharlow.info", and "drmfailures.org" on my account and the script is unable to see anything other than "seanharlow.com"

Here is a screenshot of my HE.net admin page showing the three zones: https://i.imgur.com/OS2Sqct.png

Steps to reproduce

Attempt to issue a cert using the DNS method through HE.net using any zone other than the first one on the account.

Debug log

wolrah@rodan:~$ acme.sh --issue --dns dns_he -d rodan.drmfailures.org --debug 2
[Wed Feb 28 21:31:02 UTC 2018] Lets find script dir.
[Wed Feb 28 21:31:02 UTC 2018] _SCRIPT_='/home/wolrah/.acme.sh/acme.sh'
[Wed Feb 28 21:31:02 UTC 2018] _script='/home/wolrah/.acme.sh/acme.sh'
[Wed Feb 28 21:31:02 UTC 2018] _script_home='/home/wolrah/.acme.sh'
[Wed Feb 28 21:31:02 UTC 2018] Using config home:/home/wolrah/.acme.sh
[Wed Feb 28 21:31:02 UTC 2018] LE_WORKING_DIR='/home/wolrah/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.7.7
[Wed Feb 28 21:31:02 UTC 2018] Using config home:/home/wolrah/.acme.sh
[Wed Feb 28 21:31:02 UTC 2018] ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
[Wed Feb 28 21:31:02 UTC 2018] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'
[Wed Feb 28 21:31:02 UTC 2018] DOMAIN_PATH='/home/wolrah/.acme.sh/rodan.drmfailures.org'
[Wed Feb 28 21:31:02 UTC 2018] Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
[Wed Feb 28 21:31:02 UTC 2018] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Wed Feb 28 21:31:02 UTC 2018] GET
[Wed Feb 28 21:31:02 UTC 2018] url='https://acme-v01.api.letsencrypt.org/directory'
[Wed Feb 28 21:31:02 UTC 2018] timeout=
[Wed Feb 28 21:31:02 UTC 2018] _CURL='curl -L --silent --dump-header /home/wolrah/.acme.sh/http.header  --trace-ascii /tmp/tmp.vS5JwlqMth  -g '
[Wed Feb 28 21:31:03 UTC 2018] ret='0'
[Wed Feb 28 21:31:03 UTC 2018] response='{
  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
  "meta": {
    "terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
  },
  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert",
  "w8PcIrAvi4U": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"
}'
[Wed Feb 28 21:31:03 UTC 2018] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Wed Feb 28 21:31:03 UTC 2018] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Feb 28 21:31:03 UTC 2018] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Wed Feb 28 21:31:03 UTC 2018] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Wed Feb 28 21:31:03 UTC 2018] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Wed Feb 28 21:31:03 UTC 2018] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Wed Feb 28 21:31:03 UTC 2018] ACME_NEW_NONCE
[Wed Feb 28 21:31:03 UTC 2018] ACME_VERSION
[Wed Feb 28 21:31:03 UTC 2018] Le_NextRenewTime
[Wed Feb 28 21:31:03 UTC 2018] _on_before_issue
[Wed Feb 28 21:31:03 UTC 2018] 'dns_he' does not contain 'no'
[Wed Feb 28 21:31:03 UTC 2018] Le_LocalAddress
[Wed Feb 28 21:31:03 UTC 2018] Check for domain='rodan.drmfailures.org'
[Wed Feb 28 21:31:03 UTC 2018] _currentRoot='dns_he'
[Wed Feb 28 21:31:03 UTC 2018] 'dns_he' does not contain 'apache'
[Wed Feb 28 21:31:03 UTC 2018] _saved_account_key_hash='m7SYoxVFwUDjjUVEv8z0N8BopYFhBD3Eul5ij5/ogm8='
[Wed Feb 28 21:31:03 UTC 2018] _saved_account_key_hash is not changed, skip register account.
[Wed Feb 28 21:31:03 UTC 2018] Read key length:
[Wed Feb 28 21:31:03 UTC 2018] _createcsr
[Wed Feb 28 21:31:03 UTC 2018] domain='rodan.drmfailures.org'
[Wed Feb 28 21:31:03 UTC 2018] domainlist
[Wed Feb 28 21:31:03 UTC 2018] csrkey='/home/wolrah/.acme.sh/rodan.drmfailures.org/rodan.drmfailures.org.key'
[Wed Feb 28 21:31:03 UTC 2018] csr='/home/wolrah/.acme.sh/rodan.drmfailures.org/rodan.drmfailures.org.csr'
[Wed Feb 28 21:31:03 UTC 2018] csrconf='/home/wolrah/.acme.sh/rodan.drmfailures.org/rodan.drmfailures.org.csr.conf'
[Wed Feb 28 21:31:03 UTC 2018] Single domain='rodan.drmfailures.org'
[Wed Feb 28 21:31:03 UTC 2018] _is_idn_d='rodan.drmfailures.org'
[Wed Feb 28 21:31:03 UTC 2018] _idn_temp
[Wed Feb 28 21:31:03 UTC 2018] _csr_cn='rodan.drmfailures.org'
[Wed Feb 28 21:31:03 UTC 2018] Getting domain auth token for each domain
[Wed Feb 28 21:31:03 UTC 2018] Getting webroot for domain='rodan.drmfailures.org'
[Wed Feb 28 21:31:03 UTC 2018] _w='dns_he'
[Wed Feb 28 21:31:03 UTC 2018] _currentRoot='dns_he'
[Wed Feb 28 21:31:03 UTC 2018] Getting new-authz for domain='rodan.drmfailures.org'
[Wed Feb 28 21:31:03 UTC 2018] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Wed Feb 28 21:31:03 UTC 2018] Try new-authz for the 0 time.
[Wed Feb 28 21:31:03 UTC 2018] _is_idn_d='rodan.drmfailures.org'
[Wed Feb 28 21:31:03 UTC 2018] _idn_temp
[Wed Feb 28 21:31:03 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Feb 28 21:31:03 UTC 2018] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "rodan.drmfailures.org"}}'
[Wed Feb 28 21:31:03 UTC 2018] RSA key
[Wed Feb 28 21:31:03 UTC 2018] Get nonce. ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
[Wed Feb 28 21:31:03 UTC 2018] GET
[Wed Feb 28 21:31:03 UTC 2018] url='https://acme-v01.api.letsencrypt.org/directory'
[Wed Feb 28 21:31:03 UTC 2018] timeout=
[Wed Feb 28 21:31:03 UTC 2018] _CURL='curl -L --silent --dump-header /home/wolrah/.acme.sh/http.header  --trace-ascii /tmp/tmp.C79FicArbx  -g '
[Wed Feb 28 21:31:04 UTC 2018] ret='0'
[Wed Feb 28 21:31:04 UTC 2018] _headers='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 562
Replay-Nonce: qhBVdnjeTe4rp0TswT2FzJPSjprLkkDHCgHsqHFGd5Q
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 28 Feb 2018 21:31:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 28 Feb 2018 21:31:04 GMT
Connection: keep-alive
'
[Wed Feb 28 21:31:04 UTC 2018] _CACHED_NONCE='qhBVdnjeTe4rp0TswT2FzJPSjprLkkDHCgHsqHFGd5Q'
[Wed Feb 28 21:31:04 UTC 2018] nonce='qhBVdnjeTe4rp0TswT2FzJPSjprLkkDHCgHsqHFGd5Q'
[Wed Feb 28 21:31:04 UTC 2018] POST
