check the file path before copying

This commit is contained in:
neilpang 2022-06-01 18:05:51 +08:00
parent 66b2d496af
commit 5440fcdf54

26
acme.sh
View File

@ -5752,7 +5752,9 @@ _installcert() {
if [ -f "$_real_cert" ] && [ ! "$_ACME_IS_RENEW" ]; then if [ -f "$_real_cert" ] && [ ! "$_ACME_IS_RENEW" ]; then
cp "$_real_cert" "$_backup_path/cert.bak" cp "$_real_cert" "$_backup_path/cert.bak"
fi fi
cat "$CERT_PATH" >"$_real_cert" || return 1 if [ "$CERT_PATH" != "$_real_cert" ]; then
cat "$CERT_PATH" >"$_real_cert" || return 1
fi
fi fi
if [ "$_real_ca" ]; then if [ "$_real_ca" ]; then
@ -5764,7 +5766,9 @@ _installcert() {
if [ -f "$_real_ca" ] && [ ! "$_ACME_IS_RENEW" ]; then if [ -f "$_real_ca" ] && [ ! "$_ACME_IS_RENEW" ]; then
cp "$_real_ca" "$_backup_path/ca.bak" cp "$_real_ca" "$_backup_path/ca.bak"
fi fi
cat "$CA_CERT_PATH" >"$_real_ca" || return 1 if [ "$CA_CERT_PATH" != "$_real_ca" ]; then
cat "$CA_CERT_PATH" >"$_real_ca" || return 1
fi
fi fi
fi fi
@ -5773,12 +5777,14 @@ _installcert() {
if [ -f "$_real_key" ] && [ ! "$_ACME_IS_RENEW" ]; then if [ -f "$_real_key" ] && [ ! "$_ACME_IS_RENEW" ]; then
cp "$_real_key" "$_backup_path/key.bak" cp "$_real_key" "$_backup_path/key.bak"
fi fi
if [ -f "$_real_key" ]; then if [ "$CERT_KEY_PATH" != "$_real_key" ]; then
cat "$CERT_KEY_PATH" >"$_real_key" || return 1 if [ -f "$_real_key" ]; then
else cat "$CERT_KEY_PATH" >"$_real_key" || return 1
touch "$_real_key" || return 1 else
chmod 600 "$_real_key" touch "$_real_key" || return 1
cat "$CERT_KEY_PATH" >"$_real_key" || return 1 chmod 600 "$_real_key"
cat "$CERT_KEY_PATH" >"$_real_key" || return 1
fi
fi fi
fi fi
@ -5787,7 +5793,9 @@ _installcert() {
if [ -f "$_real_fullchain" ] && [ ! "$_ACME_IS_RENEW" ]; then if [ -f "$_real_fullchain" ] && [ ! "$_ACME_IS_RENEW" ]; then
cp "$_real_fullchain" "$_backup_path/fullchain.bak" cp "$_real_fullchain" "$_backup_path/fullchain.bak"
fi fi
cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain" || return 1 if [ "$_real_fullchain" != "$CERT_FULLCHAIN_PATH" ]; then
cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain" || return 1
fi
fi fi
if [ "$_reload_cmd" ]; then if [ "$_reload_cmd" ]; then