Spade
Mini Shell
| Directory:~$ /lib/python2.7/site-packages/certbot/ |
| [Home] [System Details] [Kill Me] |
�
���_c@sdZddlZddlZddlZddlmZddlZddlZddlZddl Z ddl
Z
ddl
Z
ddl
Z
ddl
Z
ddlZddlZddlmZddlmZddlmZddlmZddlmZdd lmZdd
lmZdd
lmZe
j j
d
�Z
e
rYddl
Z
nej e
�Z!ej"d
d�Z#ej"dd�Z$dZ%dZ&dZ'ej(j)d;�Z*ej+�Z,e�Z-d�Z.e!j/d�Z0d�Z1d�Z2d�Z3d
�Z4d
e5d
�Z6d dd
�Z8d!�Z9d"d d#�Z:d$d d%�Z;d&�Z<d'�Z=d(�Z>d)�Z?d*�Z@d+d,�ZAd-�ZBe5d.�ZCe
jDd/�ZEd0�ZFd1ejGfd2��YZHd3�ZId4�ZJd5�ZKd6�ZLd7�ZMd8�ZNd9�ZOd:�ZPdS(<sUtilities
for all
Certbot.i����N(t
OrderedDict(tText(tTuple(tUnion(terrors(t constants(tlock(t
filesystem(tostlinuxtKeysfile pemtCSRsfile data
forms[1ms[31ms[0ms$The following error was encountered:s{0}sWEither
run as root, or set --config-dir, --work-dir, and --logs-dir to writeable
paths.cstjj��d�ks'd�kr+�SxMdD]E}|�kr2dj�fd��|jd�D���|<q2q2W�S(s�
When Certbot is run inside a Snap, certain environment variables
are modified. But Certbot sometimes calls out to external programs,
since it uses classic confinement. When we do that, we must modify
the env to remove our modifications so it will use the system's
libraries, since they may be incompatible with the versions of
libraries included in the Snap. For example, apachectl, Nginx, and
anything run from inside a hook should call this function and pass
the results into the ``env`` argument of ``subprocess.Popen``.
:returns: A modified copy of os.environ ready to pass to Popen
:rtype: dict
tSNAPtCERTBOT_SNAPPEDtPATHtLD_LIBRARY_PATHt:c3s%|]}�d|kr|VqdS(R
N((t.0tx(tenv(s0/usr/lib/python2.7/site-packages/certbot/util.pys <genexpr>Vs(sPATHR(Rtenvirontcopytjointsplit(t path_name((Rs0/usr/lib/python2.7/site-packages/certbot/util.pyt
env_no_snap_for_external_callsAs
7c
Cs�y4tj|dtjdtjdtdt��}WnCttfk
ryddj|�}||�tj |��nX|j
�\}}|j
dkr�ddj|�||f}||�tj |��n||fS( s�Run
the script with the given params.
:param list params: List of parameters to pass to Popen
:param callable log: Logger method to use for errors
tstdouttstderrtuniversal_newlinesRs
Unable to run the command: %st
is
Error while running %s.
%s
%s(
t
subprocesstPopentPIPEtTrueRtOSErrort
ValueErrorRRtSubprocessErrort
communicatet
returncode(tparamstlogtproctmsgRR((s0/usr/lib/python2.7/site-packages/certbot/util.pyt
run_scriptZs"
cCsutjj|�\}}|r+tj|�SxCtjdjtj�D](}tjtjj||��rEtSqEWt S(s�Determine
whether path/name refers to an executable.
:param str exe: Executable path or name
:returns: If exe is a valid executable
:rtype: bool
R(
RtpathRRt
is_executableRtpathsepRR!tFalse(texeR,t_((s0/usr/lib/python2.7/site-packages/certbot/util.pyt
exe_existsys
cCs9tstt�n|tkr5tj|�t|<ndS(s�Lock the directory
at dir_path until program exit.
:param str dir_path: path to directory
:raises errors.LockError: if the lock is held by another process
N(t_LOCKStatexit_registert_release_locksRtlock_dir(tdir_path((s0/usr/lib/python2.7/site-packages/certbot/util.pytlock_dir_until_exit�s
cCsbxQtjt�D]@}y|j�Wqdj|�}tj|dt�qXqWtj�dS(Ns(Exception
occurred releasing lock: {0!r}texc_info( tsixt
itervaluesR3treleasetformattloggertdebugR!tclear(tdir_lockR*((s0/usr/lib/python2.7/site-packages/certbot/util.pyR5�scCscy
t|||�t|�Wn>tk
r^}tjddt�tjtj |���nXdS(shEnsure directory
exists with proper permissions and is locked.