[Wed Feb 28 21:31:04 UTC 2018] _post_url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Feb 28 21:31:04 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "sxNnwfSeUq5Q1mGoFvvgUmnvF_3VqjDyBdOouogHXx2rDBaXVma8ozLwGlgJmChu9z4TubxrApM1ZRHOa76JD6V2TcsE_xSbQi2NvdU215Z6YsGtOnbJlyZc_NeoEPqv1kPnE9gXo-gH_NuFUeogE93DKx7GdfPUZ9B0TkX0HpRcveYHentlwxH2TVznh6iJ3G0fGXEKgEVE6yKQtSyEOdcMwpIci_lFRbe8MRikIftVysEpsL7BtZf_CupXxUXRi15_BKVnFoD1zexqdrp3L4bHlJFrsD4TsOKBHAOPgCiA-2OMzNIgGJD8REsjsxrvbw2EfH0-_f0VS9lw4O_8iQ"}}, "protected": "eyJub25jZSI6ICJxaEJWZG5qZVRlNHJwMFRzd1QyRnpKUFNqcHJMa2tESENnSHNxSEZHZDVRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYXV0aHoiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJzeE5ud2ZTZVVxNVExbUdvRnZ2Z1VtbnZGXzNWcWpEeUJkT291b2dIWHgyckRCYVhWbWE4b3pMd0dsZ0ptQ2h1OXo0VHVieHJBcE0xWlJIT2E3NkpENlYyVGNzRV94U2JRaTJOdmRVMjE1WjZZc0d0T25iSmx5WmNfTmVvRVBxdjFrUG5FOWdYby1nSF9OdUZVZW9nRTkzREt4N0dkZlBVWjlCMFRrWDBIcFJjdmVZSGVudGx3eEgyVFZ6bmg2aUozRzBmR1hFS2dFVkU2eUtRdFN5RU9kY013cEljaV9sRlJiZThNUmlrSWZ0VnlzRXBzTDdCdFpmX0N1cFh4VVhSaTE1X0JLVm5Gb0QxemV4cWRycDNMNGJIbEpGcnNENFRzT0tCSEFPUGdDaUEtMk9Nek5JZ0dKRDhSRXNqc3hydmJ3MkVmSDAtX2YwVlM5bHc0T184aVEifX0", "payload": "eyJyZXNvdXJjZSI6ICJuZXctYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAicm9kYW4uZHJtZmFpbHVyZXMub3JnIn19", "signature": "cno0RdvxlxZoWHwp2eZRymVI98QA6IVwjMWBUIV0Eip2pCRAiLydqOYym0MVXhRJrnr4lM9BaxD-tsstdF8MwMQ_5eret0Ilr65lswrLtI36EGuvZzrsy-ea46UhAv2OFMo_c4x9BPSFrDGWGheeD7gz4XUNotOP4y_V_jZIQGsun6MmtxRa2oPS8ZJNWt0JEsEzyGFZVhXnz0RFNhNmpW_wLY2YLkkY4D5hiUKFhQFnwmbPLcxKUWryHHPFyVk2dx4oCOYbmvsgHqSha8mmUVWEd2vKvFVBqQ-TEfFdNEOcobNooac5bzv_l_3tXqDBzDgs9ji-GnSqcOgCMr8ONw"}'
[Wed Feb 28 21:31:04 UTC 2018] _CURL='curl -L --silent --dump-header /home/wolrah/.acme.sh/http.header  --trace-ascii /tmp/tmp.y2Prwq6gVo  -g '
[Wed Feb 28 21:31:05 UTC 2018] _ret='0'
[Wed Feb 28 21:31:05 UTC 2018] original='{
  "identifier": {
    "type": "dns",
    "value": "rodan.drmfailures.org"
  },
  "status": "pending",
  "expires": "2018-03-07T21:31:05.674452978Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250",
      "token": "uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0"
    },
    {
      "type": "http-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072251",
      "token": "XWvblLyqYARMgwrwRIiPYk5S2Y0kVlJR4S2XTRYLLIU"
    }
  ],
  "combinations": [
    [
      1
    ],
    [
      0
    ]
  ]
}'
[Wed Feb 28 21:31:05 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
Expires: Wed, 28 Feb 2018 21:31:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 736
Boulder-Requester: 30293432
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE
Replay-Nonce: fBc0a2dEpE7xWwXZQI-lW6KzA2SjiSV4CLpYNERXuos
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 28 Feb 2018 21:31:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 28 Feb 2018 21:31:05 GMT
Connection: keep-alive
'
[Wed Feb 28 21:31:05 UTC 2018] response='{"identifier":{"type":"dns","value":"rodan.drmfailures.org"},"status":"pending","expires":"2018-03-07T21:31:05.674452978Z","challenges":[{"type":"dns-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250","token":"uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0"},{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072251","token":"XWvblLyqYARMgwrwRIiPYk5S2Y0kVlJR4S2XTRYLLIU"}],"combinations":[[1],[0]]}'
[Wed Feb 28 21:31:05 UTC 2018] code='201'
[Wed Feb 28 21:31:05 UTC 2018] The new-authz request is ok.
[Wed Feb 28 21:31:05 UTC 2018] entry='"type":"dns-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250","token":"uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0"'
[Wed Feb 28 21:31:05 UTC 2018] token='uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0'
[Wed Feb 28 21:31:05 UTC 2018] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250'
[Wed Feb 28 21:31:05 UTC 2018] keyauthorization='uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0.68RA7HhBqj_CrXTsmzLZWS-F45FlwgcCf0CqYkcIiHU'
[Wed Feb 28 21:31:05 UTC 2018] dvlist='rodan.drmfailures.org#uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0.68RA7HhBqj_CrXTsmzLZWS-F45FlwgcCf0CqYkcIiHU#https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250#dns-01#dns_he'
[Wed Feb 28 21:31:05 UTC 2018] vlist='rodan.drmfailures.org#uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0.68RA7HhBqj_CrXTsmzLZWS-F45FlwgcCf0CqYkcIiHU#https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250#dns-01#dns_he,'
[Wed Feb 28 21:31:05 UTC 2018] d='rodan.drmfailures.org'
[Wed Feb 28 21:31:05 UTC 2018] txtdomain='_acme-challenge.rodan.drmfailures.org'
[Wed Feb 28 21:31:05 UTC 2018] txt='ISjOGvLI3fBozAJScgIY30mpmzgyuVy9KblMiR_zSmA'
[Wed Feb 28 21:31:05 UTC 2018] d_api='/home/wolrah/.acme.sh/dnsapi/dns_he.sh'
[Wed Feb 28 21:31:05 UTC 2018] Found domain api file: /home/wolrah/.acme.sh/dnsapi/dns_he.sh
[Wed Feb 28 21:31:05 UTC 2018] Using DNS-01 Hurricane Electric hook
[Wed Feb 28 21:31:05 UTC 2018] POST
[Wed Feb 28 21:31:05 UTC 2018] _post_url='https://dns.he.net/'
[Wed Feb 28 21:31:05 UTC 2018] body='email=wolrah&pass=***EDITEDPASSWORDOUTHERE***'
[Wed Feb 28 21:31:05 UTC 2018] _CURL='curl -L --silent --dump-header /home/wolrah/.acme.sh/http.header  --trace-ascii /tmp/tmp.Nc7uWU6X5q  -g '
[Wed Feb 28 21:31:06 UTC 2018] _ret='0'
[Wed Feb 28 21:31:06 UTC 2018] response='<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">
<head>
<title>Hurricane Electric Hosted DNS</title>
<link rel="stylesheet" type="text/css" href="/include/css/edit_dns.css" />
<link rel="stylesheet" type="text/css" href="/include/css/style.css" media="screen, print" />
<!-- <link rel="stylesheet" type="text/css" href="/include/js/jqdt/media/css/jquery.dataTables.css" /> -->
<script src="/include/js/jquery-1.4.2.min.js" type="text/javascript"></script>
<script src="/include/js/jquery.jeditable.mini.js" type="text/javascript"></script>
<script src="/include/js/jquery.json-2.2.min.js" type="text/javascript"></script>
<script src="/include/js/admin_system.test.js?13009429509" type="text/javascript"></script>
<script src="/include/js/jquery-ui/js/jquery-ui-1.8.1.custom.min.js" type="text/javascript"></script>
<script src="/include/js/jqdt/media/js/jquery.dataTables.js" type="text/javascript"></script>

