Browse Source

fix shellcheck warnings

master
neilpang 8 years ago
parent
commit
0c538f7527
  1. 34
      acme.sh

34
acme.sh

@ -901,7 +901,6 @@ _calcjwk() {
return 0 return 0
fi fi
EC_SIGN=""
if grep "BEGIN RSA PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then if grep "BEGIN RSA PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then
_debug "RSA key" _debug "RSA key"
pub_exp=$(openssl rsa -in "$keyfile" -noout -text | grep "^publicExponent:" | cut -d '(' -f 2 | cut -d 'x' -f 2 | cut -d ')' -f 1) pub_exp=$(openssl rsa -in "$keyfile" -noout -text | grep "^publicExponent:" | cut -d '(' -f 2 | cut -d 'x' -f 2 | cut -d ')' -f 1)
@ -924,7 +923,6 @@ _calcjwk() {
JWK_HEADERPLACE_PART2='", "alg": "RS256", "jwk": '$jwk'}' JWK_HEADERPLACE_PART2='", "alg": "RS256", "jwk": '$jwk'}'
elif grep "BEGIN EC PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then elif grep "BEGIN EC PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then
_debug "EC key" _debug "EC key"
EC_SIGN="1"
crv="$(openssl ec -in "$keyfile" -noout -text 2>/dev/null | grep "^NIST CURVE:" | cut -d ":" -f 2 | tr -d " \r\n")" crv="$(openssl ec -in "$keyfile" -noout -text 2>/dev/null | grep "^NIST CURVE:" | cut -d ":" -f 2 | tr -d " \r\n")"
_debug3 crv "$crv" _debug3 crv "$crv"
@ -1974,10 +1972,10 @@ _clearupdns() {
ventries=$(echo "$vlist" | tr ',' ' ') ventries=$(echo "$vlist" | tr ',' ' ')
for ventry in $ventries; do for ventry in $ventries; do
d=$(echo "$ventry" | cut -d $sep -f 1)
keyauthorization=$(echo "$ventry" | cut -d $sep -f 2)
vtype=$(echo "$ventry" | cut -d $sep -f 4)
_currentRoot=$(echo "$ventry" | cut -d $sep -f 5)
d=$(echo "$ventry" | cut -d "$sep" -f 1)
keyauthorization=$(echo "$ventry" | cut -d "$sep" -f 2)
vtype=$(echo "$ventry" | cut -d "$sep" -f 4)
_currentRoot=$(echo "$ventry" | cut -d "$sep" -f 5)
if [ "$keyauthorization" = "$STATE_VERIFIED" ]; then if [ "$keyauthorization" = "$STATE_VERIFIED" ]; then
_info "$d is already verified, skip $vtype." _info "$d is already verified, skip $vtype."
@ -1989,7 +1987,7 @@ _clearupdns() {
continue continue
fi fi
d_api="$(_findHook $d dnsapi $_currentRoot)"
d_api="$(_findHook "$d" dnsapi "$_currentRoot")"
_debug d_api "$d_api" _debug d_api "$d_api"
if [ -z "$d_api" ]; then if [ -z "$d_api" ]; then
@ -2562,7 +2560,7 @@ issue() {
txt="$(printf "%s" "$keyauthorization" | _digest "sha256" | _urlencode)" txt="$(printf "%s" "$keyauthorization" | _digest "sha256" | _urlencode)"
_debug txt "$txt" _debug txt "$txt"
d_api="$(_findHook $d dnsapi $_currentRoot)"
d_api="$(_findHook "$d" dnsapi "$_currentRoot")"
_debug d_api "$d_api" _debug d_api "$d_api"
@ -2570,8 +2568,8 @@ issue() {
_info "Found domain api file: $d_api" _info "Found domain api file: $d_api"
else else
_err "Add the following TXT record:" _err "Add the following TXT record:"
_err "Domain: '$(__green $txtdomain)'"
_err "TXT value: '$(__green $txt)'"
_err "Domain: '$(__green "$txtdomain")'"
_err "TXT value: '$(__green "$txt")'"
