From dd5f36e5367885eef3891cd811d2fce2bc461b55 Mon Sep 17 00:00:00 2001 From: Benjamin Dos Santos Date: Sun, 6 Dec 2015 01:26:08 +0100 Subject: [PATCH] style: [[ ... ]] is preferred over [, test and /usr/bin/[. https://google.github.io/styleguide/shell.xml#Test,_%5B_and_%5B%5B --- letsencrypt.sh | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/letsencrypt.sh b/letsencrypt.sh index 8297f42..0c1d544 100755 --- a/letsencrypt.sh +++ b/letsencrypt.sh @@ -47,18 +47,20 @@ hex2bin() { _request() { temperr="$(mktemp)" - if [ "${1}" = "head" ]; then - curl -sSf -I "${2}" 2>"${temperr}" - elif [ "${1}" = "get" ]; then - curl -sSf "${2}" 2>"${temperr}" - elif [ "${1}" = "post" ]; then - curl -sSf "${2}" -d "${3}" 2>"${temperr}" + if [[ "${1}" = "head" ]]; then + curl -sSf -I "${2}" 2>${temperr} + elif [[ "${1}" = "get" ]]; then + curl -sSf "${2}" 2>${temperr} + elif [[ "${1}" = "post" ]]; then + curl -sSf "${2}" -d "${3}" 2>${temperr} fi - if [ -s "${temperr}" ]; then - echo " + ERROR: An error occurred while sending ${1}-request to ${2} ($(<"${temperr}"))" >&2 - rm -f "${temperr}" - exit 1 + + if [[ ! -z "$(<${temperr})" ]]; then + echo " + ERROR: An error occured while sending ${1}-request to ${2} ($(<"${temperr}"))" >&2 + rm -f "${temperr}" + exit 1 fi + rm -f "${temperr}" } @@ -91,7 +93,7 @@ sign_domain() { echo "Signing domain ${1} (${*})..." # If there is no existing certificate directory we need a new private key - if [ ! -e "certs/${domain}" ]; then + if [[ ! -e "certs/${domain}" ]]; then mkdir -p "certs/${domain}" echo " + Generating private key..." openssl genrsa -out "certs/${domain}/privkey.pem" 4096 2> /dev/null > /dev/null @@ -115,7 +117,7 @@ sign_domain() { challenge_token="$(printf '%s\n' "${response}" | grep -Eo '"challenges":[^\[]*\[[^]]*]' | sed 's/{/\n{/g' | grep 'http-01' | grep -Eo '"token":\s*"[^"]*"' | cut -d'"' -f4 | sed 's/[^A-Za-z0-9_\-]/_/g')" challenge_uri="$(printf '%s\n' "${response}" | grep -Eo '"challenges":[^\[]*\[[^]]*]' | sed 's/{/\n{/g' | grep 'http-01' | grep -Eo '"uri":\s*"[^"]*"' | cut -d'"' -f4)" - if [ -z "${challenge_token}" ] || [ -z "${challenge_uri}" ]; then + if [[ -z "${challenge_token}" ]] || [[ -z "${challenge_uri}" ]]; then echo " + Error: Can't retrieve challenges (${response})" exit 1 fi @@ -137,12 +139,12 @@ sign_domain() { result="$(signed_request "${challenge_uri}" '{"resource": "challenge", "keyAuthorization": "'"${keyauth}"'"}')" status="$(printf '%s\n' "${result}" | grep -Eo '"status":\s*"[^"]*"' | cut -d'"' -f4)" - if [ ! "${status}" = "pending" ] && [ ! "${status}" = "valid" ]; then + if [[ ! "${status}" = "pending" ]] && [[ ! "${status}" = "valid" ]]; then echo " + Challenge is invalid! (${result})" exit 1 fi - while [ "${status}" = "pending" ]; do + while [[ "${status}" = "pending" ]]; do status="$(_request get "${challenge_uri}" | grep -Eo '"status":\s*"[^"]*"' | cut -d'"' -f4)" sleep 1 done @@ -160,7 +162,7 @@ sign_domain() { # Check if private key exists, if it doesn't exist yet generate a new one (4096bit rsa key) register="0" -if [ ! -e "private_key.pem" ]; then +if [[ ! -e "private_key.pem" ]]; then echo "+ Generating account key..." openssl genrsa -out "private_key.pem" 4096 2> /dev/null > /dev/null register="1" @@ -173,7 +175,7 @@ pubMod64="$(printf '%s' "$(openssl rsa -in private_key.pem -noout -modulus | cut thumbprint="$(printf '%s' "$(printf '%s' '{"e":"'"${pubExponent64}"'","kty":"RSA","n":"'"${pubMod64}"'"}' | shasum -a 256 | awk '{print $1}')" | hex2bin | urlbase64)" # If we generated a new private key in the step above we have to register it with the acme-server -if [ "${register}" = "1" ]; then +if [[ "${register}" = "1" ]]; then echo "+ Registering account key with letsencrypt..." signed_request "${CA}/acme/new-reg" '{"resource": "new-reg", "agreement": "'"$LICENSE"'"}' > /dev/null fi -- 2.47.2