diff --git a/acme.sh b/acme.sh
index e2bc928f..3498fe75 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1,6 +1,6 @@
#!/usr/bin/env sh
-VER=2.6.8
+VER=2.6.9
PROJECT_NAME="acme.sh"
@@ -107,7 +107,7 @@ __green() {
if [ "$__INTERACTIVE" ]; then
printf '\033[1;31;32m'
fi
- printf -- "$1"
+ printf -- "%b" "$1"
if [ "$__INTERACTIVE" ]; then
printf '\033[0m'
fi
@@ -117,7 +117,7 @@ __red() {
if [ "$__INTERACTIVE" ]; then
printf '\033[1;31;40m'
fi
- printf -- "$1"
+ printf -- "%b" "$1"
if [ "$__INTERACTIVE" ]; then
printf '\033[0m'
fi
@@ -1102,12 +1102,13 @@ _readKeyLengthFromCSR() {
fi
_outcsr="$(${ACME_OPENSSL_BIN:-openssl} req -noout -text -in "$_csrfile")"
+ _debug2 _outcsr "$_outcsr"
if _contains "$_outcsr" "Public Key Algorithm: id-ecPublicKey"; then
_debug "ECC CSR"
- echo "$_outcsr" | _egrep_o "^ *ASN1 OID:.*" | cut -d ':' -f 2 | tr -d ' '
+ echo "$_outcsr" | tr "\t" " " | _egrep_o "^ *ASN1 OID:.*" | cut -d ':' -f 2 | tr -d ' '
else
_debug "RSA CSR"
- echo "$_outcsr" | _egrep_o "(^ *|^RSA )Public.Key:.*" | cut -d '(' -f 2 | cut -d ' ' -f 1
+ echo "$_outcsr" | tr "\t" " " | _egrep_o "(^ *|RSA )Public.Key:.*" | cut -d '(' -f 2 | cut -d ' ' -f 1
fi
}
@@ -1846,6 +1847,24 @@ _saveaccountconf() {
_save_conf "$ACCOUNT_CONF_PATH" "$1" "$2"
}
+#key value
+_saveaccountconf_mutable() {
+ _save_conf "$ACCOUNT_CONF_PATH" "SAVED_$1" "$2"
+ #remove later
+ _clearaccountconf "$1"
+}
+
+#key
+_readaccountconf() {
+ _read_conf "$ACCOUNT_CONF_PATH" "$1"
+}
+
+#key
+_readaccountconf_mutable() {
+ _rac_key="$1"
+ _readaccountconf "SAVED_$_rac_key"
+}
+
#_clearaccountconf key
_clearaccountconf() {
_clear_conf "$ACCOUNT_CONF_PATH" "$1"
@@ -2564,7 +2583,7 @@ _checkConf() {
if [ ! -f "$2" ] && ! echo "$2" | grep '*$' >/dev/null && echo "$2" | grep '*' >/dev/null; then
_debug "wildcard"
for _w_f in $2; do
- if [ -f "$_w_f"] && _checkConf "$1" "$_w_f"; then
+ if [ -f "$_w_f" ] && _checkConf "$1" "$_w_f"; then
return 0
fi
done
@@ -3120,6 +3139,10 @@ issue() {
_usage "Usage: $PROJECT_ENTRY --issue -d a.com -w /path/to/webroot/a.com/ "
return 1
fi
+ if [ -z "$1" ]; then
+ _usage "Please specify at least one validation method: '--webroot', '--standalone', '--apache', '--nginx' or '--dns' etc."
+ return 1
+ fi
_web_roots="$1"
_main_domain="$2"
_alt_domains="$3"
@@ -3860,7 +3883,7 @@ renewAll() {
return "$rc"
else
_ret="$rc"
- _err "Error renew $d, Go ahead to next one."
+ _err "Error renew $d."
fi
fi
done
diff --git a/dnsapi/dns_aws.sh b/dnsapi/dns_aws.sh
index d5d52de0..21e86686 100755
--- a/dnsapi/dns_aws.sh
+++ b/dnsapi/dns_aws.sh
@@ -88,6 +88,19 @@ _get_root() {
while true; do
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
if [ -z "$h" ]; then
+ if _contains "$response" "true" && _contains "$response" ""; then
+ _debug "IsTruncated"
+ _nextMarker="$(echo "$response" | _egrep_o ".*" | cut -d '>' -f 2 | cut -d '<' -f 1)"
+ _debug "NextMarker" "$_nextMarker"
+ if aws_rest GET "2013-04-01/hostedzone" "marker=$_nextMarker"; then
+ _debug "Truncated request OK"
+ i=2
+ p=1
+ continue
+ else
+ _err "Truncated request error."
+ fi
+ fi
#not valid
return 1
fi
@@ -208,6 +221,9 @@ aws_rest() {
_debug _H2 "$_H2"
url="$AWS_URL/$ep"
+ if [ "$qsr" ]; then
+ url="$AWS_URL/$ep?$qsr"
+ fi
if [ "$mtd" = "GET" ]; then
response="$(_get "$url")"
diff --git a/dnsapi/dns_cf.sh b/dnsapi/dns_cf.sh
index 3718f9db..228caa82 100755
--- a/dnsapi/dns_cf.sh
+++ b/dnsapi/dns_cf.sh
@@ -14,6 +14,8 @@ dns_cf_add() {
fulldomain=$1
txtvalue=$2
+ CF_Key="${CF_Key:-$(_readaccountconf_mutable CF_Key)}"
+ CF_Email="${CF_Email:-$(_readaccountconf_mutable CF_Email)}"
if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then
CF_Key=""
CF_Email=""
@@ -29,8 +31,8 @@ dns_cf_add() {
fi
#save the api key and email to the account conf file.
- _saveaccountconf CF_Key "$CF_Key"
- _saveaccountconf CF_Email "$CF_Email"
+ _saveaccountconf_mutable CF_Key "$CF_Key"
+ _saveaccountconf_mutable CF_Email "$CF_Email"
_debug "First detect the root zone"
if ! _get_root "$fulldomain"; then