nihilist/acme.sh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix for shellcheck

Browse Source
This commit is contained in:
neilpang 2016-11-09 21:06:22 +08:00
parent 95e06de5de
commit f9a6988ece
1 changed files with 28 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
acme.sh
View File

@ -306,7 +306,7 @@ _h2b() {
_debug3 _URGLY_PRINTF "$_URGLY_PRINTF" _debug3 _URGLY_PRINTF "$_URGLY_PRINTF"
while true; do while true; do
if [ -z "$_URGLY_PRINTF" ]; then if [ -z "$_URGLY_PRINTF" ]; then
h="$(printf $hex | cut -c $i-$j)" h="$(printf "%s" "$hex" | cut -c $i-$j)"
if [ -z "$h" ]; then if [ -z "$h" ]; then
break break
fi fi
@ -479,7 +479,7 @@ _sign() {
if ! _signedECText="$($_sign_openssl | openssl asn1parse -inform DER)"; then if ! _signedECText="$($_sign_openssl | openssl asn1parse -inform DER)"; then
_err "Sign failed: $_sign_openssl" _err "Sign failed: $_sign_openssl"
_err "Key file: $keyfile" _err "Key file: $keyfile"
_err "Key content:$(cat "$keyfile" | wc -l) lises" _err "Key content:$(wc -l <"$keyfile") lises"
return 1 return 1
fi fi
_debug3 "_signedECText" "$_signedECText" _debug3 "_signedECText" "$_signedECText"
@ -516,7 +516,7 @@ _createkey() {
f="$2" f="$2"
eccname="$length" eccname="$length"
if _startswith "$length" "ec-"; then if _startswith "$length" "ec-"; then
length=$(printf "$length" | cut -d '-' -f 2-100) length=$(printf "%s" "$length" | cut -d '-' -f 2-100)
if [ "$length" = "256" ]; then if [ "$length" = "256" ]; then
eccname="prime256v1" eccname="prime256v1"
@ -608,10 +608,10 @@ _createcsr() {
#single domain #single domain
_info "Single domain" "$domain" _info "Single domain" "$domain"
else else
domainlist="$(_idn $domainlist)" domainlist="$(_idn "$domainlist")"
_debug2 domainlist "$domainlist" _debug2 domainlist "$domainlist"
if _contains "$domainlist" ","; then if _contains "$domainlist" ","; then
alt="DNS:$(echo $domainlist | sed "s/,/,DNS:/g")" alt="DNS:$(echo "$domainlist" | sed "s/,/,DNS:/g")"
else else
alt="DNS:$domainlist" alt="DNS:$domainlist"
fi fi
@ -803,7 +803,7 @@ createDomainKey() {
length="$DEFAULT_DOMAIN_KEY_LENGTH" length="$DEFAULT_DOMAIN_KEY_LENGTH"
fi fi
_initpath $domain "$length" _initpath "$domain" "$length"
if [ ! -f "$CERT_KEY_PATH" ] || ([ "$FORCE" ] && ! [ "$IS_RENEW" ]); then if [ ! -f "$CERT_KEY_PATH" ] || ([ "$FORCE" ] && ! [ "$IS_RENEW" ]); then
_createkey "$length" "$CERT_KEY_PATH" _createkey "$length" "$CERT_KEY_PATH"
@ -849,18 +849,17 @@ createCSR() {
} }
_urlencode() { _urlencode() {
__n=$(cat) tr '/+' '_-' | tr -d '= '
echo $__n | tr '/+' '_-' | tr -d '= '
} }
_time2str() { _time2str() {
#BSD #BSD
if date -u -d@$1 2>/dev/null; then if date -u -d@"$1" 2>/dev/null; then
return return
fi fi
#Linux #Linux
if date -u -r $1 2>/dev/null; then if date -u -r "$1" 2>/dev/null; then
return return
fi fi
@ -905,16 +904,16 @@ _calcjwk() {
EC_SIGN="" EC_SIGN=""
if grep "BEGIN RSA PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then if grep "BEGIN RSA PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then
_debug "RSA key" _debug "RSA key"
