mkcerts debugging again

This commit is contained in:
Zergling_man 2023-12-28 19:07:15 +11:00
parent 0ac8b36c18
commit 55619d3ebb
2 changed files with 19 additions and 8 deletions

View File

@ -31,9 +31,9 @@ function lyrics { python ~/tinker/lyrics-fetcher/getlyrics.py $@; }
function pulsemagix { ~/pulsemagix.sh $*; } function pulsemagix { ~/pulsemagix.sh $*; }
alias search=~/tinker/tinyscripts/search.sh alias search=~/tinker/tinyscripts/search.sh
alias gitmk="git push -o repo.private=false -u master master" alias gitmk="git push -o repo.private=false -u master master"
alias wpfx="WINEPREFIX=$(pwd)/wpfx wine" alias wpfx="WINEPREFIX='$(pwd)/wpfx' wine"
function update { scp -r * root@jasmine:"$(cat .update)"; } function update { scp -r * root@jasmine:"$(cat .update)"; }
function makepkgi { a=$(pwd); mkdir /tmp/negros/; cp PKGBUILD /tmp/negros/; cp -r * /tmp/negros/src/$(basename $a)/; cd /tmp/negros/; rm src/$(basename $a)/PKGBUILD; makepkg -${1:-R}; cp *.tar.zst $a; cd $a; rm -r /tmp/negros/; } function makepkgi { a="$(pwd)"; mkdir -p "/tmp/negros/src/$(basename "$a")"; cp PKGBUILD /tmp/negros/; cp -r * "/tmp/negros/src/$(basename "$a")/"; cd /tmp/negros/; rm "src/$(basename "$a")/PKGBUILD"; makepkg -${1:-R}; cp *.tar.zst "$a"; cd "$a"; rm -r /tmp/negros/; }
#image shitposting #image shitposting
function catbox { curl -F fileToUpload="@$*" -F reqtype=fileupload https://catbox.moe/user/api.php; echo ""; } function catbox { curl -F fileToUpload="@$*" -F reqtype=fileupload https://catbox.moe/user/api.php; echo ""; }
alias shitpost="~/tinker/tinyscripts/shitpost.sh" alias shitpost="~/tinker/tinyscripts/shitpost.sh"
@ -47,8 +47,9 @@ alias pentest="curl -H 'user-agent:rakkatakkamuthafakka'"
#fedi #fedi
alias fedifind="python ~/tinker/fedi/fedi_finder.py -c ~/tinker/fedi/misc/userids" alias fedifind="python ~/tinker/fedi/fedi_finder.py -c ~/tinker/fedi/misc/userids"
function fedidl { a=$(curl -sLH "Accept:application/activity+json" $1 | jq -r '.attachment[] | .url'); if [ $2 == '-p' ]; then echo $a; else wget $a; fi; } function fedidl { a=$(curl -sLH "Accept:application/activity+json" $1 | jq -r '.attachment[] | .url'); if [ "$2" = "-p" ]; then echo $a; else wget $a; fi; }
alias att="~/tinker/fedi/get_attachments.sh" alias att="~/tinker/fedi/get_attachments.sh"
function fedii { curl -sLH "Accept:application/activity+json" $1 | jq; }
function mxc { [ -z $INSTANCE ] && creds matrix harpy; echo "https://$INSTANCE/_matrix/media/v3/download/$*"; } function mxc { [ -z $INSTANCE ] && creds matrix harpy; echo "https://$INSTANCE/_matrix/media/v3/download/$*"; }
#low-frequency #low-frequency

