From 5c962a7829e87a714726aeab7216b61e0f7af7a6 Mon Sep 17 00:00:00 2001 From: Tim Kimber Date: Sun, 31 Dec 2023 17:28:28 +0000 Subject: [PATCH 1/5] Refresh the TXT record if a CNAME is found (@JoergBruce #828) --- getssl | 1 + 1 file changed, 1 insertion(+) diff --git a/getssl b/getssl index 30d8837..4220a54 100755 --- a/getssl +++ b/getssl @@ -598,6 +598,7 @@ check_challenge_completion_dns() { # perform validation via DNS challenge rr_cname=$(grep -i "^${rr}"<<<"${check_output}"|grep 'IN\WCNAME'|awk '{ print $5}') debug "cname check=\"$rr_cname\"" if [[ -n "$rr_cname" ]]; then + check_output=$($DNS_CHECK_FUNC $DNS_CHECK_OPTIONS TXT "${rr_cname}" "@${ns}") check_result=$(grep -i "^${rr_cname}"<<<"${check_output}"|grep 'IN\WTXT'|awk -F'"' '{ print $2}' | uniq) fi fi From 75e2a15ca0040eb4fbd4ed227fb950220d3f57f4 Mon Sep 17 00:00:00 2001 From: Tim Kimber Date: Sun, 31 Dec 2023 17:30:27 +0000 Subject: [PATCH 2/5] Fix minor errors in instructions --- test/README-Testing.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/README-Testing.md b/test/README-Testing.md index 5d67977..9936541 100644 --- a/test/README-Testing.md +++ b/test/README-Testing.md @@ -30,20 +30,20 @@ For individual accounts, is your github account name. ## To run all the tests on a single OS 1. Start `pebble` and `challtestsrv` using ```docker-compose up -d --build``` -2. Run the test suite ```run-test.sh []``` -3. eg. `run-test.sh ubuntu16` +2. Run the test suite ```test/run-test.sh []``` +3. eg. `test/run-test.sh ubuntu16` ## To run a single bats test on a single OS 1. Start `pebble` and `challtestsrv` using ```docker-compose up -d --build``` -2. ```run-test.sh bats ``` -3. e.g. `run-test.sh ubuntu bats /getssl/test/1-simple-http01.bats` +2. ```test/run-test.sh bats ``` +3. e.g. `test/run-test.sh ubuntu bats /getssl/test/1-simple-http01.bats` ## To debug a test 1. Start `pebble` and `challtestsrv` using ```docker-compose up -d --build``` 2. ```run-test.sh /getssl/test/debug-test.sh ``` -3. e.g. `run-test.sh ubuntu /getssl/test/debug-test.sh -d /getssl/test/test-config/getssl-http01-cfg` +3. e.g. `test/run-test.sh ubuntu /getssl/test/debug-test.sh -d /getssl/test/test-config/getssl-http01-cfg` ## TODO From 72289f0f9df0221200e7b9a83485d129d6c03276 Mon Sep 17 00:00:00 2001 From: Tim Kimber Date: Sun, 31 Dec 2023 17:39:27 +0000 Subject: [PATCH 3/5] Fix shellcheck issues --- getssl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/getssl b/getssl index 4220a54..b6a6e92 100755 --- a/getssl +++ b/getssl @@ -598,7 +598,7 @@ check_challenge_completion_dns() { # perform validation via DNS challenge rr_cname=$(grep -i "^${rr}"<<<"${check_output}"|grep 'IN\WCNAME'|awk '{ print $5}') debug "cname check=\"$rr_cname\"" if [[ -n "$rr_cname" ]]; then - check_output=$($DNS_CHECK_FUNC $DNS_CHECK_OPTIONS TXT "${rr_cname}" "@${ns}") + check_output=$($DNS_CHECK_FUNC "${DNS_CHECK_OPTIONS}" TXT "${rr_cname}" "@${ns}") check_result=$(grep -i "^${rr_cname}"<<<"${check_output}"|grep 'IN\WTXT'|awk -F'"' '{ print $2}' | uniq) fi fi @@ -1217,7 +1217,7 @@ create_order() { dn=0 for d in "${alldomains[@]}"; do # get authorizations link - AuthLink[$dn]=$(json_get "$response" "identifiers" "value" "${d##\*.}" "authorizations" "x") + AuthLink[dn]=$(json_get "$response" "identifiers" "value" "${d##\*.}" "authorizations" "x") debug "authorizations link for $d - ${AuthLink[$dn]}" ((dn++)) done @@ -1241,8 +1241,8 @@ create_order() { if [[ ( "$lower_d" == "$authdomain" && -z "$wildcard" ) || ( "$lower_d" == "*.