tls mode: -naccept is not supported by many old openssl versions. (#257)

So I remove it.  and use 2 GET requests to make openssl sever exit.
This commit is contained in:
neil 2016-08-07 14:25:55 +08:00 committed by GitHub
parent d35bf51780
commit 75da0713d2

34
acme.sh
View File

@ -688,26 +688,36 @@ _post() {
return $_ret return $_ret
} }
# url getheader # url getheader timeout
_get() { _get() {
_debug GET _debug GET
url="$1" url="$1"
onlyheader="$2" onlyheader="$2"
t="$3"
_debug url $url _debug url $url
_debug "timeout" "$t"
if _exists "curl" ; then if _exists "curl" ; then
_debug "CURL" "$CURL" _CURL="$CURL"
if [ "$t" ] ; then
_CURL="$_CURL --connect-timeout $t"
fi
_debug "_CURL" "$_CURL"
if [ "$onlyheader" ] ; then if [ "$onlyheader" ] ; then
$CURL -I --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" $url $_CURL -I --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" $url
else else
$CURL --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" $url $_CURL --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" $url
fi fi
ret=$? ret=$?
elif _exists "wget" ; then elif _exists "wget" ; then
_debug "WGET" "$WGET" _WGET="$WGET"
if [ "$t" ] ; then
_WGET="$_WGET --timeout=$t"
fi
_debug "_WGET" "$_WGET"
if [ "$onlyheader" ] ; then if [ "$onlyheader" ] ; then
$WGET --user-agent="$USER_AGENT" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -S -O /dev/null $url 2>&1 | sed 's/^[ ]*//g' $_WGET --user-agent="$USER_AGENT" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -S -O /dev/null $url 2>&1 | sed 's/^[ ]*//g'
else else
$WGET --user-agent="$USER_AGENT" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -O - $url $_WGET --user-agent="$USER_AGENT" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -O - $url
fi fi
ret=$? ret=$?
else else
@ -921,9 +931,11 @@ _stopserver(){
_debug2 "Le_TLSPort" "$Le_TLSPort" _debug2 "Le_TLSPort" "$Le_TLSPort"
if [ "$Le_TLSPort" ] ; then if [ "$Le_TLSPort" ] ; then
if [ "$DEBUG" ] ; then if [ "$DEBUG" ] ; then
_get "https://localhost:$Le_TLSPort" _get "https://localhost:$Le_TLSPort" "" 1
_get "https://localhost:$Le_TLSPort" "" 1
else else
_get "https://localhost:$Le_TLSPort" >/dev/null 2>&1 _get "https://localhost:$Le_TLSPort" "" 1 >/dev/null 2>&1
_get "https://localhost:$Le_TLSPort" "" 1 >/dev/null 2>&1
fi fi
fi fi
} }
@ -966,9 +978,9 @@ _starttlsserver() {
#start openssl #start openssl
_debug "openssl s_server -cert \"$TLS_CERT\" -key \"$TLS_KEY\" -accept $port -naccept 1 -tlsextdebug" _debug "openssl s_server -cert \"$TLS_CERT\" -key \"$TLS_KEY\" -accept $port -naccept 1 -tlsextdebug"
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ] ; then if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ] ; then
(printf "HTTP/1.1 200 OK\r\n\r\n$content" | openssl s_server -cert "$TLS_CERT" -key "$TLS_KEY" -accept $port -naccept 1 -tlsextdebug ) & (printf "HTTP/1.1 200 OK\r\n\r\n$content" | openssl s_server -cert "$TLS_CERT" -key "$TLS_KEY" -accept $port -tlsextdebug ) &
else else
(printf "HTTP/1.1 200 OK\r\n\r\n$content" | openssl s_server -cert "$TLS_CERT" -key "$TLS_KEY" -accept $port -naccept 1 >/dev/null 2>&1) & (printf "HTTP/1.1 200 OK\r\n\r\n$content" | openssl s_server -cert "$TLS_CERT" -key "$TLS_KEY" -accept $port >/dev/null 2>&1) &
fi fi
serverproc="$!" serverproc="$!"