diff --git a/getssl b/getssl index 5cf32f98..c4712e8f 100755 --- a/getssl +++ b/getssl @@ -271,6 +271,9 @@ # 2021-08-26 Improve upgrade check & make upgrade do a full install when possible (tlhackque) (#694) (2.42) # 2021-09-02 Fix version compare - cURL v8 may have single digit minor numbers. (tlhackque) (2.43) # 2021-09-26 Delete key file when key algorithm has changed (makuhama) +# 2021-09-30 better error if curl returns 60 (#709) +# 2021-10-01 Fix -preferred-chain argument (#712) +# 2021-10-01 Show help if no domain specified (#705)(2.44) # ---------------------------------------------------------------------------------------- case :$SHELLOPTS: in @@ -279,7 +282,7 @@ esac PROGNAME=${0##*/} PROGDIR="$(cd "$(dirname "$0")" || exit; pwd -P;)" -VERSION="2.43" +VERSION="2.44" # defaults ACCOUNT_KEY_LENGTH=4096 @@ -290,7 +293,7 @@ CHALLENGE_CHECK_TYPE="http" CHECK_REMOTE_WAIT=0 CHECK_REMOTE="true" if [[ -n "${GITHUB_REPOSITORY}" ]] ; then - CODE_LOCATION="https://raw.githubusercontent.com/${GITHUB_REPOSITORY}/getssl/master/getssl" + CODE_LOCATION="https://raw.githubusercontent.com/${GITHUB_REPOSITORY}/master/getssl" RELEASE_API="https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/latest" else CODE_LOCATION="https://raw.githubusercontent.com/srvrco/getssl/master/getssl" @@ -784,7 +787,7 @@ check_getssl_upgrade() { # check if a more recent release is available # Replace error in release description with _error (which is ignored by check_output_for_errors() in the tests) debug "${release_data//error/_error}" release_data="$(sed -e's/^ *//g' <<<"${release_data}")" - release_tag="$(sed -e'/^"tag_name": *"/!d;s/^"tag_name": *"\([^""]*\).*$/\1/' <<<"${release_data}")" + release_tag="$(sed -e'/"tag_name": *"/!d;s/"tag_name": *"\([^""]*\).*$/\1/' <<<"${release_data}")" if [[ "${release_tag:0:1}" != 'v' ]] ; then if [[ ${_MUTE} -eq 0 ]]; then info "The current repository has no releases or is improperly tagged; can't check for upgrades: '$release_tag'" @@ -820,7 +823,7 @@ check_getssl_upgrade() { # check if a more recent release is available if [ "$TEMP_UPGRADE_FILE" == "" ]; then error_exit "mktemp failed" fi - CODE_LOCATION=$(sed -e"s/getssl\/master/${release_tag}/" <<<"$CODE_LOCATION") + CODE_LOCATION=$(sed -e"s/master/${release_tag}/" <<<"$CODE_LOCATION") # shellcheck disable=SC2086 debug curl ${_NOMETER:---silent} --user-agent "$CURL_USERAGENT" "$CODE_LOCATION" --output "$TEMP_UPGRADE_FILE" # shellcheck disable=SC2086 @@ -2427,7 +2430,7 @@ send_signed_request() { # Sends a request to the ACME server, signed with your p fi debug "response status = $response_status" if [[ "$code" -eq 500 ]]; then - info "error on acme server - trying again ...." + info "_error on acme server - trying again ...." debug "loop_limit = $loop_limit" sleep 5 loop_limit=$((loop_limit - 1)) @@ -2755,7 +2758,7 @@ while [[ -n ${1+defined} ]]; do _ONLY_CHECK_CONFIG=1 ;; -w) shift; WORKING_DIR="$1" ;; - -preferred-chain) + -preferred-chain | --preferred-chain) shift; PREFERRED_CHAIN="$1" ;; --source) return ;; @@ -2830,6 +2833,10 @@ if [[ $_UPGRADE_CHECK -eq 1 ]]; then # if nothing in command line and no revocation and not only config check, # then exit after upgrade if [[ -z "$DOMAIN" ]] && [[ ${_CHECK_ALL} -ne 1 ]] && [[ ${_REVOKE} -ne 1 ]] && [ "${_ONLY_CHECK_CONFIG}" -ne 1 ]; then + # if nothing in command line, print help before exit. + if [[ -z "$DOMAIN" ]] && [[ ${_CHECK_ALL} -ne 1 ]]; then + help_message + fi graceful_exit fi fi diff --git a/test/33-ftp.bats b/test/33-ftp.bats index 7c35f966..59297c0b 100644 --- a/test/33-ftp.bats +++ b/test/33-ftp.bats @@ -18,7 +18,7 @@ setup() { pasv_enable=NO _FTP - ${CODE_DIR}/test/restart-ftpd + ${CODE_DIR}/test/restart-ftpd start fi } @@ -27,7 +27,7 @@ teardown() { [ -n "$BATS_TEST_COMPLETED" ] || touch $BATS_RUN_TMPDIR/failed.skip if [ -n "${VSFTPD_CONF}" ]; then cp ${VSFTPD_CONF}.getssl $VSFTPD_CONF - ${CODE_DIR}/test/restart-ftpd + ${CODE_DIR}/test/restart-ftpd stop fi } diff --git a/test/34-ftp-passive.bats b/test/34-ftp-passive.bats index 5648771f..71e6ed0a 100644 --- a/test/34-ftp-passive.bats +++ b/test/34-ftp-passive.bats @@ -21,7 +21,7 @@ pasv_min_port=10090 connect_from_port_20=NO _FTP - ${CODE_DIR}/test/restart-ftpd + ${CODE_DIR}/test/restart-ftpd start fi } @@ -30,7 +30,7 @@ teardown() { [ -n "$BATS_TEST_COMPLETED" ] || touch $BATS_RUN_TMPDIR/failed.skip if [ -n "${VSFTPD_CONF}" ]; then cp ${VSFTPD_CONF}.getssl $VSFTPD_CONF - ${CODE_DIR}/test/restart-ftpd + ${CODE_DIR}/test/restart-ftpd stop fi } diff --git a/test/restart-ftpd b/test/restart-ftpd index 5bdc3cd7..6bb780c1 100755 --- a/test/restart-ftpd +++ b/test/restart-ftpd @@ -1,11 +1,17 @@ #!/usr/bin/env bash +if [ -z "$1" ]; then + arg="restart" +else + arg=$1 +fi + if [ "$GETSSL_OS" = "alpine" ]; then killall -HUP vsftpd >&3- elif [[ "$GETSSL_OS" == "centos"[78] || "$GETSSL_OS" == "rockylinux"* ]]; then pgrep vsftpd | head -1 | xargs kill -HUP elif [[ "$GETSSL_OS" == "centos6" ]]; then - service vsftpd restart >&3- >/dev/null + service vsftpd "$arg" else service vsftpd restart >/dev/null >&3- fi diff --git a/test/restart-nginx b/test/restart-nginx index ca402f35..ee49af49 100755 --- a/test/restart-nginx +++ b/test/restart-nginx @@ -7,7 +7,8 @@ elif [[ "$GETSSL_OS" == "centos"[78] || "$GETSSL_OS" == "rockylinux"* ]]; then pgrep nginx | head -1 | xargs kill -HUP sleep 5 elif [[ "$GETSSL_OS" == "centos6" ]]; then - service nginx restart >&3- >/dev/null + service nginx restart 3>&- + # service nginx restart else service nginx restart >/dev/null >&3- fi diff --git a/test/test_helper.bash b/test/test_helper.bash index efc52faa..e8d68b0a 100644 --- a/test/test_helper.bash +++ b/test/test_helper.bash @@ -74,10 +74,10 @@ if [[ -f /usr/bin/supervisord && -f /etc/supervisord.conf ]]; then fi elif [[ "$GETSSL_OS" == "centos"[78] || "$GETSSL_OS" == "rockylinux"* ]]; then if [ -z "$(pgrep nginx)" ]; then - nginx >&3- + nginx 3>&- fi if [ -z "$(pgrep vsftpd)" ] && [ "$(command -v vsftpd)" ]; then - vsftpd >&3- + vsftpd 3>&- fi fi