YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

[mod] propagate the no_checks logic to acme-tiny code

Browse source
This commit is contained in:
Laurent Peuch 2018-07-22 11:24:32 +02:00
parent 3facf89c7e
commit f528893b4d
2 changed files with 16 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/yunohost/certificate.py
View file

@ -289,7 +289,7 @@ def _certificate_install_letsencrypt(auth, domain_list, force=False, no_checks=F
_check_domain_is_ready_for_ACME(domain) _check_domain_is_ready_for_ACME(domain)
_configure_for_acme_challenge(auth, domain) _configure_for_acme_challenge(auth, domain)
_fetch_and_enable_new_certificate(domain, staging) _fetch_and_enable_new_certificate(domain, staging, no_checks=no_checks)
_install_cron() _install_cron()
logger.success( logger.success(
@ -383,7 +383,7 @@ def certificate_renew(auth, domain_list, force=False, no_checks=False, email=Fal
if not no_checks: if not no_checks:
_check_domain_is_ready_for_ACME(domain) _check_domain_is_ready_for_ACME(domain)
_fetch_and_enable_new_certificate(domain, staging) _fetch_and_enable_new_certificate(domain, staging, no_checks=no_checks)
logger.success( logger.success(
m18n.n("certmanager_cert_renew_success", domain=domain)) m18n.n("certmanager_cert_renew_success", domain=domain))
@ -521,7 +521,7 @@ def _check_acme_challenge_configuration(domain):
return True return True
def _fetch_and_enable_new_certificate(domain, staging=False): def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False):
# Make sure tmp folder exists # Make sure tmp folder exists
logger.debug("Making sure tmp folders exists...") logger.debug("Making sure tmp folders exists...")
@ -562,6 +562,7 @@ def _fetch_and_enable_new_certificate(domain, staging=False):
domain_csr_file, domain_csr_file,
WEBROOT_FOLDER, WEBROOT_FOLDER,
log=logger, log=logger,
no_checks=no_checks,
CA=certification_authority) CA=certification_authority)
except ValueError as e: except ValueError as e:
if "urn:acme:error:rateLimited" in str(e): if "urn:acme:error:rateLimited" in str(e):

3
src/yunohost/vendor/acme_tiny/acme_tiny.py vendored
View file

@ -12,7 +12,7 @@ LOGGER = logging.getLogger(__name__)
LOGGER.addHandler(logging.StreamHandler()) LOGGER.addHandler(logging.StreamHandler())
LOGGER.setLevel(logging.INFO) LOGGER.setLevel(logging.INFO)
def get_crt(account_key, csr, acme_dir, log=LOGGER, CA=DEFAULT_CA): def get_crt(account_key, csr, acme_dir, log=LOGGER, CA=DEFAULT_CA, no_checks=False):
# helper function base64 encode for jose spec # helper function base64 encode for jose spec
def _b64(b): def _b64(b):
return base64.urlsafe_b64encode(b).decode('utf8').replace("=", "") return base64.urlsafe_b64encode(b).decode('utf8').replace("=", "")
@ -111,6 +111,7 @@ def get_crt(account_key, csr, acme_dir, log=LOGGER, CA=DEFAULT_CA):
with open(wellknown_path, "w") as wellknown_file: with open(wellknown_path, "w") as wellknown_file:
wellknown_file.write(keyauthorization) wellknown_file.write(keyauthorization)
if not no_checks: # sometime the local g
# check that the file is in place # check that the file is in place
wellknown_url = "http://{0}/.well-known/acme-challenge/{1}".format(domain, token) wellknown_url = "http://{0}/.well-known/acme-challenge/{1}".format(domain, token)
try: try: