jfisbein/update-fritzbox-ssl.sh

## update-fritzbox-ssl.sh
#!/bin/bash

FB_URL=""
SID=""
SID_FILE="/tmp/fb_sid"

function init() {
  FB_URL="$1"

  if [ ! -f $SID_FILE ]; then
    touch $SID_FILE
  fi
  SID=$(cat $SID_FILE)
}

function start-session() {
  local PASSWORD="$1"

  local XML=$(curl --silent "$FB_URL/login_sid.lua" --data "sid=${SID}")
  SID=$(echo "$XML" | xmllint  --xpath "/SessionInfo/SID/child::text()" - )
  if [[ "${SID}" == "0000000000000000" ]]; then
    local CHALLENGE=$(echo "$XML" | xmllint  --xpath "/SessionInfo/Challenge/child::text()" - )

    local MD5=$(echo -n "$CHALLENGE-$PASSWORD" | sed -e 's,.,&\n,g' | tr '\n' '\0' | md5sum | grep -o "[0-9a-z]\{32\}")
    local RESPONSE="${CHALLENGE}-${MD5}"
    XML=$(curl --silent "${FB_URL}/login_sid.lua" --data "response=${RESPONSE}" --data "username=")
    SID=$(echo "$XML" | xmllint  --xpath "/SessionInfo/SID/child::text()" - )
    echo "${SID}" > ${SID_FILE}
  fi
}

function update-ssl-cert() {
  local CERT_FILE="$1"
  local CERT_FILE_NAME=$(basename "${CERT_FILE}")

  local RESPONSE=$(curl --silent "${FB_URL}/cgi-bin/firmwarecfg" --form "sid=${SID}" --form "BoxCertImportFile=@${CERT_FILE};filename=${CERT_FILE_NAME}")
  if echo ${RESPONSE} | grep --silent "successful"; then
    echo $(echo ${RESPONSE} | grep "successful" | sed -e 's/<[^>]*>//g')
    return 0
  elif echo ${RESPONSE} | grep --silent "ErrorMsg"; then
    echo $(echo ${RESPONSE} | grep "ErrorMsg" | sed -e 's/<[^>]*>//g')
    return 1
  else
    echo "Unknown result"
    return 2
  fi
}

function logout() {
  curl "${FB_URL}/index.lua" --form "sid=438f56b95f9f66fb" --form "logout=1"
  rm "${SID_FILE}"
}

function main() {
  local URL="$1"
  local PASSWORD="$2"
  local CERT_FILE="$3"

  check-xmllint

  init "$URL"
  start-session "$PASSWORD"

  if [[ "${SID}" != "0000000000000000" ]]; then
    update-ssl-cert "$CERT_FILE"
    logout
  else
    echo "Wrong Password"
    exit 4
  fi
}

function show-usage() {
    echo "Script to update FritzBox ssl certificate"
    echo "Usage:"
    echo "$(basename $0) {FritzBox Url} {FritzBox Password} {Path to new Cert File}"
    echo "Example:"
    echo "$(basename $0) 'http://192.168.0.1' 'changeme' '/tmp/mycert.pem'"
}

# In Synology there's not xmllint so we use a docker container
function check-xmllint() {
  if ! which xmllint; then
    shopt -s expand_aliases
    alias xmllint='docker run -i --rm digipost/docker-xmllint xmllint'
  fi
}

#Check parameters
EXPECTED_ARGS=3
if [ $# -ne $EXPECTED_ARGS ]; then
	show-usage
  exit 3
else
  main "$@"
fi
	#!/bin/bash

	FB_URL=""
	SID=""
	SID_FILE="/tmp/fb_sid"

	function init() {
	FB_URL="$1"

	if [ ! -f $SID_FILE ]; then
	touch $SID_FILE
	fi
	SID=$(cat $SID_FILE)
	}

	function start-session() {
	local PASSWORD="$1"

	local XML=$(curl --silent "$FB_URL/login_sid.lua" --data "sid=${SID}")
	SID=$(echo "$XML" \| xmllint --xpath "/SessionInfo/SID/child::text()" - )
	if [[ "${SID}" == "0000000000000000" ]]; then
	local CHALLENGE=$(echo "$XML" \| xmllint --xpath "/SessionInfo/Challenge/child::text()" - )

	local MD5=$(echo -n "$CHALLENGE-$PASSWORD" \| sed -e 's,.,&\n,g' \| tr '\n' '\0' \| md5sum \| grep -o "[0-9a-z]\{32\}")
	local RESPONSE="${CHALLENGE}-${MD5}"
	XML=$(curl --silent "${FB_URL}/login_sid.lua" --data "response=${RESPONSE}" --data "username=")
	SID=$(echo "$XML" \| xmllint --xpath "/SessionInfo/SID/child::text()" - )
	echo "${SID}" > ${SID_FILE}
	fi
	}

	function update-ssl-cert() {
	local CERT_FILE="$1"
	local CERT_FILE_NAME=$(basename "${CERT_FILE}")

	local RESPONSE=$(curl --silent "${FB_URL}/cgi-bin/firmwarecfg" --form "sid=${SID}" --form "BoxCertImportFile=@${CERT_FILE};filename=${CERT_FILE_NAME}")
	if echo ${RESPONSE} \| grep --silent "successful"; then
	echo $(echo ${RESPONSE} \| grep "successful" \| sed -e 's/<[^>]*>//g')
	return 0
	elif echo ${RESPONSE} \| grep --silent "ErrorMsg"; then
	echo $(echo ${RESPONSE} \| grep "ErrorMsg" \| sed -e 's/<[^>]*>//g')
	return 1
	else
	echo "Unknown result"
	return 2
	fi
	}

	function logout() {
	curl "${FB_URL}/index.lua" --form "sid=438f56b95f9f66fb" --form "logout=1"
	rm "${SID_FILE}"
	}

	function main() {
	local URL="$1"
	local PASSWORD="$2"
	local CERT_FILE="$3"

	check-xmllint

	init "$URL"
	start-session "$PASSWORD"

	if [[ "${SID}" != "0000000000000000" ]]; then
	update-ssl-cert "$CERT_FILE"
	logout
	else
	echo "Wrong Password"
	exit 4
	fi
	}

	function show-usage() {
	echo "Script to update FritzBox ssl certificate"
	echo "Usage:"
	echo "$(basename $0) {FritzBox Url} {FritzBox Password} {Path to new Cert File}"
	echo "Example:"
	echo "$(basename $0) 'http://192.168.0.1' 'changeme' '/tmp/mycert.pem'"
	}

	# In Synology there's not xmllint so we use a docker container
	function check-xmllint() {
	if ! which xmllint; then
	shopt -s expand_aliases
	alias xmllint='docker run -i --rm digipost/docker-xmllint xmllint'
	fi
	}

	#Check parameters
	EXPECTED_ARGS=3
	if [ $# -ne $EXPECTED_ARGS ]; then
	show-usage
	exit 3
	else
	main "$@"
	fi