From 8a6d95de8485c0e12da833b18eede1185d6b19ca Mon Sep 17 00:00:00 2001
From: Harsha Maddi <harshamaddi20@gmail.com>
Date: Tue, 22 Apr 2025 16:45:48 -0400
Subject: [PATCH 1/2] Fix parsing errors while using IPv6 URLs

---
 acme.sh | 45 +++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 43 insertions(+), 2 deletions(-)

diff --git a/acme.sh b/acme.sh
index dd21785d..106eb0f6 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1853,6 +1853,47 @@ _mktemp() {
   _err "Cannot create temp file."
 }
 
+# Parse the "authorizations" URLs from the response and account for the unlikely case
+# that there are nested square brackets due to the use of IPv6 addresses in the
+# server URL
+#
+# Example:
+# '{"id":"3LlSglOPQbnGgy0I1wMbnxSVJrHnDqT2","status":"pending","expires":"2025-04-03T14:39:22Z",
+# "identifiers":[{"type":"dns","value":"fqdn1.client.com"},{"type":"dns","value":"fqdn2.client.com"}],
+# "notBefore":"2025-04-02T14:38:22Z","notAfter":"2025-04-03T14:39:22Z",
+# "authorizations":["https://[2001:420:2c7f:11:10:86:92:243]/acme/acme/authz/AzuW3cc3Hqb5nMOPkZfG6bBAtWxp8AWH",
+# "https://[2001:420:2c7f:11:10:86:92:243]/acme/acme/authz/5B0PBcY4uSboiG7Pc19ltTjjsWCsqUay"],
+# "finalize":"https://[2001:420:2c7f:11:10:86:92:243]/acme/acme/order/3LlSglOPQbnGgy0I1wMbnxSVJrHnDqT2/finalize"}'
+_parse_authorizations() {
+awk '
+    BEGIN {
+        FS = "";
+        inside = 0;
+        match_found = 0
+    }{
+    for (i = 1; i <= NF; i++) {
+        if (substr($0, i, 16) == "\"authorizations\"") {
+            match_found = 1
+        }
+        if (match_found) {
+            if ($i == "[") {
+                inside++
+            }
+            if (inside > 0 && (inside > 1 || ($i != "[" && $i != "]"))) {
+                printf "%s", $i
+            }
+            if ($i == "]") {
+                inside--
+                if (inside == 0) {
+                    print ""
+                    match_found = 0
+                }
+            }
+        }
+    }
+}'
+}
+
 #clear all the https envs to cause _inithttp() to run next time.
 _resethttp() {
   __HTTP_INITIALIZED=""
@@ -4647,7 +4688,7 @@ issue() {
     #for dns manual mode
     _savedomainconf "Le_OrderFinalize" "$Le_OrderFinalize"
 
-    _authorizations_seg="$(echo "$response" | _json_decode | _egrep_o '"authorizations" *: *\[[^\[]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')"
+    _authorizations_seg="$(echo "$response" | _json_decode | _parse_authorizations | tr -d '"')"
     _debug2 _authorizations_seg "$_authorizations_seg"
     if [ -z "$_authorizations_seg" ]; then
       _err "_authorizations_seg not found."
@@ -6305,7 +6346,7 @@ _deactivate() {
     _err "Cannot get new order for domain."
     return 1
   fi
-  _authorizations_seg="$(echo "$response" | _egrep_o '"authorizations" *: *\[[^\]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')"
+  _authorizations_seg="$(echo "$response" | _json_decode | _parse_authorizations | tr -d '"')"
   _debug2 _authorizations_seg "$_authorizations_seg"
   if [ -z "$_authorizations_seg" ]; then
     _err "_authorizations_seg not found."

From bbb51c42c3185f1e5f08c99aa8e2d738f8cf126c Mon Sep 17 00:00:00 2001
From: Harsha Maddi <harshamaddi20@gmail.com>
Date: Thu, 24 Apr 2025 10:08:14 -0400
Subject: [PATCH 2/2] fixing format

---
 acme.sh | 46 +++++++++++++++++++++++-----------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/acme.sh b/acme.sh
index ab109102..439c69b5 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1865,33 +1865,33 @@ _mktemp() {
 # "https://[2001:420:2c7f:11:10:86:92:243]/acme/acme/authz/5B0PBcY4uSboiG7Pc19ltTjjsWCsqUay"],
 # "finalize":"https://[2001:420:2c7f:11:10:86:92:243]/acme/acme/order/3LlSglOPQbnGgy0I1wMbnxSVJrHnDqT2/finalize"}'
 _parse_authorizations() {
-awk '
-    BEGIN {
-        FS = "";
-        inside = 0;
-        match_found = 0
-    }{
-    for (i = 1; i <= NF; i++) {
-        if (substr($0, i, 16) == "\"authorizations\"") {
-            match_found = 1
-        }
-        if (match_found) {
-            if ($i == "[") {
-                inside++
+    awk '
+        BEGIN {
+            FS = "";
+            inside = 0;
+            match_found = 0
+        }{
+        for (i = 1; i <= NF; i++) {
+            if (substr($0, i, 16) == "\"authorizations\"") {
+                match_found = 1
             }
-            if (inside > 0 && (inside > 1 || ($i != "[" && $i != "]"))) {
-                printf "%s", $i
-            }
-            if ($i == "]") {
-                inside--
-                if (inside == 0) {
-                    print ""
-                    match_found = 0
+            if (match_found) {
+                if ($i == "[") {
+                    inside++
+                }
+                if (inside > 0 && (inside > 1 || ($i != "[" && $i != "]"))) {
+                    printf "%s", $i
+                }
+                if ($i == "]") {
+                    inside--
+                    if (inside == 0) {
+                        print ""
+                        match_found = 0
+                    }
                 }
             }
         }
-    }
-}'
+    }'
 }
 
 #clear all the https envs to cause _inithttp() to run next time.