From 54422132dee1120b6f207161a68e890431fc2b17 Mon Sep 17 00:00:00 2001
From: Ronald Portier <ronald@therp.nl>
Date: Sun, 26 Mar 2017 19:17:23 +0200
Subject: [PATCH] [8.0][FIX] Make letsencrypt resilient for alternate name
 removal. (#755)

---
 letsencrypt/README.rst            |  1 +
 letsencrypt/models/letsencrypt.py | 22 +++++++++++-----------
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/letsencrypt/README.rst b/letsencrypt/README.rst
index a6164ceb3..72f7dabe1 100644
--- a/letsencrypt/README.rst
+++ b/letsencrypt/README.rst
@@ -153,6 +153,7 @@ Contributors
 
 * Holger Brunn <hbrunn@therp.nl>
 * Antonio Espinosa <antonio.espinosa@tecnativa.com>
+* Ronald Portier <ronald@therp.nl>
 
 ACME implementation
 -------------------
diff --git a/letsencrypt/models/letsencrypt.py b/letsencrypt/models/letsencrypt.py
index daa262bb1..492655c89 100644
--- a/letsencrypt/models/letsencrypt.py
+++ b/letsencrypt/models/letsencrypt.py
@@ -96,19 +96,19 @@ class Letsencrypt(models.AbstractModel):
     @api.model
     def generate_csr(self, domain):
         domains = [domain]
-        i = 0
-        while self.env['ir.config_parameter'].get_param(
-                'letsencrypt.altname.%d' % i):
-            domains.append(
-                self.env['ir.config_parameter']
-                .get_param('letsencrypt.altname.%d' % i)
-            )
-            i += 1
+        parameter_model = self.env['ir.config_parameter']
+        altnames = parameter_model.search(
+            [('key', 'like', 'letsencrypt.altname.')],
+            order='key'
+        )
+        for altname in altnames:
+            domains.append(altname.value)
         _logger.info('generating csr for %s', domain)
         if len(domains) > 1:
             _logger.info('with alternative subjects %s', ','.join(domains[1:]))
-        config = self.env['ir.config_parameter'].get_param(
-            'letsencrypt.openssl.cnf', '/etc/ssl/openssl.cnf')
+        config = parameter_model.get_param(
+            'letsencrypt.openssl.cnf', '/etc/ssl/openssl.cnf'
+        )
         csr = os.path.join(get_data_dir(), '%s.csr' % domain)
         with tempfile.NamedTemporaryFile() as cfg:
             cfg.write(open(config).read())
@@ -119,7 +119,7 @@ class Letsencrypt(models.AbstractModel):
             cfg.file.flush()
             cmdline = [
                 'openssl', 'req', '-new',
-                self.env['ir.config_parameter'].get_param(
+                parameter_model.get_param(
                     'letsencrypt.openssl.digest', '-sha256'),
                 '-key', self.generate_domain_key(domain),
                 '-subj', '/CN=%s' % domain, '-config', cfg.name,