retry if nonce is invalid

fix https://github.com/Neilpang/acme.sh/issues/627
2017-02-17 13:51:17 +08:00 · 2017-02-17 13:51:17 +08:00 · 0bc745f68f
parent 52f8b787c9
commit 0bc745f68f
1 changed files with 58 additions and 45 deletions
--- a/acme.sh
+++ b/acme.sh
@ -1530,6 +1530,10 @@ _send_signed_request() {
  payload64=$(printf "%s" "$payload" | _base64 | _url_replace)
  _debug3 payload64 "$payload64"

+  MAX_REQUEST_RETRY_TIMES=5
+  _request_retry_times=0
+  while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do
+    _debug3 _request_retry_times "$_request_retry_times" 
    if [ -z "$_CACHED_NONCE" ]; then
      _debug2 "Get nonce."
      nonceurl="$API/directory"
@ -1570,15 +1574,15 @@ _send_signed_request() {

    response="$(_post "$body" "$url" "$needbase64")"
    _CACHED_NONCE=""
+
    if [ "$?" != "0" ]; then
      _err "Can not post to $url"
      return 1
    fi
    _debug2 original "$response"
-
    response="$(echo "$response" | _normalizeJson)"

-  responseHeaders="$(cat "$HTTP_HEADER")"
+    responseHeaders="$(< "$HTTP_HEADER")"

    _debug2 responseHeaders "$responseHeaders"
    _debug2 response "$response"
@ -1587,6 +1591,15 @@ _send_signed_request() {

    _CACHED_NONCE="$(echo "$responseHeaders" | grep "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2)"

+    if _contains "$response" "JWS has invalid anti-replay nonce"; then
+      _info "It seems the CA server is busy now, let's wait and retry."
+      _request_retry_times=$(_math "$_request_retry_times" + 1)
+      _sleep 5
+      continue
+    fi
+    break;
+  done
+
 }

 #setopt "file"  "opt"  "="  "value" [";"]