diff --git a/acme.sh b/acme.sh index 0a00662c..e84011cf 100755 --- a/acme.sh +++ b/acme.sh @@ -1,6 +1,6 @@ #!/usr/bin/env sh -VER=2.2.2 +VER=2.2.3 PROJECT_NAME="acme.sh" @@ -684,7 +684,17 @@ _savedomainconf() { key="$1" value="$2" if [ "$DOMAIN_CONF" ] ; then - _setopt $DOMAIN_CONF "$key" "=" "$value" + _setopt "$DOMAIN_CONF" "$key" "=" "\"$value\"" + else + _err "DOMAIN_CONF is empty, can not save $key=$value" + fi +} + +#_cleardomainconf key +_cleardomainconf() { + key="$1" + if [ "$DOMAIN_CONF" ] ; then + _sed_i "s/^$key.*$//" "$DOMAIN_CONF" else _err "DOMAIN_CONF is empty, can not save $key=$value" fi @@ -695,7 +705,7 @@ _saveaccountconf() { key="$1" value="$2" if [ "$ACCOUNT_CONF_PATH" ] ; then - _setopt $ACCOUNT_CONF_PATH "$key" "=" "\"$value\"" + _setopt "$ACCOUNT_CONF_PATH" "$key" "=" "\"$value\"" else _err "ACCOUNT_CONF_PATH is empty, can not save $key=$value" fi @@ -1035,15 +1045,10 @@ issue() { fi fi - _setopt "$DOMAIN_CONF" "Le_Domain" "=" "$Le_Domain" - _setopt "$DOMAIN_CONF" "Le_Alt" "=" "$Le_Alt" - _setopt "$DOMAIN_CONF" "Le_Webroot" "=" "$Le_Webroot" - _setopt "$DOMAIN_CONF" "Le_Keylength" "=" "$Le_Keylength" - _setopt "$DOMAIN_CONF" "Le_RealCertPath" "=" "\"$Le_RealCertPath\"" - _setopt "$DOMAIN_CONF" "Le_RealCACertPath" "=" "\"$Le_RealCACertPath\"" - _setopt "$DOMAIN_CONF" "Le_RealKeyPath" "=" "\"$Le_RealKeyPath\"" - _setopt "$DOMAIN_CONF" "Le_ReloadCmd" "=" "\"$Le_ReloadCmd\"" - _setopt "$DOMAIN_CONF" "Le_RealFullChainPath" "=" "\"$Le_RealFullChainPath\"" + _savedomainconf "Le_Domain" "$Le_Domain" + _savedomainconf "Le_Alt" "$Le_Alt" + _savedomainconf "Le_Webroot" "$Le_Webroot" + _savedomainconf "Le_Keylength" "$Le_Keylength" if [ "$Le_Alt" = "no" ] ; then Le_Alt="" @@ -1051,22 +1056,6 @@ issue() { if [ "$Le_Keylength" = "no" ] ; then Le_Keylength="" fi - if [ "$Le_RealCertPath" = "no" ] ; then - Le_RealCertPath="" - fi - if [ "$Le_RealKeyPath" = "no" ] ; then - Le_RealKeyPath="" - fi - if [ "$Le_RealCACertPath" = "no" ] ; then - Le_RealCACertPath="" - fi - if [ "$Le_ReloadCmd" = "no" ] ; then - Le_ReloadCmd="" - fi - if [ "$Le_RealFullChainPath" = "no" ] ; then - Le_RealFullChainPath="" - fi - if _contains "$Le_Webroot" "no" ; then _info "Standalone mode." @@ -1078,7 +1067,7 @@ issue() { if [ -z "$Le_HTTPPort" ] ; then Le_HTTPPort=80 fi - _setopt "$DOMAIN_CONF" "Le_HTTPPort" "=" "$Le_HTTPPort" + _savedomainconf "Le_HTTPPort" "$Le_HTTPPort" netprc="$(_ss "$Le_HTTPPort" | grep "$Le_HTTPPort")" if [ "$netprc" ] ; then @@ -1279,7 +1268,7 @@ issue() { done if [ "$dnsadded" = '0' ] ; then - _setopt "$DOMAIN_CONF" "Le_Vlist" "=" "\"$vlist\"" + _savedomainconf "Le_Vlist" "$vlist" _debug "Dns record not added yet, so, save to $DOMAIN_CONF and exit." _err "Please add the TXT records to the domains, and retry again." _clearup @@ -1426,7 +1415,7 @@ issue() { Le_LinkCert="$(grep -i -o '^Location.