From 917c23073581d2f2d5bbc814ef50c48b8426af5c Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Sun, 30 Oct 2016 04:53:16 +0100 Subject: [PATCH] [mod] more pythonic and explicit tests with more verbose errors --- locales/en.json | 2 +- src/yunohost/certificate.py | 27 +++++++++++++++------------ 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/locales/en.json b/locales/en.json index c2f7b7402..bdfd1b14a 100644 --- a/locales/en.json +++ b/locales/en.json @@ -245,7 +245,7 @@ "certmanager_attempt_to_renew_nonLE_cert" : "The certificate of domain {domain:s} is not issued by Let's Encrypt. Cannot renew it automatically !", "certmanager_attempt_to_renew_valid_cert" : "The certificate of domain {domain:s} is not about to expire ! Use --force to bypass", "certmanager_domain_http_not_working": "It seems that the domain {domain:s} cannot be accessed through HTTP. Please check your DNS and nginx configuration is okay.", - "certmanager_error_contacting_dns_api" : "Error contacting the DNS API ({api:s}). Use --no-checks to disable checks.", + "certmanager_error_contacting_dns_api" : "Error contacting the DNS API ({api:s}), reason: {reason:s}. Use --no-checks to disable checks.", "certmanager_error_parsing_dns" : "Error parsing the return value from the DNS API : {value:s}. Please verify your DNS configuration for domain {domain:s}. Use --no-checks to disable checks.", "certmanager_domain_dns_ip_differs_from_public_ip" : "The DNS 'A' record for domain {domain:s} is different from this server IP. Give some time for the DNS to refresh, or use --no-checks to disable checks.", "certmanager_no_A_dns_record" : "No DNS record of type A found for {domain:s}. You need to configure the DNS for your domain before installing a certificate !", diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index 9d19d84cd..89c00943c 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -589,22 +589,25 @@ def _check_domain_is_correctly_configured(domain): def _dns_ip_match_public_ip(public_ip, domain): try: - r = requests.get("http://dns-api.org/A/" + domain) - except: - raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_error_contacting_dns_api', api="dns-api.org")) + result = requests.get("http://dns-api.org/A/" + domain) + except Exception as exception: + import traceback + traceback.print_exc(file=sys.stdout) + raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_error_contacting_dns_api', api="dns-api.org", reason=exception)) - if (r.text == "[{\"error\":\"NXDOMAIN\"}]"): + dns_ip = result.json() + if not dns_ip or "value" not in dns_ip[0]: + raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_error_parsing_dns', domain=domain, value=result.text)) + + dns_ip = dns_ip[0]["value"] + + if dns_ip.get("error") == "NXDOMAIN": raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_no_A_dns_record', domain=domain)) - try: - dns_ip = json.loads(r.text)[0]["value"] - except: - raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_error_parsing_dns', domain=domain, value=r.text)) - - if (dns_ip != public_ip): - return False - else: + if dns_ip == public_ip: return True + else: + return False def _domain_is_accessible_through_HTTP(ip, domain):