Merge pull request #366 from Neilpang/dev

Dev
2025-10-31 10:27:22 +00:00 · 2016-11-04 22:54:40 +08:00 · 2016-11-04 22:54:40 +08:00 · dfdd48b990
commit dfdd48b990
parent 3c33cdfa3d cae9cee295
1 changed files with 60 additions and 2 deletions
--- a/acme.sh
+++ b/acme.sh
@ -91,6 +91,30 @@ _printargs() {
  printf "\n"
 }

+_dlg_versions() {
+  echo "Diagnosis versions: "
+  echo "openssl:"
+  if _exists openssl ; then
+    openssl version 2>&1
+  else
+    echo "openssl doesn't exists."
+  fi
+  
+  echo "apache:"
+  if [ "$_APACHECTL" ] && _exists "$_APACHECTL" ; then
+    _APACHECTL -V 2>&1
+  else
+    echo "apache doesn't exists."
+  fi
+  
+  echo "nc:"
+  if _exists "nc" ; then
+    nc -h 2>&1
+  else
+    _debug "nc doesn't exists."
+  fi
+}
+

 _log() {
  [ -z "$LOG_FILE" ] && return
@ -867,6 +891,28 @@ _calcjwk() {
    crv="$(openssl ec  -in $keyfile  -noout -text 2>/dev/null | grep "^NIST CURVE:" | cut -d ":" -f 2 | tr -d " \r\n")"
    _debug3 crv "$crv"
    
+    if [ -z "$crv" ] ; then
+      _debug "Let's try ASN1 OID"
+      crv_oid="$(openssl ec  -in $keyfile  -noout -text 2>/dev/null | grep "^ASN1 OID:" | cut -d ":" -f 2 | tr -d " \r\n")"
+      _debug3 crv_oid "$crv_oid"
+      case "${crv_oid}" in
+        "prime256v1")
+        crv="P-256"
+        ;;
+        "secp384r1")
+        crv="P-384"
+        ;;
+        "secp521r1")
+        crv="P-521"
+        ;;
+        *)
+        _err "ECC oid : $crv_oid"
+        return 1
+        ;;
+      esac
+      _debug3 crv "$crv"
+    fi
+    
    pubi="$(openssl ec  -in $keyfile  -noout -text 2>/dev/null | grep -n pub: | cut -d : -f 1)"
    pubi=$(_math $pubi + 1)
    _debug3 pubi "$pubi"
@ -1161,7 +1207,13 @@ _send_signed_request() {
  protected64="$(printf "$protected" | _base64 | _urlencode)"
  _debug3 protected64 "$protected64"

-  sig=$(printf "%s" "$protected64.$payload64" |  _sign  "$keyfile" "sha256" | _urlencode)
+  if ! _sig_t="$(printf "%s" "$protected64.$payload64" |  _sign  "$keyfile" "sha256")" ; then
+    _err "Sign request failed."
+    return 1
+  fi
+  _debug3 _sig_t "$_sig_t"
+  
+  sig="$(printf "%s" "$_sig_t" | _urlencode)"
  _debug3 sig "$sig"
  
  body="{\"header\": $JWK_HEADER, \"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}"
@ -2058,6 +2110,10 @@ _on_issue_err() {
    _err "See: $_DEBUG_WIKI"
  fi
  
+  if [ "$DEBUG" ] && [ "$DEBUG" -gt "0" ] ; then
+    _debug "$(_dlg_versions)"
+  fi
+  
  #run the post hook
  if [ "$Le_PostHook" ] ; then
    _info "Run post hook:'$Le_PostHook'"
@ -4359,6 +4415,8 @@ _process() {
    _processAccountConf
  fi
  
+  _debug2 LE_WORKING_DIR "$LE_WORKING_DIR"
+  
  if [ "$DEBUG" ] ; then
    version
  fi