Merge pull request #674 from Neilpang/dev

Dev
2025-10-31 10:27:22 +00:00 · 2017-02-26 12:48:53 +08:00 · 2017-02-26 12:48:53 +08:00 · c715b4637d
commit c715b4637d
parent 509c802045 c719a61ea7
1 changed files with 44 additions and 15 deletions
--- a/acme.sh
+++ b/acme.sh
@ -2819,6 +2819,7 @@ _on_before_issue() {

 _on_issue_err() {
  _chk_post_hook="$1"
+  _chk_vlist="$2"
  _debug _on_issue_err
  if [ "$LOG_FILE" ]; then
    _err "Please check log file for more details: $LOG_FILE"
@ -2827,10 +2828,6 @@ _on_issue_err() {
    _err "See: $_DEBUG_WIKI"
  fi

-  if [ "$DEBUG" ] && [ "$DEBUG" -gt "0" ]; then
-    _debug "$(_dlg_versions)"
-  fi
-
  #run the post hook
  if [ "$_chk_post_hook" ]; then
    _info "Run post hook:'$_chk_post_hook'"
@ -2841,6 +2838,28 @@ _on_issue_err() {
      return 1
    fi
  fi
+
+  #trigger the validation to flush the pending authz
+  if [ "$_chk_vlist" ]; then
+    (
+      _debug2 "_chk_vlist" "$_chk_vlist"
+      _debug2 "start to deactivate authz"
+      ventries=$(echo "$_chk_vlist" | tr "$dvsep" ' ')
+      for ventry in $ventries; do
+        d=$(echo "$ventry" | cut -d "$sep" -f 1)
+        keyauthorization=$(echo "$ventry" | cut -d "$sep" -f 2)
+        uri=$(echo "$ventry" | cut -d "$sep" -f 3)
+        vtype=$(echo "$ventry" | cut -d "$sep" -f 4)
+        _currentRoot=$(echo "$ventry" | cut -d "$sep" -f 5)
+        __trigger_validaton "$uri" "$keyauthorization"
+      done
+    )
+  fi
+
+  if [ "$DEBUG" ] && [ "$DEBUG" -gt "0" ]; then
+    _debug "$(_dlg_versions)"
+  fi
+
 }

 _on_issue_success() {
@ -3053,6 +3072,16 @@ __get_domain_new_authz() {

 }

+#uri keyAuthorization
+__trigger_validaton() {
+  _debug2 "tigger domain validation."
+  _t_url="$1"
+  _debug2 _t_url "$_t_url"
+  _t_key_authz="$2"
+  _debug2 _t_key_authz "$_t_key_authz"
+  _send_signed_request "$_t_url" "{\"resource\": \"challenge\", \"keyAuthorization\": \"$_t_key_authz\"}"
+}
+
 #webroot, domain domainlist  keylength 
 issue() {
  if [ -z "$2" ]; then
@ -3366,7 +3395,7 @@ issue() {
        _startserver "$keyauthorization" "$_ncaddr" &
        if [ "$?" != "0" ]; then
          _clearup
-          _on_issue_err "$_post_hook"
+          _on_issue_err "$_post_hook" "$vlist"
          return 1
        fi
        serverproc="$!"
@ -3382,7 +3411,7 @@ issue() {
        BACKUP_NGINX_CONF=""
        if ! _setNginx "$d" "$_currentRoot" "$thumbprint"; then
          _clearup
-          _on_issue_err "$_post_hook"
+          _on_issue_err "$_post_hook" "$vlist"
          return 1
        fi

@ -3417,7 +3446,7 @@ issue() {
          _err "$d:Can not write token to file : $wellknown_path/$token"
          _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
          _clearup
-          _on_issue_err "$_post_hook"
+          _on_issue_err "$_post_hook" "$vlist"
          return 1
        fi

@ -3462,16 +3491,16 @@ issue() {
        _err "Start tls server error."
        _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
        _clearup
-        _on_issue_err "$_post_hook"
+        _on_issue_err "$_post_hook" "$vlist"
        return 1
      fi
    fi

-    if ! _send_signed_request "$uri" "{\"resource\": \"challenge\", \"keyAuthorization\": \"$keyauthorization\"}"; then
+    if ! __trigger_validaton "$uri" "$keyauthorization"; then
      _err "$d:Can not get challenge: $response"
      _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
      _clearup
-      _on_issue_err "$_post_hook"
+      _on_issue_err "$_post_hook" "$vlist"
      return 1
    fi

@ -3479,7 +3508,7 @@ issue() {
      _err "$d:Challenge error: $response"
      _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
      _clearup
-      _on_issue_err "$_post_hook"
+      _on_issue_err "$_post_hook" "$vlist"
      return 1
    fi

@ -3494,7 +3523,7 @@ issue() {
        _err "$d:Timeout"
        _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
        _clearup
-        _on_issue_err
+        _on_issue_err "$_post_hook" "$vlist"
        return 1
      fi

@ -3506,7 +3535,7 @@ issue() {
        _err "$d:Verify error:$response"
        _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
        _clearup
-        _on_issue_err "$_post_hook"
+        _on_issue_err "$_post_hook" "$vlist"
        return 1
      fi
      _debug2 original "$response"
@ -3541,7 +3570,7 @@ issue() {
        fi
        _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
        _clearup
-        _on_issue_err "$_post_hook"
+        _on_issue_err "$_post_hook" "$vlist"
        return 1
      fi

@ -3551,7 +3580,7 @@ issue() {
        _err "$d:Verify error:$response"
        _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
        _clearup
-        _on_issue_err "$_post_hook"
+        _on_issue_err "$_post_hook" "$vlist"
        return 1
      fi