Added zone-serial increment support for dns_nsd challenge

[codedump]

As the title says -- inspired by #4137 and my own necessity I wrote a dirty patch to ./dnsapi/dns_nsd.sh to update the serial number.

Essentially it uses sed to parse out the old number. This should work in most circumstances, my own zone files look like this, and this works:

...
@                       IN      SOA     ns.example.com. root.example.com. (                                                                                                          
                     2024080615         ; Serial                                                                                                                                       
                           7200         ; Refresh                                                                                                                                      
                            900         ; Retry                                                                                                                                        
                        2419200         ; Expire                                                                                                                                       
                           7200 )       ; Negative Cache TTL                                                                                                                           
;                                                          
...

In a nutshell, the parsing algorithm goes like this:

• look for the IN SOA line
• extract everything until )
• remove comments (i.e. trailing ends from ; onwards)
• from the text between ( and ) take the 1st entry

This is fairly robust as long as the sysadmin doesn't go out of their way to screw things up. (What they could do to make this fail: insert "IN SOA" in a comment line, split IN and SOA on two different lines, ...generally use less stuff which will, of course, confuse a simple sed based parser).

Then another sed-call is used to replace the existing serial number by a version which is incremented by 1 (bash's $[...] math support). Then mktemp is used to create a temporary zonefile with the updated number, which is then mv'ed over the original Nsd_ZoneFile.

This was tested in a kind-of-an-ad-hoc "dry mode", i.e.:

export Nsd_ZoneFile=/tmp/example.com.zonefile
export Nsd_Command="echo hello world"
./acme.sh --server letsencrypt_test --dns dns_nsd --issue --domain example.com"

Then I manually verified that the /tmp/example.com.zonefile had a properly updated serial number. (The actual zone update / DNS challenge will fail because I'm developing this on a laptop behind a NAT, not on an internet-facing machine with access to a DNS server.)

Hope this helps!

Cheers

[github-actions]

Welcome
First thing: don't send PR to the master branch, please send to the dev branch instead.
Please make sure you've read our DNS API Dev Guide and DNS-API-Test.
Then reply on this message, otherwise, your code will not be reviewed or merged.
We look forward to reviewing your Pull request shortly ✨
注意: 必须通过了 DNS-API-Test 才会被 review. 无论是修改, 还是新加的 dns api, 都必须确保通过这个测试.