From b9b703238670f646c6e7f20637715a74b93f52c1 Mon Sep 17 00:00:00 2001
From: neilpang <neil@neilpang.com>
Date: Wed, 18 Jul 2018 00:33:07 +0800
Subject: [PATCH 1/6] lets start v2.8.0

---
 acme.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/acme.sh b/acme.sh
index c23942fb..8fd321ba 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env sh
 
-VER=2.7.9
+VER=2.8.0
 
 PROJECT_NAME="acme.sh"
 

From 411b342a2758c4a2e75b519453fcd8be3730f78d Mon Sep 17 00:00:00 2001
From: neilpang <neil@neilpang.com>
Date: Wed, 18 Jul 2018 22:00:09 +0800
Subject: [PATCH 2/6] request a new nonce for invalid anti-replay nonce error

---
 acme.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/acme.sh b/acme.sh
index 8fd321ba..43b3f630 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1899,6 +1899,7 @@ _send_signed_request() {
 
     if _contains "$_body" "JWS has invalid anti-replay nonce" || _contains "$_body" "JWS has an invalid anti-replay nonce"; then
       _info "It seems the CA server is busy now, let's wait and retry."
+      _CACHED_NONCE=""
       _sleep 5
       continue
     fi

From cb11580981bf67058257da90a165a441558f0ac1 Mon Sep 17 00:00:00 2001
From: Jesse Miller <jmiller@jmiller.com>
Date: Tue, 24 Jul 2018 22:32:38 -0500
Subject: [PATCH 3/6] BSD fix _time2str()

date -u -d@"12345" does not produce an error on *BSD and outputs the
current date in UTC, which is not the expected output from _time2str()

Fix, reorder _time2str() to attempt BSD style date first, which
errors on Linux, so cascade style OS detection works correctly.
---
 acme.sh | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/acme.sh b/acme.sh
index 43b3f630..69584cca 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1374,17 +1374,17 @@ _url_replace() {
 }
 
 _time2str() {
-  #Linux
-  if date -u -d@"$1" 2>/dev/null; then
-    return
-  fi
-
   #BSD
   if date -u -r "$1" 2>/dev/null; then
     return
   fi
 
-  #Soaris
+  #Linux
+  if date -u -d@"$1" 2>/dev/null; then
+    return
+  fi
+
+  #Solaris
   if _exists adb; then
     _t_s_a=$(echo "0t${1}=Y" | adb)
     echo "$_t_s_a"

From cc2d59468d69ed40527113d99f0aee275a72885d Mon Sep 17 00:00:00 2001
From: neilpang <neil@neilpang.com>
Date: Thu, 26 Jul 2018 21:57:22 +0800
Subject: [PATCH 4/6] use json content type for both v1 and v2

---
 acme.sh | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/acme.sh b/acme.sh
index 69584cca..bd0c390d 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1795,11 +1795,8 @@ _send_signed_request() {
     return 1
   fi
 
-  if [ "$ACME_VERSION" = "2" ]; then
-    __request_conent_type="$CONTENT_TYPE_JSON"
-  else
-    __request_conent_type=""
-  fi
+  __request_conent_type="$CONTENT_TYPE_JSON"
+
   payload64=$(printf "%s" "$payload" | _base64 | _url_replace)
   _debug3 payload64 "$payload64"
 

From d3c9d0b331b2c49327e5a4c6d3d54839e69aecd1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan-Otto=20Kr=C3=B6pke?= <mail@jkroepke.de>
Date: Thu, 26 Jul 2018 19:59:15 +0200
Subject: [PATCH 5/6] Fix inwx account without Mobile TAN

---
 dnsapi/dns_inwx.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/dnsapi/dns_inwx.sh b/dnsapi/dns_inwx.sh
index cd5af91b..f4590cf8 100755
--- a/dnsapi/dns_inwx.sh
+++ b/dnsapi/dns_inwx.sh
@@ -158,7 +158,8 @@ _inwx_login() {
   export _H1
 
   #https://github.com/inwx/php-client/blob/master/INWX/Domrobot.php#L71
-  if _contains "$response" "tfa"; then
+  if _contains "$response" "<member><name>code</name><value><int>1000</int></value></member>" \
+    && _contains "$response" "<member><name>tfa</name><value><string>GOOGLE-AUTH</string></value></member>"; then
     if [ -z "$INWX_Shared_Secret" ]; then
       _err "Mobile TAN detected."
       _err "Please define a shared secret."

From 709a3fb06fceaa2f26655b5b1b64aabe51f22446 Mon Sep 17 00:00:00 2001
From: neilpang <neil@neilpang.com>
Date: Sat, 28 Jul 2018 22:02:03 +0800
Subject: [PATCH 6/6] add more retry for badnonce error

---
 acme.sh | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/acme.sh b/acme.sh
index bd0c390d..32219d9d 100755
--- a/acme.sh
+++ b/acme.sh
@@ -1800,7 +1800,8 @@ _send_signed_request() {
   payload64=$(printf "%s" "$payload" | _base64 | _url_replace)
   _debug3 payload64 "$payload64"
 
-  MAX_REQUEST_RETRY_TIMES=5
+  MAX_REQUEST_RETRY_TIMES=20
+  _sleep_retry_sec=1
   _request_retry_times=0
   while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do
     _request_retry_times=$(_math "$_request_retry_times" + 1)
@@ -1895,9 +1896,9 @@ _send_signed_request() {
     fi
 
     if _contains "$_body" "JWS has invalid anti-replay nonce" || _contains "$_body" "JWS has an invalid anti-replay nonce"; then
-      _info "It seems the CA server is busy now, let's wait and retry."
+      _info "It seems the CA server is busy now, let's wait and retry. Sleeping $_sleep_retry_sec seconds."
       _CACHED_NONCE=""
-      _sleep 5
+      _sleep $_sleep_retry_sec
       continue
     fi
     break