acertmgr: cleanup code (PEP-8 + replace assertions)

2019-03-22 12:33:40 +01:00 · 2019-03-22 12:33:40 +01:00 · 83f31bf91d
parent d62afac9d6
commit 83f31bf91d
5 changed files with 16 additions and 21 deletions
--- a/acertmgr/authority/v1.py
+++ b/acertmgr/authority/v1.py
@ -175,11 +175,8 @@ class ACMEAuthority(AbstractACMEAuthority):
            for domain in reversed(domains):
                try:
                    challenge_handlers[domain].destroy_challenge(domain, account_thumbprint, tokens[domain])
-                except (KeyboardInterrupt, SystemError, SystemExit):
-                    # Re-raise runtime/system exceptions
-                    raise
-                except:
-                    pass
+                except Exception as e:
+                    print('Challenge destruction failed: {}'.format(e))

        # get the new certificate
        print("Signing certificate...")
--- a/acertmgr/authority/v2.py
+++ b/acertmgr/authority/v2.py
@ -179,10 +179,8 @@ class ACMEAuthority(AbstractACMEAuthority):
                if code >= 400:
                    raise ValueError("Error requesting authorization: {0} {1}".format(code, authorization))

-                authorization['_domain'] = \
-                    "*.{}".format(authorization['identifier']['value']) \
-                        if 'wildcard' in authorization and authorization['wildcard'] \
-                        else authorization['identifier']['value']
+                authorization['_domain'] = "*.{}".format(authorization['identifier']['value']) if \
+                    'wildcard' in authorization and authorization['wildcard'] else authorization['identifier']['value']
                print("Authorizing {0}".format(authorization['_domain']))

                # create the challenge
@ -235,11 +233,8 @@ class ACMEAuthority(AbstractACMEAuthority):
                try:
                    challenge_handlers[authorization['_domain']].destroy_challenge(
                        authorization['identifier']['value'], account_thumbprint, authorization['_token'])
-                except (KeyboardInterrupt, SystemError, SystemExit):
-                    # Re-raise runtime/system exceptions
-                    raise
-                except:
-                    pass
+                except Exception as e:
+                    print('Challenge destruction failed: {}'.format(e))

        # check order status and retry once
        code, order, _ = self._request_url(order_url)
@ -267,8 +262,8 @@ class ACMEAuthority(AbstractACMEAuthority):
        if code >= 400:
            raise ValueError("Error downloading certificate chain: {0} {1}".format(code, certificate))

-        cert_dict = re.match(("(?P<cert>-----BEGIN CERTIFICATE-----[^\-]+-----END CERTIFICATE-----)\n\n"
-                              "(?P<ca>-----BEGIN CERTIFICATE-----[^\-]+-----END CERTIFICATE-----)?"),
+        cert_dict = re.match((r'(?P<cert>-----BEGIN CERTIFICATE-----[^\-]+-----END CERTIFICATE-----)\n\n'
+                              r'(?P<ca>-----BEGIN CERTIFICATE-----[^\-]+-----END CERTIFICATE-----)?'),
                             certificate.decode('utf-8'), re.DOTALL).groupdict()
        cert = x509.load_pem_x509_certificate(cert_dict['cert'].encode('utf-8'), default_backend())
        if cert_dict['ca'] is None:
--- a/acertmgr/modes/dns/abstract.py
+++ b/acertmgr/modes/dns/abstract.py
@ -24,7 +24,7 @@ class DNSChallengeHandler(AbstractChallengeHandler):
    def __init__(self, config):
        AbstractChallengeHandler.__init__(self, config)
        self.dns_updatedomain = config.get("dns_updatedomain")
-        self.dns_ttl = int(config.get("dns_ttl",60))
+        self.dns_ttl = int(config.get("dns_ttl", 60))

    def _determine_challenge_domain(self, domain):
        if self.dns_updatedomain:
--- a/acertmgr/modes/standalone.py
+++ b/acertmgr/modes/standalone.py
@ -36,13 +36,15 @@ class ACMERequestHandler(SimpleHTTPRequestHandler):
    #          webservers.
    def translate_path(self, path):
        spath = path.split('/')
-        assert (spath[0] == '')
+        if spath[0] != '':
+            raise ValueError("spath should be '' is {}".format(spath[0]))
        spath = spath[1:]
        if spath[0] == '.well-known':
            spath = spath[1:]
        if spath[0] == 'acme-challenge':
            spath = spath[1:]
-        assert (len(spath) == 1)
+            if len(spath) != 1:
+                raise ValueError("spath length {} != 1".format(len(spath)))
        spath.insert(0, '')
        path = '/'.join(spath)
        return SimpleHTTPRequestHandler.translate_path(self, path)
--- a/acertmgr/modes/webdir.py
+++ b/acertmgr/modes/webdir.py
@ -38,8 +38,9 @@ class ChallengeHandler(AbstractChallengeHandler):
        try:
            resp = urlopen(wellknown_url)
            resp_data = resp.read().decode('utf8').strip()
-            assert resp_data == keyauthorization
-        except (IOError, AssertionError):
+            if resp_data != keyauthorization:
+                raise ValueError("keyauthorization and response data do NOT match")
+        except (IOError, ValueError):
            os.remove(wellknown_path)
            raise ValueError("Wrote file to {0}, but couldn't download {1}".format(
                wellknown_path, wellknown_url))