Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Added fixes to also use BuyPass Go ACME server

pull/1989/head
Ketil 6 years ago
parent
ebb1a8af1b
commit
920cab6f12
1 changed files with 33 additions and 11 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 30
      acme.sh

30
acme.sh
View File

@ -13,6 +13,8 @@ _SCRIPT_="$0"
_SUB_FOLDERS="dnsapi deploy" _SUB_FOLDERS="dnsapi deploy"
BUYPASS_CA="https://api.buypass.no/acme/directory"
LETSENCRYPT_CA_V1="https://acme-v01.api.letsencrypt.org/directory" LETSENCRYPT_CA_V1="https://acme-v01.api.letsencrypt.org/directory"
LETSENCRYPT_STAGING_CA_V1="https://acme-staging.api.letsencrypt.org/directory" LETSENCRYPT_STAGING_CA_V1="https://acme-staging.api.letsencrypt.org/directory"
@ -1820,9 +1822,12 @@ _send_signed_request() {
_debug3 _request_retry_times "$_request_retry_times" _debug3 _request_retry_times "$_request_retry_times"
if [ -z "$_CACHED_NONCE" ]; then if [ -z "$_CACHED_NONCE" ]; then
_headers="" _headers=""
if [ "$ACME_NEW_NONCE" ]; then
_debug2 "Get nonce with HEAD. ACME_NEW_NONCE" "$ACME_NEW_NONCE"
if [ "$ACME_NEW_NONCE" ] || [ "$BUYPASS" ]; then
nonceurl="$ACME_NEW_NONCE" nonceurl="$ACME_NEW_NONCE"
if [ "$BUYPASS" ]; then
nonceurl=$url
fi
_debug2 "Get nonce with HEAD. ACME_NEW_NONCE" "$nonceurl"
if _post "" "$nonceurl" "" "HEAD" "$__request_conent_type"; then if _post "" "$nonceurl" "" "HEAD" "$__request_conent_type"; then
_headers="$(cat "$HTTP_HEADER")" _headers="$(cat "$HTTP_HEADER")"
fi fi
@ -1875,7 +1880,7 @@ _send_signed_request() {
sig="$(printf "%s" "$_sig_t" | _url_replace)" sig="$(printf "%s" "$_sig_t" | _url_replace)"
_debug3 sig "$sig" _debug3 sig "$sig"
if [ "$ACME_VERSION" = "2" ]; then
if [ "$ACME_VERSION" = "2" ] || [ "$BUYPASS" ]; then
body="{\"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}" body="{\"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}"
else else
body="{\"header\": $JWK_HEADER, \"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}" body="{\"header\": $JWK_HEADER, \"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}"
@ -2330,6 +2335,13 @@ _initAPI() {
fi fi
export ACME_AGREEMENT export ACME_AGREEMENT
BUYPASS=$(echo "$_api_server" | _egrep_o 'buypass')
if [ "$BUYPASS" ]; then
BUYPASS=1
fi
export BUYPASS
_debug "BUYPASS" "$BUYPASS"
_debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE" _debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE"
_debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ" _debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ"
_debug "ACME_NEW_ORDER" "$ACME_NEW_ORDER" _debug "ACME_NEW_ORDER" "$ACME_NEW_ORDER"
@ -3448,11 +3460,17 @@ __trigger_validation() {
_debug2 _t_url "$_t_url" _debug2 _t_url "$_t_url"
_t_key_authz="$2" _t_key_authz="$2"
_debug2 _t_key_authz "$_t_key_authz" _debug2 _t_key_authz "$_t_key_authz"
_t_vtype="$3"
_debug2 _t_vtype "$_t_vtype"
if [ "$ACME_VERSION" = "2" ]; then if [ "$ACME_VERSION" = "2" ]; then
_send_signed_request "$_t_url" "{\"keyAuthorization\": \"$_t_key_authz\"}" _send_signed_request "$_t_url" "{\"keyAuthorization\": \"$_t_key_authz\"}"
else
if [ "$BUYPASS" ]; then
_send_signed_request "$_t_url" "{\"resource\": \"challenge\", \"type\": \"$_t_vtype\", \"keyAuthorization\": \"$_t_key_authz\"}"
else else
_send_signed_request "$_t_url" "{\"resource\": \"challenge\", \"keyAuthorization\": \"$_t_key_authz\"}" _send_signed_request "$_t_url" "{\"resource\": \"challenge\", \"keyAuthorization\": \"$_t_key_authz\"}"
fi fi
fi
} }
#webroot, domain domainlist keylength #webroot, domain domainlist keylength
@ -4038,7 +4056,7 @@ $_authorizations_map"
fi fi
fi fi
if ! __trigger_validation "$uri" "$keyauthorization"; then
if ! __trigger_validation "$uri" "$keyauthorization" "$vtype"; then
_err "$d:Can not get challenge: $response" _err "$d:Can not get challenge: $response"
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
_clearup _clearup
@ -4047,6 +4065,9 @@ $_authorizations_map"
fi fi
if [ "$code" ] && [ "$code" != '202' ]; then if [ "$code" ] && [ "$code" != '202' ]; then
if [ "$BUYPASS" ] && [ "$code" = '200' ]; then
_debug "trigger validation code: $code"
else
if [ "$ACME_VERSION" = "2" ] && [ "$code" = '200' ]; then if [ "$ACME_VERSION" = "2" ] && [ "$code" = '200' ]; then
_debug "trigger validation code: $code" _debug "trigger validation code: $code"
else else
@ -4057,6 +4078,7 @@ $_authorizations_map"
return 1 return 1
fi fi
fi fi
fi
waittimes=0 waittimes=0
if [ -z "$MAX_RETRY_TIMES" ]; then if [ -z "$MAX_RETRY_TIMES" ]; then

Write Preview
Loading…
Cancel
Save