Merge pull request #4150 from defnull/patch-sectigo-wildcard

fix: Challenge not skipped for pre-validated wildcard domain orders

acme.sh

@@ -4684,19 +4684,18 @@ $_authorizations_map"
         thumbprint="$(__calc_account_thumbprint)"
       fi
 
-      entry="$(echo "$response" | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
-      _debug entry "$entry"
       keyauthorization=""
-      if [ -z "$entry" ]; then
-        if ! _startswith "$d" '*.'; then
-          _debug "Not a wildcard domain, lets check whether the validation is already valid."
+
       if echo "$response" | grep '"status":"valid"' >/dev/null 2>&1; then
         _debug "$d is already valid."
         keyauthorization="$STATE_VERIFIED"
         _debug keyauthorization "$keyauthorization"
       fi
-        fi
-        if [ -z "$keyauthorization" ]; then
+
+      entry="$(echo "$response" | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
+      _debug entry "$entry"
+
+      if [ -z "$keyauthorization" -a -z "$entry" ]; then
         _err "Error, can not get domain token entry $d for $vtype"
         _supported_vtypes="$(echo "$response" | _egrep_o "\"challenges\":\[[^]]*]" | tr '{' "\n" | grep type | cut -d '"' -f 4 | tr "\n" ' ')"
         if [ "$_supported_vtypes" ]; then
@@ -4706,7 +4705,6 @@ $_authorizations_map"
         _on_issue_err "$_post_hook"
         return 1
       fi
-      fi
 
       if [ -z "$keyauthorization" ]; then
         token="$(echo "$entry" | _egrep_o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')"
@@ -4731,12 +4729,6 @@ $_authorizations_map"
         fi
         keyauthorization="$token.$thumbprint"
         _debug keyauthorization "$keyauthorization"
-
-        if printf "%s" "$response" | grep '"status":"valid"' >/dev/null 2>&1; then
-          _debug "$d is already verified."
-          keyauthorization="$STATE_VERIFIED"
-          _debug keyauthorization "$keyauthorization"
-        fi
       fi
 
       dvlist="$d$sep$keyauthorization$sep$uri$sep$vtype$sep$_currentRoot"