*$' $HTTP_HEADER | head -1 | tr -d "\r\n" | cut -d " " -f 2)" - _setopt "$DOMAIN_CONF" "Le_LinkCert" "=" "$Le_LinkCert" + _savedomainconf "Le_LinkCert" "$Le_LinkCert" if [ "$Le_LinkCert" ] ; then echo "$BEGIN_CERT" > "$CERT_PATH" @@ -1451,10 +1440,10 @@ issue() { return 1 fi - _setopt "$DOMAIN_CONF" 'Le_Vlist' '=' "\"\"" + _cleardomainconf "Le_Vlist" Le_LinkIssuer=$(grep -i '^Link' $HTTP_HEADER | head -1 | cut -d " " -f 2| cut -d ';' -f 1 | tr -d '<>' ) - _setopt "$DOMAIN_CONF" "Le_LinkIssuer" "=" "$Le_LinkIssuer" + _savedomainconf "Le_LinkIssuer" "$Le_LinkIssuer" if [ "$Le_LinkIssuer" ] ; then echo "$BEGIN_CERT" > "$CA_CERT_PATH" @@ -1466,22 +1455,22 @@ issue() { fi Le_CertCreateTime=$(date -u "+%s") - _setopt "$DOMAIN_CONF" "Le_CertCreateTime" "=" "$Le_CertCreateTime" + _savedomainconf "Le_CertCreateTime" "$Le_CertCreateTime" Le_CertCreateTimeStr=$(date -u ) - _setopt "$DOMAIN_CONF" "Le_CertCreateTimeStr" "=" "\"$Le_CertCreateTimeStr\"" + _savedomainconf "Le_CertCreateTimeStr" "$Le_CertCreateTimeStr" if [ -z "$Le_RenewalDays" ] || [ "$Le_RenewalDays" -lt "0" ] || [ "$Le_RenewalDays" -gt "80" ] ; then Le_RenewalDays=80 fi - _setopt "$DOMAIN_CONF" "Le_RenewalDays" "=" "$Le_RenewalDays" + _savedomainconf "Le_RenewalDays" "$Le_RenewalDays" Le_NextRenewTime=$(_math $Le_CertCreateTime + $Le_RenewalDays \* 24 \* 60 \* 60) - _setopt "$DOMAIN_CONF" "Le_NextRenewTime" "=" "$Le_NextRenewTime" + _savedomainconf "Le_NextRenewTime" "$Le_NextRenewTime" Le_NextRenewTimeStr=$( _time2str $Le_NextRenewTime ) - _setopt "$DOMAIN_CONF" "Le_NextRenewTimeStr" "=" "\"$Le_NextRenewTimeStr\"" + _savedomainconf "Le_NextRenewTimeStr" "$Le_NextRenewTimeStr" installcert $Le_Domain "$Le_RealCertPath" "$Le_RealKeyPath" "$Le_RealCACertPath" "$Le_ReloadCmd" "$Le_RealFullChainPath" @@ -1518,47 +1507,12 @@ renew() { renewAll() { _initpath - _info "renewAll" - for d in $(ls -F ${CERT_HOME}/ | grep [^.].*[.].*/$ ) ; do d=$(echo $d | cut -d '/' -f 1) - _info "renew $d" - - Le_LinkCert="" - Le_Domain="" - Le_Alt="no" - Le_Webroot="" - Le_Keylength="" - Le_LinkIssuer="" - - Le_CertCreateTime="" - Le_CertCreateTimeStr="" - Le_RenewalDays="" - Le_NextRenewTime="" - Le_NextRenewTimeStr="" - - Le_RealCertPath="" - Le_RealKeyPath="" - - Le_RealCACertPath="" - - Le_ReloadCmd="" - Le_RealFullChainPath="" - - DOMAIN_PATH="" - DOMAIN_CONF="" - DOMAIN_SSL_CONF="" - CSR_PATH="" - CERT_KEY_PATH="" - CERT_PATH="" - CA_CERT_PATH="" - CERT_PFX_PATH="" - CERT_FULLCHAIN_PATH="" - ACCOUNT_KEY_PATH="" - - wellknown_path="" - - renew "$d" + ( + _info "Renew: $d" + renew "$d" + ) done } @@ -1578,13 +1532,32 @@ installcert() { _initpath $Le_Domain - _setopt "$DOMAIN_CONF" "Le_RealCertPath" "=" "\"$Le_RealCertPath\"" - _setopt "$DOMAIN_CONF" "Le_RealCACertPath" "=" "\"$Le_RealCACertPath\"" - _setopt "$DOMAIN_CONF" "Le_RealKeyPath" "=" "\"$Le_RealKeyPath\"" - _setopt "$DOMAIN_CONF" "Le_ReloadCmd" "=" "\"$Le_ReloadCmd\"" - _setopt "$DOMAIN_CONF" "Le_RealFullChainPath" "=" "\"$Le_RealFullChainPath\"" + _savedomainconf "Le_RealCertPath" "$Le_RealCertPath" + _savedomainconf "Le_RealCACertPath" "$Le_RealCACertPath" + _savedomainconf "Le_RealKeyPath" "$Le_RealKeyPath" + _savedomainconf "Le_ReloadCmd" "$Le_ReloadCmd" + _savedomainconf "Le_RealFullChainPath" "$Le_RealFullChainPath" + if [ "$Le_RealCertPath" = "no" ] ; then + Le_RealCertPath="" + fi + if [ "$Le_RealKeyPath" = "no" ] ; then + Le_RealKeyPath="" + fi + if [ "$Le_RealCACertPath" = "no" ] ; then + Le_RealCACertPath="" + fi + if [ "$Le_ReloadCmd" = "no" ] ; then + Le_ReloadCmd="" + fi + if [ "$Le_RealFullChainPath" = "no" ] ; then + Le_RealFullChainPath="" + fi + + _installed="0" if [ "$Le_RealCertPath" ] ; then + _installed=1 + _info "Installing cert to:$Le_RealCertPath" if [ -f "$Le_RealCertPath" ] ; then cp "$Le_RealCertPath" "$Le_RealCertPath".bak fi @@ -1592,6 +1565,8 @@ installcert() { fi if [ "$Le_RealCACertPath" ] ; then + _installed=1 + _info "Installing CA to:$Le_RealCACertPath" if [ "$Le_RealCACertPath" = "$Le_RealCertPath" ] ; then echo "" >> "$Le_RealCACertPath" cat "$CA_CERT_PATH" >> "$Le_RealCACertPath" @@ -1605,6 +1580,8 @@ installcert() { if [ "$Le_RealKeyPath" ] ; then + _installed=1 + _info "Installing key to:$Le_RealKeyPath" if [ -f "$Le_RealKeyPath" ] ; then cp "$Le_RealKeyPath" "$Le_RealKeyPath".bak fi @@ -1612,6 +1589,8 @@ installcert() { fi if [ "$Le_RealFullChainPath" ] ; then + _installed=1 + _info "Installing full chain to:$Le_RealFullChainPath" if [ -f "$Le_RealFullChainPath" ] ; then cp "$Le_RealFullChainPath" "$Le_RealFullChainPath".bak fi @@ -1619,8 +1598,18 @@ installcert() { fi if [ "$Le_ReloadCmd" ] ; then + _installed=1 _info "Run Le_ReloadCmd: $Le_ReloadCmd" - (cd "$DOMAIN_PATH" && eval "$Le_ReloadCmd") + if (cd "$DOMAIN_PATH" && eval "$Le_ReloadCmd") ; then + _info "Reload success." + else + _err "Reload error for :$Le_Domain" + fi + fi + + if [ "$_installed" = "0" ] ; then + _err "Nothing to install. You don't specify any parameter." + return 1 fi } @@ -2083,7 +2072,7 @@ _process() { _keypath="no" _capath="no" _fullchainpath="no" - _reloadcmd="no" + _reloadcmd="" _password="" _accountconf="" _useragent="" @@ -2116,7 +2105,7 @@ _process() { --renew|-r) _CMD="renew" ;; - --renewAll|-renewall) + --renewAll|--renewall) _CMD="renewAll" ;; --revoke)