diff --git a/le.sh b/le.sh index 79bc2740..bd1bb8d6 100755 --- a/le.sh +++ b/le.sh @@ -5,6 +5,8 @@ PROJECT="https://github.com/Neilpang/le" DEFAULT_CA="https://acme-v01.api.letsencrypt.org" DEFAULT_AGREEMENT="https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf" +DEFAULT_USER_AGENT="le.sh client: $PROJECT" + STAGE_CA="https://acme-staging.api.letsencrypt.org" VTYPE_HTTP="http-01" @@ -33,7 +35,7 @@ _err() { if [ -z "$2" ] ; then echo "$1" >&2 else - echo "$1"="$2" >&2 + echo "$1"="'$2'" >&2 fi return 1 } @@ -427,22 +429,17 @@ _post() { needbase64="$3" if _exists "curl" ; then - dp="$LE_WORKING_DIR/curl.dump" - CURL="curl --silent --dump-header $HTTP_HEADER " - if [ "$DEBUG" ] ; then - CURL="$CURL --trace-ascii $dp " - fi - + CURL="$CURL --dump-header $HTTP_HEADER " if [ "$needbase64" ] ; then - response="$($CURL -X POST --data "$body" $url | _base64)" + response="$($CURL -A "User-Agent: $USER_AGENT" -X POST --data "$body" $url | _base64)" else - response="$($CURL -X POST --data "$body" $url)" + response="$($CURL -A "User-Agent: $USER_AGENT" -X POST --data "$body" $url)" fi else if [ "$needbase64" ] ; then - response="$(wget -q -S -O - --post-data="$body" $url 2>"$HTTP_HEADER" | _base64)" + response="$($WGET -S -O - --user-agent="$USER_AGENT" --post-data="$body" $url 2>"$HTTP_HEADER" | _base64)" else - response="$(wget -q -S -O - --post-data="$body" $url 2>"$HTTP_HEADER")" + response="$($WGET -S -O - --user-agent="$USER_AGENT" --post-data="$body" $url 2>"$HTTP_HEADER")" fi _sed_i "s/^ *//g" "$HTTP_HEADER" fi @@ -457,15 +454,16 @@ _get() { _debug url $url if _exists "curl" ; then if [ "$onlyheader" ] ; then - curl -I --silent $url + $CURL -I -A "User-Agent: $USER_AGENT" $url else - curl --silent $url + $CURL -A "User-Agent: $USER_AGENT" $url fi else + _debug "WGET" "$WGET" if [ "$onlyheader" ] ; then - wget -S -q -O /dev/null $url 2>&1 | sed "s/^[ ]*//g" + eval $WGET --user-agent=\"$USER_AGENT\" -S -O /dev/null $url 2>&1 | sed 's/^[ ]*//g' else - wget -q -O - $url + eval $WGET --user-agent=\"$USER_AGENT\" -O - $url fi fi ret=$? @@ -492,7 +490,7 @@ _send_signed_request() { _debug payload64 $payload64 nonceurl="$API/directory" - nonce="$(_get $nonceurl "onlyheader" | grep -o "Replay-Nonce:.*$" | tr -d "\r\n" | cut -d ' ' -f 2)" + nonce="$(_get $nonceurl "onlyheader" | grep -o "Replay-Nonce:.*$" | head -1 | tr -d "\r\n" | cut -d ' ' -f 2)" _debug nonce "$nonce" @@ -508,7 +506,7 @@ _send_signed_request() { body="{\"header\": $HEADER, \"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}" _debug body "$body" - HTTP_HEADER="$LE_WORKING_DIR/http.header" + response="$(_post "$body" $url "$needbase64" )" responseHeaders="$(cat $HTTP_HEADER)" @@ -650,6 +648,23 @@ _initpath() { APACHE_CONF_BACKUP_DIR="$LE_WORKING_DIR/" fi + if [ -z "$USER_AGENT" ] ; then + USER_AGENT="$DEFAULT_USER_AGENT" + fi + + HTTP_HEADER="$LE_WORKING_DIR/http.header" + + WGET="wget -q" + if [ "$DEBUG" ] ; then + WGET="$WGET -d " + fi + + dp="$LE_WORKING_DIR/curl.dump" + CURL="curl --silent" + if [ "$DEBUG" ] ; then + CURL="$CURL --trace-ascii $dp " + fi + domain="$1" if ! mkdir -p "$LE_WORKING_DIR" ; then _err "Can not craete working dir: $LE_WORKING_DIR" @@ -1153,7 +1168,7 @@ issue() { _send_signed_request "$API/acme/new-cert" "{\"resource\": \"new-cert\", \"csr\": \"$der\"}" "needbase64" - Le_LinkCert="$(grep -i -o '^Location.*$' $HTTP_HEADER | tr -d "\r\n" | cut -d " " -f 2)" + Le_LinkCert="$(grep -i -o '^Location.*$' $HTTP_HEADER | head -1 | tr -d "\r\n" | cut -d " " -f 2)" _setopt "$DOMAIN_CONF" "Le_LinkCert" "=" "$Le_LinkCert" if [ "$Le_LinkCert" ] ; then @@ -1176,7 +1191,7 @@ issue() { _setopt "$DOMAIN_CONF" 'Le_Vlist' '=' "\"\"" - Le_LinkIssuer=$(grep -i '^Link' $HTTP_HEADER | cut -d " " -f 2| cut -d ';' -f 1 | tr -d '<>' ) + Le_LinkIssuer=$(grep -i '^Link' $HTTP_HEADER | head -1 | cut -d " " -f 2| cut -d ';' -f 1 | tr -d '<>' ) _setopt "$DOMAIN_CONF" "Le_LinkIssuer" "=" "$Le_LinkIssuer" if [ "$Le_LinkIssuer" ] ; then @@ -1423,6 +1438,7 @@ _initconf() { #ACCOUNT_KEY_HASH=account key hash +USER_AGENT=\"le.sh client: $PROJECT\" #dns api ####################### #Cloudflare: