starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-12 23:00:30 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Compare commits

base: starred:rfc8738
Branches Tags
starred:master starred:sudo-env starred:testing starred:rfc8738 starred:jsonsh
starred:v0.7.2 starred:v0.7.1 starred:v0.7.0 starred:v0.6.5 starred:v0.6.4 starred:v0.6.3 starred:v0.6.2 starred:v0.6.1 starred:v0.6.0 starred:v0.5.0 starred:v0.4.0 starred:v0.3.1 starred:v0.3.0 starred:v0.2.0 starred:v0.1.0
...
compare: starred:testing
Branches Tags
starred:master starred:sudo-env starred:testing starred:rfc8738 starred:jsonsh
starred:v0.7.2 starred:v0.7.1 starred:v0.7.0 starred:v0.6.5 starred:v0.6.4 starred:v0.6.3 starred:v0.6.2 starred:v0.6.1 starred:v0.6.0 starred:v0.5.0 starred:v0.4.0 starred:v0.3.1 starred:v0.3.0 starred:v0.2.0 starred:v0.1.0

2 Commits
rfc8738 ... testing

Author SHA1 Message Date
Lukas Schauer
6fb8eba56a implemented workaround for retrying on badNonce errors 2022-09-07 15:09:57 +02:00
Simon Deziel
19c7fbbf47 egrep is deprecated 
egrep has been deprecated since 2007 and warns it's obsolete since:
https://git.savannah.gnu.org/cgit/grep.git/commit/?id=a9515624709865d480e3142fd959bccd1c9372d1

Signed-off-by: Simon Deziel <simon@sdeziel.info>
 2022-04-07 21:49:56 +02:00
1 changed files with 21 additions and 6 deletions
Expand all files Collapse all files

27
dehydrated
View File

@@ -126,7 +126,7 @@ jsonsh() {
fi
# shellcheck disable=SC2196
if echo "test string" | egrep -ao "test" >/dev/null 2>&1
if echo "test string" | grep -Eao "test" >/dev/null 2>&1
then
ESCAPE='(\\[^u[:cntrl:]]|\\u[0-9a-fA-F]{4})'
CHAR='[^[:cntrl:]"\\]'
@@ -899,6 +899,10 @@ http_request() {
elif [[ -n "${CA_REVOKE_CERT:-}" ]] && [[ "${2}" = "${CA_REVOKE_CERT:-}" ]] && [[ "${statuscode}" = "409" ]]; then
grep -q "Certificate already revoked" "${tempcont}" && return
else
if grep -q "urn:ietf:params:acme:error:badNonce" "${tempcont}"; then
printf "badnonce %s" "$(grep -Eoi "^replay-nonce:.*$" "${tempheaders}" | sed 's/ //' | cut -d: -f2)"
return 0
fi
echo " + ERROR: An error occurred while sending ${1}-request to ${2} (Status ${statuscode})" >&2
echo >&2
echo "Details:" >&2
@@ -936,11 +940,15 @@ signed_request() {
# Encode payload as urlbase64
payload64="$(printf '%s' "${2}" | urlbase64)"
# Retrieve nonce from acme-server
if [[ ${API} -eq 1 ]]; then
nonce="$(http_request head "${CA}" | grep -i ^Replay-Nonce: | cut -d':' -f2- | tr -d ' \t\n\r')"
if [ -n "${3:-}" ]; then
nonce="$(printf "%s" "${3}" | tr -d ' \t\n\r')"
else
nonce="$(http_request head "${CA_NEW_NONCE}" | grep -i ^Replay-Nonce: | cut -d':' -f2- | tr -d ' \t\n\r')"
# Retrieve nonce from acme-server
if [[ ${API} -eq 1 ]]; then
nonce="$(http_request head "${CA}" | grep -i ^Replay-Nonce: | cut -d':' -f2- | tr -d ' \t\n\r')"
else
nonce="$(http_request head "${CA_NEW_NONCE}" | grep -i ^Replay-Nonce: | cut -d':' -f2- | tr -d ' \t\n\r')"
fi
fi
if [[ ${API} -eq 1 ]]; then
@@ -988,7 +996,14 @@ signed_request() {
data='{"protected": "'"${protected64}"'", "payload": "'"${payload64}"'", "signature": "'"${signed64}"'"}'
fi
http_request post "${1}" "${data}"
output="$(http_request post "${1}" "${data}")"
if grep -qE "^badnonce " <<< "${output}"; then
echo " ! Request failed (badNonce), retrying request..." >&2
signed_request "${1:-}" "${2:-}" "$(printf "%s" "${output}" | cut -d' ' -f2)"
else
printf "%s" "${output}"
fi
}
# Extracts all subject names from a CSR