def init_le_client(args, config, authenticator, installer): if authenticator is not None: # if authenticator was given, then we will need account... acc, acme = _determine_account(args, config) logger.debug("Picked account: %r", acc) # XXX # crypto_util.validate_key_csr(acc.key) else: acc, acme = None, None return KeyClient(config, acc, authenticator, installer, acme=acme)
def main(cli_args=sys.argv[1:]): """Command line argument parsing and main script execution.""" patch_readme() sys.excepthook = functools.partial(_handle_exception, args=None) # note: arg parser internally handles --help (and exits afterwards) plugins = plugins_disco.PluginsRegistry.find_all() args = prepare_and_parse_args(plugins, cli_args) config = configuration.NamespaceConfig(args) zope.component.provideUtility(config) # Setup logging ASAP, otherwise "No handlers could be found for # logger ..." TODO: this should be done before plugins discovery for directory in config.config_dir, config.work_dir: le_util.make_or_verify_dir( directory, constants.CONFIG_DIRS_MODE, os.geteuid(), "--strict-permissions" in cli_args) # TODO: logs might contain sensitive data such as contents of the # private key! #525 le_util.make_or_verify_dir( args.logs_dir, 0o700, os.geteuid(), "--strict-permissions" in cli_args) setup_logging(args, _cli_log_handler, logfile='letsencrypt.log') logger.debug("letsencrypt version: %s", letsencrypt.__version__) # do not log `args`, as it contains sensitive data (e.g. revoke --key)! logger.debug("Arguments: %r", cli_args) logger.debug("Discovered plugins: %r", plugins) sys.excepthook = functools.partial(_handle_exception, args=args) # Displayer if args.text_mode: displayer = display_util.FileDisplay(sys.stdout) else: displayer = display_util.NcursesDisplay() zope.component.provideUtility(displayer) # Reporter report = reporter.Reporter() zope.component.provideUtility(report) atexit.register(report.atexit_print_messages) if not os.geteuid() == 0: logger.warning( "Root (sudo) is required to run most of letsencrypt functionality.") # check must be done after arg parsing as --help should work # w/o root; on the other hand, e.g. "letsencrypt run # --authenticator dns" or "letsencrypt plugins" does not # require root as well # return ( # "{0}Root is required to run letsencrypt. Please use sudo.{0}" # .format(os.linesep)) return args.func(args, config, plugins)