Exemple #1
0
def main():  # pylint: disable=too-many-branches, too-many-statements
    """Command line argument parsing and main script execution."""
    # note: arg parser internally handles --help (and exits afterwards)
    args = create_parser().parse_args()
    config = configuration.NamespaceConfig(args)

    # note: check is done after arg parsing as --help should work w/o root also.
    if not os.geteuid() == 0:
        sys.exit(
            "{0}Root is required to run letsencrypt.  Please use sudo.{0}".
            format(os.linesep))

    # Set up logging
    logger = logging.getLogger()
    logger.setLevel(logging.INFO)
    if args.use_curses:
        logger.addHandler(log.DialogHandler())
        displayer = display_util.NcursesDisplay()
    else:
        displayer = display_util.FileDisplay(sys.stdout)

    zope.component.provideUtility(displayer)

    if args.view_config_changes:
        client.view_config_changes(config)
        sys.exit()

    if args.revoke or args.rev_cert is not None or args.rev_key is not None:
        client.revoke(config, args.no_confirm, args.rev_cert, args.rev_key)
        sys.exit()

    if args.rollback > 0:
        client.rollback(args.rollback, config)
        sys.exit()

    if not args.eula:
        display_eula()

    all_auths = init_auths(config)
    logging.debug('Initialized authenticators: %s', all_auths.keys())
    try:
        auth = client.determine_authenticator(all_auths, config)
        logging.debug("Selected authenticator: %s", auth)
    except errors.LetsEncryptClientError as err:
        logging.critical(str(err))
        sys.exit(1)

    if auth is None:
        sys.exit(0)

    # Use the same object if possible
    if interfaces.IInstaller.providedBy(auth):  # pylint: disable=no-member
        installer = auth
    else:
        # This is simple and avoids confusion right now.
        installer = None

    if args.domains is None:
        doms = display_ops.choose_names(installer)
    else:
        doms = args.domains

    if not doms:
        sys.exit(0)

    # Prepare for init of Client
    if args.authkey is None:
        authkey = client.init_key(args.rsa_key_size, config.key_dir)
    else:
        authkey = le_util.Key(args.authkey[0], args.authkey[1])

    acme = client.Client(config, authkey, auth, installer)

    # Validate the key and csr
    client.validate_key_csr(authkey)

    # This more closely mimics the capabilities of the CLI
    # It should be possible for reconfig only, install-only, no-install
    # I am not sure the best way to handle all of the unimplemented abilities,
    # but this code should be safe on all environments.
    cert_file = None
    if auth is not None:
        cert_file, chain_file = acme.obtain_certificate(doms)
    if installer is not None and cert_file is not None:
        acme.deploy_certificate(doms, authkey, cert_file, chain_file)
    if installer is not None:
        acme.enhance_config(doms, args.redirect)
 def _call(cls, all_auths):
     from letsencrypt.client.client import determine_authenticator
     return determine_authenticator(all_auths)
Exemple #3
0
def main():  # pylint: disable=too-many-branches, too-many-statements
    """Command line argument parsing and main script execution."""
    # note: arg parser internally handles --help (and exits afterwards)
    args = create_parser().parse_args()
    config = configuration.NamespaceConfig(args)

    # note: check is done after arg parsing as --help should work w/o root also.
    if not os.geteuid() == 0:
        sys.exit(
            "{0}Root is required to run letsencrypt.  Please use sudo.{0}"
            .format(os.linesep))

    # Set up logging
    logger = logging.getLogger()
    logger.setLevel(logging.INFO)
    if args.use_curses:
        logger.addHandler(log.DialogHandler())
        displayer = display_util.NcursesDisplay()
    else:
        displayer = display_util.FileDisplay(sys.stdout)

    zope.component.provideUtility(displayer)

    if args.view_config_changes:
        client.view_config_changes(config)
        sys.exit()

    if args.revoke or args.rev_cert is not None or args.rev_key is not None:
        client.revoke(config, args.no_confirm, args.rev_cert, args.rev_key)
        sys.exit()

    if args.rollback > 0:
        client.rollback(args.rollback, config)
        sys.exit()

    if not args.eula:
        display_eula()

    all_auths = init_auths(config)
    logging.debug('Initialized authenticators: %s', all_auths.keys())
    try:
        auth = client.determine_authenticator(all_auths, config)
        logging.debug("Selected authenticator: %s", auth)
    except errors.LetsEncryptClientError as err:
        logging.critical(str(err))
        sys.exit(1)

    if auth is None:
        sys.exit(0)

