Your IP : 216.73.216.224


Current Path : /lib/python3/dist-packages/certbot/__pycache__/
Upload File :
Current File : //lib/python3/dist-packages/certbot/__pycache__/account.cpython-38.pyc

U

�]�6�@sdZddlZddlZddlZddlZddlZddlZddlZddl	Z	ddl
Z
ddlZddlZ
ddlmZddlmZddlmZddlmZddlmZddlmZdd	lmZdd
lmZe�e�ZGdd�de�Zd
d�Z Gdd�dej!�Z"Gdd�dej#�Z$Gdd�dej!�Z%dS)z!Creates ACME accounts for server.�N)�
serialization)�fields)�messages)�	constants)�errors)�
interfaces)�util)�osc@sHeZdZdZGdd�dej�Zd
dd�Zedd��Z	d	d
�Z
dd�ZdS)�Accountz�ACME protocol registration.

    :ivar .RegistrationResource regr: Registration Resource
    :ivar .JWK key: Authorized Account Key
    :ivar .Meta: Account metadata
    :ivar str id: Globally unique account identifier.

    c@s$eZdZdZe�d�Ze�d�Z	dS)zAccount.Metaa+Account metadata

        :ivar datetime.datetime creation_dt: Creation date and time (UTC).
        :ivar str creation_host: FQDN of host, where account has been created.

        .. note:: ``creation_dt`` and ``creation_host`` are useful in
            cross-machine migration scenarios.

        �creation_dt�
creation_hostN)
�__name__�
__module__�__qualname__�__doc__�acme_fieldsZRFC3339Fieldr�jose�Fieldr�rr�1/usr/lib/python3/dist-packages/certbot/account.py�Meta&s	
rNcCsn||_||_|dkr:|jtjjtjd�jdd�t�	�d�n||_
t�|jj�
�jtjjtjjd����|_dS)N)Ztzr)Zmicrosecond)rr)�encoding�format)�key�regrr�datetimeZnow�pytzZUTC�replace�socketZgetfqdn�meta�hashlibZmd5Z
public_keyZpublic_bytesrZEncodingZPEMZPublicFormatZSubjectPublicKeyInfoZ	hexdigest�id)�selfrrrrrr�__init__3s&�������zAccount.__init__cCs&d�t�|jj�|jj|jdd��S)z3Short account identification string, useful for UI.z
{1}@{0} ({2})N�)r�	pyrfc3339Zgeneraterrrr!�r"rrr�slugGs��zAccount.slugcCsd�|jj|j|j|j�S)Nz<{0}({1}, {2}, {3})>)r�	__class__r
rr!rr&rrr�__repr__Ms�zAccount.__repr__cCs0t||j�o.|j|jko.|j|jko.|j|jkS�N)�
isinstancer(rrr)r"�otherrrr�__eq__Qs
�
�
�zAccount.__eq__)N)r
rrrrZJSONObjectWithFieldsrr#�propertyr'r)r-rrrrr
s	

r
cCs4tj�tj�}|dkrdS|�d�|j�|j�dS)z.Informs the user about their new ACME account.Na Your account credentials have been saved in your Certbot configuration directory at {0}. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal.)	�zopeZ	componentZqueryUtilityrZ	IReporterZadd_messagerZ
config_dirZMEDIUM_PRIORITY)�configZreporterrrr�report_new_accountWs��r1c@s2eZdZdZddd�Zdd�Zdd�Zd	d
�ZdS)�AccountMemoryStoragezIn-memory account storage.NcCs|dk	r|ni|_dSr*)�accounts)r"Zinitial_accountsrrrr#iszAccountMemoryStorage.__init__cCstt�|j��Sr*)�list�sixZ
itervaluesr3r&rrr�find_alllszAccountMemoryStorage.find_allcCs*|j|jkrt�d|j�||j|j<dS)NzOverwriting account: %s)r!r3�logger�debug�r"�accountZclientrrr�saveoszAccountMemoryStorage.savecCs0z|j|WStk
r*t�|��YnXdSr*)r3�KeyErrorr�AccountNotFound�r"�
account_idrrr�loadtszAccountMemoryStorage.load)N)r
rrrr#r6r;r@rrrrr2fs

r2c@seZdZdZe�d�ZdS)�$RegistrationResourceWithNewAuthzrURIafA backwards-compatible RegistrationResource with a new-authz URI.

       Hack: Certbot versions pre-0.11.1 expect to load
       new_authzr_uri as part of the account. Because people
       sometimes switch between old and new versions, we will
       continue to write out this field for some time so older
       clients don't crash in that scenario.
    �new_authzr_uriN)r
rrrrrrBrrrrrAzsrAc@s�eZdZdZdd�Zdd�Zdd�Zedd	��Zed
d��Z	edd
��Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&d'�Zd(S))�AccountFileStoragezMAccounts file storage.