<link rel="stylesheet" type="text/css" href="/include/js/jquery-ui/css/smoothness/jquery-ui-1.8.1.custom.css" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<script type="text/javascript">

$(document).ready(function() {
                //if close button is clicked
                $('.window .close').click(function (e) {
                //Cancel the link behavior
                        e.preventDefault();
                $('#mask, .window').hide();
                });

                //hide the all of the element with class msg_body
                $(".toggle").hide();
                //toggle the componenet with class msg_body
                $(".toggle_head").click(function()
                {
                  $(this).next(".toggle").slideToggle(100);
                });
                // Set up the tabs.

                $(function() {
                        $("#tabs").tabs();
                });
                $('#tabs ul li a').click(function () {location.hash = $(this).attr('href');});
  //if mask is clicked
  $('#mask').click(function () {
   $(this).hide();
   $('.window').hide();
  });
  $('#dialog_incomplete').dialog({ autoOpen: false, title: 'What is an incomplete prefix?' });
  $('#dialog_imported').dialog({ autoOpen: false, title: 'What is an imported prefix?' });
  $('#dialog_additional').dialog({ autoOpen: false, title: 'What is an additional prefix?' });
  $('#dialog_inactive').dialog({ autoOpen: false, title: 'What is an inactive prefix?' });
  $('#dialog_active_domains').dialog({ autoOpen: false, title: 'What is an active domain?' });
  $('#dialog_slave_domains').dialog({ autoOpen: false, title: 'What is an slave domain?' });
  $('input[title]').inputHints();
          $("#raw_zone_toggle").toggle(
        function () { $("#raw_zone").show("slow");
                        $('#raw_zone_toggle').attr('src','/include/images/collapse.gif');
                 }, function () { $("#raw_zone").hide("slow");
                        $('#raw_zone_toggle').attr('src','/include/images/expand.gif'); });

$('#domains_table').dataTable({ "bFilter" : false, "bPaginate":false, "bInfo":false, "bStateSave":true });

});
</script>

</head>
<body><div id="mask"></div>
        <div id="page_center">
                <div id="header">
                        <a href="http://he.net/"><img src="/include/images/helogo.gif" alt="Hurricane Electric Internet Services" /></a><br />
                </div>

                <div class="sidebar" id="navigation">
                        <div class="block"><div class="caption">Account Menu</div>
                                <ul class="menu">
                                                        <li class="heavy">Welcome<br />Sean Harlow</li>                                                 <li>Origin <a href="http://ipv6.he.net/">ipv6.he.net</a></li>                                                    <li><a id="_tlogout" href="/?action=logout" class="heavy">Logout</a></li>
                                </ul></div>

                        <div class="block">
                                <div class="caption">Zone Functions</div>
                                <ul class="menu">

          <li><a href="#" onclick="launchWindow('#add_zone');" >Add a new domain</a></li>
          <!-- <li><a href="#" onclick="launchWindow('#add_bind_zone');" >Add raw zone</a></li> -->
          <li><a href="#" onclick="launchWindow('#add_slave');" >Add a new slave</a></li>
          <li><a href="#" onclick="launchWindow('#add_reverse');" >Add a new reverse</a></li>

          <!-- <li><a href="/?action=dig&menu=diagzone" class="heavy">Troubleshoot zones</a></li>
          <li><a href="/?action=report&menu=report" class="heavy">Zone report</a></li>
          <li><a href="/?action=exportzones&menu=export" class="heavy">Export zones</a></li>
          <li><a href="/?action=importzones&menu=import" class="heavy">Import zones</a></li> -->
                                </ul>
                        </div>

                        <div class="block">
                                <div class="caption">Quick Links</div>
                                <div class="content">
                                        <a href="http://ipv6.he.net/certification/">Certification</a><br />

                                        <a href="http://www.tunnelbroker.net/">Tunnelbroker</a><br />
                                        <a href="http://dns.he.net/">Free DNS</a><br />
                                        <a href="http://www.tunnelbroker.net/forums/">Forums</a><br />
                                        <a href="http://ipv6.he.net/certification/faq.php">FAQ</a><br />
                                        <a href="http://ipv6.he.net/presentations.php">Video Presentations</a><br />
                                        <a href="http://networktools.he.net">Mobile Network Apps</a><br />
                                        <!-- <a href="usage/index.php">Usage Statistics</a><br /> -->