pub_exp=$(openssl rsa -in $keyfile -noout -text | grep "^publicExponent:" | cut -d '(' -f 2 | cut -d 'x' -f 2 | cut -d ')' -f 1) pub_exp=$(openssl rsa -in "$keyfile" -noout -text | grep "^publicExponent:" | cut -d '(' -f 2 | cut -d 'x' -f 2 | cut -d ')' -f 1)
if [ "${#pub_exp}" = "5" ]; then if [ "${#pub_exp}" = "5" ]; then
pub_exp=0$pub_exp pub_exp=0$pub_exp
fi fi
_debug3 pub_exp "$pub_exp" _debug3 pub_exp "$pub_exp"
e=$(echo $pub_exp | _h2b | _base64) e=$(echo "$pub_exp" | _h2b | _base64)
_debug3 e "$e" _debug3 e "$e"
modulus=$(openssl rsa -in $keyfile -modulus -noout | cut -d '=' -f 2) modulus=$(openssl rsa -in "$keyfile" -modulus -noout | cut -d '=' -f 2)
_debug3 modulus "$modulus" _debug3 modulus "$modulus"
n="$(printf "%s" "$modulus" | _h2b | _base64 | _urlencode)" n="$(printf "%s" "$modulus" | _h2b | _base64 | _urlencode)"
jwk='{"e": "'$e'", "kty": "RSA", "n": "'$n'"}' jwk='{"e": "'$e'", "kty": "RSA", "n": "'$n'"}'
@ -926,12 +925,12 @@ _calcjwk() {
elif grep "BEGIN EC PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then elif grep "BEGIN EC PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then
_debug "EC key" _debug "EC key"
EC_SIGN="1" EC_SIGN="1"
crv="$(openssl ec -in $keyfile -noout -text 2>/dev/null | grep "^NIST CURVE:" | cut -d ":" -f 2 | tr -d " \r\n")" crv="$(openssl ec -in "$keyfile" -noout -text 2>/dev/null | grep "^NIST CURVE:" | cut -d ":" -f 2 | tr -d " \r\n")"
_debug3 crv "$crv" _debug3 crv "$crv"
if [ -z "$crv" ]; then if [ -z "$crv" ]; then
_debug "Let's try ASN1 OID" _debug "Let's try ASN1 OID"
crv_oid="$(openssl ec -in $keyfile -noout -text 2>/dev/null | grep "^ASN1 OID:" | cut -d ":" -f 2 | tr -d " \r\n")" crv_oid="$(openssl ec -in "$keyfile" -noout -text 2>/dev/null | grep "^ASN1 OID:" | cut -d ":" -f 2 | tr -d " \r\n")"
_debug3 crv_oid "$crv_oid" _debug3 crv_oid "$crv_oid"
case "${crv_oid}" in case "${crv_oid}" in
"prime256v1") "prime256v1")
@ -951,15 +950,15 @@ _calcjwk() {
_debug3 crv "$crv" _debug3 crv "$crv"
fi fi
pubi="$(openssl ec -in $keyfile -noout -text 2>/dev/null | grep -n pub: | cut -d : -f 1)" pubi="$(openssl ec -in "$keyfile" -noout -text 2>/dev/null | grep -n pub: | cut -d : -f 1)"
pubi=$(_math $pubi + 1) pubi=$(_math $pubi + 1)
_debug3 pubi "$pubi" _debug3 pubi "$pubi"
pubj="$(openssl ec -in $keyfile -noout -text 2>/dev/null | grep -n "ASN1 OID:" | cut -d : -f 1)" pubj="$(openssl ec -in "$keyfile" -noout -text 2>/dev/null | grep -n "ASN1 OID:" | cut -d : -f 1)"
pubj=$(_math $pubj - 1) pubj=$(_math $pubj - 1)
_debug3 pubj "$pubj" _debug3 pubj "$pubj"
pubtext="$(openssl ec -in $keyfile -noout -text 2>/dev/null | sed -n "$pubi,${pubj}p" | tr -d " \n\r")" pubtext="$(openssl ec -in "$keyfile" -noout -text 2>/dev/null | sed -n "$pubi,${pubj}p" | tr -d " \n\r")"
_debug3 pubtext "$pubtext" _debug3 pubtext "$pubtext"
xlen="$(printf "%s" "$pubtext" | tr -d ':' | wc -c)" xlen="$(printf "%s" "$pubtext" | tr -d ':' | wc -c)"
@ -967,14 +966,14 @@ _calcjwk() {
_debug3 xlen "$xlen" _debug3 xlen "$xlen"
xend=$(_math "$xlen" + 1) xend=$(_math "$xlen" + 1)
