OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

[10.0][FIX] Make letsencrypt resilient for alternate name removal. (#757) 

* [FIX] Make letsencrypt resilient for alternate name removal.

* [FIX] Do not crash when returning error in letsencrypt cmdline.

* [FIX] Restore ordering by name for alternate domains in letsencrypt.

Conflicts:
	letsencrypt/README.rst
pull/1244/head
Ronald Portier 8 years ago
committed by Ignacio Ibeas - Acysos S.L
parent
551d63e4fa
commit
2651466242
2 changed files with 13 additions and 15 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      letsencrypt/README.rst
  2. 25
      letsencrypt/models/letsencrypt.py

1
letsencrypt/README.rst
View File

@ -139,6 +139,7 @@ Contributors
* Holger Brunn <hbrunn@therp.nl> * Holger Brunn <hbrunn@therp.nl>
* Antonio Espinosa <antonio.espinosa@tecnativa.com> * Antonio Espinosa <antonio.espinosa@tecnativa.com>
* Dave Lasley <dave@laslabs.com> * Dave Lasley <dave@laslabs.com>
* Ronald Portier <ronald@therp.nl>
ACME implementation ACME implementation
------------------- -------------------

25
letsencrypt/models/letsencrypt.py
View File

@ -38,13 +38,10 @@ class Letsencrypt(models.AbstractModel):
_logger.log(loglevel, stderr) _logger.log(loglevel, stderr)
if stdout: if stdout:
_logger.log(loglevel, stdout) _logger.log(loglevel, stdout)
if process.returncode: if process.returncode:
raise exceptions.Warning( raise exceptions.Warning(
_('Error calling %s: %d') % (cmdline[0], process.returncode),
' '.join(cmdline),
_('Error calling %s: %d') % (cmdline[0], process.returncode)
) )
return process.returncode return process.returncode
@api.model @api.model
@ -96,19 +93,19 @@ class Letsencrypt(models.AbstractModel):
@api.model @api.model
def generate_csr(self, domain): def generate_csr(self, domain):
domains = [domain] domains = [domain]
i = 0
while self.env['ir.config_parameter'].get_param(
'letsencrypt.altname.%d' % i):
domains.append(
self.env['ir.config_parameter']
.get_param('letsencrypt.altname.%d' % i)
parameter_model = self.env['ir.config_parameter']
altnames = parameter_model.search(
[('key', 'like', 'letsencrypt.altname.')],
order='key'
) )
i += 1
for altname in altnames:
domains.append(altname.value)
_logger.info('generating csr for %s', domain) _logger.info('generating csr for %s', domain)
if len(domains) > 1: if len(domains) > 1:
_logger.info('with alternative subjects %s', ','.join(domains[1:])) _logger.info('with alternative subjects %s', ','.join(domains[1:]))
config = self.env['ir.config_parameter'].get_param(
'letsencrypt.openssl.cnf', '/etc/ssl/openssl.cnf')
config = parameter_model.get_param(
'letsencrypt.openssl.cnf', '/etc/ssl/openssl.cnf'
)
csr = os.path.join(get_data_dir(), '%s.csr' % domain) csr = os.path.join(get_data_dir(), '%s.csr' % domain)
with tempfile.NamedTemporaryFile() as cfg: with tempfile.NamedTemporaryFile() as cfg:
cfg.write(open(config).read()) cfg.write(open(config).read())
@ -119,7 +116,7 @@ class Letsencrypt(models.AbstractModel):
cfg.file.flush() cfg.file.flush()
cmdline = [ cmdline = [
'openssl', 'req', '-new', 'openssl', 'req', '-new',
self.env['ir.config_parameter'].get_param(
parameter_model.get_param(
'letsencrypt.openssl.digest', '-sha256'), 'letsencrypt.openssl.digest', '-sha256'),
'-key', self.generate_domain_key(domain), '-key', self.generate_domain_key(domain),
'-subj', '/CN=%s' % domain, '-config', cfg.name, '-subj', '/CN=%s' % domain, '-config', cfg.name,

Write Preview
Loading…
Cancel
Save