From: Lukas Schauer <lukas@schauer.so>
Date: Tue, 6 Feb 2018 19:39:23 +0000 (+0100)
Subject: Pre-generate timestamp outside of sign_domain
X-Git-Tag: v0.6.0~25
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=9c35fce61e0814515045adf85ffea63fd611a8be;p=thirdparty%2Fdehydrated.git

Pre-generate timestamp outside of sign_domain
---

diff --git a/dehydrated b/dehydrated
index 583a177..5cecfa7 100755
--- a/dehydrated
+++ b/dehydrated
@@ -864,9 +864,10 @@ walk_chain() {
 sign_domain() {
   local certdir="${1}"
   shift
+  timestamp="${1}"
+  shift
   domain="${1}"
   altnames="${*}"
-  timestamp="$(date +%s)"
 
   export altnames
 
@@ -1114,6 +1115,8 @@ command_sign_domains() {
 
     force_renew="${PARAM_FORCE:-no}"
 
+    timestamp="$(date +%s)"
+
     if [[ -z "${morenames}" ]];then
       echo "Processing ${domain}"
     else
@@ -1181,6 +1184,7 @@ command_sign_domains() {
       fi
     fi
 
+    # Check expire date of existing certificate
     if [[ -e "${cert}" ]]; then
       echo " + Checking expire date of existing cert..."
       valid="$("${OPENSSL}" x509 -enddate -noout -in "${cert}" | cut -d= -f2- )"
@@ -1204,14 +1208,14 @@ command_sign_domains() {
     local update_ocsp
     update_ocsp="no"
 
-    # shellcheck disable=SC2086
+    # Sign certificate for this domain
     if [[ ! "${skip}" = "yes" ]]; then
       update_ocsp="yes"
       if [[ "${PARAM_KEEP_GOING:-}" = "yes" ]]; then
-        sign_domain "${certdir}" ${domain} ${morenames} &
+        sign_domain "${certdir}" ${timestamp} ${domain} ${morenames} &
         wait $! || true
       else
-        sign_domain "${certdir}" ${domain} ${morenames}
+        sign_domain "${certdir}" ${timestamp} ${domain} ${morenames}
       fi
     fi