acertmgr: Fix module/function issues on windows

acertmgr/__init__.py

@@ -6,18 +6,24 @@
 # Copyright (c) Rudolf Mayerhofer, 2019.
 # available under the ISC license, see LICENSE
 
-import grp
 import io
 import os
-import pwd
 import stat
 import subprocess
+import sys
 
 from acertmgr import configuration, tools
 from acertmgr.authority import authority
 from acertmgr.modes import challenge_handler
 from acertmgr.tools import log
 
+try:
+    import pwd
+    import grp
+except ImportError:
+    # Warnings will be reported upon usage below
+    pass
+
 
 # @brief fetch new certificate from letsencrypt
 # @param settings the domain's configuration options
@@ -90,18 +96,25 @@ def cert_put(settings):
 
     # set owner and group
     if 'user' in settings or 'group' in settings:
-        try:
+        if 'pwd' in sys.modules and 'grp' in sys.modules and hasattr(os, 'chown') and hasattr(os, 'geteuid') and \
-            uid = pwd.getpwnam(settings['user']).pw_uid if 'user' in settings else os.geteuid()
+                hasattr(os, 'getegid'):
-            gid = grp.getgrnam(settings['group']).gr_gid if 'group' in settings else os.getegid()
+            try:
-            os.chown(settings['path'], uid, gid)
+                uid = pwd.getpwnam(settings['user']).pw_uid if 'user' in settings else os.geteuid()
-        except OSError as e:
+                gid = grp.getgrnam(settings['group']).gr_gid if 'group' in settings else os.getegid()
-            log('Could not set certificate file ownership', e, warning=True)
+                os.chown(settings['path'], uid, gid)
+            except OSError as e:
+                log('Could not set certificate file ownership', e, warning=True)
+        else:
+            log('File user and group handling unavailable on this platform', warning=True)
     # set permissions
     if 'perm' in settings:
-        try:
+        if hasattr(os, 'chmod'):
-            os.chmod(settings['path'], int(settings['perm'], 8))
+            try:
-        except OSError as e:
+                os.chmod(settings['path'], int(settings['perm'], 8))
-            log('Could not set certificate file permissions', e, warning=True)
+            except OSError as e:
+                log('Could not set certificate file permissions', e, warning=True)
+        else:
+            log('File permission handling unavailable on this platform', warning=True)
 
     return settings['action']
 

acertmgr/tools.py

@@ -159,10 +159,13 @@ def new_ssl_key(path=None, key_algo=None, key_size=None):
         )
         with io.open(path, 'wb') as pem_out:
             pem_out.write(pem)
-        try:
+        if hasattr(os, 'chmod'):
-            os.chmod(path, int("0400", 8))
+            try:
-        except OSError:
+                os.chmod(path, int("0400", 8))
-            log('Could not set file permissions on {0}!'.format(path), warning=True)
+            except OSError:
+                log('Could not set file permissions on {0}!'.format(path), warning=True)
+        else:
+            log('Keyfile permission handling unavailable on this platform', warning=True)
     return private_key
 
 
@@ -186,10 +189,13 @@ def write_pem_file(crt, path, perms=None):
     with io.open(path, "w") as f:
         f.write(convert_cert_to_pem_str(crt))
     if perms:
-        try:
+        if hasattr(os, 'chmod'):
-            os.chmod(path, perms)
+            try:
-        except OSError:
+                os.chmod(path, perms)
-            log('Could not set file permissions ({0}) on {1}!'.format(perms, path), warning=True)
+            except OSError:
+                log('Could not set file permissions ({0}) on {1}!'.format(perms, path), warning=True)
+        else:
+            log('PEM-File permission handling unavailable on this platform', warning=True)
 
 
 # @brief download the issuer ca for a given certificate