Complain about deactivated accounts

diff --git a/dehydrated b/dehydrated
index bbaece669e1d6a1d94400a1b61bceece1886e8a8..6c59db5dd7174291d074d72388dc2da46034313b 100755 (executable)
--- a/dehydrated
+++ b/dehydrated
@@ -474,6 +474,11 @@ load_config() {
   ACCOUNT_KEY="${ACCOUNTDIR}/${CAHASH}/account_key.pem"
   ACCOUNT_KEY_JSON="${ACCOUNTDIR}/${CAHASH}/registration_info.json"
   ACCOUNT_ID_JSON="${ACCOUNTDIR}/${CAHASH}/account_id.json"
+  ACCOUNT_DEACTIVATED="${ACCOUNTDIR}/${CAHASH}/deactivated"
+
+  if [[ -f "${ACCOUNT_DEACTIVATED}" ]]; then
+    _exiterr "Account has been deactivated. Remove account and create a new one using --register."
+  fi
 
   if [[ -f "${BASEDIR}/private_key.pem" ]] && [[ ! -f "${ACCOUNT_KEY}" ]]; then
     echo "! Moving private_key.pem to ${ACCOUNT_KEY}"
@@ -1778,12 +1783,18 @@ command_revoke() {
 command_deactivate() {
   init_system
 
-  echo "Deactivating account $ACCOUNT_URL"
+  echo "Deactivating account ${ACCOUNT_URL}"
 
   if [[ ${API} -eq 1 ]]; then
     echo "Deactivation for ACMEv1 is not implemented"
   else
     response="$(signed_request "${ACCOUNT_URL}" '{"status": "deactivated"}' | clean_json)"
+    deactstatus=$(echo "$response" | jsonsh | get_json_string_value "status")
+    if [[ "${deactstatus}" = "deactivated" ]]; then
+      touch "${ACCOUNT_DEACTIVATED}"
+    else
+      _exiterr "Account deactivation failed!"
+    fi
   fi
 
   echo " + Done."