Home Explore Project
Register Sign In
linux
/
acme.sh
3
0
Fork 0
Files Issues 2 Pull Requests 0 Wiki
Browse Source

Support SunOS/Solaris (#260)

Support SunOS/Solaris 

* Support Solaris

* Support SunOS/Open Solaris
neil 8 years ago
parent
d190a43e0a
commit
22ea4004e1
4 changed files with 96 additions and 62 deletions
Split View Show Diff Stats
  1. 88 54
      acme.sh
  2. 3 3
      dnsapi/dns_cf.sh
  3. 4 4
      dnsapi/dns_cx.sh
  4. 1 1
      dnsapi/dns_dp.sh

+ 88 - 54
acme.sh
View File 

@@ -1,6 +1,6 @@
 
 #!/usr/bin/env sh
 
 
-VER=2.3.5
 
+VER=2.3.6
 
 
 PROJECT_NAME="acme.sh"
 
 
@@ -76,6 +76,13 @@ _debug2() {
 
   return
 
 }
 
 
+_debug3() {
 
+  if [ "$DEBUG" ] && [ "$DEBUG" -ge "3" ] ; then
 
+    _debug "$@"
 
+  fi
 
+  return
 
+}
 
+
 
 _startswith(){
 
   _str="$1"
 
   _sub="$2"
 
@@ -215,6 +222,14 @@ _sed_i() {
 
   fi
 
 }
 
 
+_egrep_o() {
 
+  if _contains "$(egrep -o 2>&1)" "egrep: illegal option -- o" ; then
 
+    sed -n 's/.*\('"$1"'\).*/\1/p'
 
+  else
 
+    egrep -o "$1"
 
+  fi
 
+}
 
+
 
 #Usage: file startline endline
 
 _getfile() {
 
   filename="$1"
 
@@ -406,6 +421,9 @@ _ss() {
 
     else
 
       if netstat -help 2>&1 | grep "\-p protocol" >/dev/null ; then
 
         netstat -an -p tcp | grep LISTEN | grep ":$_port "
 
+      elif netstat -help 2>&1 | grep -- '-P protocol' >/dev/null ; then
 
+        #for solaris
 
+        netstat -an -P tcp | grep "\.$_port "
 
       else
 
         netstat -ntpl | grep ":$_port "
 
       fi
 
@@ -535,6 +553,11 @@ _time2str() {
 
     return
 
   fi
 
   
+  #Soaris
 
+  if _exists adb ; then
 
+    echo $(echo "0t${1}=Y" | adb)
 
+  fi
 
+  
 }
 
 
 _normalizeJson() {
 
@@ -569,66 +592,67 @@ _calcjwk() {
 
     if [ "${#pub_exp}" = "5" ] ; then
 
       pub_exp=0$pub_exp
 
     fi
 
-    _debug2 pub_exp "$pub_exp"
 
+    _debug3 pub_exp "$pub_exp"
 
     
     e=$(echo $pub_exp | _h2b | _base64)
 
-    _debug2 e "$e"
 
+    _debug3 e "$e"
 
     
     modulus=$(openssl rsa -in $keyfile -modulus -noout | cut -d '=' -f 2 )
 
-    _debug2 modulus "$modulus"
 
+    _debug3 modulus "$modulus"
 
     n="$(printf "%s" "$modulus"| _h2b | _base64 | _urlencode )"
 
     jwk='{"e": "'$e'", "kty": "RSA", "n": "'$n'"}'
 
-    _debug2 jwk "$jwk"
 
+    _debug3 jwk "$jwk"
 
     
     HEADER='{"alg": "RS256", "jwk": '$jwk'}'
 
-    HEADERPLACE='{"nonce": "NONCE", "alg": "RS256", "jwk": '$jwk'}'
 
+    HEADERPLACE_PART1='{"nonce": "'
 