                                        <!-- <a href="status.php">Tunnel Server Status</a> <br /> -->
                                        <a href="http://he.net/Hurricane_Electric_Geographic_Network_Map.jpg">Network Map</a><br />
                                        <a href="http://lg.he.net">Looking Glass</a> (v4/v6)<br />
                                        <a href="telnet://route-server.he.net">Route Server</a> (telnet)<br />

                                        <a href="http://bgp.he.net/ipv6-progress-report.cgi">Global IPv6 Report</a><br />
                                        <a href="http://ipv6.he.net/bgpview/bgp.html">IPv6 BGP View</a>
                                </div>
                        </div>
                        <div class="block">
                                <div class="caption">Services</div>
                                <div class="content">

                                        <a href="http://he.net/ip_transit.html">Transit</a><br />
                                        <a href="http://he.net/colocation.html">Colocation</a><br />
                                        <a href="http://he.net/dedicated_server.html">Dedicated Servers</a>
                                </div>
                        </div>
                </div>
                <div id="content">
                        <div class="block">                             <div class="caption" >Hurricane Electric Free DNS Management</div><style type="text/css">
A:link {text-decoration: none; color: #000}
A:visited {text-decoration: none; color: #000}
A:active {text-decoration: none; color: #000}
A:hover {text-decoration: underline; color: #0000ff}

.generic_table tr:hover {
background: #ccc;
}

.generic_table td
{
border-width: 1px 1px 0 0;
border-style: solid;
margin: 0;
padding: 1px;
}

.generic_table th
{
background: #ccc;
border-width: 0 1px 0 0;
border-style: solid;
margin: 0;
padding: 4px;
font-size: 80%;
}

.generic_table
{
border-width: 1px 0px 1px 1px;
border-style: solid;
width: 100%;
}

</style>
<div id="hosteddns">

<span style="display: none;">
<form action="/index.cgi" method="post" name="remove_domain">
<input type="hidden" name="account" value="f4318cfc9dd8a765e0bcc265f1c0e11b"/>
<input id="delete_id" type="hidden" name="delete_id" value="" />
<input type="hidden" name="remove_domain" value="1" /></form>
</span><div style="border: 1px solid black; padding:5px 10px;" class="dns_add window" id="add_zone">
<form action="/index.cgi" method="post" name="add_zone">
<input type="hidden" name="action" value="add_zone" />
<span style="display: none;"><input type="hidden" name="retmain" value="0" /></span>
Please enter the domain name in the space provided.  For rDNS associated with this account, please use the rDNS options located below or enter the fully qualified in-addr.arpa/ip6.arpa zone below.
<br />
<br />
<span style="font-size: 20px;">Domain Name </span><br /><input id="_name" type="text" style="width: 445px; font-size: 20px;" name="add_domain" class="defaultText" title="example.com" /><br /><br />
<input style="color: #fff; background: green;" type="submit" name="submit" value="Add Domain!"/>
<input class="close" name="hosted_dns_addrecord_cancel" value="Cancel" id="btn_cancel" onclick="addPanelClose()" type="reset" />
</form>
</div>
<!-- slave -->
<div style="border: 1px solid black; padding:5px 10px;" class="dns_add window" id="add_slave">
<form action="/index.cgi" method="post" name="add_slave">
<input type="hidden" name="action" value="add_slave" />
<span style="display: none;"><input type="hidden" name="retmain" value="0" /></span>
Please enter the domain name in the space below.  Enter the masters that we should pull from in the spaces provided below.<br /><br />
<div style="font-weight: bold;">Please allow zone transfers from slave.dns.he.net (216.218.133.2/2001:470:600::2).<br />
<ul style="background: #fee; margin: 5px; border: 1px solid #f00; color: #f00;">
<li>Using the slave feature with DNSSEC signed zones may have unpredictable results.</li>
<li>Not all DNSSEC record types are supported.</li>
<li>Very large zones will not be permitted.</li>
</ul>
</div>
<br />
<span style="font-size: 20px;">Domain Name </span><br/><input type="text" style="width: 445px; font-size: 20px;" name="add_slave" class="defaultText" title="example.com" /><br /><br />
<fieldset>
  <legend>Masters that allow us to pull updates for this domain<span style="font-size: 10px;"> (You need at least one)</span></legend>
    <span style="font-size: 14px;">Master #1 </span><br /><input type="text" style="width: 425px; font-size: 14px;" name="master1" class="defaultText" title="ns1.example.com" /><br />
    <span style="font-size: 14px;">Master #2 </span><br /><input type="text" style="width: 425px; font-size: 14px;" name="master2" class="defaultText" title="ns2.example.com" /><br />
    <span style="font-size: 14px;">Master #3 </span><br /><input type="text" style="width: 425px; font-size: 14px;" name="master3" class="defaultText" title="ns3.example.com" /><br />
    <!-- <span style="font-size: 14px;">Master #4 </span><br /><input type="text" style="width: 425px; font-size: 14px;" name="master4" class="defaultText" title="ns4.example.com" /><br />
