From 734642abea2765d8d62268e234a79ec770a618cb Mon Sep 17 00:00:00 2001
From: Frank Wall <fw@moov.de>
Date: Mon, 8 Jun 2020 14:28:01 +0200
Subject: [PATCH 1/4] security/acme-client: bump version

---
 security/acme-client/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/acme-client/Makefile b/security/acme-client/Makefile
index 2e65ae4bc..7e359a146 100644
--- a/security/acme-client/Makefile
+++ b/security/acme-client/Makefile
@@ -1,5 +1,5 @@
 PLUGIN_NAME=		acme-client
-PLUGIN_VERSION=		1.33
+PLUGIN_VERSION=		1.34
 PLUGIN_COMMENT=		Let's Encrypt client
 PLUGIN_MAINTAINER=	opnsense@moov.de
 PLUGIN_DEPENDS=		acme.sh py${PLUGIN_PYTHON}-dns-lexicon

From a15bf04c202499c781088441a23059d9f32f617a Mon Sep 17 00:00:00 2001
From: Frank Wall <fw@moov.de>
Date: Mon, 8 Jun 2020 14:34:28 +0200
Subject: [PATCH 2/4] security/acme-client: add support for ArvanCloud, closes
 #1834

---
 .../OPNsense/AcmeClient/forms/dialogValidation.xml     | 10 ++++++++++
 .../mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml  |  6 +++++-
 .../scripts/OPNsense/AcmeClient/certhelper.php         |  3 +++
 3 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml b/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml
index e29dde206..9cdc8c369 100644
--- a/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml
+++ b/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml
@@ -1101,4 +1101,14 @@
         <label>API Password</label>
         <type>password</type>
     </field>
+    <field>
+        <label>ArvanCloud API</label>
+        <type>header</type>
+        <style>table_dns table_dns_arvan</style>
+    </field>
+    <field>
+        <id>validation.dns_arvan_token</id>
+        <label>API Token</label>
+        <type>password</type>
+    </field>
 </form>
diff --git a/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml b/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
index 804f3c9d8..0369e4ce1 100644
--- a/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
+++ b/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
@@ -1,6 +1,6 @@
 <model>
     <mount>//OPNsense/AcmeClient</mount>
-    <version>1.6.0</version>
+    <version>1.6.1</version>
     <description>A secure Let's Encrypt plugin</description>
     <items>
         <settings>
@@ -361,6 +361,7 @@
                         <dns_acmeproxy>Acmeproxy API</dns_acmeproxy>
                         <dns_ad>Alwaysdata.com API</dns_ad>
                         <dns_ali>aliyun.com API</dns_ali>
+                        <dns_arvan>ArvanCloud API</dns_arvan>
                         <dns_autodns>AutoDNS (InterNetX) API</dns_autodns>
                         <dns_aws>AWS Route 53</dns_aws>
                         <dns_azure>Azure DNS API</dns_azure>
@@ -885,6 +886,9 @@
                 <dns_cn_password type="TextField">
                     <Required>N</Required>
                 </dns_cn_password>
+                <dns_arvan_token type="TextField">
+                    <Required>N</Required>
+                </dns_arvan_token>
             </validation>
         </validations>
         <actions>
diff --git a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
index 73c02c2fa..fc8cc6a44 100755
--- a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
+++ b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
@@ -665,6 +665,9 @@ function run_acme_validation($certObj, $valObj, $acctObj)
                 $proc_env['Ali_Key'] = (string)$valObj->dns_ali_key;
                 $proc_env['Ali_Secret'] = (string)$valObj->dns_ali_secret;
                 break;
+            case 'dns_arvan':
+                $proc_env['Arvan_Token'] = (string)$valObj->dns_arvan_token;
+                break;
             case 'dns_autodns':
                 $proc_env['AUTODNS_USER'] = (string)$valObj->dns_autodns_user;
                 $proc_env['AUTODNS_PASSWORD'] = (string)$valObj->dns_autodns_password;

From 0dbff80fef21140e9725b312183b60ccc1338a7c Mon Sep 17 00:00:00 2001
From: Frank Wall <fw@moov.de>
Date: Mon, 8 Jun 2020 14:37:20 +0200
Subject: [PATCH 3/4] security/acme-client: restore alnum sorting in DNS API
 list