+    HEADERPLACE_PART2='", "alg": "RS256", "jwk": '$jwk'}'
 
   elif grep "BEGIN EC PRIVATE KEY" "$keyfile" > /dev/null 2>&1 ; then
 
     _debug "EC key"
 
     EC_SIGN="1"
 
     crv="$(openssl ec  -in $keyfile  -noout -text 2>/dev/null | grep "^NIST CURVE:" | cut -d ":" -f 2 | tr -d " \r\n")"
 
-    _debug2 crv "$crv"
 
+    _debug3 crv "$crv"
 
     
     pubi="$(openssl ec  -in $keyfile  -noout -text 2>/dev/null | grep -n pub: | cut -d : -f 1)"
 
     pubi=$(_math $pubi + 1)
 
-    _debug2 pubi "$pubi"
 
+    _debug3 pubi "$pubi"
 
     
     pubj="$(openssl ec  -in $keyfile  -noout -text 2>/dev/null | grep -n "ASN1 OID:"  | cut -d : -f 1)"
 
     pubj=$(_math $pubj + 1)
 
-    _debug2 pubj "$pubj"
 
+    _debug3 pubj "$pubj"
 
     
     pubtext="$(openssl ec  -in $keyfile  -noout -text 2>/dev/null | sed  -n "$pubi,${pubj}p" | tr -d " \n\r")"
 
-    _debug2 pubtext "$pubtext"
 
+    _debug3 pubtext "$pubtext"
 
     
     xlen="$(printf "$pubtext" | tr -d ':' | wc -c)"
 
     xlen=$(_math $xlen / 4)
 
-    _debug2 xlen "$xlen"
 
+    _debug3 xlen "$xlen"
 
 
     xend=$(_math "$xend" + 1)
 
     x="$(printf $pubtext | cut -d : -f 2-$xend)"
 
-    _debug2 x "$x"
 
+    _debug3 x "$x"
 
     
     x64="$(printf $x | tr -d : | _h2b | _base64 | _urlencode)"
 
-    _debug2 x64 "$x64"
 
+    _debug3 x64 "$x64"
 
 
     xend=$(_math "$xend" + 1)
 
     y="$(printf $pubtext | cut -d : -f $xend-10000)"
 
-    _debug2 y "$y"
 
+    _debug3 y "$y"
 
     
     y64="$(printf $y | tr -d : | _h2b | _base64 | _urlencode)"
 
-    _debug2 y64 "$y64"
 
+    _debug3 y64 "$y64"
 
    
     jwk='{"kty": "EC", "crv": "'$crv'", "x": "'$x64'", "y": "'$y64'"}'
 
-    _debug2 jwk "$jwk"
 
+    _debug3 jwk "$jwk"
 
     
     HEADER='{"alg": "ES256", "jwk": '$jwk'}'
 
-    HEADERPLACE='{"nonce": "NONCE", "alg": "ES256", "jwk": '$jwk'}'
 
-
 
+    HEADERPLACE_PART1='{"nonce": "'
 
+    HEADERPLACE_PART2='", "alg": "ES256", "jwk": '$jwk'}'
 
   else
 
     _err "Only RSA or EC key is supported."
 
     return 1
 
   fi
 
 
-  _debug2 HEADER "$HEADER"
 
+  _debug3 HEADER "$HEADER"
 
 }
 
 # body  url [needbase64] [POST|PUT]
 
 _post() {
 
@@ -744,8 +768,8 @@ _send_signed_request() {
 
     return 1
 
   fi
 
 
-  payload64=$(echo -n $payload | _base64 | _urlencode)
 
-  _debug2 payload64 $payload64
 
+  payload64=$(printf "%s" "$payload" | _base64 | _urlencode)
 
+  _debug3 payload64 $payload64
 
   
   nonceurl="$API/directory"
 
   _headers="$(_get $nonceurl "onlyheader")"
 
