mkcerts debugging again

This commit is contained in:
Zergling_man 2023-12-28 19:07:15 +11:00
parent 0ac8b36c18
commit 55619d3ebb
2 changed files with 19 additions and 8 deletions

View File

@ -31,9 +31,9 @@ function lyrics { python ~/tinker/lyrics-fetcher/getlyrics.py $@; }
function pulsemagix { ~/pulsemagix.sh $*; }
alias search=~/tinker/tinyscripts/search.sh
alias gitmk="git push -o repo.private=false -u master master"
alias wpfx="WINEPREFIX=$(pwd)/wpfx wine"
alias wpfx="WINEPREFIX='$(pwd)/wpfx' wine"
function update { scp -r * root@jasmine:"$(cat .update)"; }
function makepkgi { a=$(pwd); mkdir /tmp/negros/; cp PKGBUILD /tmp/negros/; cp -r * /tmp/negros/src/$(basename $a)/; cd /tmp/negros/; rm src/$(basename $a)/PKGBUILD; makepkg -${1:-R}; cp *.tar.zst $a; cd $a; rm -r /tmp/negros/; }
function makepkgi { a="$(pwd)"; mkdir -p "/tmp/negros/src/$(basename "$a")"; cp PKGBUILD /tmp/negros/; cp -r * "/tmp/negros/src/$(basename "$a")/"; cd /tmp/negros/; rm "src/$(basename "$a")/PKGBUILD"; makepkg -${1:-R}; cp *.tar.zst "$a"; cd "$a"; rm -r /tmp/negros/; }
#image shitposting
function catbox { curl -F fileToUpload="@$*" -F reqtype=fileupload https://catbox.moe/user/api.php; echo ""; }
alias shitpost="~/tinker/tinyscripts/shitpost.sh"
@ -47,8 +47,9 @@ alias pentest="curl -H 'user-agent:rakkatakkamuthafakka'"
#fedi
alias fedifind="python ~/tinker/fedi/fedi_finder.py -c ~/tinker/fedi/misc/userids"
function fedidl { a=$(curl -sLH "Accept:application/activity+json" $1 | jq -r '.attachment[] | .url'); if [ $2 == '-p' ]; then echo $a; else wget $a; fi; }
function fedidl { a=$(curl -sLH "Accept:application/activity+json" $1 | jq -r '.attachment[] | .url'); if [ "$2" = "-p" ]; then echo $a; else wget $a; fi; }
alias att="~/tinker/fedi/get_attachments.sh"
function fedii { curl -sLH "Accept:application/activity+json" $1 | jq; }
function mxc { [ -z $INSTANCE ] && creds matrix harpy; echo "https://$INSTANCE/_matrix/media/v3/download/$*"; }
#low-frequency
@ -64,4 +65,4 @@ function tlcard { a="$*"; read oid lang <<< "$(curl -s "https://api.scryfall.com
#alias genyprox="mitmproxy --mode socks5 --listen-port 8050"
#alias genyprox2="mitmproxy --mode socks5 --listen-port 8051"
#alias ztr="sudo rc-service zerotier-one restart"
#function zino { curl -iX PUT 'http://conduit.rakka.tk/_matrix/client/r0/rooms/!bXiARHQYqPBOdJRzTd:matrix.org/send/m.room.message/'$1 -H "Authorization:Bearer $TOKE" --json "{\"msgtype\":\"m.text\",\"body\":\"$(cat)\"}" && echo ''; }
#function zino { curl -iX PUT 'http://conduit.rakka.tk/_matrix/client/r0/rooms/!bXiARHQYqPBOdJRzTd:matrix.org/send/m.room.message/'$1 -H "Authorization:Bearer $TOKE" --json "{\"msgtype\":\"m.text\",\"body\":\"$(cat)\"}" && echo ''; }

View File

@ -82,7 +82,7 @@ function szf # setup zone file
function usoa # update SOA
{
inc=$(grep -Eo 'SOA [^ ]+ [^ ]+ [0-9]+' $1 | grep -Eo '[0-9]+$')
sed -ie 's/SOA\t\([^\t]*\)\t\([^\t]*\)\t[0-9]*/SOA \1 \2 '$((inc+1))'/' $1
sed -i 's/SOA\t\([^\t]*\)\t\([^\t]*\)\t[0-9]*/SOA \1 \2 '$((inc+1))'/' $1
}
# CHALLENGES
@ -101,7 +101,7 @@ function complete_challenges
apply_challenge $dom ${toks[$dom]}
done
systemctl reload named # Actually update DNS for real final7
declare -a pending
declare -a pending pending2
for dom in ${!chals[@]}; do
IFS=';' read -a chalurls <<< ${chals[$dom]}
for chalurl in ${chalurls[@]}; do
@ -112,6 +112,8 @@ function complete_challenges
done
done
# now we wait for validations
echo "beginning validation" >&2
echo "pending list contains: ${pending[@]}" >&2
dirty=1
timer=10
backoff=1
@ -120,20 +122,27 @@ function complete_challenges
dirty=0
for url in ${pending[@]}; do
sleep 1
echo "checking $url" >&2
oof=$(send_req $url)
oof2=$(jq -r .status <<< "$oof")
nonce=$(get_nonce) # For some reason checking status doesn't come back with a nonce, or comes back with same nonce.
if [ $oof2 != valid ]; then dirty=1; fi
if [ $oof2 != valid ]; then dirty=1; pending2+=("$url"); echo -n "in" >&2; fi
echo "valid" >&2
done
pending=("${pending2[@]}")
pending2=()
echo "sleeping for $timer" >&2
sleep $timer # This gets slower each iteration, to spam the server less
timer=$(($timer+$backoff))
tick=$(($tick+1))
if [ $tick -eq $backoff ]; then tick=0; backoff=$(($backoff+1)); fi
echo "tick: $tick, backoff: $backoff" >&2
if [ $tick -ge $backoff ]; then tick=0; backoff=$(($backoff+1)); fi
done
}
function apply_challenge
{
echo "applying challenge for $1: $2" >&2
dnsname="/var/named/$(ifsrev $1 .).zone"
czf $dnsname
szf $dnsname $(tr ';' '\n' <<< $2 | base64 -d | tr '\n' ' ') # Actually update the DNS
@ -173,6 +182,7 @@ function get_cert
# I can just access the headers lol
# No I can't, assfucked by subshells again
orderurl=$(grep -i location <<< "$headers" | grep -io http.*$)
echo "order URL is: $orderurl" >&2
auths=$(jq '.authorizations' <<< "$order")
finalise=$(jq -r '.finalize' <<< "$order")
complete_challenges "$auths"