---
 .../mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml         | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml b/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
index 0369e4ce1..66a93286d 100644
--- a/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
+++ b/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
@@ -365,13 +365,13 @@
                         <dns_autodns>AutoDNS (InterNetX) API</dns_autodns>
                         <dns_aws>AWS Route 53</dns_aws>
                         <dns_azure>Azure DNS API</dns_azure>
-                        <dns_cf>CloudFlare.com API</dns_cf>
                         <dns_cloudns>ClouDNS API</dns_cloudns>
+                        <dns_cf>CloudFlare.com API</dns_cf>
                         <dns_cx>CloudXNS.com API</dns_cx>
                         <dns_cn>Core-Networks API</dns_cn>
                         <dns_cyon>cyon.ch API</dns_cyon>
-                        <dns_da>DirectAdmin API</dns_da>
                         <dns_dgon>DigitalOcean API</dns_dgon>
+                        <dns_da>DirectAdmin API</dns_da>
                         <dns_dnsimple>DNSimple API</dns_dnsimple>
                         <dns_me>DNSMadeEasy.com API</dns_me>
                         <dns_dp>DNSPod.cn API</dns_dp>

From f3d517cc65ac030871b5c6e7638bb9457081f103 Mon Sep 17 00:00:00 2001
From: Frank Wall <fw@moov.de>
Date: Mon, 8 Jun 2020 14:43:25 +0200
Subject: [PATCH 4/4] security/acme-client: add support for Hetzner DNS API,
 closes #1870

---
 .../OPNsense/AcmeClient/forms/dialogValidation.xml     | 10 ++++++++++
 .../mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml  |  4 ++++
 .../scripts/OPNsense/AcmeClient/certhelper.php         |  3 +++
 3 files changed, 17 insertions(+)

diff --git a/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml b/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml
index 9cdc8c369..8ad18f5a3 100644
--- a/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml
+++ b/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml
@@ -1111,4 +1111,14 @@
         <label>API Token</label>
         <type>password</type>
     </field>
+    <field>
+        <label>Hetzner DNS API</label>
+        <type>header</type>
+        <style>table_dns table_dns_hetzner</style>
+    </field>
+    <field>
+        <id>validation.dns_hetzner_token</id>
+        <label>API Token</label>
+        <type>password</type>
+    </field>
 </form>
diff --git a/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml b/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
index 66a93286d..2880e1161 100644
--- a/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
+++ b/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
@@ -387,6 +387,7 @@
                         <dns_gd>GoDaddy.com API</dns_gd>
                         <dns_gcloud>Google Cloud DNS API</dns_gcloud>
                         <dns_gdnsdk>GratisDNS.dk</dns_gdnsdk>
+                        <dns_hetzner>Hetzner DNS API</dns_hetzner>
                         <dns_hostingde>hosting.de API</dns_hostingde>
                         <dns_he>Hurricane Electric</dns_he>
                         <dns_infoblox>Infoblox API</dns_infoblox>
@@ -889,6 +890,9 @@
                 <dns_arvan_token type="TextField">
                     <Required>N</Required>
                 </dns_arvan_token>
+                <dns_hetzner_token type="TextField">
+                    <Required>N</Required>
+                </dns_hetzner_token>
             </validation>
         </validations>
         <actions>
diff --git a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
index fc8cc6a44..7c7a6109c 100755
--- a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
+++ b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
@@ -800,6 +800,9 @@ function run_acme_validation($certObj, $valObj, $acctObj)
                 $proc_env['GDNSDK_Username'] = (string)$valObj->dns_gdnsdk_user;
                 $proc_env['GDNSDK_Password'] = (string)$valObj->dns_gdnsdk_password;
                 break;
+            case 'dns_hetzner':
+                $proc_env['HETZNER_Token'] = (string)$valObj->dns_hetzner_token;
+                break;
             case 'dns_hostingde':
                 $proc_env['HOSTINGDE_ENDPOINT'] = (string)$valObj->dns_hostingde_server;
                 $proc_env['HOSTINGDE_APIKEY'] = (string)$valObj->dns_hostingde_apiKey;