|
289 | 289 | # 2022-11-01 Add FTP_PORT |
290 | 290 | # 2023-02-04 Create newline to ensure [SAN] section can be parsed (#792)(MRigal) |
291 | 291 | # 2023-02-22 Remove cronie from deb package dependencies (2.48) |
| 292 | +# 2024-03-16 Use FTP_PORT when deleting ftp tokens. Delete tokens when using sftp, davfs, ftpes, ftps (#693,#839) (tlhackque) |
292 | 293 | # ---------------------------------------------------------------------------------------- |
293 | 294 |
|
294 | 295 | case :$SHELLOPTS: in |
@@ -971,6 +972,8 @@ clean_up() { # Perform pre-exit housekeeping |
971 | 972 | fi |
972 | 973 | } |
973 | 974 |
|
| 975 | +# When adding a new protocol type here, also add support to delete http01 tokens using it |
| 976 | +# in fulfill_challenges(). |
974 | 977 | copy_file_to_location() { # copies a file, using scp, sftp or ftp if required. |
975 | 978 | cert=$1 # descriptive name, just used for display |
976 | 979 | from=$2 # current file location |
@@ -1542,24 +1545,56 @@ for d in "${alldomains[@]}"; do |
1542 | 1545 | ftplocn=$(echo "${t_loc}"| awk -F: '{print $5}') |
1543 | 1546 | debug "$FTP_COMMAND user=$ftpuser - pass=$ftppass - host=$ftphost location=$ftplocn" |
1544 | 1547 | $FTP_COMMAND <<- EOF |
1545 | | - open $ftphost |
| 1548 | + open $ftphost $FTP_PORT |
1546 | 1549 | user $ftpuser $ftppass |
1547 | 1550 | cd $ftplocn |
1548 | 1551 | delete ${token:?} |
1549 | 1552 | EOF |
| 1553 | + elif [[ "${to:0:5}" == "sftp:" ]] ; then |
| 1554 | + debug "using sftp to delete token file" |
| 1555 | + ftpuser=$(echo "$to"| awk -F: '{print $2}') |
| 1556 | + ftppass=$(echo "$to"| awk -F: '{print $3}') |
| 1557 | + ftphost=$(echo "$to"| awk -F: '{print $4}') |
| 1558 | + ftplocn=$(echo "$to"| awk -F: '{print $5}') |
| 1559 | + ftpdirn=$(dirname "$ftplocn") |
| 1560 | + if [ -n "$FTP_PORT" ]; then SFTP_PORT="-P $FTP_PORT"; else SFTP_PORT=""; fi |
| 1561 | + debug "sftp $SFTP_OPTS user=$ftpuser - pass=$ftppass - host=$ftphost port=$FTP_PORT loc=$ftplocn file=${token:?}" |
| 1562 | + # shellcheck disable=SC2086 |
| 1563 | + sshpass -p "$ftppass" sftp $SFTP_OPTS $SFTP_PORT "$ftpuser@$ftphost" <<- _EOF |
| 1564 | + cd $ftpdirn |
| 1565 | + rm ./${token:>} |
| 1566 | + _EOF |
| 1567 | + elif [[ "${to:0:5}" == "davs:" ]] ; then |
| 1568 | + debug "using davs to delete the token" |
| 1569 | + davsuser=$(echo "$to"| awk -F: '{print $2}') |
| 1570 | + davspass=$(echo "$to"| awk -F: '{print $3}') |
| 1571 | + davshost=$(echo "$to"| awk -F: '{print $4}') |
| 1572 | + davsport=$(echo "$to"| awk -F: '{print $5}') |
| 1573 | + davslocn=$(echo "$to"| awk -F: '{print $6}') |
| 1574 | + davsdirn=$(dirname "$davslocn") |
| 1575 | + davsdirn=$(echo "${davsdirn}/" | sed 's,//,/,g') |
| 1576 | + davsfile=$(basename "$davslocn") |
| 1577 | + debug "davs user=$davsuser - pass=$davspass - host=$davshost port=$davsport dir=$davsdirn file=$davsfile" |
| 1578 | + # shellcheck disable=SC2086 |
| 1579 | + curl ${_NOMETER} -u "${davsuser}:${davspass}" -X "DELETE" "https://${davshost}:${davsport}${davsdirn}${davsfile}" |
1550 | 1580 | elif [[ "${t_loc:0:6}" == "ftpes:" ]] || [[ "${t_loc:0:5}" == "ftps:" ]] ; then |
| 1581 | + if [ -n "$FTP_PORT" ]; then SFTP_PORT=":${FTP_PORT}"; fi |
1551 | 1582 | debug "using ftp to delete the file from $from" |
1552 | 1583 | ftpuser=$(echo "${t_loc}"| awk -F: '{print $2}') |
1553 | 1584 | ftppass=$(echo "${t_loc}"| awk -F: '{print $3}') |
1554 | 1585 | ftphost=$(echo "${t_loc}"| awk -F: '{print $4}') |
1555 | 1586 | ftplocn=$(echo "${t_loc}"| awk -F: '{print $5}') |
1556 | | - debug "ftp user=$ftpuser - pass=$ftppass - host=$ftphost file=${ftplocnn/${token:?}" |
| 1587 | + SFTP_PORT="" |
| 1588 | + if [ -z "$FTP_PORT" ]; then |
| 1589 | + SFTP_PORT=":990" |
| 1590 | + fi |
| 1591 | + debug "ftp user=$ftpuser - pass=$ftppass - host=$ftphost file=${ftplocn}/${token:?}" |
1557 | 1592 | if [[ "${to:0:5}" == "ftps:" ]] ; then |
1558 | 1593 | # shellcheck disable=SC2086 |
1559 | | - curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" --silent -Q "DELE ${token:?}}" "ftp://${ftphost}${ftplocn}:990/" |
| 1594 | + curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" --silent -Q "DELE ${token:?}}" "ftp://${ftphost}${SFTP_PORT}/${ftplocn}/" |
1560 | 1595 | else |
1561 | 1596 | # shellcheck disable=SC2086 |
1562 | | - curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" --silent -Q "DELE ${token:?}" "ftp://${ftphost}${ftplocn}/" |
| 1597 | + curl ${_NOMETER} $FTPS_OPTIONS --ftp-ssl --ftp-ssl-reqd -u "${ftpuser}:${ftppass}" --silent -Q "DELE ${token:?}" "ftp://${ftphost}${SFTP_PORT}/${ftplocn}/" |
1563 | 1598 | fi |
1564 | 1599 | else |
1565 | 1600 | rm -f "${t_loc:?}/${token:?}" |
|
0 commit comments