[Letsencrypt-devel] Bug#824903: letsencrypt.sh: Letsencrypt.sh broken due to "pretty" json used in Let's Encrypt API

David Kuehling dvdkhlng at posteo.de
Sat May 21 04:34:41 UTC 2016 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package: letsencrypt.sh
Version: 0.1.0-2~bpo8+1
Severity: normal
File: /usr/bin/letsencrypt.sh

Hi,

I'm testing this using the backports package, but I guess the problem
applies to sid as well (same version).

Recently letsencrypt.org changed to return pretty json with lots of
newlines (as tested via
https://acme-staging.api.letsencrypt.org/directory).  This breaks
various sed-based json parsing code in the distributed version of
letsencrypt.sh .

The symptom is that 'letsencrypt.sh --cron' silently exits after
printing

  + Requesting challenge for <servername>

Aborting before completing the challenge.

Looking at trace output from

   bash -x -c 'source /usr/bin/letsencrypt.sh --cron'

It obviously fails to extract the challenge from json output due to

  sed -n 's/.*\("challenges":[^\[]*\[[^]]*]\).*/\1/p'

expecting the hole match to be on a single line.  Somebody reported the
issue upstream on May 18th:

  https://github.com/lukas2511/letsencrypt.sh/pull/202

The "official" fix is here:

  https://github.com/lukas2511/letsencrypt.sh/commit/561f0626b855ec4ee94856884e2f1eff9ade2d88

cheers,

David

- -- System Information:
Debian Release: 8.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages letsencrypt.sh depends on:
ii  curl     7.38.0-4+deb8u3
ii  openssl  1.0.1k-3+deb8u5

letsencrypt.sh recommends no packages.

letsencrypt.sh suggests no packages.

- -- no debconf information

- -- 
GnuPG public key: http://dvdkhlng.users.sourceforge.net/dk2.gpg
Fingerprint: B63B 6AF2 4EEB F033 46F7  7F1D 935E 6F08 E457 205F

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iF4EAREIAAYFAlc/5WIACgkQk15vCORXIF+G/gD/YYZYGZDLM6Jb64JCtWojJCqP
dLaNFWQkMUqrfuizXJkBAKmJjaUMs8PHREkge9T1oIjVzukCQA7dz9Y2OndEAxIx
=nAa2
-----END PGP SIGNATURE-----

More information about the Letsencrypt-devel mailing list