    <span style="font-size: 14px;">Master #5 </span><br /><input type="text" style="width: 425px; font-size: 14px;" name="master5" class="defaultText" title="ns5.example.com" /><br /> -->
</fieldset>
<br />
<input style="color: #fff; background: green;" type="submit" name="submit" value="Add Slave!"/>
<input class="close" name="hosted_dns_addrecord_cancel" value="Cancel" id="btn_cancel" onclick="addPanelClose()" type="reset" />
</form>
</div>
<!-- Display Zone-->
<div style="border: 1px solid black; padding:5px 10px;" class="dns_add window" id="dumped_zone">
</div>
<!-- bulk -->
<div style="border: 1px solid black; padding:5px 10px;" class="dns_add window" id="add_bind_zone">
<form action="/index.cgi" method="post" name="add_bind_zone">
<input type="hidden" name="menu" value="add_bind_zone" />
<span style="display: none;"><input type="hidden" name="retmain" value="0" /></span>
Please enter the domain name in the space below.  Paste the zone in the textbox below.<br />
<br />
<span style="font-size: 20px;">Domain Name </span><input type="text" style="width: 445px; font-size: 20px;" name="domain_name" class="defaultText" title="example.com" /><br /><br />
    <span style="font-size: 14px;">Raw Zone</span><br />
<textarea name="raw_zone" style="font-size: 10px; width: 445px;" rows="12" >
</textarea>
<br />
<input style="color: #fff; background: green;" type="submit" name="submit" value="Add Zone!"/>
<input class="close" name="hosted_dns_addrecord_cancel" value="Cancel" id="btn_cancel" onclick="addPanelClose()" type="reset" />
</form>
</div>
<!-- reverse -->
<div style="border: 1px solid black; padding:5px 10px;" class="dns_add window" id="add_reverse">
<form action="/index.cgi" method="post" name="add_reverse">
<input type="hidden" name="action" value="add_reverse" />
<span style="display: none;"><input type="hidden" name="retmain" value="0" /></span>
To manage a reverse zone using the simplified method, please provide the prefix in the box below.  IPv6 will be handed as a standard ip6.arpa zone.
IPv4 can be handled using a variety of methods.  Select one from the list below.
<br />
<br />
<span style="font-size: 20px;">Prefix </span><br /><input type="text" style="width: 445px; font-size: 14px;" name="add_reverse" class="defaultText" title="2001:470:c0ff:ee::/64 or 10.10.1.0/24" /><br />
<br />
<fieldset>
<legend>Reverse Method (IPv4 only)</legend>
<input type='checkbox' name='method' value='rfc4183' class='unique'><span style="font-size: 14px;" /> RFC4183 </span><img src="/include/images/help.png" style="cursor: help;" alt="help" /><br />
<input type='checkbox' name='method' value='rfc2317' class='unique'><span style="font-size: 14px;" /> RFC2317 </span><img src="/include/images/help.png" style="cursor: help;" alt="help" /><br />
<input type='checkbox' name='method' value='degroot' class='unique'><span style="font-size: 14px;" /> DeGroot </span><img src="/include/images/help.png" style="cursor: help;" alt="help" /><br />
<input type='checkbox' name='method' value='standard' class='unique'><span style="font-size: 14px;" /> Standard (for blocks on octet boundaries) </span><img src="/include/images/help.png" style="cursor: help;" alt="help" /><br />
</fieldset>
<br />
<script>$('input.unique').click(function() { $('input.unique:checked').not(this).removeAttr('checked'); });</script>
<input style="color: #fff; background: green;" type="submit" name="submit" value="Add Prefix!"/>
<input class="close" name="hosted_dns_addrecord_cancel" value="Cancel" id="btn_cancel" onclick="addPanelClose()" type="reset" />
</form>
</div><!-- START -->
<div id="tabs">
        <ul style="font-size: 62.5%">
                <li><a href="#tabs-standard">Zone Management</a></li>
                <li><a href="#tabs-advanced" style="color: red;">Advanced</a></li>
        </ul>
<div id="tabs-standard">        <table width="100%" class="generic_table" border="1" cellpadding="0" cellspacing="0">
        <tr><th colspan="4">Imported prefixes for this account that have been delegated to  ns1, ns2, ns3, ns4 and ns5.he.net.<img src="/include/images/help.png" onclick="$('#dialog_imported').dialog('open')" style="cursor: help;" alt="help" /></th></tr>   <tr>
                <td style="cursor: pointer;"><img class="Tips"
                        title="Edit Zone::Use this option to edit the zonefile.  You would use this if you wanted to add or remove subdomains, etc"
                        alt="edit" src="/include/images/pencil.png" menu="edit_reverse" action="editzone"                               pid="300382"            onclick="clickandgo(this)" />
                </td>       <td class="delegated">2001:470:1f11:84e::/64</td>
            <td style="cursor: pointer;">
                                <img class="Tips"
                                title="This will remove the reverse zone only."
                                alt="delete"  onclick="delete_dom(this);" name=""                               value="300382"                          src="/include/images/delete.png" />
                        </td>   </tr>
                </table>
<!-- Start slave table -->