    # Use the same object if possible
    if interfaces.IInstaller.providedBy(auth):  # pylint: disable=no-member
        installer = auth
    else:
        # This is simple and avoids confusion right now.
        installer = None

    if args.domains is None:
        doms = display_ops.choose_names(installer)
    else:
        doms = args.domains

    if not doms:
        sys.exit(0)

    # Prepare for init of Client
    if args.authkey is None:
        authkey = client.init_key(args.rsa_key_size, config.key_dir)
    else:
        authkey = le_util.Key(args.authkey[0], args.authkey[1])

    acme = client.Client(config, authkey, auth, installer)

    # Validate the key and csr
    client.validate_key_csr(authkey)

    # This more closely mimics the capabilities of the CLI
    # It should be possible for reconfig only, install-only, no-install
    # I am not sure the best way to handle all of the unimplemented abilities,
    # but this code should be safe on all environments.
    cert_file = None
    if auth is not None:
        cert_file, chain_file = acme.obtain_certificate(doms)
    if installer is not None and cert_file is not None:
        acme.deploy_certificate(doms, authkey, cert_file, chain_file)
    if installer is not None:
        acme.enhance_config(doms, args.redirect)
def main():  # pylint: disable=too-many-branches, too-many-statements
    """Command line argument parsing and main script execution."""
    # note: arg parser internally handles --help (and exits afterwards)
    args = create_parser().parse_args()
    config = configuration.NamespaceConfig(args)

    # note: check is done after arg parsing as --help should work w/o root also.
    if not os.geteuid() == 0:
        sys.exit(
            "{0}Root is required to run letsencrypt.  Please use sudo.{0}".
            format(os.linesep))

    # Set up logging
    logger = logging.getLogger()
    logger.setLevel(logging.INFO)
    if args.use_curses:
        logger.addHandler(log.DialogHandler())
        displayer = display_util.NcursesDisplay()
    else:
        displayer = display_util.FileDisplay(sys.stdout)

    zope.component.provideUtility(displayer)

    if args.view_config_changes:
        client.view_config_changes(config)
        sys.exit()

    if args.revoke or args.rev_cert is not None or args.rev_key is not None:
        # This depends on the renewal config and cannot be completed yet.
        zope.component.getUtility(interfaces.IDisplay).notification(
            "Revocation is not available with the new Boulder server yet.")

        # client.revoke(config, args.no_confirm, args.rev_cert, args.rev_key)
        sys.exit()

    if args.rollback > 0:
        client.rollback(args.rollback, config)
        sys.exit()

    le_util.make_or_verify_dir(config.config_dir, constants.CONFIG_DIRS_MODE,
                               os.geteuid())

    # Prepare for init of Client
    if args.email is None:
        acc = client.determine_account(config)
    else:
        try:
            # The way to get the default would be args.email = ""
            # First try existing account
            acc = account.Account.from_existing_account(config, args.email)
        except errors.LetsEncryptClientError:
            try:
                # Try to make an account based on the email address
                acc = account.Account.from_email(config, args.email)
            except errors.LetsEncryptClientError:
                sys.exit(1)

    if acc is None:
        sys.exit(0)

    all_auths = init_auths(config)
    logging.debug('Initialized authenticators: %s', all_auths.keys())
    try:
        auth = client.determine_authenticator(all_auths, config)
        logging.debug("Selected authenticator: %s", auth)
    except errors.LetsEncryptClientError as err:
        logging.critical(str(err))
        sys.exit(1)

    if auth is None:
        sys.exit(0)

    # Use the same object if possible
    if interfaces.IInstaller.providedBy(auth):  # pylint: disable=no-member
        installer = auth
    else:
        # This is simple and avoids confusion right now.
        installer = None

    if args.domains is None:
        doms = display_ops.choose_names(installer)
    else:
        doms = args.domains

    if not doms:
        sys.exit(0)

    acme = client.Client(config, acc, auth, installer)

