From 7834c252534d6d24c8a307feec7aa7428c65e7e6 Mon Sep 17 00:00:00 2001
From: neilpang <github@byneil.com>
Date: Mon, 21 Nov 2016 20:56:50 +0800
Subject: [PATCH] refactor HTTPS_INSECURE

---
 acme.sh | 29 ++++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/acme.sh b/acme.sh
index 7a305cf2..6b63c9ed 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1049,9 +1049,6 @@ _inithttp() {
       _ACME_CURL="$_ACME_CURL --cacert $CA_BUNDLE "
     fi
 
-    if [ "$HTTPS_INSECURE" ]; then
-      _ACME_CURL="$_ACME_CURL --insecure  "
-    fi
   fi
 
   if [ -z "$_ACME_WGET" ] && _exists "wget"; then
@@ -1062,9 +1059,6 @@ _inithttp() {
     if [ "$CA_BUNDLE" ]; then
       _ACME_WGET="$_ACME_WGET --ca-certificate $CA_BUNDLE "
     fi
-    if [ "$HTTPS_INSECURE" ]; then
-      _ACME_WGET="$_ACME_WGET --no-check-certificate "
-    fi
   fi
 
   __HTTP_INITIALIZED=1
@@ -1089,6 +1083,9 @@ _post() {
 
   if [ "$_ACME_CURL" ]; then
     _CURL="$_ACME_CURL"
+    if [ "$HTTPS_INSECURE" ]; then
+      _CURL="$_CURL --insecure  "
+    fi
     _debug "_CURL" "$_CURL"
     if [ "$needbase64" ]; then
       response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$url" | _base64)"
@@ -1104,18 +1101,22 @@ _post() {
       fi
     fi
   elif [ "$_ACME_WGET" ]; then
-    _debug "_ACME_WGET" "$_ACME_WGET"
+    _WGET="$_ACME_WGET"
+    if [ "$HTTPS_INSECURE" ]; then
+      _WGET="$_WGET --no-check-certificate "
+    fi
+    _debug "_WGET" "$_WGET"
     if [ "$needbase64" ]; then
       if [ "$httpmethod" = "POST" ]; then
-        response="$($_ACME_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$url" 2>"$HTTP_HEADER" | _base64)"
+        response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$url" 2>"$HTTP_HEADER" | _base64)"
       else
-        response="$($_ACME_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --method $httpmethod --body-data="$body" "$url" 2>"$HTTP_HEADER" | _base64)"
+        response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --method $httpmethod --body-data="$body" "$url" 2>"$HTTP_HEADER" | _base64)"
       fi
     else
       if [ "$httpmethod" = "POST" ]; then
-        response="$($_ACME_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$url" 2>"$HTTP_HEADER")"
+        response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$url" 2>"$HTTP_HEADER")"
       else
-        response="$($_ACME_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --method $httpmethod --body-data="$body" "$url" 2>"$HTTP_HEADER")"
+        response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --method $httpmethod --body-data="$body" "$url" 2>"$HTTP_HEADER")"
       fi
     fi
     _ret="$?"
@@ -1149,6 +1150,9 @@ _get() {
 
   if [ "$_ACME_CURL" ]; then
     _CURL="$_ACME_CURL"
+    if [ "$HTTPS_INSECURE" ]; then
+      _CURL="$_CURL --insecure  "
+    fi
     if [ "$t" ]; then
       _CURL="$_CURL --connect-timeout $t"
     fi
@@ -1168,6 +1172,9 @@ _get() {
     fi
   elif [ "$_ACME_WGET" ]; then
     _WGET="$_ACME_WGET"
+    if [ "$HTTPS_INSECURE" ]; then
+      _WGET="$_WGET --no-check-certificate "
+    fi
     if [ "$t" ]; then
       _WGET="$_WGET --timeout=$t"
     fi