<!-- End slave table -->
<!-- Start domain panel--><br />

<table width="100%" id="domains_table" class="generic_table" border="1" cellpadding="0" cellspacing="0">
        <!-- <thead><tr><th></th><th></th><th>Active domains for this account<img src="/include/images/help.png" onclick="$('#dialog_active_domains').dialog('open')" style="cursor: help;" alt="help" /></th></tr></thead><tbody> -->
        <thead><tr><th><img src="/include/images/link_go.png" alt="Open Link"/></th><th><img src="/include/images/pencil.png" alt="Edit" /></th><th>Active domains for this account</th><th><img src="/include/images/delete.png" alt="Delete" /></th></thead><tbody>    <tr>
                <td style="cursor: pointer;">
                        <img class="Tips"
                        title="Open URL::Open seanharlow.com in a new window."
                        alt="go" src="/include/images/link_go.png"
                        onclick="window.open('http://seanharlow.com','seanharlow.com')" />
                </td>           <td style="cursor: pointer;">
                        <img class="Tips"
                        title="Edit Zone::Use this option to edit the zonefile.  You would use this if you wanted to add or remove subdomains, etc"
                        alt="edit" src="/include/images/pencil.png" name="seanharlow.com"
                        onclick="javascript:document.location.href='?hosted_dns_zoneid=293669&menu=edit_zone&hosted_dns_editzone'"
                        />              </td>
                <td width="100%" class="" style="padding-left: 3px;">
                        <span>seanharlow.com</span>
                </td>
                <td style="cursor: pointer;">
                        <img class="Tips"
                        title="Using this option will PERMANENTLY remove the zone from your account."
                        alt="delete"  onclick="delete_dom(this);" name="seanharlow.com" value="293669" src="/include/images/delete.png" />
                </td>
        </tr>   <tr>
                <td style="cursor: pointer;">
                        <img class="Tips"
                        title="Open URL::Open seanharlow.info in a new window."
                        alt="go" src="/include/images/link_go.png"
                        onclick="window.open('http://seanharlow.info','seanharlow.info')" />
                </td>           <td style="cursor: pointer;">
                        <img class="Tips"
                        title="Edit Zone::Use this option to edit the zonefile.  You would use this if you wanted to add or remove subdomains, etc"
                        alt="edit" src="/include/images/pencil.png" name="seanharlow.info"
                        onclick="javascript:document.location.href='?hosted_dns_zoneid=293670&menu=edit_zone&hosted_dns_editzone'"
                        />              </td>
                <td width="100%" class="" style="padding-left: 3px;">
                        <span>seanharlow.info</span>
                </td>
                <td style="cursor: pointer;">
                        <img class="Tips"
                        title="Using this option will PERMANENTLY remove the zone from your account."
                        alt="delete"  onclick="delete_dom(this);" name="seanharlow.info" value="293670" src="/include/images/delete.png" />
                </td>
        </tr>   <tr>
                <td style="cursor: pointer;">
                        <img class="Tips"
                        title="Open URL::Open drmfailures.org in a new window."
                        alt="go" src="/include/images/link_go.png"
                        onclick="window.open('http://drmfailures.org','drmfailures.org')" />
                </td>           <td style="cursor: pointer;">
                        <img class="Tips"
                        title="Edit Zone::Use this option to edit the zonefile.  You would use this if you wanted to add or remove subdomains, etc"
                        alt="edit" src="/include/images/pencil.png" name="drmfailures.org"
                        onclick="javascript:document.location.href='?hosted_dns_zoneid=293671&menu=edit_zone&hosted_dns_editzone'"
                        />              </td>
                <td width="100%" class="" style="padding-left: 3px;">
                        <span>drmfailures.org</span>
                </td>
                <td style="cursor: pointer;">
                        <img class="Tips"
                        title="Using this option will PERMANENTLY remove the zone from your account."
                        alt="delete"  onclick="delete_dom(this);" name="drmfailures.org" value="293671" src="/include/images/delete.png" />
                </td>
        </tr>
</tbody>
</table><!-- End Domain panel-->
<br />
<table width="100%" class="generic_table" border="1" cellpadding="0" cellspacing="0">
  <div style="background-color:#ccc; height: 20px;">
          <div style="width:8%;
    height: 20px; background-color:#5b93bf; border-right:1px #fff solid;"></div>
          <div style="margin-top:-20px; color:#000; margin-left: 4px;">Domains 4/50      </div>
      <div style="text-align:right; margin-top:-20px; color:#000; padding-right:4px;">8%</div>
  </div>
</table>
</div> <!-- end tab-standard-->
<div id="tabs-advanced">
        <table width="100%" class="generic_table" border="1" cellpadding="0" cellspacing="0">
                <tr><th colspan="4">Active arpa zones for this account (advanced)</th></tr>             <tr>                    <td style="cursor: pointer;">
                                <img class="Tips"
                                  title="ARPA Zones::e.4.8.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa can not be viewed in a browser."
                                  alt="no link" src="/include/images/link_error.png" />
                        </td>
                        <td style="cursor: pointer;">
                                <img class="Tips"
                                title="Edit Zone::Use this option to edit the zonefile.  You would use this if you wanted to add or remove subdomains, etc"
                                alt="edit" src="/include/images/pencil.png" name="e.4.8.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa"
                                onclick="javascript:document.location.href='?hosted_dns_zoneid=300382&menu=edit_zone&hosted_dns_editzone'"
                                />
                        </td>
                        <td width="100%" class="clickable" style="padding-left: 3px;"
                        onclick="javascript:document.location.href='?hosted_dns_zoneid=300382&menu=edit_zone&hosted_dns_editzone'" >
                                <span>e.4.8.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa</span>
                        </td>
                        <td style="cursor: pointer;">
                                <img class="Tips"
                                title="Using this option will PERMANENTLY remove the zone from your account."
                                alt="delete"  onclick="delete_dom(this);" name="e.4.8.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa" value="300382" src="/include/images/delete.png" />
                        </td>
                </tr>
      </td>
    </tr>       </table>
  <br />
  <table width="100%" class="generic_table" border="1" cellpadding="0" cellspacing="0">
    <div style="background-color:#ccc; height: 20px;">
            <div style="width:8%;
      height: 20px; background-color:#5b93bf; border-right:1px #fff solid;"></div>
            <div style="margin-top:-20px; color:#000; margin-left: 4px;">Domains 4/50        </div>
        <div style="text-align:right; margin-top:-20px; color:#000; padding-right:4px;">8%</div>
    </div>
  </table>
</div> <!-- end tab #1 -->
<!-- Start help dialog -->
<div id="dialog_incomplete">
  Prefixes tagged as 'Incomplete' are correctly delegated, but have not yet been activated.  To activate them simply click on
  the entry.  This will automatically create the correct zone file and bring you to the maintenance interface.  If you have other prefixes that are
  associated with your account, but do not appear here, please return to the <a href="http://ipv6.he.net" class="heavy">IPv6.he.net</a>
  interface and re-delegate them. If you do not wish to use the simplified maintenance interface, you may edit the zone directly.
  To do this, click on the zone under the 'Advanced' tab.<br /><br />
</div>
<div id="dialog_imported">
  Prefixes within this section were delegated to ns1, ns2, ns3, ns4 and ns5.he.net from within the tunnelbroker interface and have been imported here.
  They are ready for you to use.
</div>
<div id="dialog_additional">
  Prefixes within this section have been delegated to ns1, ns2, ns3, ns4 and ns5.he.net and were entered manually by you.
</div>
<div id="dialog_inactive">
  Prefixes within this section have been allocated to your account and delegated to ns1, ns2, ns3, ns4 and ns5.he.net from the admin.he.net
  administration portal.  They are ready to use.  Click on the 'edit' icon to build the reverse zone and begin adding entries.
</div>
<div id="dialog_active_domains">
  Domains within this section have been entered manually by you are are ready to edit.
</div>
<div id="dialog_slave_domains">
  Domains within this section are not editable.  We pull the zone from the nameservers specified when you made the entry.  Should you decide to
  change the nameservers, you will need to delete the zone, and recreate it with new nameservers.  <a href="http://en.wikipedia.org/wiki/Lame_delegation" target="_new">Lame delegations</a>
  will be culled from time to time.  Please make sure your domains have been correctly delegated.
</div>
<!-- end -->
  <div style="padding: 3px; border: 1px solid black; background: #eee; font-size: 11px;">
  <span style="font-weight: bold; text-transform: uppercase;">notes:</span><br />
    At this time, we are limiting the free service to 50 zones which includes your reverse zones (if any).<br />
    Questions or comments regarding this tool should be directed to <a href="mailto:support@he.net" style="font-style: italic;">support@he.net</a>.<br />
    Bugs or feature requests should be directed to <a href="mailto:dnsadmin@he.net" style="font-style: italic;">dnsadmin@he.net</a>.<br />
    Our TOS/AUP is now online. <a href="/tos.html" target="_new">click for our Terms of Service</a>.
    </div>
</div>
</div>
</div>
</div>
                <div id="footer">
                                <address id="footer_left">Hurricane Electric<br />760 Mission Court<br />Fremont, CA  94539</address>
                                <span id="footer_right">Voice +1 (510) 580-4100<br />Fax +1 (510) 580-4151<br />Comments? <a href="mailto:info@he.net">info@he.net</a></span>

                                <span id="footer_center"><br />Copyright &copy; Hurricane Electric.<br />All Rights Reserved 0.078691</span>
                </div>
        </div>

        <pre>   </pre>
<script type="text/javascript">
  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-24281877-1']);
  _gaq.push(['_setDomainName', '.he.net']);
  _gaq.push(['_trackPageview']);

