Wrong DNS_ADD_COMMAND called when having multiple wildcard domain

[Kristian-Tan]

Describe the bug
If I have 2 domains with wildcard, e.g.: *.domain.com and *.sub.domain.com, when I call getssl '*.domain.com' the DNS_ADD_COMMAND that is executed is from *.sub.domain.com instead of *.domain.com

To Reproduce
file /root/.getssl/*.domain.com/getssl.cnf

echo "getssl.cfg wildcard domain.com"
CA="..."
VALIDATE_VIA_DNS=true
DNS_ADD_COMMAND='/root/.getssl/*.domain.com/dns-test-cmd.sh'
DNS_DEL_COMMAND='/root/.getssl/*.domain.com/dns-test-cmd.sh'
DOMAIN_CERT_LOCATION="..."
DOMAIN_KEY_LOCATION="..."
CA_CERT_LOCATION="..."
RELOAD_CMD="..."
echo "for debugging, this is dns add command: "
echo "$DNS_ADD_COMMAND"

file /root/.getssl/*.sub.domain.com/getssl.cnf

echo "getssl.cfg wildcard sub.domain.com"
CA="..."
VALIDATE_VIA_DNS=true
DNS_ADD_COMMAND='/root/.getssl/*.sub.domain.com/dns-test-cmd.sh'
DNS_DEL_COMMAND='/root/.getssl/*.sub.domain.com/dns-test-cmd.sh'
DOMAIN_CERT_LOCATION="..."
DOMAIN_KEY_LOCATION="..."
CA_CERT_LOCATION="..."
RELOAD_CMD="..."
echo "for debugging, this is dns add command: "
echo "$DNS_ADD_COMMAND"

file /root/.getssl/*.domain.com/dns-test-cmd.sh

#!/bin/bash

echo "testing dns script command for wildcard domain.com"

PARAM0="$0"
PARAM1="$1"
PARAM2="$2"
PARAM3="$2"

echo "param 0 is: $PARAM0"
echo "param 1 is: $PARAM1"
echo "param 2 is: $PARAM2"
echo "param 3 is: $PARAM3"

exit 2

file /root/.getssl/*.sub.domain.com/dns-test-cmd.sh

#!/bin/bash

echo "testing dns script command for wildcard sub.domain.com"

PARAM0="$0"
PARAM1="$1"
PARAM2="$2"
PARAM3="$2"

echo "param 0 is: $PARAM0"
echo "param 1 is: $PARAM1"
echo "param 2 is: $PARAM2"
echo "param 3 is: $PARAM3"

exit 2

Wrong Output

1: # root@qclxc:~/.getssl# getssl '*.domain.com'
2: getssl.cfg per account
3: getssl.cfg wildcard domain.com
4: for debugging, this is dns add command
5: /root/.getssl/*.domain.com/dns-test-cmd.sh
6: Registering account
7: Verify each domain
8: Verifying *.domain.com
9: testing dns script command for wildcard sub.domain.com
10: param 0 is: /root/.getssl/*.sub.domain.com/dns-test-cmd.sh
11: param 1 is: /root/.getssl/*.domain.com/dns-test-cmd.sh
12: param 2 is: domain.com
13: param 3 is: domain.com
14: getssl: DNS_ADD_COMMAND failed for domain *.domain.com

Expected behavior
When I'm calling getssl for *.domain.com, the script in /root/*.sub.domain.com/dns-test-cmd.sh should not be called. It should call /root/*.domain.com/dns-test-cmd.sh instead.

My wild guess is that the * glob operator is being expanded here and matches both /root/*.sub.domain.com/dns-test-cmd.sh and /root/*.domain.com/dns-test-cmd.sh

The wrong line is in line 10-13:

10: param 0 is: /root/.getssl/*.sub.domain.com/dns-test-cmd.sh
11: param 1 is: /root/.getssl/*.domain.com/dns-test-cmd.sh
12: param 2 is: domain.com
13: param 3 is: domain.com

It should be

10: param 0 is: /root/.getssl/*.domain.com/dns-test-cmd.sh
11: param 1 is: domain.com
12: param 2 is: (random generated token here)

Operating system (please complete the following information):

• OS: Ubuntu 20.04 LTS
• Bash Version: GNU bash, version 5.0.17(1)-release (x86_64-pc-linux-gnu)

[Kristian-Tan]

Update: I managed to make it call /root/.getssl/*.domain.com/dns-test-cmd.sh by adding backslash before * in getssl.cnf.

So instead of this:

DNS_ADD_COMMAND='/root/.getssl/*.sub.domain.com/dns-test-cmd.sh'

I write this instead

DNS_ADD_COMMAND='/root/.getssl/\*.sub.domain.com/dns-test-cmd.sh'

Is this expected behavior? It might be nice to add it to documentation if its expected