mkcerts debugging again
This commit is contained in:
parent
0ac8b36c18
commit
55619d3ebb
7
.bashrc
7
.bashrc
|
@ -31,9 +31,9 @@ function lyrics { python ~/tinker/lyrics-fetcher/getlyrics.py $@; }
|
||||||
function pulsemagix { ~/pulsemagix.sh $*; }
|
function pulsemagix { ~/pulsemagix.sh $*; }
|
||||||
alias search=~/tinker/tinyscripts/search.sh
|
alias search=~/tinker/tinyscripts/search.sh
|
||||||
alias gitmk="git push -o repo.private=false -u master master"
|
alias gitmk="git push -o repo.private=false -u master master"
|
||||||
alias wpfx="WINEPREFIX=$(pwd)/wpfx wine"
|
alias wpfx="WINEPREFIX='$(pwd)/wpfx' wine"
|
||||||
function update { scp -r * root@jasmine:"$(cat .update)"; }
|
function update { scp -r * root@jasmine:"$(cat .update)"; }
|
||||||
function makepkgi { a=$(pwd); mkdir /tmp/negros/; cp PKGBUILD /tmp/negros/; cp -r * /tmp/negros/src/$(basename $a)/; cd /tmp/negros/; rm src/$(basename $a)/PKGBUILD; makepkg -${1:-R}; cp *.tar.zst $a; cd $a; rm -r /tmp/negros/; }
|
function makepkgi { a="$(pwd)"; mkdir -p "/tmp/negros/src/$(basename "$a")"; cp PKGBUILD /tmp/negros/; cp -r * "/tmp/negros/src/$(basename "$a")/"; cd /tmp/negros/; rm "src/$(basename "$a")/PKGBUILD"; makepkg -${1:-R}; cp *.tar.zst "$a"; cd "$a"; rm -r /tmp/negros/; }
|
||||||
#image shitposting
|
#image shitposting
|
||||||
function catbox { curl -F fileToUpload="@$*" -F reqtype=fileupload https://catbox.moe/user/api.php; echo ""; }
|
function catbox { curl -F fileToUpload="@$*" -F reqtype=fileupload https://catbox.moe/user/api.php; echo ""; }
|
||||||
alias shitpost="~/tinker/tinyscripts/shitpost.sh"
|
alias shitpost="~/tinker/tinyscripts/shitpost.sh"
|
||||||
|
@ -47,8 +47,9 @@ alias pentest="curl -H 'user-agent:rakkatakkamuthafakka'"
|
||||||
|
|
||||||
#fedi
|
#fedi
|
||||||
alias fedifind="python ~/tinker/fedi/fedi_finder.py -c ~/tinker/fedi/misc/userids"
|
alias fedifind="python ~/tinker/fedi/fedi_finder.py -c ~/tinker/fedi/misc/userids"
|
||||||
function fedidl { a=$(curl -sLH "Accept:application/activity+json" $1 | jq -r '.attachment[] | .url'); if [ $2 == '-p' ]; then echo $a; else wget $a; fi; }
|
function fedidl { a=$(curl -sLH "Accept:application/activity+json" $1 | jq -r '.attachment[] | .url'); if [ "$2" = "-p" ]; then echo $a; else wget $a; fi; }
|
||||||
alias att="~/tinker/fedi/get_attachments.sh"
|
alias att="~/tinker/fedi/get_attachments.sh"
|
||||||
|
function fedii { curl -sLH "Accept:application/activity+json" $1 | jq; }
|
||||||
function mxc { [ -z $INSTANCE ] && creds matrix harpy; echo "https://$INSTANCE/_matrix/media/v3/download/$*"; }
|
function mxc { [ -z $INSTANCE ] && creds matrix harpy; echo "https://$INSTANCE/_matrix/media/v3/download/$*"; }
|
||||||
|
|
||||||
#low-frequency
|
#low-frequency
|
||||||
|
|
18
mkcerts.sh
18
mkcerts.sh
|
@ -82,7 +82,7 @@ function szf # setup zone file
|
||||||
function usoa # update SOA
|
function usoa # update SOA
|
||||||
{
|
{
|
||||||
inc=$(grep -Eo 'SOA [^ ]+ [^ ]+ [0-9]+' $1 | grep -Eo '[0-9]+$')
|
inc=$(grep -Eo 'SOA [^ ]+ [^ ]+ [0-9]+' $1 | grep -Eo '[0-9]+$')
|
||||||
sed -ie 's/SOA\t\([^\t]*\)\t\([^\t]*\)\t[0-9]*/SOA \1 \2 '$((inc+1))'/' $1
|
sed -i 's/SOA\t\([^\t]*\)\t\([^\t]*\)\t[0-9]*/SOA \1 \2 '$((inc+1))'/' $1
|
||||||
}
|
}
|
||||||
|
|
||||||
# CHALLENGES
|
# CHALLENGES
|
||||||
|
@ -101,7 +101,7 @@ function complete_challenges
|
||||||
apply_challenge $dom ${toks[$dom]}
|