  (function() {
    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();
</script>
        </body>
</html>'
[Wed Feb 28 21:31:06 UTC 2018] _table='<table width="100%" id="domains_table" class="generic_table" border="1" cellpadding="0" cellspacing="0"> <!-- <thead><tr><th></th><th></th><th>Active domains for this account<img src="/include/images/help.png" onclick="$('dialog_active_domains').dialog('open')" style="cursor: help;" alt="help" /></th></tr></thead><tbody> -->     <thead><tr><th><img src="/include/images/link_go.png" alt="Open Link"/></th><th><img src="/include/images/pencil.png" alt="Edit" /></th><th>Active domains for this account</th><th><img src="/include/images/delete.png" alt="Delete" /></th></thead><tbody>    <tr>            <td style="cursor: pointer;">                    <img class="Tips"                       title="Open URL::Open seanharlow.com in a new window."                  alt="go" src="/include/images/link_go.png"                       onclick="window.open('http://seanharlow.com','seanharlow.com')" />              </td>           <td style="cursor: pointer;">                    <img class="Tips"                       title="Edit Zone::Use this option to edit the zonefile.  You would use this if you wanted to add or remove subdomains, etc"                      alt="edit" src="/include/images/pencil.png" name="seanharlow.com"                       onclick="javascript:document.location.href='?hosted_dns_zoneid=293669&menu=edit_zone&hosted_dns_editzone'"                       />              </td>           <td width="100%" class="" style="padding-left: 3px;">                    <span>seanharlow.com</span>             </td>           <td style="cursor: pointer;">   <img class="Tips"                        title="Using this option will PERMANENTLY remove the zone from your account."                   alt="delete"  onclick="delete_dom(this);" name="seanharlow.com" value="293669" src="/include/images/delete.png" />               </td>   </tr>   <tr>            <td style="cursor: pointer;">                    <img class="Tips"                       title="Open URL::Open seanharlow.info in a new window."                 alt="go" src="/include/images/link_go.png"                       onclick="window.open('http://seanharlow.info','seanharlow.info')" />            </td>           <td style="cursor: pointer;">                    <img class="Tips"                       title="Edit Zone::Use this option to edit the zonefile.  You would use this if you wanted to add or remove subdomains, etc"                      alt="edit" src="/include/images/pencil.png" name="seanharlow.info"                      onclick="javascript:document.location.href='?hosted_dns_zoneid=293670&menu=edit_zone&hosted_dns_editzone'"                       />              </td>           <td width="100%" class="" style="padding-left: 3px;">                    <span>seanharlow.info</span>            </td>           <td style="cursor: pointer;">                   <img class="Tips"                        title="Using this option will PERMANENTLY remove the zone from your account."                   alt="delete"  onclick="delete_dom(this);" name="seanharlow.info" value="293670" src="/include/images/delete.png" />              </td>   </tr>   <tr>            <td style="cursor: pointer;">   <img class="Tips"                        title="Open URL::Open drmfailures.org in a new window."                 alt="go" src="/include/images/link_go.png"      onclick="window.open('http://drmfailures.org','drmfailures.org')" />             </td>           <td style="cursor: pointer;">                   <img class="Tips"        title="Edit Zone::Use this option to edit the zonefile.  You would use this if you wanted to add or remove subdomains, etc"                     alt="edit" src="/include/images/pencil.png" name="drmfailures.org"                       onclick="javascript:document.location.href='?hosted_dns_zoneid=293671&menu=edit_zone&hosted_dns_editzone'"                       />              </td>           <td width="100%" class="" style="padding-left: 3px;">                   <span>drmfailures.org</span>             </td>           <td style="cursor: pointer;">                   <img class="Tips"                       title="Using this option will PERMANENTLY remove the zone from your account."                    alt="delete"  onclick="delete_dom(this);" name="drmfailures.org" value="293671" src="/include/images/delete.png" />              </td>   </tr></tbody></table><!-- End Domain panel--><br />'
[Wed Feb 28 21:31:06 UTC 2018] _matches='<tdstyle="cursor:pointer;">                    <imgclass="Tips"                title="EditZone::Usethisoptiontoeditthezonefile.Youwouldusethisifyouwantedtoaddorremovesubdomains,etc"           alt="edit"src="/include/images/pencil.png"name="seanharlow.com"                 onclick="javascript:document.location.href='?hosted_dns_zoneid=293669&menu=edit_zone&hosted_dns_editzone'"                       />              </td>           '
[Wed Feb 28 21:31:06 UTC 2018] These are the zones on this HE account:
[Wed Feb 28 21:31:06 UTC 2018] seanharlow.com
[Wed Feb 28 21:31:06 UTC 2018] And these are their respective IDs:
[Wed Feb 28 21:31:06 UTC 2018] 293669
[Wed Feb 28 21:31:06 UTC 2018] Looking for zone "_acme-challenge.rodan.drmfailures.org"
[Wed Feb 28 21:31:06 UTC 2018] Zone "_acme-challenge.rodan.drmfailures.org" doesn't exist, let's try a less specific zone.
[Wed Feb 28 21:31:06 UTC 2018] Looking for zone "rodan.drmfailures.org"
[Wed Feb 28 21:31:06 UTC 2018] Zone "rodan.drmfailures.org" doesn't exist, let's try a less specific zone.
[Wed Feb 28 21:31:06 UTC 2018] Looking for zone "drmfailures.org"
[Wed Feb 28 21:31:06 UTC 2018] Zone "drmfailures.org" doesn't exist, let's try a less specific zone.
[Wed Feb 28 21:31:06 UTC 2018] Looking for zone "org"
