flywithu/acme.sh
1
0
Fork 0
mirror of https://github.com/hiskang/acme.sh synced 2025-10-31 02:17:18 +00:00
Code Issues Releases Wiki Activity

fix https://github.com/Neilpang/acme.sh/issues/882#issuecomment-309383956

Browse Source
This commit is contained in:
neilpang 2017-06-19 20:05:43 +08:00
parent ce59fc6c10
commit 8afec596aa
1 changed files with 32 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
acme.sh
View File

@ -1716,9 +1716,18 @@ _send_signed_request() {
while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do
_debug3 _request_retry_times "$_request_retry_times" _debug3 _request_retry_times "$_request_retry_times"
if [ -z "$_CACHED_NONCE" ]; then if [ -z "$_CACHED_NONCE" ]; then
_debug2 "Get nonce. ACME_DIRECTORY" "$ACME_DIRECTORY" if [ "$ACME_NEW_NONCE" ]; then
nonceurl="$ACME_DIRECTORY" _debug2 "Get nonce. ACME_NEW_NONCE" "$ACME_NEW_NONCE"
_headers="$(_get "$nonceurl" "onlyheader")" nonceurl="$ACME_NEW_NONCE"
if _post "" "$nonceurl" "" "HEAD"; then
_headers="$(cat "$HTTP_HEADER")"
fi
fi
if [ -z "$_headers" ]; then
_debug2 "Get nonce. ACME_DIRECTORY" "$ACME_DIRECTORY"
nonceurl="$ACME_DIRECTORY"
_headers="$(_get "$nonceurl" "onlyheader")"
fi
if [ "$?" != "0" ]; then if [ "$?" != "0" ]; then
_err "Can not connect to $nonceurl to get nonce." _err "Can not connect to $nonceurl to get nonce."
@ -2180,12 +2189,12 @@ _initAPI() {
#just for performance, hardcode the default entry points #just for performance, hardcode the default entry points
export ACME_KEY_CHANGE="https://acme-v01.api.letsencrypt.org/acme/key-change" export ACME_KEY_CHANGE="https://acme-v01.api.letsencrypt.org/acme/key-change"
export ACME_NEW_AUTHZ="https://acme-v01.api.letsencrypt.org/acme/new-authz" export ACME_NEW_AUTHZ="https://acme-v01.api.letsencrypt.org/acme/new-authz"
export ACME_NEW_CERT="https://acme-v01.api.letsencrypt.org/acme/new-cert" export ACME_NEW_ORDER="https://acme-v01.api.letsencrypt.org/acme/new-cert"
export ACME_NEW_REG="https://acme-v01.api.letsencrypt.org/acme/new-reg" export ACME_NEW_ACCOUNT="https://acme-v01.api.letsencrypt.org/acme/new-reg"
export ACME_REVOKE_CERT="https://acme-v01.api.letsencrypt.org/acme/revoke-cert" export ACME_REVOKE_CERT="https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
fi fi
if [ -z "$ACME_KEY_CHANGE" ]; then if [ -z "$ACME_NEW_ACCOUNT" ]; then
response=$(_get "$_api_server") response=$(_get "$_api_server")
if [ "$?" != "0" ]; then if [ "$?" != "0" ]; then
_debug2 "response" "$response" _debug2 "response" "$response"
@ -2200,21 +2209,30 @@ _initAPI() {
ACME_NEW_AUTHZ=$(echo "$response" | _egrep_o 'new-authz" *: *"[^"]*"' | cut -d '"' -f 3) ACME_NEW_AUTHZ=$(echo "$response" | _egrep_o 'new-authz" *: *"[^"]*"' | cut -d '"' -f 3)
export ACME_NEW_AUTHZ export ACME_NEW_AUTHZ
ACME_NEW_CERT=$(echo "$response" | _egrep_o 'new-cert" *: *"[^"]*"' | cut -d '"' -f 3) ACME_NEW_ORDER=$(echo "$response" | _egrep_o 'new-cert" *: *"[^"]*"' | cut -d '"' -f 3)
export ACME_NEW_CERT if [ -z "$ACME_NEW_ORDER" ]; then
ACME_NEW_ORDER=$(echo "$response" | _egrep_o 'new-order" *: *"[^"]*"' | cut -d '"' -f 3)
fi
export ACME_NEW_ORDER
ACME_NEW_REG=$(echo "$response" | _egrep_o 'new-reg" *: *"[^"]*"' | cut -d '"' -f 3) ACME_NEW_ACCOUNT=$(echo "$response" | _egrep_o 'new-reg" *: *"[^"]*"' | cut -d '"' -f 3)
export ACME_NEW_REG if [ -z "$ACME_NEW_ACCOUNT" ]; then
ACME_NEW_ACCOUNT=$(echo "$response" | _egrep_o 'new-account" *: *"[^"]*"' | cut -d '"' -f 3)
fi
export ACME_NEW_ACCOUNT
ACME_REVOKE_CERT=$(echo "$response" | _egrep_o 'revoke-cert" *: *"[^"]*"' | cut -d '"' -f 3) ACME_REVOKE_CERT=$(echo "$response" | _egrep_o 'revoke-cert" *: *"[^"]*"' | cut -d '"' -f 3)
export ACME_REVOKE_CERT export ACME_REVOKE_CERT
ACME_NEW_NONCE=$(echo "$response" | _egrep_o 'new-nonce" *: *"[^"]*"' | cut -d '"' -f 3)
export ACME_NEW_NONCE
fi fi
_debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE" _debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE"
_debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ" _debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ"
_debug "ACME_NEW_CERT" "$ACME_NEW_CERT" _debug "ACME_NEW_ORDER" "$ACME_NEW_ORDER"
_debug "ACME_NEW_REG" "$ACME_NEW_REG" _debug "ACME_NEW_ACCOUNT" "$ACME_NEW_ACCOUNT"
_debug "ACME_REVOKE_CERT" "$ACME_REVOKE_CERT" _debug "ACME_REVOKE_CERT" "$ACME_REVOKE_CERT"
} }
@ -3086,7 +3104,7 @@ _regAccount() {
if [ -z "$_updateTos" ]; then if [ -z "$_updateTos" ]; then
_info "Registering account" _info "Registering account"
if ! _send_signed_request "${ACME_NEW_REG}" "$regjson"; then if ! _send_signed_request "${ACME_NEW_ACCOUNT}" "$regjson"; then
_err "Register account Error: $response" _err "Register account Error: $response"
return 1 return 1
fi fi
@ -3737,7 +3755,7 @@ issue() {
_info "Verify finished, start to sign." _info "Verify finished, start to sign."
der="$(_getfile "${CSR_PATH}" "${BEGIN_CSR}" "${END_CSR}" | tr -d "\r\n" | _url_replace)" der="$(_getfile "${CSR_PATH}" "${BEGIN_CSR}" "${END_CSR}" | tr -d "\r\n" | _url_replace)"
if ! _send_signed_request "${ACME_NEW_CERT}" "{\"resource\": \"new-cert\", \"csr\": \"$der\"}" "needbase64"; then if ! _send_signed_request "${ACME_NEW_ORDER}" "{\"resource\": \"new-cert\", \"csr\": \"$der\"}" "needbase64"; then
_err "Sign failed." _err "Sign failed."
_on_issue_err "$_post_hook" _on_issue_err "$_post_hook"
return 1 return 1