flywithu/acme.sh
1
0
Fork 0
mirror of https://github.com/hiskang/acme.sh synced 2025-11-04 04:17:40 +00:00
Code Issues Releases Wiki Activity

Merge pull request #369 from Neilpang/dev

Browse Source 
set default account key to 2048.
This commit is contained in:
neil 2016-11-06 23:15:32 +08:00 committed by GitHub
commit 37d7f89c6d
1 changed files with 32 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
acme.sh
View File

@ -1,6 +1,6 @@
#!/usr/bin/env sh #!/usr/bin/env sh
VER=2.6.3 VER=2.6.4
PROJECT_NAME="acme.sh" PROJECT_NAME="acme.sh"
@ -19,6 +19,9 @@ DEFAULT_AGREEMENT="https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.
DEFAULT_USER_AGENT="$PROJECT_ENTRY client v$VER : $PROJECT" DEFAULT_USER_AGENT="$PROJECT_ENTRY client v$VER : $PROJECT"
DEFAULT_ACCOUNT_EMAIL="" DEFAULT_ACCOUNT_EMAIL=""
DEFAULT_ACCOUNT_KEY_LENGTH=2048
DEFAULT_DOMAIN_KEY_LENGTH=2048
STAGE_CA="https://acme-staging.api.letsencrypt.org" STAGE_CA="https://acme-staging.api.letsencrypt.org"
VTYPE_HTTP="http-01" VTYPE_HTTP="http-01"
@ -739,15 +742,24 @@ createAccountKey() {
return return
fi fi
length=$1
_create_account_key "$length"
}
_create_account_key() {
length=$1 length=$1
if [ -z "$length" ] || [ "$length" = "$NO_VALUE" ] ; then if [ -z "$length" ] || [ "$length" = "$NO_VALUE" ] ; then
_debug "Use default length 2048" _debug "Use default length $DEFAULT_ACCOUNT_KEY_LENGTH"
length=2048 length="$DEFAULT_ACCOUNT_KEY_LENGTH"
fi fi
_debug length "$length" _debug length "$length"
_initpath _initpath
mkdir -p "$CA_DIR"
if [ -f "$ACCOUNT_KEY_PATH" ] ; then if [ -f "$ACCOUNT_KEY_PATH" ] ; then
_info "Account key exists, skip" _info "Account key exists, skip"
return return
@ -769,6 +781,11 @@ createDomainKey() {
domain=$1 domain=$1
length=$2 length=$2
if [ -z "$length" ] ; then
_debug "Use DEFAULT_DOMAIN_KEY_LENGTH=$DEFAULT_DOMAIN_KEY_LENGTH"
length="$DEFAULT_DOMAIN_KEY_LENGTH"
fi
_initpath $domain "$length" _initpath $domain "$length"
if [ ! -f "$CERT_KEY_PATH" ] || ( [ "$FORCE" ] && ! [ "$IS_RENEW" ] ); then if [ ! -f "$CERT_KEY_PATH" ] || ( [ "$FORCE" ] && ! [ "$IS_RENEW" ] ); then
@ -1319,7 +1336,7 @@ _read_conf() {
eval "printf \"%s\" \"\$$_sdkey\"" eval "printf \"%s\" \"\$$_sdkey\""
) )
else else
_err "config file is empty, can not read $_sdkey" _debug "config file is empty, can not read $_sdkey"
fi fi
} }
@ -2163,16 +2180,21 @@ updateaccount() {
} }
registeraccount() { registeraccount() {
_reg_length="$1"
_initpath _initpath
_regAccount _regAccount "$_reg_length"
} }
__calcAccountKeyHash() { __calcAccountKeyHash() {
[ -f "$ACCOUNT_KEY_PATH" ] && cat "$ACCOUNT_KEY_PATH" | _digest sha256 [ -f "$ACCOUNT_KEY_PATH" ] && cat "$ACCOUNT_KEY_PATH" | _digest sha256
} }
#keylength
_regAccount() { _regAccount() {
_initpath _initpath
_reg_length="$1"
if [ ! -f "$ACCOUNT_KEY_PATH" ] && [ -f "$_OLD_ACCOUNT_KEY" ]; then if [ ! -f "$ACCOUNT_KEY_PATH" ] && [ -f "$_OLD_ACCOUNT_KEY" ]; then
_info "mv $_OLD_ACCOUNT_KEY to $ACCOUNT_KEY_PATH" _info "mv $_OLD_ACCOUNT_KEY to $ACCOUNT_KEY_PATH"
@ -2185,11 +2207,7 @@ _regAccount() {
fi fi
if [ ! -f "$ACCOUNT_KEY_PATH" ] ; then if [ ! -f "$ACCOUNT_KEY_PATH" ] ; then
_acck="no" if ! _create_account_key "$_reg_length" ; then
if [ "$Le_Keylength" ] ; then
_acck="$Le_Keylength"
fi
if ! createAccountKey "$_acck" ; then
_err "Create account key error." _err "Create account key error."
return 1 return 1
fi fi
@ -2414,10 +2432,12 @@ issue() {
_debug2 _saved_account_key_hash "$_saved_account_key_hash" _debug2 _saved_account_key_hash "$_saved_account_key_hash"
if [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ] ; then if [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ] ; then
if ! _regAccount ; then if ! _regAccount "$_accountkeylength"; then
_on_issue_err _on_issue_err
return 1 return 1
fi fi
else
_debug "_saved_account_key_hash is not changed, skip register account."
fi fi
if [ -f "$CSR_PATH" ] && [ ! -f "$CERT_KEY_PATH" ] ; then if [ -f "$CSR_PATH" ] && [ ! -f "$CERT_KEY_PATH" ] ; then
@ -4232,9 +4252,6 @@ _process() {
--keylength|-k) --keylength|-k)
_keylength="$2" _keylength="$2"
if [ "$_accountkeylength" = "$NO_VALUE" ] ; then
_accountkeylength="$2"
fi
shift shift
;; ;;
--accountkeylength|-ak) --accountkeylength|-ak)
@ -4458,7 +4475,7 @@ _process() {
deactivate "$_domain,$_altdomains" deactivate "$_domain,$_altdomains"
;; ;;
registeraccount) registeraccount)
registeraccount registeraccount "$_accountkeylength"
;; ;;
updateaccount) updateaccount)
updateaccount updateaccount