From 8ddead4854fc17a69db5f54a88f434fa8ce29879 Mon Sep 17 00:00:00 2001
From: Daniel Molkentin <dmolkentin@suse.com>
Date: Mon, 28 Sep 2020 00:13:39 +0200
Subject: [PATCH] Complain about deactivated accounts

---
 dehydrated | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/dehydrated b/dehydrated
index bbaece6..6c59db5 100755
--- a/dehydrated
+++ b/dehydrated
@@ -474,6 +474,11 @@ load_config() {
   ACCOUNT_KEY="${ACCOUNTDIR}/${CAHASH}/account_key.pem"
   ACCOUNT_KEY_JSON="${ACCOUNTDIR}/${CAHASH}/registration_info.json"
   ACCOUNT_ID_JSON="${ACCOUNTDIR}/${CAHASH}/account_id.json"
+  ACCOUNT_DEACTIVATED="${ACCOUNTDIR}/${CAHASH}/deactivated"
+
+  if [[ -f "${ACCOUNT_DEACTIVATED}" ]]; then
+    _exiterr "Account has been deactivated. Remove account and create a new one using --register."
+  fi
 
   if [[ -f "${BASEDIR}/private_key.pem" ]] && [[ ! -f "${ACCOUNT_KEY}" ]]; then
     echo "! Moving private_key.pem to ${ACCOUNT_KEY}"
@@ -1778,12 +1783,18 @@ command_revoke() {
 command_deactivate() {
   init_system
 
-  echo "Deactivating account $ACCOUNT_URL"
+  echo "Deactivating account ${ACCOUNT_URL}"
 
   if [[ ${API} -eq 1 ]]; then
     echo "Deactivation for ACMEv1 is not implemented"
   else
     response="$(signed_request "${ACCOUNT_URL}" '{"status": "deactivated"}' | clean_json)"
+    deactstatus=$(echo "$response" | jsonsh | get_json_string_value "status")
+    if [[ "${deactstatus}" = "deactivated" ]]; then
+      touch "${ACCOUNT_DEACTIVATED}"
+    else
+      _exiterr "Account deactivation failed!"
+    fi
   fi
 
   echo " + Done."
-- 
2.47.2