Merge pull request #917 from Neilpang/dev

Dev

acme.sh

@@ -1152,7 +1152,7 @@ _ss() {
 
   if _exists "ss"; then
     _debug "Using: ss"
-    ss -ntpl | grep ":$_port "
+    ss -ntpl 2>/dev/null | grep ":$_port "
     return 0
   fi
 
@@ -2999,9 +2999,9 @@ _on_issue_err() {
   fi
 
   #trigger the validation to flush the pending authz
+  _debug2 "_chk_vlist" "$_chk_vlist"
   if [ "$_chk_vlist" ]; then
     (
-      _debug2 "_chk_vlist" "$_chk_vlist"
       _debug2 "start to deactivate authz"
       ventries=$(echo "$_chk_vlist" | tr "$dvsep" ' ')
       for ventry in $ventries; do
@@ -3498,7 +3498,7 @@ issue() {
 
         if [ "$?" != "0" ]; then
           _clearup
-          _on_issue_err "$_post_hook"
+          _on_issue_err "$_post_hook" "$vlist"
           return 1
         fi
         dnsadded='1'
@@ -3510,7 +3510,7 @@ issue() {
       _debug "Dns record not added yet, so, save to $DOMAIN_CONF and exit."
       _err "Please add the TXT records to the domains, and retry again."
       _clearup
-      _on_issue_err "$_post_hook"
+      _on_issue_err "$_post_hook" "$vlist"
       return 1
     fi
 
@@ -4479,12 +4479,6 @@ _deactivate() {
   _d_type="$2"
   _initpath
 
-  _d_i=0
-  _d_max_retry=9
-  while [ "$_d_i" -lt "$_d_max_retry" ]; do
-    _info "Deactivate: $_d_domain"
-    _d_i="$(_math $_d_i + 1)"
-
   if ! __get_domain_new_authz "$_d_domain"; then
     _err "Can not get domain new authz token."
     return 1
@@ -4493,12 +4487,43 @@ _deactivate() {
   authzUri="$(echo "$responseHeaders" | grep "^Location:" | _head_n 1 | cut -d ' ' -f 2 | tr -d "\r\n")"
   _debug "authzUri" "$authzUri"
 
-    if [ ! -z "$code" ] && [ ! "$code" = '201' ]; then
+  if [ "$code" ] && [ ! "$code" = '201' ]; then
     _err "new-authz error: $response"
     return 1
   fi
 
-    entry="$(printf "%s\n" "$response" | _egrep_o '{"type":"[^"]*","status":"valid","uri"[^}]*')"
+  entries="$(echo "$response" | _egrep_o '{ *"type":"[^"]*", *"status": *"valid", *"uri"[^}]*')"
+  if [ -z "$entries" ]; then
+    _info "No valid entries found."
+    if [ -z "$thumbprint" ]; then
+      thumbprint="$(__calc_account_thumbprint)"
+    fi
+    _debug "Trigger validation."
+    vtype="$VTYPE_HTTP"
+    entry="$(printf "%s\n" "$response" | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
+    _debug entry "$entry"
+    if [ -z "$entry" ]; then
+      _err "Error, can not get domain token $d"
+      return 1
+    fi
+    token="$(printf "%s\n" "$entry" | _egrep_o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')"
+    _debug token "$token"
+
+    uri="$(printf "%s\n" "$entry" | _egrep_o '"uri":"[^"]*' | cut -d : -f 2,3 | tr -d '"')"
+    _debug uri "$uri"
+
+    keyauthorization="$token.$thumbprint"
+    _debug keyauthorization "$keyauthorization"
+    __trigger_validation "$uri" "$keyauthorization"
+
+  fi
+
+  _d_i=0
+  _d_max_retry=$(echo "$entries" | wc -l)
+  while [ "$_d_i" -lt "$_d_max_retry" ]; do
+    _info "Deactivate: $_d_domain"
+    _d_i="$(_math $_d_i + 1)"
+    entry="$(echo "$entries" | sed -n "${_d_i}p")"
     _debug entry "$entry"
 
     if [ -z "$entry" ]; then
@@ -4520,16 +4545,16 @@ _deactivate() {
 
     _info "Deactivate: $_vtype"
 
-    if ! _send_signed_request "$authzUri" "{\"resource\": \"authz\", \"status\":\"deactivated\"}"; then
-      _err "Can not deactivate $_vtype."
-      return 1
-    fi
-
+    if _send_signed_request "$authzUri" "{\"resource\": \"authz\", \"status\":\"deactivated\"}" && _contains "$response" '"deactivated"'; then
       _info "Deactivate: $_vtype success."
+    else
+      _err "Can not deactivate $_vtype."
+      break
+    fi
 
   done
   _debug "$_d_i"
-  if [ "$_d_i" -lt "$_d_max_retry" ]; then
+  if [ "$_d_i" -eq "$_d_max_retry" ]; then
     _info "Deactivated success!"
   else
     _err "Deactivate failed."