search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
39.46k stars 4.98k forks source link

./acme.sh: line 289: syntax error: bad substitution #2579

Closed eallion closed 5 years ago

eallion commented 5 years ago

安装时出错: ./acme.sh: line 289: syntax error: bad substitution

JohnVillalovos commented 5 years ago

What operating system is this using?

Cliffield commented 5 years ago

I run into this error too. But only on current master branch. No problems with the latest release (2.8.3). OS is somehow exceptional: Tomato ARM running Linux Kernel 2.6.36.4brcmarm (freshtomato.org).

JohnVillalovos commented 5 years ago

I run into this error too. But only on current master branch. No problems with the latest release (2.8.3). OS is somehow exceptional: Tomato ARM running Linux Kernel 2.6.36.4brcmarm (freshtomato.org).

What shell (bash/zsh/dash/etc..) are you using? And version if possible.

And how are you running acme.sh? The exact command would be great.

JohnVillalovos commented 5 years ago

And is this your Line 289? https://github.com/Neilpang/acme.sh/blob/3d2df3ba93dfcb3eb4510fadd2d33a43f74ff586/acme.sh#L289

Neilpang commented 5 years ago

@JohnVillalovos please change the code to use eval instead.

Thanks.

wellloaded commented 5 years ago

I am also experiencing this issue. The command run is a simple call to the acme.sh file with no parameters from /bin/sh, If it can help it's on busybox 1.25.1 which is run (version more version less) by all of the Linux based opensource routers (Tomato/DD-WRT/OpenWRT/etc).

> busybox
--
BusyBox v1.25.1 (2019-09-24 00:05:17 CEST) multi-call binary.
BusyBox is copyrighted by many authors between 1998-2015.
Licensed under GPLv2. See source distribution for detailed
copyright notices.
 
Usage: busybox [function [arguments]...]
or: busybox --list
or: function [arguments]...
 
BusyBox is a multi-call binary that combines many common Unix
utilities into a single executable.  Most people will create a
link to busybox for each function they wish to use and BusyBox
will act like whatever it was invoked as.
 
Currently defined functions:
[, [[, arp, arping, ash, awk, basename, blkid, cat, chmod, chown,
chroot, clear, cmp, cp, crond, cut, date, dd, df, dirname, dmesg,
dnsdomainname, du, e2label, echo, egrep, env, ether-wake, expr, fdisk,
fgrep, find, flock, free, fsync, ftpget, ftpput, grep, gunzip, gzip,
head, hostname, ifconfig, insmod, ionice, kill, killall, klogd, less,
ln, logger, login, ls, lsmod, lsusb, md5sum, mkdir, mkdosfs, mkfifo,
mkfs.vfat, mknod, mkswap, modprobe, more, mount, mv, nc, netstat, nice,
nohup, nslookup, ntpd, pidof, ping, ping6, printf, ps, pscan, pwd, rm,
rmdir, rmmod, route, sed, sendmail, seq, setconsole, sh, sleep, sort,
strings, stty, swapoff, swapon, sync, syslogd, tail, tar, tee, telnet,
telnetd, test, top, touch, tr, traceroute, traceroute6, true, udhcpc,
umount, uname, unzip, uptime, usleep, vconfig, vi, watch, wc, wget,
which, whois, zcat

Perhaps there's a way to have the code compatible with these devices too?

I'm not sure how to use the eval but if this is to be modified it should be done on the master to support future updates.

In any case i second the comment made here above 1.8.3 doesn't have this issue.

JohnVillalovos commented 5 years ago

@JohnVillalovos please change the code to use eval instead.

Pull request here: https://github.com/Neilpang/acme.sh/pull/2583

JohnVillalovos commented 5 years ago

I have a proposed patch to hopefully resolve the issue. Testing would be appreciated. Pull request is here: https://github.com/Neilpang/acme.sh/pull/2583

wellloaded commented 5 years ago

I will try, in the meantime I can tell you that using 2.8.3, which at least runs without error as per subject, on busybox we get lot of other strange info on debug when attempting an --issue. it appears because certain commands are just not available e.g. nc

