Merge pull request #572 from markuspetermann/master
Fixed class.lescript_v2.php to work with ACMEv2
This commit is contained in:
Michael Kaufmann
GitHub
@@ -76,6 +76,7 @@ class lescript_v2
|
||||
$this->customerId = (! $isFroxlorVhost ? $certrow['customerid'] : null);
|
||||
$this->isFroxlorVhost = $isFroxlorVhost;
|
||||
$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
|
||||
$this->_acc_location = $certrow['leaccount'];
|
||||
|
||||
$leregistered = $certrow['leregistered'];
|
||||
|
||||
@@ -149,42 +150,55 @@ class lescript_v2
|
||||
|
||||
// start domains authentication
|
||||
// ----------------------------
|
||||
|
||||
|
||||
// Prepare order
|
||||
$domains_in_order = array();
|
||||
foreach ($domains as $domain) {
|
||||
$domains_in_order []= array(
|
||||
"type" => "dns",
|
||||
"value" => $domain
|
||||
);
|
||||
}
|
||||
|
||||
// Send new-order request
|
||||
$response = $this->signedRequest($this->_req_uris['newOrder'], array(
|
||||
"identifiers" => $domains_in_order
|
||||
), false);
|
||||
|
||||
if ($this->client->getLastCode() == 403) {
|
||||
$this->log("Got status 403 - setting LE status to unregistered.");
|
||||
$this->_acc_location = '';
|
||||
$this->setLeRegisteredState(0);
|
||||
throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
// if response is not an array but a string, it's most likely a server-error, e.g.
|
||||
// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
|
||||
// <p>Reference #179.d8be1402.1458059103.3613c4db</BODY></HTML>
|
||||
if (! is_array($response)) {
|
||||
throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
if (! array_key_exists('authorizations', $response)) {
|
||||
throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
$authorizations = $response['authorizations'];
|
||||
$finalizeLink = $response['finalize'];
|
||||
|
||||
$i = 0;
|
||||
|
||||
foreach ($authorizations as $authorization) {
|
||||
|
||||
// 1. getting available authentication options
|
||||
// -------------------------------------------
|
||||
|
||||
$domain = $response['identifiers'][$i++]['value'];
|
||||
|
||||
$this->log("Requesting challenge for $domain");
|
||||
|
||||
$response = $this->signedRequest($this->_req_uris['newOrder'], array(
|
||||
"identifiers" => array(
|
||||
array(
|
||||
"type" => "dns",
|
||||
"value" => $domain
|
||||
)
|
||||
)
|
||||
), false);
|
||||
|
||||
if ($this->client->getLastCode() == 403) {
|
||||
$this->log("Got status 403 - setting LE status to unregistered.");
|
||||
$this->setLeRegisteredState(0);
|
||||
throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
// if response is not an array but a string, it's most likely a server-error, e.g.
|
||||
// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
|
||||
// <p>Reference #179.d8be1402.1458059103.3613c4db</BODY></HTML>
|
||||
if (! is_array($response)) {
|
||||
throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
if (! array_key_exists('authorizations', $response)) {
|
||||
throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
// get authorization
|
||||
$auth_response = $this->client->get($response['authorizations'][0]);
|
||||
$auth_response = $this->client->get($authorization);
|
||||
|
||||
if (! array_key_exists('challenges', $auth_response)) {
|
||||
throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response));
|
||||
@@ -201,7 +215,6 @@ class lescript_v2
|
||||
|
||||
$this->log("Got challenge token for $domain");
|
||||
$location = $challenge['url'];
|
||||
$finalizeLink = $response['finalize'];
|
||||
|
||||
// 2. saving authentication token for web verification
|
||||
// ---------------------------------------------------
|
||||
@@ -336,10 +349,12 @@ class lescript_v2
|
||||
if ($this->isLeProduction) {
|
||||
if ($this->isFroxlorVhost) {
|
||||
Settings::Set('system.leregistered', $state);
|
||||
Settings::Set('system.leaccount', $this->_acc_location);
|
||||
} else {
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered, `leaccount` = :kid " . "WHERE `customerid` = :customerid;");
|
||||
Database::pexecute($upd_stmt, array(
|
||||
'registered' => $state,
|
||||
'kid' => $this->_acc_location,
|
||||
'customerid' => $this->customerId
|
||||
));
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user