From e66a7085202a33b9f4688a28a994b02974a28ee3 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 23 Nov 2016 11:46:52 -0500 Subject: [PATCH] Misc tweaks on exceptions --- locales/en.json | 3 ++- src/yunohost/certificate.py | 12 +++++++----- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/locales/en.json b/locales/en.json index 85b25efe9..637671a2d 100644 --- a/locales/en.json +++ b/locales/en.json @@ -253,5 +253,6 @@ "certmanager_cert_renew_success" : "Successfully renewed Let's Encrypt certificate for domain {domain:s} !", "certmanager_old_letsencrypt_app_detected" : "\nYunohost detected that the 'letsencrypt' app is installed, which conflits with the new built-in certificate management features in Yunohost. If you wish to use the new built-in features, please run the following commands to migrate your installation :\n\n yunohost app remove letsencrypt\n yunohost domain cert-install\n\nN.B. : this will attempt to re-install certificates for all domains with a Let's Encrypt certificate or self-signed certificate.", "certmanager_hit_rate_limit" :"Too many certificates already issued for exact set of domains {domain:s} recently. Please try again later. See https://letsencrypt.org/docs/rate-limits/ for more details.", - "certmanager_cert_signing_failed" : "Signing the new certificate failed." + "certmanager_cert_signing_failed" : "Signing the new certificate failed.", + "certmanager_no_cert_file" : "Unable to read certificate file for domain {domain:s} (file : {file:s})" } diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index 3db94e8b8..d892e6f21 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -155,10 +155,11 @@ def _certificate_install_selfsigned(domain_list, force=False): for domain in domain_list: # Check we ain't trying to overwrite a good cert ! - status = _get_status(domain) + if (not force) : + status = _get_status(domain) - if status and status["summary"]["code"] in ('good', 'great') and not force: - raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_attempt_to_replace_valid_cert', domain=domain)) + if status["summary"]["code"] in ('good', 'great') : + raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_attempt_to_replace_valid_cert', domain=domain)) # Paths of files and folder we'll need date_tag = datetime.now().strftime("%Y%m%d.%H%M%S") @@ -490,7 +491,8 @@ def _fetch_and_enable_new_certificate(domain, staging=False): if ("urn:acme:error:rateLimited" in str(e)): raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_hit_rate_limit', domain=domain)) else: - raise + logger.error(str(e)) + raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_cert_signing_failed')) except Exception as e: logger.error(str(e)) raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_cert_signing_failed')) @@ -565,7 +567,7 @@ def _get_status(domain): cert_file = os.path.join(CERT_FOLDER, domain, "crt.pem") if not os.path.isfile(cert_file): - return {} + raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_no_cert_file', domain=domain, file=cert_file)) try: cert = crypto.load_certificate(crypto.FILETYPE_PEM, open(cert_file).read())