1
0
mirror of https://github.com/moepman/acertmgr.git synced 2025-01-04 00:15:23 +01:00

standalone: Fix server start+stop with multiple handlers

This commit is contained in:
Kishi85 2019-02-12 10:27:53 +01:00
parent 48a55c0dc4
commit 3570baacda
3 changed files with 42 additions and 31 deletions

View File

@ -131,34 +131,40 @@ class ACMEAuthority(AbstractACMEAuthority):
time.sleep(1) time.sleep(1)
for domain in domains: for domain in domains:
print("Starting key authorization") challenge_handlers[domain].start_challenge()
# notify challenge are met try:
keyauthorization = "{0}.{1}".format(tokens[domain], account_thumbprint) print("Starting key authorization")
code, result = self._send_signed(challenges[domain]['uri'], header, { # notify challenge are met
"resource": "challenge", keyauthorization = "{0}.{1}".format(tokens[domain], account_thumbprint)
"keyAuthorization": keyauthorization, code, result = self._send_signed(challenges[domain]['uri'], header, {
}) "resource": "challenge",
if code != 202: "keyAuthorization": keyauthorization,
raise ValueError("Error triggering challenge: {0} {1}".format(code, result)) })
if code != 202:
raise ValueError("Error triggering challenge: {0} {1}".format(code, result))
# wait for challenge to be verified # wait for challenge to be verified
while True: while True:
try: try:
resp = urlopen(challenges[domain]['uri']) resp = urlopen(challenges[domain]['uri'])
challenge_status = json.loads(resp.read().decode('utf8')) challenge_status = json.loads(resp.read().decode('utf8'))
except IOError as e: except IOError as e:
raise ValueError("Error checking challenge: {0} {1}".format( raise ValueError("Error checking challenge: {0} {1}".format(
e.code, json.loads(e.read().decode('utf8')))) e.code, json.loads(e.read().decode('utf8'))))
if challenge_status['status'] == "pending": if challenge_status['status'] == "pending":
time.sleep(2) time.sleep(2)
elif challenge_status['status'] == "valid": elif challenge_status['status'] == "valid":
print("{0} verified!".format(domain)) print("{0} verified!".format(domain))
break break
else: else:
raise ValueError("{0} challenge did not pass: {1}".format( raise ValueError("{0} challenge did not pass: {1}".format(
domain, challenge_status)) domain, challenge_status))
finally:
challenge_handlers[domain].stop_challenge()
finally: finally:
for domain in domains: # Destroy challenge handlers in reverse order to replay
# any saved state information in the handlers correctly
for domain in reversed(domains):
try: try:
challenge_handlers[domain].destroy_challenge(domain, account_thumbprint, tokens[domain]) challenge_handlers[domain].destroy_challenge(domain, account_thumbprint, tokens[domain])
except: except:

View File

@ -20,3 +20,11 @@ class AbstractChallengeHandler:
def destroy_challenge(self, domain, thumbprint, token): def destroy_challenge(self, domain, thumbprint, token):
raise NotImplemented raise NotImplemented
# Optional: Indicate when a challenge request is imminent
def start_challenge(self):
pass
# Optional: Indicate when a challenge response has been received
def stop_challenge(self):
pass

View File

@ -70,15 +70,12 @@ class ChallengeHandler(WebChallengeHandler):
self.server_thread = None self.server_thread = None
self.server = HTTPServer(("", port), ACMERequestHandler) self.server = HTTPServer(("", port), ACMERequestHandler)
def create_challenge(self, domain, thumbprint, token): def start_challenge(self):
WebChallengeHandler.create_challenge(self, domain, thumbprint, token)
self.server_thread = threading.Thread(target=start_standalone, args=(self.server,)) self.server_thread = threading.Thread(target=start_standalone, args=(self.server,))
os.chdir(self.challenge_directory) os.chdir(self.challenge_directory)
self.server_thread.start() self.server_thread.start()
return datetime.datetime.now()
def destroy_challenge(self, domain, thumbprint, token): def stop_challenge(self):
self.server.shutdown() self.server.shutdown()
self.server_thread.join() self.server_thread.join()
os.chdir(self.current_directory) os.chdir(self.current_directory)
WebChallengeHandler.destroy_challenge(self, domain, thumbprint, token)