Support Authorization deactivation

https://github.com/Neilpang/acme.sh/issues/291
This commit is contained in:
neil 2016-09-22 23:17:50 +08:00
parent 7da50703fb
commit 0c00e870c6

86
acme.sh
View File

@ -1883,7 +1883,7 @@ issue() {
vtype="$VTYPE_TLS"
fi
_info "Getting token for domain" $d
_info "Getting new-authz for domain" $d
if ! _send_signed_request "$API/acme/new-authz" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$d\"}}" ; then
_err "Can not get domain token."
@ -2720,6 +2720,82 @@ revoke() {
return 1
}
#domain vtype
_deactivate() {
_d_domain="$1"
_d_type="$2"
_initpath
_d_i=0
_d_max_retry=9
while [ "$_d_i" -lt "$_d_max_retry" ] ;
do
_d_i="$(_math $_d_i + 1)"
if ! _send_signed_request "$API/acme/new-authz" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$_d_domain\"}}" ; then
_err "Can not get domain token."
return 1
fi
authzUri="$(echo "$responseHeaders" | grep "^Location:" | cut -d ' ' -f 2)"
_info "authzUri" "$authzUri"
if [ ! -z "$code" ] && [ ! "$code" = '201' ] ; then
_err "new-authz error: $response"
return 1
fi
entry="$(printf "%s\n" "$response" | _egrep_o '[^{]*"status":"valid","uri"[^}]*')"
_debug entry "$entry"
if [ -z "$entry" ] ; then
_info "No valid entry found."
break
fi
_vtype="$(printf "%s\n" "$entry" | _egrep_o '"type": *"[^"]*"' | cut -d : -f 2 | tr -d '"')"
_debug _vtype $_vtype
_info "Found $_vtype"
uri="$(printf "%s\n" "$entry" | _egrep_o '"uri":"[^"]*'| cut -d : -f 2,3 | tr -d '"' )"
_debug uri $uri
if [ "$_d_type" ] && [ "$_d_type" != "$_vtype" ] ; then
_info "Skip $_vtype"
continue
fi
_info "Deactivate: $_vtype"
if ! _send_signed_request "$authzUri" "{\"resource\": \"authz\", \"status\":\"deactivated\"}" ; then
_err "Can not deactivate $_vtype."
return 1
fi
done
_debug "$_d_i"
if [ "$_d_i" -lt "$_d_max_retry" ] ; then
_info "Deactivated success!"
else
_err "Deactivate failed."
fi
}
deactivate() {
_d_domain="$1"
_d_type="$2"
_initpath
if [ -z "$_d_domain" ] ; then
_usage "Usage: $PROJECT_ENTRY --deactivate -d domain.com"
return 1
fi
_deactivate "$_d_domain" $_d_type
}
# Detect profile file if not specified as environment variable
_detect_profile() {
if [ -n "$PROFILE" -a -f "$PROFILE" ] ; then
@ -3093,6 +3169,7 @@ Commands:
--createAccountKey, -cak Create an account private key, professional use.
--createDomainKey, -cdk Create an domain private key, professional use.
--createCSR, -ccsr Create CSR , professional use.
--deactivate Deactivate the domain authz, professional use.
Parameters:
--domain, -d domain.tld Specifies a domain, used to issue, renew or revoke etc.
@ -3303,7 +3380,9 @@ _process() {
--createCSR|--createcsr|-ccr)
_CMD="createCSR"
;;
--deactivate)
_CMD="deactivate"
;;
--domain|-d)
_dvalue="$2"
@ -3575,6 +3654,9 @@ _process() {
revoke)
revoke "$_domain" "$_ecc"
;;
deactivate)
deactivate "$_domain"
;;
list)
list "$_listraw"
;;