mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-11-10 00:11:45 +00:00
Support Authorization deactivation
https://github.com/Neilpang/acme.sh/issues/291
This commit is contained in:
parent
7da50703fb
commit
0c00e870c6
86
acme.sh
86
acme.sh
@ -1883,7 +1883,7 @@ issue() {
|
||||
vtype="$VTYPE_TLS"
|
||||
fi
|
||||
|
||||
_info "Getting token for domain" $d
|
||||
_info "Getting new-authz for domain" $d
|
||||
|
||||
if ! _send_signed_request "$API/acme/new-authz" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$d\"}}" ; then
|
||||
_err "Can not get domain token."
|
||||
@ -2720,6 +2720,82 @@ revoke() {
|
||||
return 1
|
||||
}
|
||||
|
||||
|
||||
#domain vtype
|
||||
_deactivate() {
|
||||
_d_domain="$1"
|
||||
_d_type="$2"
|
||||
_initpath
|
||||
|
||||
_d_i=0
|
||||
_d_max_retry=9
|
||||
while [ "$_d_i" -lt "$_d_max_retry" ] ;
|
||||
do
|
||||
_d_i="$(_math $_d_i + 1)"
|
||||
if ! _send_signed_request "$API/acme/new-authz" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$_d_domain\"}}" ; then
|
||||
_err "Can not get domain token."
|
||||
return 1
|
||||
fi
|
||||
|
||||
authzUri="$(echo "$responseHeaders" | grep "^Location:" | cut -d ' ' -f 2)"
|
||||
_info "authzUri" "$authzUri"
|
||||
|
||||
if [ ! -z "$code" ] && [ ! "$code" = '201' ] ; then
|
||||
_err "new-authz error: $response"
|
||||
return 1
|
||||
fi
|
||||
|
||||
entry="$(printf "%s\n" "$response" | _egrep_o '[^{]*"status":"valid","uri"[^}]*')"
|
||||
_debug entry "$entry"
|
||||
|
||||
if [ -z "$entry" ] ; then
|
||||
_info "No valid entry found."
|
||||
break
|
||||
fi
|
||||
|
||||
_vtype="$(printf "%s\n" "$entry" | _egrep_o '"type": *"[^"]*"' | cut -d : -f 2 | tr -d '"')"
|
||||
_debug _vtype $_vtype
|
||||
_info "Found $_vtype"
|
||||
|
||||
|
||||
uri="$(printf "%s\n" "$entry" | _egrep_o '"uri":"[^"]*'| cut -d : -f 2,3 | tr -d '"' )"
|
||||
_debug uri $uri
|
||||
|
||||
if [ "$_d_type" ] && [ "$_d_type" != "$_vtype" ] ; then
|
||||
_info "Skip $_vtype"
|
||||
continue
|
||||
fi
|
||||
|
||||
_info "Deactivate: $_vtype"
|
||||
|
||||
if ! _send_signed_request "$authzUri" "{\"resource\": \"authz\", \"status\":\"deactivated\"}" ; then
|
||||
_err "Can not deactivate $_vtype."
|
||||
return 1
|
||||
fi
|
||||
|
||||
done
|
||||
_debug "$_d_i"
|
||||
if [ "$_d_i" -lt "$_d_max_retry" ] ; then
|
||||
_info "Deactivated success!"
|
||||
else
|
||||
_err "Deactivate failed."
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
deactivate() {
|
||||
_d_domain="$1"
|
||||
_d_type="$2"
|
||||
_initpath
|
||||
|
||||
if [ -z "$_d_domain" ] ; then
|
||||
_usage "Usage: $PROJECT_ENTRY --deactivate -d domain.com"
|
||||
return 1
|
||||
fi
|
||||
|
||||
_deactivate "$_d_domain" $_d_type
|
||||
}
|
||||
|
||||
# Detect profile file if not specified as environment variable
|
||||
_detect_profile() {
|
||||
if [ -n "$PROFILE" -a -f "$PROFILE" ] ; then
|
||||
@ -3093,6 +3169,7 @@ Commands:
|
||||
--createAccountKey, -cak Create an account private key, professional use.
|
||||
--createDomainKey, -cdk Create an domain private key, professional use.
|
||||
--createCSR, -ccsr Create CSR , professional use.
|
||||
--deactivate Deactivate the domain authz, professional use.
|
||||
|
||||
Parameters:
|
||||
--domain, -d domain.tld Specifies a domain, used to issue, renew or revoke etc.
|
||||
@ -3303,7 +3380,9 @@ _process() {
|
||||
--createCSR|--createcsr|-ccr)
|
||||
_CMD="createCSR"
|
||||
;;
|
||||
|
||||
--deactivate)
|
||||
_CMD="deactivate"
|
||||
;;
|
||||
|
||||
--domain|-d)
|
||||
_dvalue="$2"
|
||||
@ -3575,6 +3654,9 @@ _process() {
|
||||
revoke)
|
||||
revoke "$_domain" "$_ecc"
|
||||
;;
|
||||
deactivate)
|
||||
deactivate "$_domain"
|
||||
;;
|
||||
list)
|
||||
list "$_listraw"
|
||||
;;
|
||||
|
Loading…
Reference in New Issue
Block a user