[Wed Feb 28 21:31:06 UTC 2018] Zone "org" doesn't exist, let's try a less specific zone.
[Wed Feb 28 21:31:06 UTC 2018] No zone for domain "_acme-challenge.rodan.drmfailures.org" found.
[Wed Feb 28 21:31:06 UTC 2018] Error add txt for domain:_acme-challenge.rodan.drmfailures.org
[Wed Feb 28 21:31:06 UTC 2018] pid
[Wed Feb 28 21:31:06 UTC 2018] No need to restore nginx, skip.
[Wed Feb 28 21:31:06 UTC 2018] _clearupdns
[Wed Feb 28 21:31:06 UTC 2018] skip dns.
[Wed Feb 28 21:31:06 UTC 2018] _on_issue_err
[Wed Feb 28 21:31:06 UTC 2018] Please add '--debug' or '--log' to check more details.
[Wed Feb 28 21:31:06 UTC 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Wed Feb 28 21:31:06 UTC 2018] _chk_vlist='rodan.drmfailures.org#uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0.68RA7HhBqj_CrXTsmzLZWS-F45FlwgcCf0CqYkcIiHU#https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250#dns-01#dns_he,'
[Wed Feb 28 21:31:06 UTC 2018] start to deactivate authz
[Wed Feb 28 21:31:06 UTC 2018] tigger domain validation.
[Wed Feb 28 21:31:06 UTC 2018] _t_url='https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250'
[Wed Feb 28 21:31:06 UTC 2018] _t_key_authz='uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0.68RA7HhBqj_CrXTsmzLZWS-F45FlwgcCf0CqYkcIiHU'
[Wed Feb 28 21:31:06 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250'
[Wed Feb 28 21:31:06 UTC 2018] payload='{"resource": "challenge", "keyAuthorization": "uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0.68RA7HhBqj_CrXTsmzLZWS-F45FlwgcCf0CqYkcIiHU"}'
[Wed Feb 28 21:31:06 UTC 2018] Use cached jwk for file: /home/wolrah/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key
[Wed Feb 28 21:31:06 UTC 2018] Use _CACHED_NONCE='fBc0a2dEpE7xWwXZQI-lW6KzA2SjiSV4CLpYNERXuos'
[Wed Feb 28 21:31:06 UTC 2018] nonce='fBc0a2dEpE7xWwXZQI-lW6KzA2SjiSV4CLpYNERXuos'
[Wed Feb 28 21:31:06 UTC 2018] POST
[Wed Feb 28 21:31:06 UTC 2018] _post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250'
[Wed Feb 28 21:31:06 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "sxNnwfSeUq5Q1mGoFvvgUmnvF_3VqjDyBdOouogHXx2rDBaXVma8ozLwGlgJmChu9z4TubxrApM1ZRHOa76JD6V2TcsE_xSbQi2NvdU215Z6YsGtOnbJlyZc_NeoEPqv1kPnE9gXo-gH_NuFUeogE93DKx7GdfPUZ9B0TkX0HpRcveYHentlwxH2TVznh6iJ3G0fGXEKgEVE6yKQtSyEOdcMwpIci_lFRbe8MRikIftVysEpsL7BtZf_CupXxUXRi15_BKVnFoD1zexqdrp3L4bHlJFrsD4TsOKBHAOPgCiA-2OMzNIgGJD8REsjsxrvbw2EfH0-_f0VS9lw4O_8iQ"}}, "protected": "eyJub25jZSI6ICJmQmMwYTJkRXBFN3hXd1haUUktbFc2S3pBMlNqaVNWNENMcFlORVJYdW9zIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvcEJxODJ4YXgzWVdGRFRkbnQ0MU1CQmRJQkN1UG5hNDlwSGZNU3VWYWJxRS8zNjQwMDcyMjUwIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAic3hObndmU2VVcTVRMW1Hb0Z2dmdVbW52Rl8zVnFqRHlCZE9vdW9nSFh4MnJEQmFYVm1hOG96THdHbGdKbUNodTl6NFR1YnhyQXBNMVpSSE9hNzZKRDZWMlRjc0VfeFNiUWkyTnZkVTIxNVo2WXNHdE9uYkpseVpjX05lb0VQcXYxa1BuRTlnWG8tZ0hfTnVGVWVvZ0U5M0RLeDdHZGZQVVo5QjBUa1gwSHBSY3ZlWUhlbnRsd3hIMlRWem5oNmlKM0cwZkdYRUtnRVZFNnlLUXRTeUVPZGNNd3BJY2lfbEZSYmU4TVJpa0lmdFZ5c0Vwc0w3QnRaZl9DdXBYeFVYUmkxNV9CS1ZuRm9EMXpleHFkcnAzTDRiSGxKRnJzRDRUc09LQkhBT1BnQ2lBLTJPTXpOSWdHSkQ4UkVzanN4cnZidzJFZkgwLV9mMFZTOWx3NE9fOGlRIn19", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJ1eVZTREpjZzZsd3ptNkNFN2VWWlRYdFNVckp5UEMyTUhwcDVMOC02UWswLjY4UkE3SGhCcWpfQ3JYVHNtekxaV1MtRjQ1Rmx3Z2NDZjBDcVlrY0lpSFUifQ", "signature": "UUreFkG_Le_Bn6ZGfXyL5YqkotEI9fZvPKxIdlCLr76IGpL9CXPpch1nmiby-CAdaFcmuT5HY-hyIJqnzT5BqyliwMP0ro6SsLnDPRJvTnXKfcEkNaOxj1gE8AlKo9bWKvw0RUg9j-d47u23dY5juxS3oeHDUX4jvzEahQ99Zbs7K63LJzAurOylK0WQaW8TRWDj4HcyxGTU3NixQmUYFFIfcJ48jVcv0RQXvodd7YcyszoV9xHct-P3JcnP6r6N4oVu6tcVd35eLeg_PWi0ZN-ZYHTqNMhu-OpeI-ibiLO2TPm3gMSx9Gu4b1Y7JfgT5_CrxPfCArIUBng3Nz97cQ"}'
[Wed Feb 28 21:31:06 UTC 2018] _CURL='curl -L --silent --dump-header /home/wolrah/.acme.sh/http.header  --trace-ascii /tmp/tmp.3cLJmvp57D  -g '
[Wed Feb 28 21:31:09 UTC 2018] _ret='0'
[Wed Feb 28 21:31:09 UTC 2018] original='{
  "type": "dns-01",
  "status": "pending",
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250",
  "token": "uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0",
  "keyAuthorization": "uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0.68RA7HhBqj_CrXTsmzLZWS-F45FlwgcCf0CqYkcIiHU"
}'
[Wed Feb 28 21:31:09 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
Expires: Wed, 28 Feb 2018 21:31:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 202 Accepted
Server: nginx
Content-Type: application/json
Content-Length: 335
Boulder-Requester: 30293432
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250
Replay-Nonce: s1JhjxAxJ5_XGFYDHPMDH8lZlu2GCk7tgbRNdlLRpt4
Expires: Wed, 28 Feb 2018 21:31:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 28 Feb 2018 21:31:09 GMT
Connection: keep-alive
'
[Wed Feb 28 21:31:09 UTC 2018] response='{"type":"dns-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/pBq82xax3YWFDTdnt41MBBdIBCuPna49pHfMSuVabqE/3640072250","token":"uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0","keyAuthorization":"uyVSDJcg6lwzm6CE7eVZTXtSUrJyPC2MHpp5L8-6Qk0.68RA7HhBqj_CrXTsmzLZWS-F45FlwgcCf0CqYkcIiHU"}'
[Wed Feb 28 21:31:09 UTC 2018] code='202'
[Wed Feb 28 21:31:09 UTC 2018] socat doesn't exists.
[Wed Feb 28 21:31:09 UTC 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.1f 6 Jan 2014
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.4.6 (Ubuntu)
built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3)
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module
socat:

If I revert dns_he.sh to the version from this commit it works fine, so the bug was introduced in the changes apparently made for Solaris here

Neilpang commented 6 years ago

sorry, it was my missing. please try again with the dev branch.

export BRANCH=dev
acme.sh --upgrade
wolrah commented 6 years ago

That does appear to have resolved the issue, my test case is working as expected. Thanks!