ref: 0fa6657826bd4f72d46e0ada42a1b69d26aef48a
parent: cbe10b1e54da785690055afacda45bc3d56c22ef
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Wed Oct 27 13:08:20 EDT 2021
acmed: reject -t flag when -e is given, dup stderr to stdout of -e cmd
--- a/sys/src/cmd/ip/acmed.c
+++ b/sys/src/cmd/ip/acmed.c
@@ -23,7 +23,7 @@
int debug;
int (*challengefn)(char*, char*, char*, int*);
char *keyspec;
-char *provider = "https://acme-v02.api.letsencrypt.org/directory"; /* test endpoint */
+char *provider = "https://acme-v02.api.letsencrypt.org/directory"; /* default endpoint */
char *challengecmd;
char *challengeout;
char *keyid;
@@ -471,8 +471,9 @@
case -1:
return -1;
case 0:
+ dup(1, 2);
execl(challengecmd, challengecmd, ty, dom, tok, auth, nil);
- exits("exec");+ sysfatal("%s: %r", challengecmd);}
while((w = wait()) != nil){@@ -832,7 +833,7 @@
static void
usage(void)
{- fprint(2, "usage: %s [-a acctkey] [-e cmd | -o chalout] [-p provider] [-t type] acct csr\n", argv0);
+ fprint(2, "usage: %s [-a acctkey] [-e cmd | -o chalout -t type] [-p provider] acct csr\n", argv0);
exits("usage");}
@@ -844,7 +845,7 @@
JSONfmtinstall();
fmtinstall('E', Econv);- ct = "http";
+ ct = nil;
co = nil;
acctkey = nil;
ARGBEGIN{@@ -860,29 +861,29 @@
case 'o':
co = EARGF(usage());
break;
- case 'p':
- provider = EARGF(usage());
- break;
case 't':
ct = EARGF(usage());
break;
+ case 'p':
+ provider = EARGF(usage());
+ break;
default:
usage();
break;
}ARGEND;
- if(challengecmd){- if(co != nil)
+ if(challengecmd != nil){+ if(ct != nil || co != nil)
usage();
challengeout = "/dev/null";
challengefn = runchallenge;
- }else if(strcmp(ct, "http") == 0){+ }else if(ct == nil || strcmp(ct, "http") == 0){challengeout = (co != nil) ? co : "/usr/web/.well-known/acme-challenge";
challengefn = httpchallenge;
}else if(strcmp(ct, "dns") == 0){challengeout = (co != nil) ? co : "/lib/ndb/dnschallenge";
challengefn = dnschallenge;
- }else{+ }else { sysfatal("unknown challenge type '%s'", ct);}
--
⑨