예제 #1
0
def submit_domain_validation(client, regr, account, challenges_file, domain, log):
    # Get challenges for the domain.
    challg1 = get_challenges(client, regr, domain, challenges_file, log)
    challg = challg1.body

    if challg.status.name == "valid":
        # This is already valid. Return it immediately.
        return challg1
    elif challg.status.name != "pending":
        raise ChallengesUnknownStatus()

    # Look for a challenge combination that we can fulfill.
    for combination in challg.combinations:
        if len(combination) == 1:
            chg = challg.challenges[combination[0]]
            if isinstance(chg.chall, acme.challenges.SimpleHTTP):
                if chg.status.name != "pending":
                    # We can't submit twice. If this challenge is still pending
                    # but the overall challg object is not valid, then I'm not
                    # sure how to proceed.
                    raise ChallengesUnknownStatus()

                # Submit the SimpleHTTP challenge, raising NeedToInstallFile if
                # the conditions are not yet met.
                chg = answer_challenge_simplehttp(
                    domain,
                    chg.chall,
                    client,
                    account,
                    chg,
                    log)

                # The ChallengeResource probably comes back still pending because
                # it doesn't go THAT fast. Give it a moment, then poll.
                time.sleep(1)
                challg1, resp = client.poll(challg1)
                if challg1.body.status.name == "valid":
                    # It's valid now. That was fast.
                    return challg1

                # It's not valid. Tell the user they must want.
                retry_after = client.retry_after(resp, default=60)
                raise WaitABit(retry_after)

    raise NoChallengeMethodsSupported()
예제 #2
0
def submit_domain_validation(client, regr, account, challenges_file, domain,
                             validation_method, log):
    # Get challenges for the domain.
    challg1, resp = get_challenges(client, regr, domain, challenges_file, log)
    challg = challg1.body

    # If this challenge was just issued, we may not have a resp object yet
    # but may still need to raise a WaitABit exception.
    if resp:
        wait_until = client.retry_after(resp, default=60)
    else:
        wait_until = datetime.datetime.now() + datetime.timedelta(seconds=15)

    # The authorization object as a whole has a status.

    if challg.status.name == "valid":
        # This is already valid. Return it immediately.
        log("The challenges for %s have been accepted." % domain)
        return challg1

    elif challg.status.name == "invalid":
        # Challenge was rejected. The ACME server requested the
        # HTTP validation resource but got a 404, for instance.
        message = '; '.join(c.error.detail for c in challg.challenges
                            if c.status.name == "invalid")
        log("The %s challenge for %s failed: %s." %
            (validation_method, domain, message))
        raise ChallengeFailed(validation_method, domain, message, challg1.uri)

    elif challg.status.name not in ("pending", "processing"):
        # We can only respond to a challenge when its status is
        # pending. What do we do in the remaining case of "unknown"
        # status? ("revoked" is filtered out by get_challenges ---
        # we just request a new challenge in that case.)
        raise ChallengesUnknownStatus(challg.status.name)

    # Look for a challenge combination that we can fulfill.

    for combination in challg.combinations:
        if len(combination) == 1:
            chg = challg.challenges[combination[0]]
            if isinstance(chg.chall, acme.challenges.HTTP01) and isinstance(
                    validation_method, HTTPValidation):
                # The particular challenge within the big authorization object also
                # has a status. I'm not sure what the rules are for when the
                # statuses can be different.
                if chg.status.name == "processing":
                    # The challenge has been submitted and we must wait before proceeding,
                    # which is the next step after the for loop.
                    break

                elif chg.status.name == "valid":
                    # Looks like we already answered this challenge correctly.
                    # But the overall authorization object is not yet valid,
                    # so instruct the user to wait? That's the next step after
                    # the for loop.
                    break

                elif chg.status.name != "pending":
                    # We can only respond to a challenge when its status is
                    # pending. What do we do in the remaining cases?
                    # Other statuses are "unknown", "invalid" and "revoked".
                    raise ChallengesUnknownStatus(chg.status.name)

                # Submit the HTTP validation challenge, raising NeedToInstallFile if
                # the conditions are not yet met.
                chg = answer_challenge_http(domain, chg.chall,
                                            validation_method, client, account,
                                            chg, log)

                # We found a challenge combination we can submit for,
                # and we submitted it. The ChallengeResource probably
                # comes back still pending because it doesn't go THAT
                # fast. The next step after the for loop is to wait.
                break

    else:
        # We were unable to handle any challenge combination.
        raise NoChallengeMethodsSupported(
            "No supported challenge methods were offered for %s." % domain)

    # On success, or in other cases, wait.
    raise WaitABit(wait_until)
예제 #3
0
def submit_domain_validation(client, regr, account, challenges_file, domain, validation_method, log):
    # Get challenges for the domain.
    challg1, resp = get_challenges(client, regr, domain, challenges_file, log)
    challg = challg1.body

    # If this challenge was just issued, we may not have a resp object yet
    # but may still need to raise a WaitABit exception.
    if resp:
        wait_until = client.retry_after(resp, default=60)
    else:
        wait_until = datetime.datetime.now() + datetime.timedelta(seconds=15)

    # The authorization object as a whole has a status.

    if challg.status.name == "valid":
        # This is already valid. Return it immediately.
        log("The challenges for %s have been accepted." % domain)
        return challg1

    elif challg.status.name == "invalid":
        # Challenge was rejected. The ACME server requested the
        # HTTP validation resource but got a 404, for instance.
        message = '; '.join(c.error.detail for c in challg.challenges if c.status.name == "invalid")
        log("The %s challenge for %s failed: %s." % (validation_method, domain, message))
        raise ChallengeFailed(validation_method, domain, message, challg1.uri)

    elif challg.status.name not in ("pending", "processing"):
        # We can only respond to a challenge when its status is
        # pending. What do we do in the remaining case of "unknown"
        # status? ("revoked" is filtered out by get_challenges ---
        # we just request a new challenge in that case.)
        raise ChallengesUnknownStatus(challg.status.name)

    # Look for a challenge combination that we can fulfill.

    for combination in challg.combinations:
        if len(combination) == 1:
            chg = challg.challenges[combination[0]]
            if isinstance(chg.chall, acme.challenges.HTTP01) and isinstance(validation_method, HTTPValidation):
                # The particular challenge within the big authorization object also
                # has a status. I'm not sure what the rules are for when the
                # statuses can be different.
                if chg.status.name == "processing":
                    # The challenge has been submitted and we must wait before proceeding,
                    # which is the next step after the for loop.
                    break

                elif chg.status.name == "valid":
                    # Looks like we already answered this challenge correctly.
                    # But the overall authorization object is not yet valid,
                    # so instruct the user to wait? That's the next step after
                    # the for loop.
                    break

                elif chg.status.name != "pending":
                    # We can only respond to a challenge when its status is
                    # pending. What do we do in the remaining cases?
                    # Other statuses are "unknown", "invalid" and "revoked".
                    raise ChallengesUnknownStatus(chg.status.name)

                # Submit the HTTP validation challenge, raising NeedToInstallFile if
                # the conditions are not yet met.
                chg = answer_challenge_http(
                    domain,
                    chg.chall,
                    validation_method,
                    client,
                    account,
                    chg,
                    log)

                # We found a challenge combination we can submit for,
                # and we submitted it. The ChallengeResource probably
                # comes back still pending because it doesn't go THAT
                # fast. The next step after the for loop is to wait.
                break

    else:
        # We were unable to handle any challenge combination.
        raise NoChallengeMethodsSupported("No supported challenge methods were offered for %s." % domain)

    # On success, or in other cases, wait.
    raise WaitABit(wait_until)