|
@ -1822,12 +1822,9 @@ _send_signed_request() { |
|
|
_debug3 _request_retry_times "$_request_retry_times" |
|
|
_debug3 _request_retry_times "$_request_retry_times" |
|
|
if [ -z "$_CACHED_NONCE" ]; then |
|
|
if [ -z "$_CACHED_NONCE" ]; then |
|
|
_headers="" |
|
|
_headers="" |
|
|
if [ "$ACME_NEW_NONCE" ] || [ "$BUYPASS" ]; then |
|
|
|
|
|
|
|
|
if [ "$ACME_NEW_NONCE" ]; then |
|
|
|
|
|
_debug2 "Get nonce with HEAD. ACME_NEW_NONCE" "$ACME_NEW_NONCE" |
|
|
nonceurl="$ACME_NEW_NONCE" |
|
|
nonceurl="$ACME_NEW_NONCE" |
|
|
if [ "$BUYPASS" ]; then |
|
|
|
|
|
nonceurl=$url |
|
|
|
|
|
fi |
|
|
|
|
|
_debug2 "Get nonce with HEAD. ACME_NEW_NONCE" "$nonceurl" |
|
|
|
|
|
if _post "" "$nonceurl" "" "HEAD" "$__request_conent_type"; then |
|
|
if _post "" "$nonceurl" "" "HEAD" "$__request_conent_type"; then |
|
|
_headers="$(cat "$HTTP_HEADER")" |
|
|
_headers="$(cat "$HTTP_HEADER")" |
|
|
fi |
|
|
fi |
|
@ -1880,11 +1877,7 @@ _send_signed_request() { |
|
|
sig="$(printf "%s" "$_sig_t" | _url_replace)" |
|
|
sig="$(printf "%s" "$_sig_t" | _url_replace)" |
|
|
_debug3 sig "$sig" |
|
|
_debug3 sig "$sig" |
|
|
|
|
|
|
|
|
if [ "$ACME_VERSION" = "2" ] || [ "$BUYPASS" ]; then |
|
|
|
|
|
body="{\"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}" |
|
|
body="{\"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}" |
|
|
else |
|
|
|
|
|
body="{\"header\": $JWK_HEADER, \"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}" |
|
|
|
|
|
fi |
|
|
|
|
|
_debug3 body "$body" |
|
|
_debug3 body "$body" |
|
|
|
|
|
|
|
|
response="$(_post "$body" "$url" "$needbase64" "POST" "$__request_conent_type")" |
|
|
response="$(_post "$body" "$url" "$needbase64" "POST" "$__request_conent_type")" |
|
@ -2335,13 +2328,6 @@ _initAPI() { |
|
|
fi |
|
|
fi |
|
|
export ACME_AGREEMENT |
|
|
export ACME_AGREEMENT |
|
|
|
|
|
|
|
|
BUYPASS=$(echo "$_api_server" | _egrep_o 'buypass') |
|
|
|
|
|
if [ "$BUYPASS" ]; then |
|
|
|
|
|
BUYPASS=1 |
|
|
|
|
|
fi |
|
|
|
|
|
export BUYPASS |
|
|
|
|
|
_debug "BUYPASS" "$BUYPASS" |
|
|
|
|
|
|
|
|
|
|
|
_debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE" |
|
|
_debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE" |
|
|
_debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ" |
|
|
_debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ" |
|
|
_debug "ACME_NEW_ORDER" "$ACME_NEW_ORDER" |
|
|
_debug "ACME_NEW_ORDER" "$ACME_NEW_ORDER" |
|
@ -3455,7 +3441,7 @@ __get_domain_new_authz() { |
|
|
|
|
|
|
|
|
#uri keyAuthorization |
|
|
#uri keyAuthorization |
|
|
__trigger_validation() { |
|
|
__trigger_validation() { |
|
|
_debug2 "tigger domain validation." |
|
|
|
|
|
|
|
|
_debug2 "Trigger domain validation." |
|
|
_t_url="$1" |
|
|
_t_url="$1" |
|
|
_debug2 _t_url "$_t_url" |
|
|
_debug2 _t_url "$_t_url" |
|
|
_t_key_authz="$2" |
|
|
_t_key_authz="$2" |
|
@ -3465,11 +3451,7 @@ __trigger_validation() { |
|
|
if [ "$ACME_VERSION" = "2" ]; then |
|
|
if [ "$ACME_VERSION" = "2" ]; then |
|
|
_send_signed_request "$_t_url" "{\"keyAuthorization\": \"$_t_key_authz\"}" |
|
|
_send_signed_request "$_t_url" "{\"keyAuthorization\": \"$_t_key_authz\"}" |
|
|
else |
|
|
else |
|
|
if [ "$BUYPASS" ]; then |
|
|
|
|
|
_send_signed_request "$_t_url" "{\"resource\": \"challenge\", \"type\": \"$_t_vtype\", \"keyAuthorization\": \"$_t_key_authz\"}" |
|
|
_send_signed_request "$_t_url" "{\"resource\": \"challenge\", \"type\": \"$_t_vtype\", \"keyAuthorization\": \"$_t_key_authz\"}" |
|
|
else |
|
|
|
|
|
_send_signed_request "$_t_url" "{\"resource\": \"challenge\", \"keyAuthorization\": \"$_t_key_authz\"}" |
|
|
|
|
|
fi |
|
|
|
|
|
fi |
|
|
fi |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
@ -4065,10 +4047,7 @@ $_authorizations_map" |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
if [ "$code" ] && [ "$code" != '202' ]; then |
|
|
if [ "$code" ] && [ "$code" != '202' ]; then |
|
|
if [ "$BUYPASS" ] && [ "$code" = '200' ]; then |
|
|
|
|
|
_debug "trigger validation code: $code" |
|
|
|
|
|
else |
|
|
|
|
|
if [ "$ACME_VERSION" = "2" ] && [ "$code" = '200' ]; then |
|
|
|
|
|
|
|
|
if [ "$code" = '200' ]; then |
|
|
_debug "trigger validation code: $code" |
|
|
_debug "trigger validation code: $code" |
|
|
else |
|
|
else |
|
|
_err "$d:Challenge error: $response" |
|
|
_err "$d:Challenge error: $response" |
|
@ -4078,7 +4057,6 @@ $_authorizations_map" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
waittimes=0 |
|
|
waittimes=0 |
|
|
if [ -z "$MAX_RETRY_TIMES" ]; then |
|
|
if [ -z "$MAX_RETRY_TIMES" ]; then |
|
|