]> git.street.me.uk Git - andy/dehydrated.git/commitdiff
projects / andy / dehydrated.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 338ec30)
use temporary openssl config instead of weird fake fds (fixes #57)
authorLukas Schauer <lukas@schauer.so>
Sat, 19 Dec 2015 00:57:58 +0000 (01:57 +0100)
committerLukas Schauer <lukas@schauer.so>
Sat, 19 Dec 2015 00:58:28 +0000 (01:58 +0100)
letsencrypt.sh patch | blob | blame | history

diff --git a/letsencrypt.sh b/letsencrypt.sh
index 1296e166a06d9493bb4087236cdc02dd314d4a60..d0aa6a020f9c11175c0d80fa623299429fff06a7 100755 (executable)
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -215,7 +215,7 @@ _request() {
     echo "  + ERROR: An error occurred while sending ${1}-request to ${2} (Status ${statuscode})" >&2
     echo >&2
     echo "Details:" >&2
-    echo "$(<"${tempcont}"))" >&2
+    cat "${tempcont}" >&2
     rm -f "${tempcont}"
 
     # Wait for hook script to clean the challenge if used
@@ -306,7 +306,11 @@ sign_domain() {
   done
   SAN="${SAN%%, }"
   echo " + Generating signing request..."
-  openssl req -new -sha256 -key "${BASEDIR}/certs/${domain}/${privkey}" -out "${BASEDIR}/certs/${domain}/cert-${timestamp}.csr" -subj "/CN=${domain}/" -reqexts SAN -config <(cat "${OPENSSL_CNF}" <(printf "[SAN]\nsubjectAltName=%s" "${SAN}"))
+  local tmp_openssl_cnf="$(mktemp)"
+  cat $OPENSSL_CNF > "${tmp_openssl_cnf}"
+  printf "[SAN]\nsubjectAltName=%s" "${SAN}" >> "${tmp_openssl_cnf}"
+  openssl req -new -sha256 -key "${BASEDIR}/certs/${domain}/${privkey}" -out "${BASEDIR}/certs/${domain}/cert-${timestamp}.csr" -subj "/CN=${domain}/" -reqexts SAN -config "${tmp_openssl_cnf}"
+  rm -f "${tmp_openssl_cnf}"
 
   # Request and respond to challenges
   for altname in $altnames; do
@@ -469,7 +473,7 @@ command_sign_domains() {
 
   # remove temporary domains.txt file if used
   if [[ -n "${PARAM_DOMAIN:-}" ]]; then
-    rm "${DOMAINS_TXT}"
+    rm -f "${DOMAINS_TXT}"
   fi
 }
 
ACME client