:param str directory: Path to a directory.
:param int mode: Directory mode.
:param bool strict: require directory to be owned by current user
:raises .errors.LockError: if the directory cannot be locked
:raises .errors.Error: if the directory cannot be made or verified
sException was:R9N(
tmake_or_verify_dirR8R"R>R?R!RtErrort
PERM_ERR_FMTR=(t directorytmodetstrictterror((s0/usr/lib/python2.7/site-packages/certbot/util.pytset_up_core_dir�s
i�cCs�ytj||�Wnftk
r|}|jtjkrv|rytj||�
rytjd|t|�f��qyq}�nXdS(s�Make
sure directory exists with proper permissions.
:param str directory: Path to a directory.
:param int mode: Directory mode.
:param bool strict: require directory to be owned by current user
:raises .errors.Error: if a directory already exists,
but has wrong permissions or owner
:raises OSError: if invalid or inaccessible file names and
paths, or other arguments that have the correct type,
but are not accepted by the operating system.
sE%s exists, but it should be owned by current user with permissions
%sN( RtmakedirsR"terrnotEEXISTtcheck_permissionsRRCtoct(RERFRGt exception((s0/usr/lib/python2.7/site-packages/certbot/util.pyRB�s
twcCs]d}|dk r
|f}nd}tj|tjtjBtjB|�}tj|||�S(s�Safely
open a file.
:param str path: Path to a file.
:param str mode: Same os `mode` for `open`.
:param int chmod: Same as `mode` for `filesystem.open`, uses Python
defaults
if ``None``.
(N((tNoneRtopenRtO_CREATtO_EXCLtO_RDWRtfdopen(R,RFtchmodt open_argst
fdopen_argstfd((s0/usr/lib/python2.7/site-packages/certbot/util.pyt safe_open�s
&cCs�x�tr�tjj|||��}y,t|d|d|�tjj|�fSWn+tk
r}}|jtjkr~�q~nX|d7}qWdS(NRWRFi( R!RR,RR[tabspathR"RKRL(R,t
filename_pattcountRWRFt
current_pathterr((s0/usr/lib/python2.7/site-packages/certbot/util.pyt
_unique_file�s
i�c
sCtjj|�\}�t|d�fd�ddd|d|�S(s�Safely finds a
unique file.
:param str path: path/filename.ext
:param int chmod: File mode
:param str mode: Open mode
:returns: tuple of file object and file name
R]csd|�fS(Ns%04d_%s((R^(ttail(s0/usr/lib/python2.7/site-packages/certbot/util.pyt<lambda>�sR^iRWRF(RR,RRa(R,RWRF((Rbs0/usr/lib/python2.7/site-packages/certbot/util.pyt
unique_file�s
i�c
s�tjj|d��}yt|d|�|fSWn+tk
r`}|jtjkra�qanXt|d�fd�ddd|d|�S(sSafely
finds a unique file using lineage convention.
:param str path: directory path
:param str filename: proposed filename
:param int chmod: file mode
:param str mode: open mode
:returns: tuple of file object and file name (which may be modified
from the requested one by appending digits to ensure uniqueness)
:raises OSError: if writing files fails for an unanticipated reason,
such as a full disk or a lack of permission to write to
specified location.
s%s.confRWR]csd�|fS(Ns
%s-%04d.conf((R^(tfilename(s0/usr/lib/python2.7/site-packages/certbot/util.pyRcsR^iRF(RR,RR[R"RKRLRa(R,ReRWRFtpreferred_pathR`((Res0/usr/lib/python2.7/site-packages/certbot/util.pytunique_lineage_names
cCsCytj|�Wn+tk
r>}|jtjkr?�q?nXdS(s!Remove a file that may not
exist.N(RtremoveR"RKtENOENT(R,R`((s0/usr/lib/python2.7/site-packages/certbot/util.pyt
safely_remove
s
cCsbt�}xR|D]J}y|jt|��Wqtjk
rYtjd|dt�qXqW|S(s�Removes names that aren't
considered valid by Let's Encrypt.
:param set all_names: all names found in the configuration
:returns: all found names that are considered valid by LE
:rtype: set
sNot suggesting name
"%s"R9(tsettaddtenforce_le_validityRtConfigurationErrorR>R?R!(t all_namestfiltered_namestname((s0/usr/lib/python2.7/site-packages/certbot/util.pytget_filtered_names%s
cCs
tdt�S(sc
Get OS name and version
:returns: (os_name, os_version)
:rtype: `tuple` of `str`
tpretty(tget_python_os_infoR/(((s0/usr/lib/python2.7/site-packages/certbot/util.pyt
get_os_info6scCsCtrtjdt�}nt
s)|
r?djtdt��S|S(s^
Get OS name and version string for User Agent
:returns: os_ua
:rtype: `str`
RsR
(t
_USE_DISTROtdistroRqR!RRt(tos_info((s0/usr/lib/python2.7/site-packages/certbot/util.pytget_os_info_ua@s
cCs
trtj�jd�SgS(s�
Get a list of strings that indicate the distribution likeness to
other distributions.
