From: Lukas Schauer Date: Sun, 3 Mar 2019 18:58:04 +0000 (+0100) Subject: implement POST-as-GET (closes #626) X-Git-Tag: v0.6.3~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e623fcc024362b16da766d3d03ee8ea67858957a;p=thirdparty%2Fdehydrated.git implement POST-as-GET (closes #626) --- diff --git a/CHANGELOG b/CHANGELOG index 05b40d9..80d125d 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -4,6 +4,7 @@ This file contains a log of major changes in dehydrated ## [x.x.x] - xxxx-xx-xx ## Changed - OCSP refresh interval is now configurable +- Implemented POST-as-GET ## Added - Initial support for tls-alpn-01 validation diff --git a/dehydrated b/dehydrated index c4096b7..d0cfdb4 100755 --- a/dehydrated +++ b/dehydrated @@ -710,7 +710,7 @@ sign_csr() { for authorization in ${authorizations[*]}; do if [[ "${API}" -eq 2 ]]; then # Receive authorization ($authorization is authz uri) - response="$(http_request get "$(echo "${authorization}" | _sed -e 's/\"(.*)".*/\1/')" | clean_json)" + response="$(signed_request "$(echo "${authorization}" | _sed -e 's/\"(.*)".*/\1/')" "" | clean_json)" identifier="$(echo "${response}" | get_json_dict_value identifier | get_json_string_value value)" echo " + Handling authorization for ${identifier}" else @@ -802,7 +802,11 @@ sign_csr() { while [[ "${reqstatus}" = "pending" ]]; do sleep 1 - result="$(http_request get "${challenge_uris[${idx}]}")" + if [[ "${API}" -eq 2 ]]; then + result="$(signed_request "${challenge_uris[${idx}]}" "")" + else + result="$(http_request get "${challenge_uris[${idx}]}")" + fi reqstatus="$(printf '%s\n' "${result}" | get_json_string_value status)" done @@ -850,7 +854,7 @@ sign_csr() { crt="$( printf -- '-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----\n' "${crt64}" )" else result="$(signed_request "${finalize}" '{"csr": "'"${csr64}"'"}' | clean_json | get_json_string_value certificate)" - crt="$(http_request get "${result}")" + crt="$(signed_request "${result}" "")" fi # Try to load the certificate to detect corruption