x="$(printf "%s" "$pubtext" | cut -d : -f 2-$xend)" x="$(printf "%s" "$pubtext" | cut -d : -f 2-"$xend")"
_debug3 x "$x" _debug3 x "$x"
x64="$(printf "%s" "$x" | tr -d : | _h2b | _base64 | _urlencode)" x64="$(printf "%s" "$x" | tr -d : | _h2b | _base64 | _urlencode)"
_debug3 x64 "$x64" _debug3 x64 "$x64"
xend=$(_math "$xend" + 1) xend=$(_math "$xend" + 1)
y="$(printf "%s" "$pubtext" | cut -d : -f $xend-10000)" y="$(printf "%s" "$pubtext" | cut -d : -f "$xend"-10000)"
_debug3 y "$y" _debug3 y "$y"
y64="$(printf "%s" "$y" | tr -d : | _h2b | _base64 | _urlencode)" y64="$(printf "%s" "$y" | tr -d : | _h2b | _base64 | _urlencode)"
@ -1148,9 +1147,9 @@ _get() {
fi fi
_debug "_CURL" "$_CURL" _debug "_CURL" "$_CURL"
if [ "$onlyheader" ]; then if [ "$onlyheader" ]; then
$_CURL -I --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" $url $_CURL -I --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$url"
else else
$_CURL --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" $url $_CURL --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$url"
fi fi
ret=$? ret=$?
if [ "$ret" != "0" ]; then if [ "$ret" != "0" ]; then
@ -1167,9 +1166,9 @@ _get() {
fi fi
_debug "_WGET" "$_WGET" _debug "_WGET" "$_WGET"
if [ "$onlyheader" ]; then if [ "$onlyheader" ]; then
$_WGET --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -S -O /dev/null $url 2>&1 | sed 's/^[ ]*//g' $_WGET --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -S -O /dev/null "$url" 2>&1 | sed 's/^[ ]*//g'
else else
$_WGET --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -O - $url $_WGET --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -O - "$url"
fi fi
ret=$? ret=$?
if [ "$_ret" = "8" ]; then if [ "$_ret" = "8" ]; then
@ -1192,9 +1191,9 @@ _head_n() {
} }
_tail_n() { _tail_n() {
if ! tail -n $1 2>/dev/null; then if ! tail -n "$1" 2>/dev/null; then
#fix for solaris #fix for solaris
tail -$1 tail -"$1"
fi fi
} }
@ -1207,7 +1206,7 @@ _send_signed_request() {
if [ -z "$keyfile" ]; then if [ -z "$keyfile" ]; then
keyfile="$ACCOUNT_KEY_PATH" keyfile="$ACCOUNT_KEY_PATH"
fi fi
_debug url $url _debug url "$url"
_debug payload "$payload" _debug payload "$payload"
if ! _calcjwk "$keyfile"; then if ! _calcjwk "$keyfile"; then
@ -1215,7 +1214,7 @@ _send_signed_request() {
fi fi
payload64=$(printf "%s" "$payload" | _base64 | _urlencode) payload64=$(printf "%s" "$payload" | _base64 | _urlencode)
_debug3 payload64 $payload64 _debug3 payload64 "$payload64"
if [ -z "$_CACHED_NONCE" ]; then if [ -z "$_CACHED_NONCE" ]; then
_debug2 "Get nonce." _debug2 "Get nonce."
@ -1255,7 +1254,7 @@ _send_signed_request() {
body="{\"header\": $JWK_HEADER, \"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}" body="{\"header\": $JWK_HEADER, \"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}"
_debug3 body "$body" _debug3 body "$body"
response="$(_post "$body" $url "$needbase64")" response="$(_post "$body" "$url" "$needbase64")"
_CACHED_NONCE="" _CACHED_NONCE=""
if [ "$?" != "0" ]; then if [ "$?" != "0" ]; then
_err "Can not post to $url" _err "Can not post to $url"