xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

acmed: reject -t flag when -e is given, dup stderr to stdout of -e cmd

Browse source
This commit is contained in:
cinap_lenrek 2021-10-27 17:08:20 +00:00
parent ae9918c93e
commit 96560abe44
1 changed files with 12 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
sys/src/cmd/ip/acmed.c
View file

@ -23,7 +23,7 @@ struct Hdr {
int debug; int debug;
int (*challengefn)(char*, char*, char*, int*); int (*challengefn)(char*, char*, char*, int*);
char *keyspec; char *keyspec;
char *provider = "https://acme-v02.api.letsencrypt.org/directory"; /* test endpoint */ char *provider = "https://acme-v02.api.letsencrypt.org/directory"; /* default endpoint */
char *challengecmd; char *challengecmd;
char *challengeout; char *challengeout;
char *keyid; char *keyid;
@ -471,8 +471,9 @@ runchallenge(char *ty, char *dom, char *tok, int *matched)
case -1: case -1:
return -1; return -1;
case 0: case 0:
dup(1, 2);
execl(challengecmd, challengecmd, ty, dom, tok, auth, nil); execl(challengecmd, challengecmd, ty, dom, tok, auth, nil);
exits("exec"); sysfatal("%s: %r", challengecmd);
} }
while((w = wait()) != nil){ while((w = wait()) != nil){
@ -832,7 +833,7 @@ loadkey(char *path)
static void static void
usage(void) usage(void)
{ {
fprint(2, "usage: %s [-a acctkey] [-e cmd | -o chalout] [-p provider] [-t type] acct csr\n", argv0); fprint(2, "usage: %s [-a acctkey] [-e cmd | -o chalout -t type] [-p provider] acct csr\n", argv0);
exits("usage"); exits("usage");
} }
@ -844,7 +845,7 @@ main(int argc, char **argv)
JSONfmtinstall(); JSONfmtinstall();
fmtinstall('E', Econv); fmtinstall('E', Econv);
ct = "http"; ct = nil;
co = nil; co = nil;
acctkey = nil; acctkey = nil;
ARGBEGIN{ ARGBEGIN{
@ -860,29 +861,29 @@ main(int argc, char **argv)
case 'o': case 'o':
co = EARGF(usage()); co = EARGF(usage());
break; break;
case 'p':
provider = EARGF(usage());
break;
case 't': case 't':
ct = EARGF(usage()); ct = EARGF(usage());
break; break;
case 'p':
provider = EARGF(usage());
break;
default: default:
usage(); usage();
break; break;
}ARGEND; }ARGEND;
if(challengecmd){ if(challengecmd != nil){
if(co != nil) if(ct != nil || co != nil)
usage(); usage();
challengeout = "/dev/null"; challengeout = "/dev/null";
challengefn = runchallenge; challengefn = runchallenge;
}else if(strcmp(ct, "http") == 0){ }else if(ct == nil || strcmp(ct, "http") == 0){
challengeout = (co != nil) ? co : "/usr/web/.well-known/acme-challenge"; challengeout = (co != nil) ? co : "/usr/web/.well-known/acme-challenge";
challengefn = httpchallenge; challengefn = httpchallenge;
}else if(strcmp(ct, "dns") == 0){ }else if(strcmp(ct, "dns") == 0){
challengeout = (co != nil) ? co : "/lib/ndb/dnschallenge"; challengeout = (co != nil) ? co : "/lib/ndb/dnschallenge";
challengefn = dnschallenge; challengefn = dnschallenge;
}else{ }else {
sysfatal("unknown challenge type '%s'", ct); sysfatal("unknown challenge type '%s'", ct);
} }