@@ -755,23 +779,23 @@ _send_signed_request() {
 
     return 1
 
   fi
 
   
-  _debug2 _headers "$_headers"
 
+  _debug3 _headers "$_headers"
 
   
   nonce="$( echo "$_headers" | grep "Replay-Nonce:" | head -1 | tr -d "\r\n " | cut -d ':' -f 2)"
 
 
-  _debug nonce "$nonce"
 
+  _debug3 nonce "$nonce"
 
   
-  protected="$(printf "$HEADERPLACE" | sed "s/NONCE/$nonce/" )"
 
-  _debug2 protected "$protected"
 
+  protected="$HEADERPLACE_PART1$nonce$HEADERPLACE_PART2"
 
+  _debug3 protected "$protected"
 
   
   protected64="$(printf "$protected" | _base64 | _urlencode)"
 
-  _debug2 protected64 "$protected64"
 
+  _debug3 protected64 "$protected64"
 
 
-  sig=$(echo -n "$protected64.$payload64" |  _sign  "$keyfile" "sha256" | _urlencode)
 
-  _debug2 sig "$sig"
 
+  sig=$(printf "%s" "$protected64.$payload64" |  _sign  "$keyfile" "sha256" | _urlencode)
 
+  _debug3 sig "$sig"
 
   
   body="{\"header\": $HEADER, \"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}"
 
-  _debug2 body "$body"
 
+  _debug3 body "$body"
 
   
 
   response="$(_post "$body" $url "$needbase64")"
 
@@ -808,15 +832,15 @@ _setopt() {
 
     touch "$__conf"
 
   fi
 
 
-  if grep -H -n "^$__opt$__sep" "$__conf" > /dev/null ; then
 
-    _debug2 OK
 
+  if grep -n "^$__opt$__sep" "$__conf" > /dev/null ; then
 
+    _debug3 OK
 
     if _contains "$__val" "&" ; then
 
       __val="$(echo $__val | sed 's/&/\\&/g')"
 
     fi
 
     text="$(cat $__conf)"
 
     echo "$text" | sed "s|^$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
 
 
-  elif grep -H -n "^#$__opt$__sep" "$__conf" > /dev/null ; then
 
+  elif grep -n "^#$__opt$__sep" "$__conf" > /dev/null ; then
 
     if _contains "$__val" "&" ; then
 
       __val="$(echo $__val | sed 's/&/\\&/g')"
 
     fi
 
@@ -824,10 +848,10 @@ _setopt() {
 
     echo "$text" | sed "s|^#$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
 
 
   else
 
-    _debug2 APP
 
+    _debug3 APP
 
     echo "$__opt$__sep$__val$__end" >> "$__conf"
 
   fi
 
-  _debug "$(grep -H -n "^$__opt$__sep" $__conf)"
 
+  _debug2 "$(grep -n "^$__opt$__sep" $__conf)"
 
 }
 
 
 #_savedomainconf   key  value
 
@@ -922,9 +946,9 @@ _stopserver(){
 
   _debug2 "Le_HTTPPort" "$Le_HTTPPort"
 
   if [ "$Le_HTTPPort" ] ; then
 
     if [ "$DEBUG" ] ; then
 
-      _get "http://localhost:$Le_HTTPPort"
 
+      _get "http://localhost:$Le_HTTPPort" "" 1
 
     else
 
-      _get "http://localhost:$Le_HTTPPort" >/dev/null 2>&1
 
+      _get "http://localhost:$Le_HTTPPort" "" 1 >/dev/null 2>&1
 
     fi
 
   fi
 
   
@@ -1412,8 +1436,8 @@ issue() {
 
     return 1
 
   fi
 
   
-  accountkey_json=$(echo -n "$jwk" |  tr -d ' ' )
 
-  thumbprint=$(echo -n "$accountkey_json" | _digest "sha256" | _urlencode)
 
+  accountkey_json=$(printf "%s" "$jwk" |  tr -d ' ' )
 
+  thumbprint=$(printf "%s" "$accountkey_json" | _digest "sha256" | _urlencode)
 
   
   regjson='{"resource": "new-reg", "agreement": "'$AGREEMENT'"}'
 
   if [ "$ACCOUNT_EMAIL" ] ; then
 
@@ -1506,17 +1530,17 @@ issue() {
 
         return 1
 
       fi
 
 
-      entry="$(printf "$response" | egrep -o  '\{[^{]*"type":"'$vtype'"[^}]*')"
 
+      entry="$(printf "%s\n" "$response" | _egrep_o  '[^{]*"type":"'$vtype'"[^}]*')"
 
       _debug entry "$entry"
 
       if [ -z "$entry" ] ; then
 
         _err "Error, can not get domain token $d"
 
         _clearup
 
         return 1
 
       fi
 
-      token="$(printf "$entry" | egrep -o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')"
 
+      token="$(printf "%s\n" "$entry" | _egrep_o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')"
 
       _debug token $token
 
       
-      uri="$(printf "$entry" | egrep -o '"uri":"[^"]*'| cut -d : -f 2,3 | tr -d '"' )"
 
+      uri="$(printf "%s\n" "$entry" | _egrep_o '"uri":"[^"]*'| cut -d : -f 2,3 | tr -d '"' )"
 
       _debug uri $uri
 
       
       keyauthorization="$token.$thumbprint"
 
@@ -1556,7 +1580,7 @@ issue() {
 
         dnsadded='0'
 
         txtdomain="_acme-challenge.$d"
 
         _debug txtdomain "$txtdomain"
 
-        txt="$(echo -n $keyauthorization | _digest "sha256" | _urlencode)"
 
+        txt="$(printf "%s" "$keyauthorization" | _digest "sha256" | _urlencode)"
 
         _debug txt "$txt"
 
         #dns
 
         #1. check use api
 
@@ -1778,7 +1802,7 @@ issue() {
 
       response="$(echo "$response" | _normalizeJson )"
 
       _debug2 response "$response"
 
       
-      status=$(echo $response | egrep -o  '"status":"[^"]*' | cut -d : -f 2 | tr -d '"')
 
+      status=$(echo "$response" | _egrep_o  '"status":"[^"]*' | cut -d : -f 2 | tr -d '"')
 
       if [ "$status" = "valid" ] ; then
 
         _info "Success"
 
         _stopserver $serverproc
 
@@ -1788,9 +1812,9 @@ issue() {
 
       fi
 
       
       if [ "$status" = "invalid" ] ; then
 
-         error="$(echo $response | tr -d "\r\n" | egrep -o '"error":\{[^}]*}')"
 
+         error="$(echo "$response" | _egrep_o '"error":\{[^}]*}')"
 
          _debug2 error "$error"
 
-         errordetail="$(echo $error |  grep -o '"detail": *"[^"]*"' | cut -d '"' -f 4)"
 
+         errordetail="$(echo $error |  _egrep_o '"detail": *"[^"]*"' | cut -d '"' -f 4)"
 
          _debug2 errordetail "$errordetail"
 
          if [ "$errordetail" ] ; then
 
            _err "$d:Verify error:$errordetail"
 
@@ -1830,7 +1854,7 @@ issue() {
 
   fi
 
   
   
-  Le_LinkCert="$(grep -i -o '^Location.*$' $HTTP_HEADER | head -1 | tr -d "\r\n" | cut -d " " -f 2)"
 
+  Le_LinkCert="$(grep -i '^Location.*$' $HTTP_HEADER | head -1 | tr -d "\r\n" | cut -d " " -f 2)"
 
   _savedomainconf "Le_LinkCert"  "$Le_LinkCert"
 
 
   if [ "$Le_LinkCert" ] ; then
 
@@ -1852,7 +1876,7 @@ issue() {
 
 
   if [ -z "$Le_LinkCert" ] ; then
 
     response="$(echo $response | _dbase64 "multiline" | _normalizeJson )"
 
