clear the pending authz when issue error
fix bug https://github.com/Neilpang/acme.sh/issues/663
This commit is contained in:
parent
4fd63f4e30
commit
58e4d337e4
59
acme.sh
59
acme.sh
@ -2819,6 +2819,7 @@ _on_before_issue() {
|
|||||||
|
|
||||||
_on_issue_err() {
|
_on_issue_err() {
|
||||||
_chk_post_hook="$1"
|
_chk_post_hook="$1"
|
||||||
|
_chk_vlist="$2"
|
||||||
_debug _on_issue_err
|
_debug _on_issue_err
|
||||||
if [ "$LOG_FILE" ]; then
|
if [ "$LOG_FILE" ]; then
|
||||||
_err "Please check log file for more details: $LOG_FILE"
|
_err "Please check log file for more details: $LOG_FILE"
|
||||||
@ -2827,10 +2828,6 @@ _on_issue_err() {
|
|||||||
_err "See: $_DEBUG_WIKI"
|
_err "See: $_DEBUG_WIKI"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$DEBUG" ] && [ "$DEBUG" -gt "0" ]; then
|
|
||||||
_debug "$(_dlg_versions)"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#run the post hook
|
#run the post hook
|
||||||
if [ "$_chk_post_hook" ]; then
|
if [ "$_chk_post_hook" ]; then
|
||||||
_info "Run post hook:'$_chk_post_hook'"
|
_info "Run post hook:'$_chk_post_hook'"
|
||||||
@ -2841,6 +2838,28 @@ _on_issue_err() {
|
|||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
#trigger the validation to flush the pending authz
|
||||||
|
if [ "$_chk_vlist" ]; then
|
||||||
|
(
|
||||||
|
_debug2 "_chk_vlist" "$_chk_vlist"
|
||||||
|
_debug2 "start to deactivate authz"
|
||||||
|
ventries=$(echo "$_chk_vlist" | tr "$dvsep" ' ')
|
||||||
|
for ventry in $ventries; do
|
||||||
|
d=$(echo "$ventry" | cut -d "$sep" -f 1)
|
||||||
|
keyauthorization=$(echo "$ventry" | cut -d "$sep" -f 2)
|
||||||
|
uri=$(echo "$ventry" | cut -d "$sep" -f 3)
|
||||||
|
vtype=$(echo "$ventry" | cut -d "$sep" -f 4)
|
||||||
|
_currentRoot=$(echo "$ventry" | cut -d "$sep" -f 5)
|
||||||
|
__trigger_validaton "$uri" "$keyauthorization"
|
||||||
|
done
|
||||||
|
)
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$DEBUG" ] && [ "$DEBUG" -gt "0" ]; then
|
||||||
|
_debug "$(_dlg_versions)"
|
||||||
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
_on_issue_success() {
|
_on_issue_success() {
|
||||||
@ -3053,6 +3072,16 @@ __get_domain_new_authz() {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#uri keyAuthorization
|
||||||
|
__trigger_validaton() {
|
||||||
|
_debug2 "tigger domain validation."
|
||||||
|
_t_url="$1"
|
||||||
|
_debug2 _t_url "$_t_url"
|
||||||
|
_t_key_authz="$2"
|
||||||
|
_debug2 _t_key_authz "$_t_key_authz"
|
||||||
|
_send_signed_request "$_t_url" "{\"resource\": \"challenge\", \"keyAuthorization\": \"$_t_key_authz\"}"
|
||||||
|
}
|
||||||
|
|
||||||
#webroot, domain domainlist keylength
|
#webroot, domain domainlist keylength
|
||||||
issue() {
|
issue() {
|
||||||
if [ -z "$2" ]; then
|
if [ -z "$2" ]; then
|
||||||
@ -3366,7 +3395,7 @@ issue() {
|
|||||||
_startserver "$keyauthorization" "$_ncaddr" &
|
_startserver "$keyauthorization" "$_ncaddr" &
|
||||||
if [ "$?" != "0" ]; then
|
if [ "$?" != "0" ]; then
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
serverproc="$!"
|
serverproc="$!"
|
||||||
@ -3382,7 +3411,7 @@ issue() {
|
|||||||
BACKUP_NGINX_CONF=""
|
BACKUP_NGINX_CONF=""
|
||||||
if ! _setNginx "$d" "$_currentRoot" "$thumbprint"; then
|
if ! _setNginx "$d" "$_currentRoot" "$thumbprint"; then
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -3417,7 +3446,7 @@ issue() {
|
|||||||
_err "$d:Can not write token to file : $wellknown_path/$token"
|
_err "$d:Can not write token to file : $wellknown_path/$token"
|
||||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -3462,16 +3491,16 @@ issue() {
|
|||||||
_err "Start tls server error."
|
_err "Start tls server error."
|
||||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! _send_signed_request "$uri" "{\"resource\": \"challenge\", \"keyAuthorization\": \"$keyauthorization\"}"; then
|
if ! __trigger_validaton "$uri" "$keyauthorization"; then
|
||||||
_err "$d:Can not get challenge: $response"
|
_err "$d:Can not get challenge: $response"
|
||||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -3479,7 +3508,7 @@ issue() {
|
|||||||
_err "$d:Challenge error: $response"
|
_err "$d:Challenge error: $response"
|
||||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -3494,7 +3523,7 @@ issue() {
|
|||||||
_err "$d:Timeout"
|
_err "$d:Timeout"
|
||||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -3506,7 +3535,7 @@ issue() {
|
|||||||
_err "$d:Verify error:$response"
|
_err "$d:Verify error:$response"
|
||||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
_debug2 original "$response"
|
_debug2 original "$response"
|
||||||
@ -3541,7 +3570,7 @@ issue() {
|
|||||||
fi
|
fi
|
||||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -3551,7 +3580,7 @@ issue() {
|
|||||||
_err "$d:Verify error:$response"
|
_err "$d:Verify error:$response"
|
||||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||||
_clearup
|
_clearup
|
||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook" "$vlist"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user