the old code had a problem and would interpret a challenge that
returned "pending" and then "invalid" as valid.
This code actually has another problem. The RFC defines:
"status (optional, string): The status of this authorization.
Possible values are: "pending", "valid", and "invalid". If this
field is missing, then the default value is "pending"."
So actually the correct way to implement this would be:
while [[ -z "${status}" ]] || [[ "${status}" = "pending" ]]; do
But without further checks this might lead to an endless loop. So this
is "good enough(tm)". ;)
projects / thirdparty / dehydrated.git / commit
