|
|
|
@ -170,10 +170,11 @@ |
|
|
|
# 2016-12-23 tidy code - place default variables in alphabetical order. |
|
|
|
# 2016-12-27 update checks to work with openssl in FIPS mode (1.93) |
|
|
|
# 2016-12-28 fix leftover tmpfiles in upgrade routine (1.94) |
|
|
|
# 2016-12-28 tidied up upgrade tmpfile handling (1.95) |
|
|
|
# ---------------------------------------------------------------------------------------- |
|
|
|
|
|
|
|
PROGNAME=${0##*/} |
|
|
|
VERSION="1.94" |
|
|
|
VERSION="1.95" |
|
|
|
|
|
|
|
# defaults |
|
|
|
ACCOUNT_KEY_LENGTH=4096 |
|
|
|
@ -205,6 +206,7 @@ REUSE_PRIVATE_KEY="true" |
|
|
|
SERVER_TYPE="https" |
|
|
|
SKIP_HTTP_TOKEN_CHECK="false" |
|
|
|
SSLCONF="$(openssl version -d 2>/dev/null| cut -d\" -f2)/openssl.cnf" |
|
|
|
TEMP_UPGRADE_FILE="" |
|
|
|
TOKEN_USER_ID="" |
|
|
|
USE_SINGLE_ACL="false" |
|
|
|
VALIDATE_VIA_DNS="" |
|
|
|
@ -300,17 +302,15 @@ check_challenge_completion() { # checks with the ACME server if our challenge is |
|
|
|
} |
|
|
|
|
|
|
|
check_getssl_upgrade() { # check if a more recent version of code is available available |
|
|
|
temp_upgrade="$(mktemp)" |
|
|
|
curl --silent "$CODE_LOCATION" --output "$temp_upgrade" |
|
|
|
TEMP_UPGRADE_FILE="$(mktemp)" |
|
|
|
curl --silent "$CODE_LOCATION" --output "$TEMP_UPGRADE_FILE" |
|
|
|
errcode=$? |
|
|
|
if [[ $errcode -eq 60 ]]; then |
|
|
|
rm -f "$temp_upgrade" |
|
|
|
error_exit "curl needs updating, your version does not support SNI (multiple SSL domains on a single IP)" |
|
|
|
elif [[ $errcode -gt 0 ]]; then |
|
|
|
rm -f "$temp_upgrade" |
|
|
|
error_exit "curl error : $errcode" |
|
|
|
fi |
|
|
|
latestversion=$(awk -F '"' '$1 == "VERSION=" {print $2}' "$temp_upgrade") |
|
|
|
latestversion=$(awk -F '"' '$1 == "VERSION=" {print $2}' "$TEMP_UPGRADE_FILE") |
|
|
|
latestvdec=$(echo "$latestversion"| tr -d '.') |
|
|
|
localvdec=$(echo "$VERSION"| tr -d '.' ) |
|
|
|
debug "current code is version ${VERSION}" |
|
|
|
@ -319,16 +319,15 @@ check_getssl_upgrade() { # check if a more recent version of code is available a |
|
|
|
if [[ "${latestvdec:-0}" -gt "$localvdec" ]]; then |
|
|
|
if [[ ${_UPGRADE} -eq 1 ]]; then |
|
|
|
install "$0" "${0}.v${VERSION}" |
|
|
|
install -m 700 "$temp_upgrade" "$0" |
|
|
|
install -m 700 "$TEMP_UPGRADE_FILE" "$0" |
|
|
|
if [[ ${_MUTE} -eq 0 ]]; then |
|
|
|
echo "Updated getssl from v${VERSION} to v${latestversion}" |
|
|
|
echo "these update notification can be turned off using the -Q option" |
|
|
|
echo "" |
|
|
|
echo "Updates are;" |
|
|
|
awk "/\(${VERSION}\)$/ {s=1} s; /\(${latestversion}\)$/ {s=0}" "$temp_upgrade" | awk '{if(NR>1)print}' |
|
|
|
awk "/\(${VERSION}\)$/ {s=1} s; /\(${latestversion}\)$/ {s=0}" "$TEMP_UPGRADE_FILE" | awk '{if(NR>1)print}' |
|
|
|
echo "" |
|
|
|
fi |
|
|
|
rm -f "$temp_upgrade" |
|
|
|
eval "$ORIGCMD" |
|
|
|
graceful_exit |
|
|
|
else |
|
|
|
@ -338,7 +337,6 @@ check_getssl_upgrade() { # check if a more recent version of code is available a |
|
|
|
info "" |
|
|
|
fi |
|
|
|
fi |
|
|
|
rm -f "$temp_upgrade" |
|
|
|
} |
|
|
|
|
|
|
|
clean_up() { # Perform pre-exit housekeeping |
|
|
|
@ -357,6 +355,9 @@ clean_up() { # Perform pre-exit housekeeping |
|
|
|
if [[ ! -z "$DOMAIN_DIR" ]]; then |
|
|
|
rm -rf "${TEMP_DIR:?}" |
|
|
|
fi |
|
|
|
if [[ ! -z "$TEMP_UPGRADE_FILE" ]] && [[ -f "$TEMP_UPGRADE_FILE" ]]; then |
|
|
|
rm -f "$TEMP_UPGRADE_FILE" |
|
|
|
fi |
|
|
|
} |
|
|
|
|
|
|
|
copy_file_to_location() { # copies a file, using scp if required. |
|
|
|
|
micheloe
9 years ago