:returns: List of distribution acronyms
:rtype: `list` of `str`
R
(RvRwtlikeR(((s0/usr/lib/python2.7/site-packages/certbot/util.pytget_systemd_os_likeNs s/etc/os-releasecCs�|d}tjj|�s
dSt|d��}|j�}WdQXx=|D]5}|j�j|�rKt|j�t|� �SqKWdS(s�
Get single value from a file formatted like systemd /etc/os-release
:param str varname: Name of variable to fetch
:param str filepath: File path of os-release file
:returns: requested value
:rtype: `str`
t=ttrN( RR,tisfileRRt readlineststript
startswitht_normalize_stringtlen(tvarnametfilepatht
var_stringtfhtcontentstline((s0/usr/lib/python2.7/site-packages/certbot/util.pytget_var_from_file[s
cCs"|jdd�jdd�j�S(sV
Helper function for get_var_from_file() to remove quotes
and whitespaces
t"R}t'(treplaceR�(torig((s0/usr/lib/python2.7/site-packages/certbot/util.pyR�qsc
Cs�tjtj�tj�tj��}|\}}}|j�}|jd�r�tr�tj |�}|dr}|d}n|dr�|d}q�n|jd�rFy:t
j
ddgdt
j
dt
j
d t
d
t��}WnGtk
r)t
j
d
dgdt
j
dt
j
d t
d
t��}nX|j�djd
�}na|jd
�r~|jd�d}|jd�d}n)tj�dr�tj�d}nd}||fS(s�
Get Operating System type/distribution and major version
using python platform module
:param bool pretty: If the returned OS name should be in longer
(pretty) form
:returns: (os_name, os_version)
:rtype: `tuple` of `str`
R iitdarwins/usr/bin/sw_verss-productVersionRRR
Rtsw_verss
tfreebsdt-t.R}(tplatformt
system_aliastsystemR<tversiontlowerR�RvRwtlinux_distributionR
R R
R!RR"R%trstript partitiont win32_ver(Rstinfotos_typetos_verR1R)((s0/usr/lib/python2.7/site-packages/certbot/util.pyRtxsB
s![a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+$cCsCtj|�dk r/|jd�
o.d|kStjd|�tS(s$Scrub
email address before using it.R�s..sInvalid email address:
%s.N(t
EMAIL_REGEXtmatchRQR�R>twarningR/(temail((s0/usr/lib/python2.7/site-packages/certbot/util.pyt
safe_email�stDeprecatedArgumentActioncBseZdZdd�ZRS(s1Action
to log a warning when an argument is used.cCstjd|�dS(NsUse of
%s is
deprecated.(R>R�(tselftunused1tunused2tunused3t
option_string((s0/usr/lib/python2.7/site-packages/certbot/util.pyt__call__�sN(t__name__t
__module__t__doc__RQR�(((s0/usr/lib/python2.7/site-packages/certbot/util.pyR��scCslttjkrIttjt�r4tjjt�qItjtf7_n||dtdtjd|�dS(s�Adds
a deprecated argument with the name argument_name.
Deprecated arguments are not shown in the help. If they are used on
the command line, a warning is shown stating that the argument is
deprecated and no other action is taken.
:param callable add_argument: Function that adds arguments to an
argument parser/group.
:param str argument_name: Name of deprecated argument.
:param nargs: Value for nargs when adding the argument to argparse.
tactionthelptnargsN(R�tconfigargparset#ACTION_TYPES_THAT_DONT_NEED_A_VALUEt
isinstanceRkRltargparsetSUPPRESS(t
add_argumentt
argument_nameR�((s0/usr/lib/python2.7/site-packages/certbot/util.pytadd_deprecated_argument�s
cCs�t|�}tjd|�s9tjdj|���n|jd�}t|�dkrutjdj|���nxh|D]`}|jd�r�tjdj||���n|j d�r|tjdj||���q|q|W|S( suChecks
that Let's Encrypt will consider domain to be valid.
