Merge pull request #1001 from Neilpang/socat

Socat
2017-09-02 17:56:15 +08:00 · 2017-09-02 17:56:15 +08:00 · b6c2fc5a69
parent 2068efdb38 cc6610edc2
commit b6c2fc5a69
2 changed files with 21 additions and 92 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -18,7 +18,7 @@ addons:
 install:
  - if [ "$TRAVIS_OS_NAME" = 'osx' ]; then
-      brew update && brew install openssl;
+      brew update && brew install openssl socat;
      brew info openssl;
      ln -s /usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib /usr/local/lib/;
      ln -s /usr/local/opt/openssl/lib/libssl.1.0.0.dylib /usr/local/lib/;
@ -30,6 +30,7 @@ install:
      openssl version 2>&1 || true;
      $ACME_OPENSSL_BIN version 2>&1 || true;
      export PATH="$_old_path";
    else sudo apt-get install socat;
    fi
 script:
--- a/acme.sh
+++ b/acme.sh
@ -1,6 +1,6 @@
 #!/usr/bin/env sh
-VER=2.7.3
+VER=2.7.4
 PROJECT_NAME="acme.sh"
@ -164,11 +164,11 @@ _dlg_versions() {
    echo "nginx doesn't exists."
  fi
-  echo "nc:"
+  echo "socat:"
-  if _exists "nc"; then
+  if _exists "socat"; then
-    nc -h 2>&1
+    socat -h 2>&1
  else
-    _debug "nc doesn't exists."
+    _debug "socat doesn't exists."
  fi
 }
@ -1967,68 +1967,22 @@ _startserver() {
  _debug "ncaddr" "$ncaddr"
  _debug "startserver: $$"
  nchelp="$(nc -h 2>&1)"
  _debug Le_HTTPPort "$Le_HTTPPort"
  _debug Le_Listen_V4 "$Le_Listen_V4"
  _debug Le_Listen_V6 "$Le_Listen_V6"
  _NC="nc"
  _NC="socat"
  if [ "$Le_Listen_V4" ]; then
    _NC="$_NC -4"
  elif [ "$Le_Listen_V6" ]; then
    _NC="$_NC -6"
  fi
  if [ "$Le_Listen_V4$Le_Listen_V6$ncaddr" ]; then
    if ! _contains "$nchelp" "-4"; then
      _err "The nc doesn't support '-4', '-6' or local-address, please install 'netcat-openbsd' and try again."
      _err "See $(__green $_PREPARE_LINK)"
      return 1
    fi
  fi
  if echo "$nchelp" | grep "\-q[ ,]" >/dev/null; then
    _NC="$_NC -q 1 -l $ncaddr"
  else
    if echo "$nchelp" | grep "GNU netcat" >/dev/null && echo "$nchelp" | grep "\-c, \-\-close" >/dev/null; then
      _NC="$_NC -c -l $ncaddr"
    elif echo "$nchelp" | grep "\-N" | grep "Shutdown the network socket after EOF on stdin" >/dev/null; then
      _NC="$_NC -N -l $ncaddr"
    else
      _NC="$_NC -l $ncaddr"
    fi
  fi
  _debug "_NC" "$_NC"
-
+  #todo  listen address
-  #for centos ncat
+  socat TCP-LISTEN:$Le_HTTPPort,crlf,reuseaddr,fork SYSTEM:"echo HTTP/1.1 200 OK'; echo ; echo  $content; echo;" &
-  if _contains "$nchelp" "nmap.org"; then
+  serverproc="$!"
    _debug "Using ncat: nmap.org"
    if ! _exec "printf \"%s\r\n\r\n%s\" \"HTTP/1.1 200 OK\" \"$content\" | $_NC \"$Le_HTTPPort\" >&2"; then
      _exec_err
      return 1
    fi
    if [ "$DEBUG" ]; then
      _exec_err
    fi
    return
  fi
  #  while true ; do
  if ! _exec "printf \"%s\r\n\r\n%s\" \"HTTP/1.1 200 OK\" \"$content\" | $_NC -p \"$Le_HTTPPort\" >&2"; then
    _exec "printf \"%s\r\n\r\n%s\" \"HTTP/1.1 200 OK\" \"$content\" | $_NC \"$Le_HTTPPort\" >&2"
  fi
  if [ "$?" != "0" ]; then
    _err "nc listen error."
