Fixes to running on command line.

Use cert_dir instead of cert_path Restore server_url When creating a unique file, only loop for EEXISTS, not other OS errors like permission denied. Pass uid explicitly to make_or_verify_dir.
2026-01-21 19:01:07 +03:00 · 2015-05-21 18:58:40 -07:00
parent 1ca6016bb0
commit 424acfe16e
4 changed files with 15 additions and 9 deletions
--- a/letsencrypt/client.py
+++ b/letsencrypt/client.py
@@ -138,22 +138,22 @@ class Client(object):

        # Save Certificate
        cert_path, chain_path = self.save_certificate(
-            certr, self.config.cert_path, self.config.chain_path)
+            certr, self.config.cert_dir, self.config.cert_dir)

        revoker.Revoker.store_cert_key(
            cert_path, self.account.key.file, self.config)

        return cert_key, cert_path, chain_path

-    def save_certificate(self, certr, cert_path, chain_path):
+    def save_certificate(self, certr, cert_dir, chain_dir):
        # pylint: disable=no-self-use
        """Saves the certificate received from the ACME server.

        :param certr: ACME "certificate" resource.
        :type certr: :class:`acme.messages.Certificate`

-        :param str cert_path: Path to attempt to save the cert file
-        :param str chain_path: Path to attempt to save the chain file
+        :param str cert_dir: Path to attempt to save the cert file
+        :param str chain_dir: Path to attempt to save the chain file

        :returns: cert_path, chain_path (absolute paths to the actual files)
        :rtype: `tuple` of `str`
@@ -163,7 +163,7 @@ class Client(object):
        """
        # try finally close
        cert_chain_abspath = None
-        cert_file, act_cert_path = le_util.unique_file(cert_path, 0o644)
+        cert_file, act_cert_path = le_util.unique_file(cert_dir, 0o644)
        # TODO: Except
        cert_pem = certr.body.as_pem()
        try:
@@ -178,7 +178,7 @@ class Client(object):
            chain_cert = self.network.fetch_chain(certr)
            if chain_cert is not None:
                chain_file, act_chain_path = le_util.unique_file(
-                    chain_path, 0o644)
+                    chain_dir, 0o644)
                chain_pem = chain_cert.as_pem()
                try:
                    chain_file.write(chain_pem)
--- a/letsencrypt/configuration.py
+++ b/letsencrypt/configuration.py
@@ -44,6 +44,10 @@ class NamespaceConfig(object):
    def in_progress_dir(self):  # pylint: disable=missing-docstring
        return os.path.join(self.namespace.work_dir, constants.IN_PROGRESS_DIR)

+    @property
+    def server_url(self):
+        return self.namespace.server
+
    @property
    def server_path(self):
        """File path based on ``server``."""
--- a/letsencrypt/crypto_util.py
+++ b/letsencrypt/crypto_util.py
@@ -72,7 +72,7 @@ def init_save_csr(privkey, names, cert_dir, csrname="csr-letsencrypt.pem"):
    csr_pem, csr_der = make_csr(privkey.pem, names)

    # Save CSR
-    le_util.make_or_verify_dir(cert_dir, 0o755)
+    le_util.make_or_verify_dir(cert_dir, 0o755, os.geteuid())
    csr_f, csr_filename = le_util.unique_file(
        os.path.join(cert_dir, csrname), 0o644)
    csr_f.write(csr_pem)
--- a/letsencrypt/le_util.py
+++ b/letsencrypt/le_util.py
@@ -70,8 +70,10 @@ def unique_file(path, mode=0o777):
        try:
            file_d = os.open(fname, os.O_CREAT | os.O_EXCL | os.O_RDWR, mode)
            return os.fdopen(file_d, "w"), fname
-        except OSError:
-            pass
+        except OSError, e:
+            # Errno 17, "File exists," is okay.
+            if e.errno != 17:
+                raise
        count += 1