From 26514662423b528414f9c9263fbe242d91bcb641 Mon Sep 17 00:00:00 2001 From: Ronald Portier Date: Thu, 20 Apr 2017 17:25:11 +0200 Subject: [PATCH] [10.0][FIX] Make letsencrypt resilient for alternate name removal. (#757) * [FIX] Make letsencrypt resilient for alternate name removal. * [FIX] Do not crash when returning error in letsencrypt cmdline. * [FIX] Restore ordering by name for alternate domains in letsencrypt. Conflicts: letsencrypt/README.rst --- letsencrypt/README.rst | 1 + letsencrypt/models/letsencrypt.py | 27 ++++++++++++--------------- 2 files changed, 13 insertions(+), 15 deletions(-) diff --git a/letsencrypt/README.rst b/letsencrypt/README.rst index dfcd02acc..864682eb5 100644 --- a/letsencrypt/README.rst +++ b/letsencrypt/README.rst @@ -139,6 +139,7 @@ Contributors * Holger Brunn * Antonio Espinosa * Dave Lasley +* Ronald Portier ACME implementation ------------------- diff --git a/letsencrypt/models/letsencrypt.py b/letsencrypt/models/letsencrypt.py index daa262bb1..225fc15ad 100644 --- a/letsencrypt/models/letsencrypt.py +++ b/letsencrypt/models/letsencrypt.py @@ -38,13 +38,10 @@ class Letsencrypt(models.AbstractModel): _logger.log(loglevel, stderr) if stdout: _logger.log(loglevel, stdout) - if process.returncode: raise exceptions.Warning( - _('Error calling %s: %d') % (cmdline[0], process.returncode), - ' '.join(cmdline), + _('Error calling %s: %d') % (cmdline[0], process.returncode) ) - return process.returncode @api.model @@ -96,19 +93,19 @@ class Letsencrypt(models.AbstractModel): @api.model def generate_csr(self, domain): domains = [domain] - i = 0 - while self.env['ir.config_parameter'].get_param( - 'letsencrypt.altname.%d' % i): - domains.append( - self.env['ir.config_parameter'] - .get_param('letsencrypt.altname.%d' % i) - ) - i += 1 + parameter_model = self.env['ir.config_parameter'] + altnames = parameter_model.search( + [('key', 'like', 'letsencrypt.altname.')], + order='key' + ) + for altname in altnames: + domains.append(altname.value) _logger.info('generating csr for %s', domain) if len(domains) > 1: _logger.info('with alternative subjects %s', ','.join(domains[1:])) - config = self.env['ir.config_parameter'].get_param( - 'letsencrypt.openssl.cnf', '/etc/ssl/openssl.cnf') + config = parameter_model.get_param( + 'letsencrypt.openssl.cnf', '/etc/ssl/openssl.cnf' + ) csr = os.path.join(get_data_dir(), '%s.csr' % domain) with tempfile.NamedTemporaryFile() as cfg: cfg.write(open(config).read()) @@ -119,7 +116,7 @@ class Letsencrypt(models.AbstractModel): cfg.file.flush() cmdline = [ 'openssl', 'req', '-new', - self.env['ir.config_parameter'].get_param( + parameter_model.get_param( 'letsencrypt.openssl.digest', '-sha256'), '-key', self.generate_domain_key(domain), '-subj', '/CN=%s' % domain, '-config', cfg.name,