    _exec_err
    exit 1
  fi
  if [ "$DEBUG" ]; then
    _exec_err
  fi
  #  done
 }
 _stopserver() {
@ -2038,25 +1992,8 @@ _stopserver() {
    return
  fi
-  _debug2 "Le_HTTPPort" "$Le_HTTPPort"
+  kill $pid
  if [ "$Le_HTTPPort" ]; then
    if [ "$DEBUG" ] && [ "$DEBUG" -gt "3" ]; then
      _get "http://localhost:$Le_HTTPPort" "" 1
    else
      _get "http://localhost:$Le_HTTPPort" "" 1 >/dev/null 2>&1
    fi
  fi
  _debug2 "Le_TLSPort" "$Le_TLSPort"
  if [ "$Le_TLSPort" ]; then
    if [ "$DEBUG" ] && [ "$DEBUG" -gt "3" ]; then
      _get "https://localhost:$Le_TLSPort" "" 1
      _get "https://localhost:$Le_TLSPort" "" 1
    else
      _get "https://localhost:$Le_TLSPort" "" 1 >/dev/null 2>&1
      _get "https://localhost:$Le_TLSPort" "" 1 >/dev/null 2>&1
    fi
  fi
 }
 # sleep sec
@ -2111,12 +2048,7 @@ _starttlsserver() {
    return 1
  fi
-  __S_OPENSSL="${ACME_OPENSSL_BIN:-openssl} s_server -cert $TLS_CERT  -key $TLS_KEY "
+  __S_OPENSSL="socat"
  if [ "$opaddr" ]; then
    __S_OPENSSL="$__S_OPENSSL -accept $opaddr:$port"
  else
    __S_OPENSSL="$__S_OPENSSL -accept $port"
  fi
  _debug Le_Listen_V4 "$Le_Listen_V4"
  _debug Le_Listen_V6 "$Le_Listen_V6"
@ -2127,12 +2059,9 @@ _starttlsserver() {
  fi
  _debug "$__S_OPENSSL"
  if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
    (printf "%s\r\n\r\n%s" "HTTP/1.1 200 OK" "$content" | $__S_OPENSSL -tlsextdebug) &
  else
    (printf "%s\r\n\r\n%s" "HTTP/1.1 200 OK" "$content" | $__S_OPENSSL >/dev/null 2>&1) &
  fi
  #todo listen address
  $__S_OPENSSL openssl-listen:$port,cert=$TLS_CERT,key=$TLS_KEY,verify=0,reuseaddr,fork SYSTEM:"echo HTTP/1.1 200 OK'; echo ; echo  $content; echo;" &
  serverproc="$!"
  sleep 1
  _debug serverproc "$serverproc"
@ -2943,8 +2872,8 @@ _on_before_issue() {
  fi
  if _hasfield "$_chk_web_roots" "$NO_VALUE"; then
-    if ! _exists "nc"; then
+    if ! _exists "socat"; then
-      _err "Please install netcat(nc) tools first."
+      _err "Please install socat tools first."
      return 1
    fi
  fi
@ -3665,13 +3594,12 @@ issue() {
        _info "Standalone mode server"
        _ncaddr="$(_getfield "$_local_addr" "$_ncIndex")"
        _ncIndex="$(_math $_ncIndex + 1)"
-        _startserver "$keyauthorization" "$_ncaddr" &
+        _startserver "$keyauthorization" "$_ncaddr"
        if [ "$?" != "0" ]; then
          _clearup
          _on_issue_err "$_post_hook" "$vlist"
          return 1
        fi
        serverproc="$!"
        sleep 1
        _debug serverproc "$serverproc"
      elif [ "$_currentRoot" = "$MODE_STATELESS" ]; then
@ -4788,9 +4716,9 @@ _precheck() {
    return 1
  fi
-  if ! _exists "nc"; then
+  if ! _exists "socat"; then
-    _err "It is recommended to install nc first, try to install 'nc' or 'netcat'."
+    _err "It is recommended to install socat first."
-    _err "We use nc for standalone server if you use standalone mode."
+    _err "We use socat for standalone server if you use standalone mode."
    _err "If you don't use standalone mode, just ignore this warning."
  fi