${authdomain}" && -n "$wildcard" ) ]]; then debug "Saving authorization response for $authdomain for domain alldomains[$dn]" debug "Response = ${response//[$'\t\r\n']}" - AuthLinkResponse[$dn]=$response - AuthLinkResponseHeader[$dn]=$responseHeaders + AuthLinkResponse[dn]=$response + AuthLinkResponseHeader[dn]=$responseHeaders fi ((dn++)) done From 59ed75534d6d061fae82755b488f52730e27d1c3 Mon Sep 17 00:00:00 2001 From: Tim Kimber Date: Wed, 21 Feb 2024 07:46:42 +0000 Subject: [PATCH 4/5] Revert "Fix shellcheck issues" This reverts commit 72289f0f9df0221200e7b9a83485d129d6c03276. --- getssl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/getssl b/getssl index b6a6e92..4220a54 100755 --- a/getssl +++ b/getssl @@ -598,7 +598,7 @@ check_challenge_completion_dns() { # perform validation via DNS challenge rr_cname=$(grep -i "^${rr}"<<<"${check_output}"|grep 'IN\WCNAME'|awk '{ print $5}') debug "cname check=\"$rr_cname\"" if [[ -n "$rr_cname" ]]; then - check_output=$($DNS_CHECK_FUNC "${DNS_CHECK_OPTIONS}" TXT "${rr_cname}" "@${ns}") + check_output=$($DNS_CHECK_FUNC $DNS_CHECK_OPTIONS TXT "${rr_cname}" "@${ns}") check_result=$(grep -i "^${rr_cname}"<<<"${check_output}"|grep 'IN\WTXT'|awk -F'"' '{ print $2}' | uniq) fi fi @@ -1217,7 +1217,7 @@ create_order() { dn=0 for d in "${alldomains[@]}"; do # get authorizations link - AuthLink[dn]=$(json_get "$response" "identifiers" "value" "${d##\*.}" "authorizations" "x") + AuthLink[$dn]=$(json_get "$response" "identifiers" "value" "${d##\*.}" "authorizations" "x") debug "authorizations link for $d - ${AuthLink[$dn]}" ((dn++)) done @@ -1241,8 +1241,8 @@ create_order() { if [[ ( "$lower_d" == "$authdomain" && -z "$wildcard" ) || ( "$lower_d" == "*.${authdomain}" && -n "$wildcard" ) ]]; then debug "Saving authorization response for $authdomain for domain alldomains[$dn]" debug "Response = ${response//[$'\t\r\n']}" - AuthLinkResponse[dn]=$response - AuthLinkResponseHeader[dn]=$responseHeaders + AuthLinkResponse[$dn]=$response + AuthLinkResponseHeader[$dn]=$responseHeaders fi ((dn++)) done From 2cad636dac66ff156e34cb27e1c1f07ec3cd38d7 Mon Sep 17 00:00:00 2001 From: Tim Kimber Date: Wed, 21 Feb 2024 07:51:20 +0000 Subject: [PATCH 5/5] Fix some shellcheck warnings, ignore incorrect warnings --- getssl | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/getssl b/getssl index 4220a54..574f7bc 100755 --- a/getssl +++ b/getssl @@ -598,6 +598,7 @@ check_challenge_completion_dns() { # perform validation via DNS challenge rr_cname=$(grep -i "^${rr}"<<<"${check_output}"|grep 'IN\WCNAME'|awk '{ print $5}') debug "cname check=\"$rr_cname\"" if [[ -n "$rr_cname" ]]; then + # shellcheck disable=SC2086 check_output=$($DNS_CHECK_FUNC $DNS_CHECK_OPTIONS TXT "${rr_cname}" "@${ns}") check_result=$(grep -i "^${rr_cname}"<<<"${check_output}"|grep 'IN\WTXT'|awk -F'"' '{ print $2}' | uniq) fi @@ -1217,7 +1218,7 @@ create_order() { dn=0 for d in "${alldomains[@]}"; do # get authorizations link - AuthLink[$dn]=$(json_get "$response" "identifiers" "value" "${d##\*.}" "authorizations" "x") + AuthLink[dn]=$(json_get "$response" "identifiers" "value" "${d##\*.}" "authorizations" "x") debug "authorizations link for $d - ${AuthLink[$dn]}" ((dn++)) done @@ -1241,8 +1242,8 @@ create_order() { if [[ ( "$lower_d" == "$authdomain" && -z "$wildcard" ) || ( "$lower_d" == "*.${authdomain}" && -n "$wildcard" ) ]]; then debug "Saving authorization response for $authdomain for domain alldomains[$dn]" debug "Response = ${response//[$'\t\r\n']}" - AuthLinkResponse[$dn]=$response - AuthLinkResponseHeader[$dn]=$responseHeaders + AuthLinkResponse[dn]=$response + AuthLinkResponseHeader[dn]=$responseHeaders fi ((dn++)) done