From 1e745b94eac8f22338a46125cf3b9311614dc5cc Mon Sep 17 00:00:00 2001
From: Markus Hauschild <markus@moepman.eu>
Date: Mon, 11 Jan 2016 20:15:31 +0100
Subject: [PATCH] More checks (e.g. for acme_tiny)

---
 README.md   |  7 +++++++
 acertmgr.py | 20 ++++++++++++++------
 2 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index e81ada0..f78d940 100644
--- a/README.md
+++ b/README.md
@@ -8,6 +8,13 @@ Running ACERTMGR
 
 The main file acertmgr.py is intended to be run regularly (e.g. as daily cron job) as root.
 
+Requirements
+------------
+
+Python (2.7+ and 3.4+ should work)
+PyYAML
+acme\_tiny (`acme_tiny.py` placed in `/opt/acme/acme_tiny.py`)
+
 Configuration
 -------------
 
diff --git a/acertmgr.py b/acertmgr.py
index d5465bf..da159e9 100755
--- a/acertmgr.py
+++ b/acertmgr.py
@@ -17,6 +17,7 @@ import yaml
 ACME_DIR="/etc/acme/"
 ACME_CONF=ACME_DIR + "acme.conf"
 ACME_CONFD=ACME_DIR + "domains.d/"
+ACME_TINY="/opt/acme/acme_tiny.py"
 
 
 # @brief check whether existing certificate is still valid or expiring soon
@@ -57,19 +58,26 @@ def cert_isValid(crt_file, ttl_days):
 # @param domain string containing the domain name
 # @param settings the domain's configuration options
 def cert_get(domain, settings):
+	print("Getting certificate for %s." % domain)
+
 	key_file = ACME_DIR + "server.key"
 	if not os.path.exists(key_file):
-		raise "The server key file is missing!"
+		raise "The server key file (%s) is missing!" % key_file
+
+	acc_file = ACME_DIR + "account.key"
+	if not os.path.exists(acc_file):
+		raise "The account key file (%s) is missing!" % acc_file
 
 	csr_file = "/tmp/%s.csr" % domain
-	crt_file = "/tmp/%s.crt" % domain
-	if os.path.lexists(csr_file) or os.path.lexists(crt_file):
+	if os.path.lexists(csr_file):
 		raise "A temporary file already exists!"
 
-	print("Getting certificate for %s." % domain)
-	cr = subprocess.check_output(['openssl', 'req', '-new', '-sha256', '-key', key_file, '-out', csr_file, '-subj', '/CN=%s' % domain])
+	if not os.path.exists(ACME_TINY):
+		raise "acme_tiny (%s) is missing!" % ACME_TINY
 
-	# TODO prepare everything for ACME challanges
+	crt_file = "/tmp/%s.crt" % domain
+
+	cr = subprocess.check_output(['openssl', 'req', '-new', '-sha256', '-key', key_file, '-out', csr_file, '-subj', '/CN=%s' % domain])
 
 	# TODO run acme_tiny
 	# TODO check if resulting certificate is valid