apply_challenge $dom ${toks[$dom]}
|
||||||
done
|
done
|
||||||
systemctl reload named # Actually update DNS for real final7
|
systemctl reload named # Actually update DNS for real final7
|
||||||
declare -a pending
|
declare -a pending pending2
|
||||||
for dom in ${!chals[@]}; do
|
for dom in ${!chals[@]}; do
|
||||||
IFS=';' read -a chalurls <<< ${chals[$dom]}
|
IFS=';' read -a chalurls <<< ${chals[$dom]}
|
||||||
for chalurl in ${chalurls[@]}; do
|
for chalurl in ${chalurls[@]}; do
|
||||||
|
@ -112,6 +112,8 @@ function complete_challenges
|
||||||
done
|
done
|
||||||
done
|
done
|
||||||
# now we wait for validations
|
# now we wait for validations
|
||||||
|
echo "beginning validation" >&2
|
||||||
|
echo "pending list contains: ${pending[@]}" >&2
|
||||||
dirty=1
|
dirty=1
|
||||||
timer=10
|
timer=10
|
||||||
backoff=1
|
backoff=1
|
||||||
|
@ -120,20 +122,27 @@ function complete_challenges
|
||||||
dirty=0
|
dirty=0
|
||||||
for url in ${pending[@]}; do
|
for url in ${pending[@]}; do
|
||||||
sleep 1
|
sleep 1
|
||||||
|
echo "checking $url" >&2
|
||||||
oof=$(send_req $url)
|
oof=$(send_req $url)
|
||||||
oof2=$(jq -r .status <<< "$oof")
|
oof2=$(jq -r .status <<< "$oof")
|
||||||
nonce=$(get_nonce) # For some reason checking status doesn't come back with a nonce, or comes back with same nonce.
|
nonce=$(get_nonce) # For some reason checking status doesn't come back with a nonce, or comes back with same nonce.
|
||||||
if [ $oof2 != valid ]; then dirty=1; fi
|
if [ $oof2 != valid ]; then dirty=1; pending2+=("$url"); echo -n "in" >&2; fi
|
||||||
|
echo "valid" >&2
|
||||||
done
|
done
|
||||||
|
pending=("${pending2[@]}")
|
||||||
|
pending2=()
|
||||||
|
echo "sleeping for $timer" >&2
|
||||||
sleep $timer # This gets slower each iteration, to spam the server less
|
sleep $timer # This gets slower each iteration, to spam the server less
|
||||||
timer=$(($timer+$backoff))
|
timer=$(($timer+$backoff))
|
||||||
tick=$(($tick+1))
|
tick=$(($tick+1))
|
||||||
if [ $tick -eq $backoff ]; then tick=0; backoff=$(($backoff+1)); fi
|
echo "tick: $tick, backoff: $backoff" >&2
|
||||||
|
if [ $tick -ge $backoff ]; then tick=0; backoff=$(($backoff+1)); fi
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
function apply_challenge
|
function apply_challenge
|
||||||
{
|
{
|
||||||
|
echo "applying challenge for $1: $2" >&2
|
||||||
dnsname="/var/named/$(ifsrev $1 .).zone"
|
dnsname="/var/named/$(ifsrev $1 .).zone"
|
||||||
czf $dnsname
|
czf $dnsname
|
||||||
szf $dnsname $(tr ';' '\n' <<< $2 | base64 -d | tr '\n' ' ') # Actually update the DNS
|
szf $dnsname $(tr ';' '\n' <<< $2 | base64 -d | tr '\n' ' ') # Actually update the DNS
|
||||||
|
@ -173,6 +182,7 @@ function get_cert
|
||||||
# I can just access the headers lol
|
# I can just access the headers lol
|
||||||
# No I can't, assfucked by subshells again
|
# No I can't, assfucked by subshells again
|
||||||
orderurl=$(grep -i location <<< "$headers" | grep -io http.*$)
|
orderurl=$(grep -i location <<< "$headers" | grep -io http.*$)
|
||||||
|
echo "order URL is: $orderurl" >&2
|
||||||
auths=$(jq '.authorizations' <<< "$order")
|
auths=$(jq '.authorizations' <<< "$order")
|
||||||
finalise=$(jq -r '.finalize' <<< "$order")
|
finalise=$(jq -r '.finalize' <<< "$order")
|
||||||
complete_challenges "$auths"
|
complete_challenges "$auths"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user