_err "Please be aware that you prepend _acme-challenge. before your domain" _err "Please be aware that you prepend _acme-challenge. before your domain"
_err "so the resulting subdomain will be: $txtdomain" _err "so the resulting subdomain will be: $txtdomain"
continue continue
@ -2717,11 +2715,11 @@ issue() {
#_debug2 _SAN_A "$_SAN_A" #_debug2 _SAN_A "$_SAN_A"
#create B #create B
_hash_B="$(printf "%s" $keyauthorization | _digest "sha256" "hex")"
_hash_B="$(printf "%s" "$keyauthorization" | _digest "sha256" "hex")"
_debug2 _hash_B "$_hash_B" _debug2 _hash_B "$_hash_B"
_x="$(echo $_hash_B | cut -c 1-32)"
_x="$(echo "$_hash_B" | cut -c 1-32)"
_debug2 _x "$_x" _debug2 _x "$_x"
_y="$(echo $_hash_B | cut -c 33-64)"
_y="$(echo "$_hash_B" | cut -c 33-64)"
_debug2 _y "$_y" _debug2 _y "$_y"
#_SAN_B="$_x.$_y.ka.acme.invalid" #_SAN_B="$_x.$_y.ka.acme.invalid"
@ -2730,7 +2728,7 @@ issue() {
_debug2 _SAN_B "$_SAN_B" _debug2 _SAN_B "$_SAN_B"
_ncaddr="$(_getfield "$Le_LocalAddress" "$_ncIndex")" _ncaddr="$(_getfield "$Le_LocalAddress" "$_ncIndex")"
_ncIndex="$(_math $_ncIndex + 1)"
_ncIndex="$(_math "$_ncIndex" + 1)"
if ! _starttlsserver "$_SAN_B" "$_SAN_A" "$Le_TLSPort" "$keyauthorization" "$_ncaddr"; then if ! _starttlsserver "$_SAN_B" "$_SAN_A" "$Le_TLSPort" "$keyauthorization" "$_ncaddr"; then
_err "Start tls server error." _err "Start tls server error."
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
@ -2762,7 +2760,7 @@ issue() {
fi fi
while true; do while true; do
waittimes=$(_math $waittimes + 1)
waittimes=$(_math "$waittimes" + 1)
if [ "$waittimes" -ge "$MAX_RETRY_TIMES" ]; then if [ "$waittimes" -ge "$MAX_RETRY_TIMES" ]; then
_err "$d:Timeout" _err "$d:Timeout"
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
@ -2843,7 +2841,7 @@ issue() {
fi fi
_rcert="$response" _rcert="$response"
Le_LinkCert="$(grep -i '^Location.*$' $HTTP_HEADER | _head_n 1 | tr -d "\r\n" | cut -d " " -f 2)"
Le_LinkCert="$(grep -i '^Location.*$' "$HTTP_HEADER" | _head_n 1 | tr -d "\r\n" | cut -d " " -f 2)"
_savedomainconf "Le_LinkCert" "$Le_LinkCert" _savedomainconf "Le_LinkCert" "$Le_LinkCert"
if [ "$Le_LinkCert" ]; then if [ "$Le_LinkCert" ]; then
@ -2878,7 +2876,7 @@ issue() {
fi fi
if [ -z "$Le_LinkCert" ]; then if [ -z "$Le_LinkCert" ]; then
response="$(echo $response | _dbase64 "multiline" | _normalizeJson)"
response="$(echo "$response" | _dbase64 "multiline" | _normalizeJson)"
_err "Sign failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')" _err "Sign failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')"
_on_issue_err _on_issue_err
return 1 return 1
@ -2886,7 +2884,7 @@ issue() {
_cleardomainconf "Le_Vlist" _cleardomainconf "Le_Vlist"
Le_LinkIssuer=$(grep -i '^Link' $HTTP_HEADER | _head_n 1 | cut -d " " -f 2 | cut -d ';' -f 1 | tr -d '<>')
Le_LinkIssuer=$(grep -i '^Link' "$HTTP_HEADER" | _head_n 1 | cut -d " " -f 2 | cut -d ';' -f 1 | tr -d '<>')
if ! _contains "$Le_LinkIssuer" ":"; then if ! _contains "$Le_LinkIssuer" ":"; then
Le_LinkIssuer="$API$Le_LinkIssuer" Le_LinkIssuer="$API$Le_LinkIssuer"
fi fi

Loading…
Cancel
Save