    # Validate the key and csr
    client.validate_key_csr(acc.key)

    # This more closely mimics the capabilities of the CLI
    # It should be possible for reconfig only, install-only, no-install
    # I am not sure the best way to handle all of the unimplemented abilities,
    # but this code should be safe on all environments.
    cert_file = None
    if auth is not None:
        if acc.regr is None:
            try:
                acme.register()
            except errors.LetsEncryptClientError:
                sys.exit(0)
        cert_key, cert_file, chain_file = acme.obtain_certificate(doms)
    if installer is not None and cert_file is not None:
        acme.deploy_certificate(doms, cert_key, cert_file, chain_file)
    if installer is not None:
        acme.enhance_config(doms, args.redirect)
def main():  # pylint: disable=too-many-branches, too-many-statements
    """Command line argument parsing and main script execution."""
    # note: arg parser internally handles --help (and exits afterwards)
    args = create_parser().parse_args()
    config = configuration.NamespaceConfig(args)

    # note: check is done after arg parsing as --help should work w/o root also.
    if not os.geteuid() == 0:
        sys.exit(
            "{0}Root is required to run letsencrypt.  Please use sudo.{0}"
            .format(os.linesep))

    # Set up logging
    logger = logging.getLogger()
    logger.setLevel(logging.INFO)
    if args.use_curses:
        logger.addHandler(log.DialogHandler())
        displayer = display_util.NcursesDisplay()
    else:
        displayer = display_util.FileDisplay(sys.stdout)

    zope.component.provideUtility(displayer)

    if args.view_config_changes:
        client.view_config_changes(config)
        sys.exit()

    if args.revoke or args.rev_cert is not None or args.rev_key is not None:
        # This depends on the renewal config and cannot be completed yet.
        zope.component.getUtility(interfaces.IDisplay).notification(
            "Revocation is not available with the new Boulder server yet.")

        # client.revoke(config, args.no_confirm, args.rev_cert, args.rev_key)
        sys.exit()

    if args.rollback > 0:
        client.rollback(args.rollback, config)
        sys.exit()

    le_util.make_or_verify_dir(
        config.config_dir, constants.CONFIG_DIRS_MODE, os.geteuid())

    # Prepare for init of Client
    if args.email is None:
        acc = client.determine_account(config)
    else:
        try:
            # The way to get the default would be args.email = ""
            # First try existing account
            acc = account.Account.from_existing_account(config, args.email)
        except errors.LetsEncryptClientError:
            try:
                # Try to make an account based on the email address
                acc = account.Account.from_email(config, args.email)
            except errors.LetsEncryptClientError:
                sys.exit(1)

    if acc is None:
        sys.exit(0)

    all_auths = init_auths(config)
    logging.debug('Initialized authenticators: %s', all_auths.keys())
    try:
        auth = client.determine_authenticator(all_auths, config)
        logging.debug("Selected authenticator: %s", auth)
    except errors.LetsEncryptClientError as err:
        logging.critical(str(err))
        sys.exit(1)

    if auth is None:
        sys.exit(0)

    # Use the same object if possible
    if interfaces.IInstaller.providedBy(auth):  # pylint: disable=no-member
        installer = auth
    else:
        # This is simple and avoids confusion right now.
        installer = None

    if args.domains is None:
        doms = display_ops.choose_names(installer)
    else:
        doms = args.domains

    if not doms:
        sys.exit(0)

    acme = client.Client(config, acc, auth, installer)

    # Validate the key and csr
    client.validate_key_csr(acc.key)

    # This more closely mimics the capabilities of the CLI
    # It should be possible for reconfig only, install-only, no-install
    # I am not sure the best way to handle all of the unimplemented abilities,
    # but this code should be safe on all environments.
    cert_file = None
    if auth is not None:
        if acc.regr is None:
            try:
                acme.register()
            except errors.LetsEncryptClientError:
                sys.exit(0)
        cert_key, cert_file, chain_file = acme.obtain_certificate(doms)
    if installer is not None and cert_file is not None:
        acme.deploy_certificate(doms, cert_key, cert_file, chain_file)
    if installer is not None:
        acme.enhance_config(doms, args.redirect)
Exemple #6
0
def main():  # pylint: disable=too-many-branches
    """Command line argument parsing and main script execution."""
    # note: arg parser internally handles --help (and exits afterwards)
    args = create_parser().parse_args()
    config = configuration.NamespaceConfig(args)

    # note: check is done after arg parsing as --help should work w/o root also.
    if not os.geteuid() == 0:
        sys.exit(
            "{0}Root is required to run letsencrypt.  Please use sudo.{0}".
            format(os.linesep))