-    _err "Sign failed: $(echo "$response" | grep -o  '"detail":"[^"]*"')"
 
+    _err "Sign failed: $(echo "$response" | _egrep_o  '"detail":"[^"]*"')"
 
     return 1
 
   fi
 
   
@@ -1925,7 +1949,7 @@ renew() {
 
   
   IS_RENEW="1"
 
   issue "$Le_Webroot" "$Le_Domain" "$Le_Alt" "$Le_Keylength" "$Le_RealCertPath" "$Le_RealKeyPath" "$Le_RealCACertPath" "$Le_ReloadCmd" "$Le_RealFullChainPath"
 
-  local res=$?
 
+  res=$?
 
   IS_RENEW=""
 
 
   return $res
 
@@ -1961,7 +1985,7 @@ renewAll() {
 
 
 
 list() {
 
-  local _raw="$1"
 
+  _raw="$1"
 
   _initpath
 
   
   _sep="|"
 
@@ -1978,7 +2002,11 @@ list() {
 
       )
 
     done
 
   else
 
-    list "raw" | column -t -s "$_sep"  
+    if _exists column ; then
 
+      list "raw" | column -t -s "$_sep"
 
+    else
 
+      list "raw" | tr '|' '\t'
 
+    fi
 
   fi
 
 
 
@@ -2094,7 +2122,11 @@ installcronjob() {
 
       _err "Can not install cronjob, $PROJECT_ENTRY not found."
 
       return 1
 
     fi
 
-    crontab -l | { cat; echo "0 0 * * * $lesh --cron --home \"$LE_WORKING_DIR\" > /dev/null"; } | crontab -
 
+    if _exists uname && uname -a | grep solaris >/dev/null ; then
 
+      crontab -l | { cat; echo "0 0 * * * $lesh --cron --home \"$LE_WORKING_DIR\" > /dev/null"; } | crontab --
 
+    else
 
+      crontab -l | { cat; echo "0 0 * * * $lesh --cron --home \"$LE_WORKING_DIR\" > /dev/null"; } | crontab -
 
+    fi
 
   fi
 
   if [ "$?" != "0" ] ; then
 
     _err "Install cron job failed. You need to manually renew your certs."
 
@@ -2111,7 +2143,11 @@ uninstallcronjob() {
 
   _info "Removing cron job"
 
   cr="$(crontab -l | grep "$PROJECT_ENTRY --cron")"
 
   if [ "$cr" ] ; then 
-    crontab -l | sed "/$PROJECT_ENTRY --cron/d" | crontab -
 
+    if _exists uname && uname -a | grep solaris >/dev/null ; then
 
+      crontab -l | sed "/$PROJECT_ENTRY --cron/d" | crontab --
 
+    else
 
+      crontab -l | sed "/$PROJECT_ENTRY --cron/d" | crontab -
 
+    fi
 
     LE_WORKING_DIR="$(echo "$cr" | cut -d ' ' -f 9 | tr -d '"')"
 
     _info LE_WORKING_DIR "$LE_WORKING_DIR"
 
   fi 
@@ -2181,9 +2217,7 @@ _detect_profile() {
 
     return
 
   fi
 
 
-  local DETECTED_PROFILE
 
   DETECTED_PROFILE=''
 
-  local SHELLTYPE
 
   SHELLTYPE="$(basename "/$SHELL")"
 
 
   if [ "$SHELLTYPE" = "bash" ] ; then

+ 3 - 3
dnsapi/dns_cf.sh
View File 

@@ -43,7 +43,7 @@ dns_cf_add(){
 
     return 1
 
   fi
 
   
-  count=$(printf "$response" | grep -o \"count\":[^,]* | cut -d : -f 2)
 
+  count=$(printf "%s\n" "$response" | _egrep_o \"count\":[^,]* | cut -d : -f 2)
 