root@tomato36k:/tmp/acme.sh-2.8.3#` acme.sh  --issue  -d tomato36k.xxx.net  --standalone --httpport 8080 --debug 2
[Wed Nov 13 17:17:28 GMT 2019] Lets find script dir.
[Wed Nov 13 17:17:28 GMT 2019] _SCRIPT_='acme.sh'
[Wed Nov 13 17:17:28 GMT 2019] _script='/tmp/acme.sh-2.8.3/acme.sh'
[Wed Nov 13 17:17:28 GMT 2019] _script_home='/tmp/acme.sh-2.8.3'
[Wed Nov 13 17:17:28 GMT 2019] Using default home:/root/.acme.sh
[Wed Nov 13 17:17:28 GMT 2019] Using config home:/root/.acme.sh
[Wed Nov 13 17:17:28 GMT 2019] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.8.3
[Wed Nov 13 17:17:28 GMT 2019] Running cmd: issue
[Wed Nov 13 17:17:28 GMT 2019] _main_domain='tomato36k.xxx.net'
[Wed Nov 13 17:17:28 GMT 2019] _alt_domains='no'
[Wed Nov 13 17:17:28 GMT 2019] Using config home:/root/.acme.sh
[Wed Nov 13 17:17:29 GMT 2019] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Wed Nov 13 17:17:29 GMT 2019] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Wed Nov 13 17:17:29 GMT 2019] DOMAIN_PATH='/root/.acme.sh/tomato36k.xxx.net'
[Wed Nov 13 17:17:29 GMT 2019] 'no' does not contain 'dns'
[Wed Nov 13 17:17:29 GMT 2019] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Wed Nov 13 17:17:29 GMT 2019] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Wed Nov 13 17:17:29 GMT 2019] GET
[Wed Nov 13 17:17:29 GMT 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Wed Nov 13 17:17:29 GMT 2019] timeout=
[Wed Nov 13 17:17:29 GMT 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.wbAg7O8Yu6  -g '
[Wed Nov 13 17:17:30 GMT 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Wed Nov 13 17:17:30 GMT 2019] Here is the curl dump log:
[Wed Nov 13 17:17:30 GMT 2019] == Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: .......O.........H....U._....0h.P.^"......0.,.(.$.............k.
0040: j.i.h.9.8.7.6.2...*.&.......=.5./.+.'.#.............g.@.?.>.3.2.
0080: 1.0.........1.-.).%.......<./.........................I...!.....
00c0: acme-v02.api.letsencrypt.org............................... ....
0100: .................................3t.........http/1.1............
0140: ................................................................
0180: ................................................................
01c0: ................................................................
<= Recv SSL data, 5 bytes (0x5)
0000: ....q
== Info: TLSv1.2 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 113 bytes (0x71)
0000: ...m....C....-X...G.d.D...d_.$c[-..... M.7.qAsS)....hM@...7..ro.
0040: . ......0..%.............................http/1.1
<= Recv SSL data, 5 bytes (0x5)
0000: ....{
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 2939 bytes (0xb7b)
0000: ...w..t...0...0.............(...../.j.2:.0...*.H........0J1.0.
0040: ..U....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Author
0080: ity X30...191009171821Z..200107171821Z0'1%0#..U....acme-v01.api.
00c0: letsencrypt.org0.."0...*.H.............0.........E:tq+..J..2..7\
0100: ....G....F=5U?-..-....V.....1P.g....Z..X.rUI1...........).8.oy..
0140: ..ZSf..........e.4...-..... zWWL..I{%?...$.:..-.4oan.o.......)..
0180: .W.n%.....R.b.$..E..Reo'.$-...c...G.....q.x..".........Zf..G
01c0: 8n.q.":.>..^,.H23c(y....8..t....4a..?....!.=3./].........0...0..
0200: .U...........0...U.%..0...+.........+.......0...U.......0.0...U.
0240: .....Q4W....|....#......;0...U.#..0....Jjc.}....9..Ee.....0o..+.
0280: .......c0a0...+.....0.."http://ocsp.int-x3.letsencrypt.org0/..+.
02c0: ....0..#http://cert.int-x3.letsencrypt.org/0.....U......0..|..ac
0300: me-v01-1.api.letsencrypt.org..acme-v01-2.api.letsencrypt.org..ac
0340: me-v01-3.api.letsencrypt.org..acme-v01-4.api.letsencrypt.org..ac
0380: me-v01-5.api.letsencrypt.org..acme-v01.api.letsencrypt.org..acme
03c0: -v02-1.api.letsencrypt.org..acme-v02-2.api.letsencrypt.org..acme
0400: -v02-3.api.letsencrypt.org..acme-v02-4.api.letsencrypt.org..acme
0440: -v02-5.api.letsencrypt.org..acme-v02.api.letsencrypt.org0L..U. .
0480: E0C0...g.....07..+..........0(0&..+.........http://cps.letsencry
04c0: pt.org0.....+.....y............w.^.s..V...6H}.I.2z.........u..qE
0500: X...m..K......H0F.!....n_W..<.~..s.1A.......u..;.....!........
0540: d._.C...=B.`..I.sFC..>..u.)<Q.T.9e..P.X...o.Xz)r......EG.x...m..
0580: J......F0D. 1.Fp.k*.....%>I.f.....K....s.<I.. Y.x.MkgM..:,..2...
05c0:l.I....O...?.0...*.H.............?...U)..).wdb....."u....=xA...
0600: Z...Y.}...e.^r..)C....../6Tm.....8.#..a.HK....,....9.>..MR..yV
0640: f..A1N...B..s.._.xwK_B......z...^.BYI7.H..+..q.J.......5d.......
0680: .[.W.5..J..J,}...G..X.mX..i......bk=.2...}..M..s.%.G...n.@....).
06c0: .g.{..I..?W..8.wD.v}b..".b..}..qu'...0...0..z.........AB...S.sj.
0700: ....0...*.H........0?1$0"..U....Digital Signature Trust Co.1.0..
0740: .U....DST Root CA X30...160317164046Z..210317164046Z0J1.0...U...
0780: .US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Authority X3
07c0: 0.."0...*.H.............0............Z..G.r]7..hc0..5&.%...5.p./
0800: ..KA....5.X..*.h....u....bq.y.`.......xgq.i........`<H.~.Mw.$.G.
0840: Z....7....{....J..A.6....m<.h.#*B...tg...Ra..?e.......V.....?.
0880: ......k...}.+.e...6u.k.J...Ix/..O* %)..t..1..18....3.C.....y1.
08c0: =-6....3j.91......d.3...).....}..........}0..y0...U.......0.....
0900: ..0...U.............+........s0q02..+.....0..&http://isrg.trus
0940: tid.ocsp.identrust.com0;..+.....0../http://apps.identrust.com/ro
0980: ots/dstrootcax3.p7c0...U.#..0.......{,q...K.u...`...0T..U. .M0K0
09c0: ...g.....0?..+..........000...+........"http://cps.root-x1.letse
0a00: ncrypt.org0<..U...50301./.-.+http://crl.identrust.com/DSTROOTCAX
0a40: 3CRL.crl0...U.......Jjc.}....9..Ee.....0...*.H..............3...
0a80: cX8.....U.vV.pH.iG'{.$...Z.J.)7$tQ.bh...pg....N(Q.........Z.....
0ac0: .j.j.>W#....b.......?..H....eb..T..*. .........2...w..ye.+.(.:.R
0b00: ..R.._....3.wl.@.2...\A.tl[]._3.M..8./{,b....o%./...F=.~..z...zm
0b40: ..%......./X../,h&.K.......CJ.DNosz(...n{L}.....D....4[.B
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (OUT), TLS alert, Server hello (2):
=> Send SSL data, 2 bytes (0x2)
0000: .0
== Info: SSL certificate problem: unable to get local issuer certificate
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (OUT), TLS alert, Client hello (1):
=> Send SSL data, 2 bytes (0x2)
0000: ..
[Wed Nov 13 17:17:30 GMT 2019] ret='60'
[Wed Nov 13 17:17:30 GMT 2019] response
[Wed Nov 13 17:17:30 GMT 2019] Can not init api.
[Wed Nov 13 17:17:30 GMT 2019] Le_NextRenewTime
[Wed Nov 13 17:17:31 GMT 2019] _on_before_issue
[Wed Nov 13 17:17:31 GMT 2019] _chk_main_domain='tomato36k.xxx.net'
[Wed Nov 13 17:17:31 GMT 2019] _chk_alt_domains
[Wed Nov 13 17:17:31 GMT 2019] 'no' contains 'no'
[Wed Nov 13 17:17:31 GMT 2019] Please install socat tools first.
[Wed Nov 13 17:17:31 GMT 2019] _on_before_issue.
Cliffield commented 5 years ago

