1
0
mirror of https://github.com/moepman/acertmgr.git synced 2025-01-01 04:21:51 +01:00

standalone: Fix server start+stop with multiple handlers

This commit is contained in:
Kishi85 2019-02-12 10:27:53 +01:00
parent 48a55c0dc4
commit 3570baacda
3 changed files with 42 additions and 31 deletions

View File

@ -131,34 +131,40 @@ class ACMEAuthority(AbstractACMEAuthority):
time.sleep(1)
for domain in domains:
print("Starting key authorization")
# notify challenge are met
keyauthorization = "{0}.{1}".format(tokens[domain], account_thumbprint)
code, result = self._send_signed(challenges[domain]['uri'], header, {
"resource": "challenge",
"keyAuthorization": keyauthorization,
})
if code != 202:
raise ValueError("Error triggering challenge: {0} {1}".format(code, result))
challenge_handlers[domain].start_challenge()
try:
print("Starting key authorization")
# notify challenge are met
keyauthorization = "{0}.{1}".format(tokens[domain], account_thumbprint)
code, result = self._send_signed(challenges[domain]['uri'], header, {
"resource": "challenge",
"keyAuthorization": keyauthorization,
})
if code != 202:
raise ValueError("Error triggering challenge: {0} {1}".format(code, result))
# wait for challenge to be verified
while True:
try:
resp = urlopen(challenges[domain]['uri'])
challenge_status = json.loads(resp.read().decode('utf8'))
except IOError as e:
raise ValueError("Error checking challenge: {0} {1}".format(
e.code, json.loads(e.read().decode('utf8'))))
if challenge_status['status'] == "pending":
time.sleep(2)
elif challenge_status['status'] == "valid":
print("{0} verified!".format(domain))
break
else:
raise ValueError("{0} challenge did not pass: {1}".format(
domain, challenge_status))
# wait for challenge to be verified
while True:
try:
resp = urlopen(challenges[domain]['uri'])
challenge_status = json.loads(resp.read().decode('utf8'))
except IOError as e:
raise ValueError("Error checking challenge: {0} {1}".format(
e.code, json.loads(e.read().decode('utf8'))))
if challenge_status['status'] == "pending":
time.sleep(2)
elif challenge_status['status'] == "valid":
print("{0} verified!".format(domain))
break
else:
raise ValueError("{0} challenge did not pass: {1}".format(
domain, challenge_status))
finally:
challenge_handlers[domain].stop_challenge()
finally:
for domain in domains:
# Destroy challenge handlers in reverse order to replay
# any saved state information in the handlers correctly
for domain in reversed(domains):
try:
challenge_handlers[domain].destroy_challenge(domain, account_thumbprint, tokens[domain])
except:

View File

@ -20,3 +20,11 @@ class AbstractChallengeHandler:
def destroy_challenge(self, domain, thumbprint, token):
raise NotImplemented
# Optional: Indicate when a challenge request is imminent
def start_challenge(self):
pass
# Optional: Indicate when a challenge response has been received
def stop_challenge(self):
pass

View File

@ -70,15 +70,12 @@ class ChallengeHandler(WebChallengeHandler):
self.server_thread = None
self.server = HTTPServer(("", port), ACMERequestHandler)
def create_challenge(self, domain, thumbprint, token):
WebChallengeHandler.create_challenge(self, domain, thumbprint, token)
def start_challenge(self):
self.server_thread = threading.Thread(target=start_standalone, args=(self.server,))
os.chdir(self.challenge_directory)
self.server_thread.start()
return datetime.datetime.now()
def destroy_challenge(self, domain, thumbprint, token):
def stop_challenge(self):
self.server.shutdown()
self.server_thread.join()
os.chdir(self.current_directory)
WebChallengeHandler.destroy_challenge(self, domain, thumbprint, token)