ref: 96560abe446b63133707d0e4cc272de6316db35f
parent: ae9918c93e20fa5ae4fb3358ef01d07994023137
author: cinap_lenrek <[email protected]>
date: Wed Oct 27 13:08:20 EDT 2021
acmed: reject -t flag when -e is given, dup stderr to stdout of -e cmd
--- a/sys/src/cmd/ip/acmed.c
+++ b/sys/src/cmd/ip/acmed.c
@@ -23,7 +23,7 @@
int debug;
int (*challengefn)(char*, char*, char*, int*);
char *keyspec;
-char *provider = "https://acme-v02.api.letsencrypt.org/directory"; /* test endpoint */
+char *provider = "https://acme-v02.api.letsencrypt.org/directory"; /* default endpoint */
char *challengecmd;
char *challengeout;
char *keyid;
@@ -471,8 +471,9 @@
case -1:
return -1;
case 0:
+ dup(1, 2);
execl(challengecmd, challengecmd, ty, dom, tok, auth, nil);
- exits("exec");
+ sysfatal("%s: %r", challengecmd);
}
while((w = wait()) != nil){
@@ -832,7 +833,7 @@
static void
usage(void)
{
- fprint(2, "usage: %s [-a acctkey] [-e cmd | -o chalout] [-p provider] [-t type] acct csr\n", argv0);
+ fprint(2, "usage: %s [-a acctkey] [-e cmd | -o chalout -t type] [-p provider] acct csr\n", argv0);
exits("usage");
}
@@ -844,7 +845,7 @@
JSONfmtinstall();
fmtinstall('E', Econv);
- ct = "http";
+ ct = nil;
co = nil;
acctkey = nil;
ARGBEGIN{
@@ -860,29 +861,29 @@
case 'o':
co = EARGF(usage());
break;
- case 'p':
- provider = EARGF(usage());
- break;
case 't':
ct = EARGF(usage());
break;
+ case 'p':
+ provider = EARGF(usage());
+ break;
default:
usage();
break;
}ARGEND;
- if(challengecmd){
- if(co != nil)
+ if(challengecmd != nil){
+ if(ct != nil || co != nil)
usage();
challengeout = "/dev/null";
challengefn = runchallenge;
- }else if(strcmp(ct, "http") == 0){
+ }else if(ct == nil || strcmp(ct, "http") == 0){
challengeout = (co != nil) ? co : "/usr/web/.well-known/acme-challenge";
challengefn = httpchallenge;
}else if(strcmp(ct, "dns") == 0){
challengeout = (co != nil) ? co : "/lib/ndb/dnschallenge";
challengefn = dnschallenge;
- }else{
+ }else {
sysfatal("unknown challenge type '%s'", ct);
}