   _debug count "$count"
 
   if [ "$count" = "0" ] ; then
 
     _info "Adding record"
 
@@ -61,7 +61,7 @@ dns_cf_add(){
 
     _err "Add txt record error."
 
   else
 
     _info "Updating record"
 
-    record_id=$(printf "$response" | grep -o \"id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \"| head -1)
 
+    record_id=$(printf "%s\n" "$response" | _egrep_o \"id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \"| head -1)
 
     _debug "record_id" $record_id
 
     
     _cf_rest PUT "zones/$_domain_id/dns_records/$record_id"  "{\"id\":\"$record_id\",\"type\":\"TXT\",\"name\":\"$fulldomain\",\"content\":\"$txtvalue\",\"zone_id\":\"$_domain_id\",\"zone_name\":\"$_domain\"}"
 
@@ -103,7 +103,7 @@ _get_root() {
 
     fi
 
     
     if printf $response | grep \"name\":\"$h\" >/dev/null ; then
 
-      _domain_id=$(printf "$response" | grep -o \"id\":\"[^\"]*\" | head -1 | cut -d : -f 2 | tr -d \")
 
+      _domain_id=$(printf "%s\n" "$response" | _egrep_o \"id\":\"[^\"]*\" | head -1 | cut -d : -f 2 | tr -d \")
 
       if [ "$_domain_id" ] ; then
 
         _sub_domain=$(printf $domain | cut -d . -f 1-$p)
 
         _domain=$h

+ 4 - 4
dnsapi/dns_cx.sh
View File 

@@ -69,7 +69,7 @@ existing_records() {
 
     return 1
 
   fi
 
   count=0
 
-  seg=$(printf "$response" | grep -o "{[^{]*host\":\"$_sub_domain\"[^}]*}")
 
+  seg=$(printf "%s\n" "$response" | _egrep_o "{[^{]*host\":\"$_sub_domain\"[^}]*}")
 
   _debug seg "$seg"
 
   if [ -z "$seg" ] ; then
 
     return 0
 
@@ -77,7 +77,7 @@ existing_records() {
 
 
   if printf "$response" | grep '"type":"TXT"' > /dev/null ; then
 
     count=1
 
-    record_id=$(printf "$seg" | grep -o \"record_id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \")
 
+    record_id=$(printf "%s\n" "$seg" | _egrep_o \"record_id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \")
 
     _debug record_id "$record_id"
 
     return 0    
   fi
 
@@ -145,9 +145,9 @@ _get_root() {
 
     fi
 
 
     if printf "$response" | grep "$h." >/dev/null ; then
 
-      seg=$(printf "$response" | grep -o "{[^{]*\"$h\.\"[^}]*\}" )
 
+      seg=$(printf "%s" "$response" | _egrep_o "{[^{]*\"$h\.\"[^}]*\}" )
 
       _debug seg "$seg"
 
-      _domain_id=$(printf "$seg" | grep -o \"id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \")
 
+      _domain_id=$(printf "%s" "$seg" | _egrep_o \"id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \")
 
       _debug _domain_id "$_domain_id"
 
       if [ "$_domain_id" ] ; then
 
         _sub_domain=$(printf $domain | cut -d . -f 1-$p)

+ 1 - 1
dnsapi/dns_dp.sh
View File 

@@ -152,7 +152,7 @@ _get_root() {
 
     fi
 
     
     if printf "$response" | grep "Action completed successful" >/dev/null ; then
 
-      _domain_id=$(printf "$response" | grep -o \"id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \")
 
+      _domain_id=$(printf "%s\n" "$response" | _egrep_o \"id\":\"[^\"]*\" | cut -d : -f 2 | tr -d \")
 
       _debug _domain_id "$_domain_id"
 
       if [ "$_domain_id" ] ; then
 
         _sub_domain=$(printf $domain | cut -d . -f 1-$p)