    # Set up logging
    logger = logging.getLogger()
    logger.setLevel(logging.INFO)
    if args.use_curses:
        logger.addHandler(log.DialogHandler())
        displayer = display.NcursesDisplay()
    else:
        displayer = display.FileDisplay(sys.stdout)
    zope.component.provideUtility(displayer)

    if args.view_config_changes:
        client.view_config_changes(config)
        sys.exit()

    if args.revoke:
        client.revoke(config)
        sys.exit()

    if args.rollback > 0:
        client.rollback(args.rollback, config)
        sys.exit()

    if not args.eula:
        display_eula()

    # Make sure we actually get an installer that is functioning properly
    # before we begin to try to use it.
    try:
        installer = client.determine_installer(config)
    except errors.LetsEncryptMisconfigurationError as err:
        logging.fatal(
            "Please fix your configuration before proceeding.  "
            "The Installer exited with the following message: "
            "%s", err)
        sys.exit(1)

    # Use the same object if possible
    if interfaces.IAuthenticator.providedBy(installer):  # pylint: disable=no-member
        auth = installer
    else:
        auth = client.determine_authenticator(config)

    doms = choose_names(installer) if args.domains is None else args.domains

    # Prepare for init of Client
    if args.privkey is None:
        privkey = client.init_key(args.rsa_key_size, config.key_dir)
    else:
        privkey = le_util.Key(args.privkey[0], args.privkey[1])

    acme = client.Client(config, privkey, auth, installer)

    # Validate the key and csr
    client.validate_key_csr(privkey)

    # This more closely mimics the capabilities of the CLI
    # It should be possible for reconfig only, install-only, no-install
    # I am not sure the best way to handle all of the unimplemented abilities,
    # but this code should be safe on all environments.
    if auth is not None:
        cert_file, chain_file = acme.obtain_certificate(doms)
    if installer is not None and cert_file is not None:
        acme.deploy_certificate(doms, privkey, cert_file, chain_file)
    if installer is not None:
        acme.enhance_config(doms, args.redirect)
Exemple #7
0
def main():  # pylint: disable=too-many-branches
    """Command line argument parsing and main script execution."""
    # note: arg parser internally handles --help (and exits afterwards)
    args = create_parser().parse_args()
    config = configuration.NamespaceConfig(args)

    # note: check is done after arg parsing as --help should work w/o root also.
    if not os.geteuid() == 0:
        sys.exit(
            "{0}Root is required to run letsencrypt.  Please use sudo.{0}"
            .format(os.linesep))

    # Set up logging
    logger = logging.getLogger()
    logger.setLevel(logging.INFO)
    if args.use_curses:
        logger.addHandler(log.DialogHandler())
        displayer = display.NcursesDisplay()
    else:
        displayer = display.FileDisplay(sys.stdout)
    zope.component.provideUtility(displayer)

    if args.view_config_changes:
        client.view_config_changes(config)
        sys.exit()

    if args.revoke:
        client.revoke(config)
        sys.exit()

    if args.rollback > 0:
        client.rollback(args.rollback, config)
        sys.exit()

    if not args.eula:
        display_eula()

    # Make sure we actually get an installer that is functioning properly
    # before we begin to try to use it.
    try:
        installer = client.determine_installer(config)
    except errors.LetsEncryptMisconfigurationError as err:
        logging.fatal("Please fix your configuration before proceeding.  "
                      "The Installer exited with the following message: "
                      "%s", err)
        sys.exit(1)

    # Use the same object if possible
    if interfaces.IAuthenticator.providedBy(installer):  # pylint: disable=no-member
        auth = installer
    else:
        auth = client.determine_authenticator(config)

    doms = choose_names(installer) if args.domains is None else args.domains

    # Prepare for init of Client
    if args.privkey is None:
        privkey = client.init_key(args.rsa_key_size, config.key_dir)
    else:
        privkey = le_util.Key(args.privkey[0], args.privkey[1])

    acme = client.Client(config, privkey, auth, installer)

    # Validate the key and csr
    client.validate_key_csr(privkey)

    # This more closely mimics the capabilities of the CLI
    # It should be possible for reconfig only, install-only, no-install
    # I am not sure the best way to handle all of the unimplemented abilities,
    # but this code should be safe on all environments.
    if auth is not None:
        cert_file, chain_file = acme.obtain_certificate(doms)
    if installer is not None and cert_file is not None:
        acme.deploy_certificate(doms, privkey, cert_file, chain_file)
    if installer is not None:
        acme.enhance_config(doms, args.redirect)