View File

@ -82,7 +82,7 @@ function szf # setup zone file
function usoa # update SOA function usoa # update SOA
{ {
inc=$(grep -Eo 'SOA [^ ]+ [^ ]+ [0-9]+' $1 | grep -Eo '[0-9]+$') inc=$(grep -Eo 'SOA [^ ]+ [^ ]+ [0-9]+' $1 | grep -Eo '[0-9]+$')
sed -ie 's/SOA\t\([^\t]*\)\t\([^\t]*\)\t[0-9]*/SOA \1 \2 '$((inc+1))'/' $1 sed -i 's/SOA\t\([^\t]*\)\t\([^\t]*\)\t[0-9]*/SOA \1 \2 '$((inc+1))'/' $1
} }
# CHALLENGES # CHALLENGES
@ -101,7 +101,7 @@ function complete_challenges
apply_challenge $dom ${toks[$dom]} apply_challenge $dom ${toks[$dom]}
done done
systemctl reload named # Actually update DNS for real final7 systemctl reload named # Actually update DNS for real final7
declare -a pending declare -a pending pending2
for dom in ${!chals[@]}; do for dom in ${!chals[@]}; do
IFS=';' read -a chalurls <<< ${chals[$dom]} IFS=';' read -a chalurls <<< ${chals[$dom]}
for chalurl in ${chalurls[@]}; do for chalurl in ${chalurls[@]}; do
@ -112,6 +112,8 @@ function complete_challenges
done done
done done
# now we wait for validations # now we wait for validations
echo "beginning validation" >&2
echo "pending list contains: ${pending[@]}" >&2
dirty=1 dirty=1
timer=10 timer=10
backoff=1 backoff=1
@ -120,20 +122,27 @@ function complete_challenges
dirty=0 dirty=0
for url in ${pending[@]}; do for url in ${pending[@]}; do
sleep 1 sleep 1
echo "checking $url" >&2
oof=$(send_req $url) oof=$(send_req $url)
oof2=$(jq -r .status <<< "$oof") oof2=$(jq -r .status <<< "$oof")
nonce=$(get_nonce) # For some reason checking status doesn't come back with a nonce, or comes back with same nonce. nonce=$(get_nonce) # For some reason checking status doesn't come back with a nonce, or comes back with same nonce.
if [ $oof2 != valid ]; then dirty=1; fi if [ $oof2 != valid ]; then dirty=1; pending2+=("$url"); echo -n "in" >&2; fi
echo "valid" >&2
done done
pending=("${pending2[@]}")
pending2=()
echo "sleeping for $timer" >&2
sleep $timer # This gets slower each iteration, to spam the server less sleep $timer # This gets slower each iteration, to spam the server less
timer=$(($timer+$backoff)) timer=$(($timer+$backoff))
tick=$(($tick+1)) tick=$(($tick+1))
if [ $tick -eq $backoff ]; then tick=0; backoff=$(($backoff+1)); fi echo "tick: $tick, backoff: $backoff" >&2
if [ $tick -ge $backoff ]; then tick=0; backoff=$(($backoff+1)); fi
done done
} }
function apply_challenge function apply_challenge
{ {
echo "applying challenge for $1: $2" >&2
dnsname="/var/named/$(ifsrev $1 .).zone" dnsname="/var/named/$(ifsrev $1 .).zone"
czf $dnsname czf $dnsname
szf $dnsname $(tr ';' '\n' <<< $2 | base64 -d | tr '\n' ' ') # Actually update the DNS szf $dnsname $(tr ';' '\n' <<< $2 | base64 -d | tr '\n' ' ') # Actually update the DNS
@ -173,6 +182,7 @@ function get_cert
# I can just access the headers lol # I can just access the headers lol
# No I can't, assfucked by subshells again # No I can't, assfucked by subshells again
orderurl=$(grep -i location <<< "$headers" | grep -io http.*$) orderurl=$(grep -i location <<< "$headers" | grep -io http.*$)
echo "order URL is: $orderurl" >&2
auths=$(jq '.authorizations' <<< "$order") auths=$(jq '.authorizations' <<< "$order")
finalise=$(jq -r '.finalize' <<< "$order") finalise=$(jq -r '.finalize' <<< "$order")
complete_challenges "$auths" complete_challenges "$auths"