From 07b5b6e4da964a25b9d0787e1da06ce89585e63f Mon Sep 17 00:00:00 2001 From: Tim Kimber Date: Mon, 11 Oct 2021 10:18:15 +0100 Subject: [PATCH] Fix broken upgrade url Add pre and post upgrade sanity checks Fixes #718 --- getssl | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/getssl b/getssl index 254ca16..fc61831 100755 --- a/getssl +++ b/getssl @@ -274,6 +274,8 @@ # 2021-09-30 better error if curl returns 60 (#709) # 2021-10-01 Fix -preferred-chain argument (#712) # 2021-10-01 Show help if no domain specified (#705)(2.44) +# 2021-10-08 Extract release tag from release api using awk (fix BSD issues) +# 2021-10-11 Fix broken upgrade url (#718)(2.45) # ---------------------------------------------------------------------------------------- case :$SHELLOPTS: in @@ -282,7 +284,7 @@ esac PROGNAME=${0##*/} PROGDIR="$(cd "$(dirname "$0")" || exit; pwd -P;)" -VERSION="2.44" +VERSION="2.45" # defaults ACCOUNT_KEY_LENGTH=4096 @@ -825,8 +827,9 @@ check_getssl_upgrade() { # check if a more recent release is available # shellcheck disable=SC2086 debug curl ${_NOMETER:---silent} --user-agent "$CURL_USERAGENT" "$CODE_LOCATION" --output "$TEMP_UPGRADE_FILE" # shellcheck disable=SC2086 - curl ${_NOMETER:---silent} --user-agent "$CURL_USERAGENT" "$CODE_LOCATION" --output "$TEMP_UPGRADE_FILE" + status=$(curl ${_NOMETER:---silent} -w "%{http_code}" --user-agent "$CURL_USERAGENT" "$CODE_LOCATION" --output "$TEMP_UPGRADE_FILE") errcode=$? +debug errcode=$errcode if [[ $errcode -eq 60 ]]; then error_exit "curl needs updating, your version does not support SNI (multiple SSL domains on a single IP)" @@ -834,6 +837,10 @@ check_getssl_upgrade() { # check if a more recent release is available error_exit "curl error downloading release: $errcode" fi + if [[ $status -ne 200 ]]; then + error_exit "curl didn't find the updated version of getssl at $CODE_LOCATION" + fi + if ! install "$0" "${0}.v${VERSION}"; then error_exit "problem renaming old version while updating, check permissions" fi @@ -841,6 +848,17 @@ check_getssl_upgrade() { # check if a more recent release is available error_exit "problem installing new version while updating, check permissions" fi + check=$(bash "$0" -U -v) + release_tag_upper=$(echo "$release_tag" | tr "[:lower:]" "[:upper:]") + if [[ "$check" != "getssl ${release_tag_upper}" ]]; then + info "problem running new version, rolling back to old version" + if ! install "${0}.v${VERSION}" "$0"; then + error_exit "problem rolling back, you'll need to manually check $0 and $0.${VERSION}" + fi + error_exit "problem calling new version; output of $TEMP_UPGRADE_FILE -v was \"$check\", expected \"getssl ${release_tag_upper}\"" + fi + + if [[ ${_MUTE} -eq 0 ]]; then echo "Updated getssl from v${VERSION} to ${release_tag}" echo "The old version remains as ${0}.v${VERSION} and should be removed"