Tested the patch, got similar error ./acme.sh: line 287: syntax error: bad substitution I am quite sure the problem is the old BusyBox I am running and not your code. Referring to the BusyBox changelog, there were problems with eval ""' handling prior 1.26.0. Using ' instead of " after eval fixed the problem for me on BusyBox 1.25.1

JohnVillalovos commented 5 years ago

Tested the patch, got similar error ./acme.sh: line 287: syntax error: bad substitution I am quite sure the problem is the old BusyBox I am running and not your code. Referring to the BusyBox changelog, there were problems with eval ""' handling prior 1.26.0. Using ' instead of " after eval fixed the problem for me on BusyBox 1.25.1

Can you give an example of "instead of"? I haven't heard of that before. Do you mean use single quotes instead of double quotes?

Also is it possible to put the command executed and the output of the command?

Thank you

JohnVillalovos commented 5 years ago

Okay. I understand now. Use single quotes instead of double quotes for eval. Thanks for that info!

JohnVillalovos commented 5 years ago

I will try, in the meantime I can tell you that using 2.8.3, which at least runs without error as per subject, on busybox we get lot of other strange info on debug when attempting an --issue. it appears because certain commands are just not available e.g. nc

I would suggest opening a new issue for that.

JohnVillalovos commented 5 years ago

I have updated the proposed fix to use single quotes with eval: https://github.com/Neilpang/acme.sh/pull/2583

wellloaded commented 5 years ago

I will try, in the meantime I can tell you that using 2.8.3, which at least runs without error as per subject, on busybox we get lot of other strange info on debug when attempting an --issue. it appears because certain commands are just not available e.g. nc

I would suggest opening a new issue for that.

will do thanks!