|
|
|
@ -73,10 +73,11 @@ |
|
|
|
# 2016-06-20 added CHALLENGE_CHECK_TYPE variable to allow checks direct on https rather than http (1.07) |
|
|
|
# 2016-06-21 updated grep functions to run on MAC OS X (1.08) |
|
|
|
# 2016-06-11 updated to enable running on windows with cygwin (1.09) |
|
|
|
# 2016-07-02 Corrections to work with older slackware issue #56 (1.10) |
|
|
|
# --------------------------------------------------------------------------- |
|
|
|
|
|
|
|
PROGNAME=${0##*/} |
|
|
|
VERSION="1.09" |
|
|
|
VERSION="1.10" |
|
|
|
|
|
|
|
# defaults |
|
|
|
CODE_LOCATION="https://raw.githubusercontent.com/srvrco/getssl/master/getssl" |
|
|
|
@ -166,6 +167,12 @@ check_challenge_completion() { # checks with the ACME server if our challenge is |
|
|
|
|
|
|
|
check_getssl_upgrade() { # check if a more recent version of code is available available |
|
|
|
latestcode=$(curl --silent "$CODE_LOCATION") |
|
|
|
errcode=$? |
|
|
|
if [ $errcode -eq 60 ]; then |
|
|
|
error_exit "your version of curl needs updating, as it does not support SNI (multiple SSL domains on a single IP)" |
|
|
|
elif [ $errcode -gt 0 ]; then |
|
|
|
error_exit "curl error : $errcode" |
|
|
|
fi |
|
|
|
latestversion=$(echo "$latestcode" | os_grep VERSION= | head -1| awk -F'"' '{print $2}') |
|
|
|
latestvdec=$(echo "$latestversion"| tr -d '.') |
|
|
|
localvdec=$(echo "$VERSION"| tr -d '.' ) |
|
|
|
@ -199,7 +206,7 @@ clean_up() { # Perform pre-exit housekeeping |
|
|
|
for dnsfile in $TEMP_DIR/dns_verify/*; do |
|
|
|
. "$dnsfile" |
|
|
|
debug "attempting to clean up DNS entry for $d" |
|
|
|
$DNS_DEL_COMMAND "$d" |
|
|
|
eval $DNS_DEL_COMMAND "$d" |
|
|
|
done |
|
|
|
shopt -u nullglob |
|
|
|
fi |
|
|
|
@ -399,7 +406,7 @@ reload_service() { # Runs a command to reload services ( via ssh if needed) |
|
|
|
sleep 2 |
|
|
|
else |
|
|
|
debug "running reload command $RELOAD_CMD" |
|
|
|
$RELOAD_CMD |
|
|
|
eval $RELOAD_CMD |
|
|
|
if [ $? -gt 0 ]; then |
|
|
|
error_exit "error running $RELOAD_CMD" |
|
|
|
fi |
|
|
|
@ -1015,7 +1022,7 @@ for d in $alldomains; do |
|
|
|
debug auth_key "$auth_key" |
|
|
|
|
|
|
|
debug "adding dns via command: $DNS_ADD_COMMAND $d $auth_key" |
|
|
|
$DNS_ADD_COMMAND "$d" "$auth_key" |
|
|
|
eval $DNS_ADD_COMMAND "$d" "$auth_key" |
|
|
|
if [ $? -gt 0 ]; then |
|
|
|
error_exit "DNS_ADD_COMMAND failed for domain $d" |
|
|
|
fi |
|
|
|
@ -1166,7 +1173,7 @@ if [[ $VALIDATE_VIA_DNS == "true" ]]; then |
|
|
|
check_challenge_completion "$uri" "$d" "$keyauthorization" |
|
|
|
|
|
|
|
debug "remove DNS entry" |
|
|
|
$DNS_DEL_COMMAND "$d" |
|
|
|
eval $DNS_DEL_COMMAND "$d" |
|
|
|
# remove $dnsfile after each loop. |
|
|
|
rm -f "$dnsfile" |
|
|
|
done |
|
|
|
@ -1179,7 +1186,7 @@ debug "der $der" |
|
|
|
send_signed_request "$CA/acme/new-cert" "{\"resource\": \"new-cert\", \"csr\": \"$der\"}" "needbase64" |
|
|
|
|
|
|
|
# convert certificate information into correct format and save to file. |
|
|
|
CertData=$(os_grep -i -o '^Location.*' "$CURL_HEADER" |os_sed 's/\r//g'| cut -d " " -f 2) |
|
|
|
CertData=$(os_grep -i '^Location.*' "$CURL_HEADER" |os_sed 's/\r//g'| cut -d " " -f 2) |
|
|
|
if [ "$CertData" ] ; then |
|
|
|
echo -----BEGIN CERTIFICATE----- > "$CERT_FILE" |
|
|
|
curl --silent "$CertData" | openssl base64 -e >> "$CERT_FILE" |
|
|
|
|
srvrco
10 years ago