aboutsummaryrefslogtreecommitdiffstats
path: root/lacme
diff options
context:
space:
mode:
Diffstat (limited to 'lacme')
-rwxr-xr-xlacme44
1 files changed, 10 insertions, 34 deletions
diff --git a/lacme b/lacme
index 3e5347d..d5e8933 100755
--- a/lacme
+++ b/lacme
@@ -36,6 +36,7 @@ use Socket 1.95 qw/AF_UNIX AF_INET AF_INET6 PF_UNIX PF_INET PF_INET6 PF_UNSPEC
SOCK_STREAM SOL_SOCKET SO_REUSEADDR SHUT_RDWR/;
use Config::Tiny ();
+use Date::Parse ();
use Net::SSLeay ();
# Clean up PATH
@@ -62,7 +63,7 @@ sub usage(;$$) {
}
exit $rv;
}
-usage(1) unless GetOptions(\%OPTS, qw/config=s config-certs=s@ socket=s register tos-agreed min-days=i quiet|q debug help|h/);
+usage(1) unless GetOptions(\%OPTS, qw/config=s config-certs=s@ socket=s register tos-agreed deactivate min-days=i quiet|q debug help|h/);
usage(0) if $OPTS{help};
$COMMAND = shift(@ARGV) // usage(1, "Missing command");
@@ -199,33 +200,7 @@ sub x509_enddate($) {
$time = Net::SSLeay::X509_get_notAfter($x509) if defined $x509;
$dt = Net::SSLeay::P_ASN1_TIME_get_isotime($time) if defined $time;
- my $t;
- if (defined $dt and $dt =~ s/\A(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})//) {
- # RFC3339 datetime strings; assume epoch is on January 1 of $epoch_year
- my ($y, $m, $d, $h, $min, $s) = ($1, $2, $3, $4, $5, $6);
- my (undef,undef,undef,undef,undef,$epoch_year,undef,undef,undef) = gmtime(0);
- $t = 0;
- foreach (($epoch_year+1900) .. $y-1) {
- $t += 365*86400;
- $t += 86400 if ($_ % 4 == 0 and $_ % 100 != 0) or ($_ % 400 == 0); # leap
- }
-
- if ($m > 1) {
- my @m = (31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31);
- $m[1]++ if ($y % 4 == 0 and $y % 100 != 0) or ($y % 400 == 0); # leap
- $t += 86400*$m[$_] for (0 .. $m-2);
- }
-
- $t += 86400*($d-1);
- $t += $s + 60*($min + 60*$h);
-
- $dt =~ s/\A\.(\d{1,9})\d*//; # ignore nanosecs
-
- if ($dt =~ /\A([+-])(\d{2}):(\d{2})\z/) {
- my $tz = 60*($3 + 60*$2);
- $t = $1 eq '-' ? ($t+$tz) : ($t-$tz);
- }
- }
+ my $t = Date::Parse::str2time($dt) if defined $dt;
Net::SSLeay::X509_free($x509) if defined $x509;
Net::SSLeay::BIO_free($bio) if defined $bio;
@@ -424,10 +399,10 @@ sub iptables_save($@) {
open STDIN, '<', '/dev/null' or die "Can't open /dev/null: $!";
open STDOUT, '>&', $iptables_tmp or die "Can't dup: $!";
$| = 1; # turn off buffering for STDOUT
- exec "/sbin/$iptables_bin-save", "-c" or die;
+ exec "/usr/sbin/$iptables_bin-save", "-c" or die;
}
waitpid $pid => 0;
- die "Error: /sbin/$iptables_bin-save exited with value ".($? >> 8) if $? > 0;
+ die "Error: /usr/sbin/$iptables_bin-save exited with value ".($? >> 8) if $? > 0;
# seek back to the begining, as we'll restore directly from the
# handle and not from the file. XXX if there was a way in Perl to
@@ -441,10 +416,10 @@ sub iptables_save($@) {
unless ($pid) {
open STDIN, '<&', $iptables_tmp or die "Can't dup: $!";
open STDOUT, '>', '/dev/null' or die "Can't open /dev/null: $!";
- exec "/sbin/$iptables_bin-restore", "-c" or die;
+ exec "/usr/sbin/$iptables_bin-restore", "-c" or die;
}
waitpid $pid => 0;
- warn "Warning: /sbin/$iptables_bin-restore exited with value ".($? >> 8) if $? > 0;
+ warn "Warning: /usr/sbin/$iptables_bin-restore exited with value ".($? >> 8) if $? > 0;
};
@@ -462,10 +437,10 @@ sub iptables_save($@) {
}
my $dest = Socket::inet_ntop($domain, $addr) .'/'. $mask;
- system ("/sbin/$iptables_bin", qw/-I INPUT -p tcp -m tcp -m state/,
+ system ("/usr/sbin/$iptables_bin", qw/-I INPUT -p tcp -m tcp -m state/,
'-d', $dest, '--dport', $port,
'--state', 'NEW,ESTABLISHED', '-j', 'ACCEPT') == 0 or die;
- system ("/sbin/$iptables_bin", qw/-I OUTPUT -p tcp -m tcp -m state/,
+ system ("/usr/sbin/$iptables_bin", qw/-I OUTPUT -p tcp -m tcp -m state/,
'-s', $dest, '--sport', $port,
'--state', 'ESTABLISHED', '-j', 'ACCEPT') == 0 or die;
}
@@ -650,6 +625,7 @@ if ($COMMAND eq 'account') {
my $flags = 0;
$flags |= 1 if $OPTS{'register'};
$flags |= 2 if $OPTS{'tos-agreed'};
+ $flags |= 4 if $OPTS{'deactivate'};
exit acme_client({out => \*STDOUT}, $flags, @ARGV);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-29 11:05:57 +0000