Bugfix for the 301 redirect issue reported by some users.
This patch is by user picoh from github and works fine for me (tested
with -current)
see
https://github.com/kristapsdz/acme-client-portable/issues/50#issuecomment-372119303
--- netproc.c.orig Wed Feb 1 16:20:14 2017
+++ netproc.c Sun Mar 11 15:15:01 2018
@@ -553,8 +553,28 @@
{
int rc = 0;
long lc;
+ char *http_prefix= "http:";
+ char *https_prefix= "https:";
+ char addrbuf[256];
dodbg("%s: full chain", addr);
+
+ /* If the scheme is 'http' (as opposed to 'https') then rewrite
+ * the scheme to 'https'. The alternative is to follow the 301
+ * that results from trying to fetch the http URL.
+ */
+ if (strncmp(http_prefix, addr, strlen(http_prefix)) == 0)
+ {
+ lc= snprintf(addrbuf, sizeof(addrbuf), "%s%s",
+ https_prefix, addr+strlen(http_prefix));
+ if (lc < 0 || lc >= sizeof(addrbuf))
+ {
+ warnx("%s: string too long", addr);
+ return (rc);
+ }
+ dodbg("using %s instead of %s", addrbuf, addr);
+ addr= addrbuf;
+ }
if ((lc = nreq(c, addr)) < 0)
warnx("%s: bad comm", addr);
Anyway.. my opinion would be to just do that (also works fine with
-current)
--- usr.sbin/acme-client/netproc.c 6 Feb 2018 05:08:27 -0000
1.15
+++ usr.sbin/acme-client/netproc.c 11 Mar 2018 14:24:36 -0000
@@ -549,7 +549,7 @@ dofullchain(struct conn *c, const char *
if ((lc = nreq(c, addr)) < 0)
warnx("%s: bad comm", addr);
- else if (lc != 200 && lc != 201)
+ else if (lc != 200 && lc != 201 && lc != 301)
warnx("%s: bad HTTP: %ld", addr, lc);
else
rc = 1;