:param str domain: FQDN to check
:type domain: `str` or `unicode`
:returns: The domain cast to `str`, with ASCII-only contents
:rtype: str
:raises ConfigurationError: for invalid domains and cases where
Let's
Encrypt currently will not issue
certificates
s^[A-Za-z0-9.-]*$sP{0} contains an invalid character. Valid characters
are A-Z, a-z, 0-9, ., and -.R�is
{0} needs at least two
labelsR�s1label "{0}" in domain "{1}" cannot start
with "-"s/label "{0}" in domain "{1}" cannot
end with "-"(
tenforce_domain_sanitytreR�RRnR=RR�R�tendswith(tdomaintlabelstlabel((s0/usr/lib/python2.7/site-packages/certbot/util.pyRm�s&
cCs�y5t|tj�r'|jd�}n|jd�Wn
tk
rWtjd��nX|j�}|j d�r}|d n|}xJddgD]<}|j
dj
|��r�tjd j
||���q�q�Wy)t
j
|�tjd
j
|���Wnt
jk
rnXd
j
|�}t|�d
krLtjd
j
|���n|jd�}x_|D]W}|s�tjdj
|���nt|�dkrbtjdj
||���qbqbW|S(s�Method
which validates domain value and errors out if
the requirements are not met.
:param domain: Domain to check
:type domain: `str` or `unicode`
:raises ConfigurationError: for invalid domains and cases where
Let's
Encrypt currently will not issue
certificates
:returns: The domain cast to `str`, with ASCII-only contents
:rtype: str
sutf-8tasciisbNon-ASCII domain names not supported. To issue for an
Internationalized Domain Name, use
Punycode.u.i����thttpthttpss{0}://s[Requested name {0} appears
to be a URL, not a FQDN. Try again without the leading
"{1}://".sRequested name {0} is an IP address. The Let's
Encrypt certificate authority will not issue certificates for a bare IP
address.s*Requested domain {0} is not a FQDN becausei�s{0} it is too
long.R�s {0} it contains an empty label.i?s{0} label {1} is too
long.(R�R:t
binary_typetdecodetencodet
UnicodeErrorRRnR�R�R�R=tsockett inet_atonRHR�R(R�tschemeR*R�tl((s0/usr/lib/python2.7/site-packages/certbot/util.pyR��s<
"cCs.d}t|tj�r!d}n|j|�S(s�"Is
domain a wildcard domain?
:param domain: domain to check
:type domain: `bytes` or `str` or `unicode`
:returns: True if domain is a wildcard, otherwise, False
:rtype: bool
s*.u*.(R�R:t text_typeR�(R�twildcard_marker((s0/usr/lib/python2.7/site-packages/certbot/util.pytis_wildcard_domain;s
cCs
tjj|jdd��S(s�Converts a normalized version to a
strict version.
:param str normalized: normalized version string
:returns: An equivalent strict version
:rtype: distutils.version.StrictVersion
s.devta(t distutilsR�t
StrictVersionR�(t
normalized((s0/usr/lib/python2.7/site-packages/certbot/util.pytget_strict_versionKs
cCs|tjkpd|kS(s�
Determine whether a given ACME server is a known test / staging server.
:param str srv: the URI for the ACME server
:returns: True iff srv is a known test / staging server
:rtype bool:
tstaging(Rt
STAGING_URI(tsrv((s0/usr/lib/python2.7/site-packages/certbot/util.pyt
is_stagingXscOstjt|||�dS(sSets func to be called before
the program exits.
Special care is taken to ensure func is only called when the process
that first imports this module exits rather than any child processes.
:param function func: function to be called in case of an error
N(tatexittregistert
_atexit_call(tfunctargstkwargs((s0/usr/lib/python2.7/site-packages/certbot/util.pyR4cs cOs&ttj�kr"|||�ndS(N(t
_INITIAL_PIDRtgetpid(R�R�R�((s0/usr/lib/python2.7/site-packages/certbot/util.pyR�os(s$The
following error was encountered:s{0}sWEither run as root, or set
--config-dir, --work-dir, and --logs-dir to writeable
paths.(QR�R�R�t
collectionsRtdistutils.versionR�RKtloggingR�R�R�R
tsysR�R:tacme.magic_typingRRRtcertbotRtcertbot._internalRRtcertbot.compatRRR�RvRwt getLoggerR�R>t
namedtupleR
R
t
ANSI_SGR_BOLDt
ANSI_SGR_REDtANSI_SGR_RESETtlinesepRRDR�R�R3RRHR+R2R8R5RIR/RBRQR[RaRdRgRjRrRuRyR{R�R�RttcompileR�R�tActionR�R�RmR�R�R�R�R4R�(((s0/usr/lib/python2.7/site-packages/certbot/util.pyt<module>s�
7 A