From 55619d3ebb630d50a99ff91537d1694f35c94db6 Mon Sep 17 00:00:00 2001 From: Zergling_man Date: Thu, 28 Dec 2023 19:07:15 +1100 Subject: [PATCH] mkcerts debugging again --- .bashrc | 9 +++++---- mkcerts.sh | 18 ++++++++++++++---- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/.bashrc b/.bashrc index 530742b..4604528 100644 --- a/.bashrc +++ b/.bashrc @@ -31,9 +31,9 @@ function lyrics { python ~/tinker/lyrics-fetcher/getlyrics.py $@; } function pulsemagix { ~/pulsemagix.sh $*; } alias search=~/tinker/tinyscripts/search.sh alias gitmk="git push -o repo.private=false -u master master" -alias wpfx="WINEPREFIX=$(pwd)/wpfx wine" +alias wpfx="WINEPREFIX='$(pwd)/wpfx' wine" function update { scp -r * root@jasmine:"$(cat .update)"; } -function makepkgi { a=$(pwd); mkdir /tmp/negros/; cp PKGBUILD /tmp/negros/; cp -r * /tmp/negros/src/$(basename $a)/; cd /tmp/negros/; rm src/$(basename $a)/PKGBUILD; makepkg -${1:-R}; cp *.tar.zst $a; cd $a; rm -r /tmp/negros/; } +function makepkgi { a="$(pwd)"; mkdir -p "/tmp/negros/src/$(basename "$a")"; cp PKGBUILD /tmp/negros/; cp -r * "/tmp/negros/src/$(basename "$a")/"; cd /tmp/negros/; rm "src/$(basename "$a")/PKGBUILD"; makepkg -${1:-R}; cp *.tar.zst "$a"; cd "$a"; rm -r /tmp/negros/; } #image shitposting function catbox { curl -F fileToUpload="@$*" -F reqtype=fileupload https://catbox.moe/user/api.php; echo ""; } alias shitpost="~/tinker/tinyscripts/shitpost.sh" @@ -47,8 +47,9 @@ alias pentest="curl -H 'user-agent:rakkatakkamuthafakka'" #fedi alias fedifind="python ~/tinker/fedi/fedi_finder.py -c ~/tinker/fedi/misc/userids" -function fedidl { a=$(curl -sLH "Accept:application/activity+json" $1 | jq -r '.attachment[] | .url'); if [ $2 == '-p' ]; then echo $a; else wget $a; fi; } +function fedidl { a=$(curl -sLH "Accept:application/activity+json" $1 | jq -r '.attachment[] | .url'); if [ "$2" = "-p" ]; then echo $a; else wget $a; fi; } alias att="~/tinker/fedi/get_attachments.sh" +function fedii { curl -sLH "Accept:application/activity+json" $1 | jq; } function mxc { [ -z $INSTANCE ] && creds matrix harpy; echo "https://$INSTANCE/_matrix/media/v3/download/$*"; } #low-frequency @@ -64,4 +65,4 @@ function tlcard { a="$*"; read oid lang <<< "$(curl -s "https://api.scryfall.com #alias genyprox="mitmproxy --mode socks5 --listen-port 8050" #alias genyprox2="mitmproxy --mode socks5 --listen-port 8051" #alias ztr="sudo rc-service zerotier-one restart" -#function zino { curl -iX PUT 'http://conduit.rakka.tk/_matrix/client/r0/rooms/!bXiARHQYqPBOdJRzTd:matrix.org/send/m.room.message/'$1 -H "Authorization:Bearer $TOKE" --json "{\"msgtype\":\"m.text\",\"body\":\"$(cat)\"}" && echo ''; } \ No newline at end of file +#function zino { curl -iX PUT 'http://conduit.rakka.tk/_matrix/client/r0/rooms/!bXiARHQYqPBOdJRzTd:matrix.org/send/m.room.message/'$1 -H "Authorization:Bearer $TOKE" --json "{\"msgtype\":\"m.text\",\"body\":\"$(cat)\"}" && echo ''; } diff --git a/mkcerts.sh b/mkcerts.sh index 81f557c..ad052d9 100644 --- a/mkcerts.sh +++ b/mkcerts.sh @@ -82,7 +82,7 @@ function szf # setup zone file function usoa # update SOA { inc=$(grep -Eo 'SOA [^ ]+ [^ ]+ [0-9]+' $1 | grep -Eo '[0-9]+$') - sed -ie 's/SOA\t\([^\t]*\)\t\([^\t]*\)\t[0-9]*/SOA \1 \2 '$((inc+1))'/' $1 + sed -i 's/SOA\t\([^\t]*\)\t\([^\t]*\)\t[0-9]*/SOA \1 \2 '$((inc+1))'/' $1 } # CHALLENGES @@ -101,7 +101,7 @@ function complete_challenges apply_challenge $dom ${toks[$dom]} done systemctl reload named # Actually update DNS for real final7 - declare -a pending + declare -a pending pending2 for dom in ${!chals[@]}; do IFS=';' read -a chalurls <<< ${chals[$dom]} for chalurl in ${chalurls[@]}; do @@ -112,6 +112,8 @@ function complete_challenges done done # now we wait for validations + echo "beginning validation" >&2 + echo "pending list contains: ${pending[@]}" >&2 dirty=1 timer=10 backoff=1 @@ -120,20 +122,27 @@ function complete_challenges dirty=0 for url in ${pending[@]}; do sleep 1 + echo "checking $url" >&2 oof=$(send_req $url) oof2=$(jq -r .status <<< "$oof") nonce=$(get_nonce) # For some reason checking status doesn't come back with a nonce, or comes back with same nonce. - if [ $oof2 != valid ]; then dirty=1; fi + if [ $oof2 != valid ]; then dirty=1; pending2+=("$url"); echo -n "in" >&2; fi + echo "valid" >&2 done + pending=("${pending2[@]}") + pending2=() + echo "sleeping for $timer" >&2 sleep $timer # This gets slower each iteration, to spam the server less timer=$(($timer+$backoff)) tick=$(($tick+1)) - if [ $tick -eq $backoff ]; then tick=0; backoff=$(($backoff+1)); fi + echo "tick: $tick, backoff: $backoff" >&2 + if [ $tick -ge $backoff ]; then tick=0; backoff=$(($backoff+1)); fi done } function apply_challenge { + echo "applying challenge for $1: $2" >&2 dnsname="/var/named/$(ifsrev $1 .).zone" czf $dnsname szf $dnsname $(tr ';' '\n' <<< $2 | base64 -d | tr '\n' ' ') # Actually update the DNS @@ -173,6 +182,7 @@ function get_cert # I can just access the headers lol # No I can't, assfucked by subshells again orderurl=$(grep -i location <<< "$headers" | grep -io http.*$) + echo "order URL is: $orderurl" >&2 auths=$(jq '.authorizations' <<< "$order") finalise=$(jq -r '.finalize' <<< "$order") complete_challenges "$auths"