    :ivar .IConfig config: Client configuration

    cCs||_t�|jd|jj�dS)N�)r0r�make_or_verify_dir�accounts_dir�strict_permissions)r"r0rrrr#�szAccountFileStorage.__init__cCs|�||jj�Sr*)�!_account_dir_path_for_server_pathr0�server_pathr>rrr�_account_dir_path�sz$AccountFileStorage._account_dir_pathcCs|j�|�}tj�||�Sr*)r0�accounts_dir_for_server_pathr	�path�join)r"r?rIrFrrrrH�sz4AccountFileStorage._account_dir_path_for_server_pathcCstj�|d�S)Nz	regr.json�r	rLrM��cls�account_dir_pathrrr�
_regr_path�szAccountFileStorage._regr_pathcCstj�|d�S)Nzprivate_key.jsonrNrOrrr�	_key_path�szAccountFileStorage._key_pathcCstj�|d�S)Nz	meta.jsonrNrOrrr�_metadata_path�sz!AccountFileStorage._metadata_pathc	Cs�|j�|�}zt�|�}Wntk
r2gYSXg}|D]@}z|�|�||��Wq<tjk
rzt	j
ddd�Yq<Xq<|s�|tjkr�tj|}|�
|�}|r�z|�||�Wntk
r�gYSX|}|S)NzAccount loading problemT)�exc_info)r0rKr	�listdir�OSError�append�_load_for_server_pathr�AccountStorageErrorr7r8r�LE_REUSE_SERVERS�_find_all_for_server_path�_symlink_to_accounts_dir)r"rIrFZ
candidatesr3r?�prev_server_pathZ
prev_accountsrrrr\�s*



z,AccountFileStorage._find_all_for_server_pathcCs|�|jj�Sr*)r\r0rIr&rrrr6�szAccountFileStorage.find_allcCs(|�||�}|�||�}t�||�dSr*)rHr	�symlink)r"r^rIr?�prev_account_dirZnew_account_dirrrr�_symlink_to_account_dir�sz*AccountFileStorage._symlink_to_account_dircCsJ|j�|�}tj�|�r$t�|�n
t�|�|j�|�}t�||�dSr*)r0rKr	rL�islink�unlink�rmdirr_)r"r^rIrFr`rrrr]�s
z+AccountFileStorage._symlink_to_accounts_dirc
Cs:|�||�}tj�|�s||tjkrntj|}|�||�}|j�|�}t�	|�r^|�
|||�n|�||�|St�
d|��z�t|�|���}tj�|���}W5QRXt|�|���}	tj�|	���}
W5QRXt|�|���}tj�|���}W5QRXWn.tk
�r,}
zt�|
��W5d}
~
XYnXt||
|�S)N�Account at %s does not exist)rHr	rL�isdirrr[rYr0rKrVrar]rr=�openrRr�RegistrationResourceZ
json_loads�readrSrZJWKrTr
r�IOErrorrZ)r"r?rIrQr^Zprev_loaded_accountrF�	regr_filer�key_filer�
metadata_filer�errorrrrrY�s.


�z(AccountFileStorage._load_for_server_pathcCs|�||jj�Sr*)rYr0rIr>rrrr@�szAccountFileStorage.loadcCs|j||dd�dS)NF��	regr_only��_saver9rrrr;�szAccountFileStorage.savecCs|j||dd�dS)zmSave the registration resource.

        :param Account account: account whose regr should be saved

        TroNrq)r"r:�acmerrr�	save_regr�szAccountFileStorage.save_regrcCsT|�|�}tj�|�s$t�d|��|�||jj�t�	|jj
�sP|�|jj�dS)znDelete registration info from disk

        :param account_id: id of account which should be deleted

        reN)rJr	rLrfrr=�#_delete_account_dir_for_server_pathr0rIrVrF�$_delete_accounts_dir_for_server_path)r"r?rQrrr�delete�s
�zAccountFileStorage.deletecCs(t�|j|�}|�||�}t�|�dSr*)�	functools�partialrH�!_delete_links_and_find_target_dir�shutilZrmtree)r"r?rI�	link_func�nonsymlinked_dirrrrrusz6AccountFileStorage._delete_account_dir_for_server_pathcCs"|jj}|�||�}t�|�dSr*)r0rKrzr	rd)r"rIr|r}rrrrvsz7AccountFileStorage._delete_accounts_dir_for_server_pathc
Cs�||�}i}tjD]}||tj|<qd}|rrd}||kr*||}||�}tj�|�r*t�|�|kr*d}|}|}q*tj�|�r�t�|�}	t�|�|	}qr|S)a/Delete symlinks and return the nonsymlinked directory path.

        :param str server_path: file path based on server
        :param callable link_func: callable that returns possible links
            given a server_path

        :returns: the final, non-symlinked target
        :rtype: str

        TF)rr[r	rLrb�readlinkrc)
r"rIr|Zdir_pathZreused_servers�kZpossible_next_linkZnext_server_pathZ
next_dir_path�targetrrrrzs&


z4AccountFileStorage._delete_links_and_find_target_dirc

Cs|�|j�}t�|d|jj�z�t|�|�d��L}|j}t	|j
d�rZt|j
ji|j
d�}ntji|j
d�}|�|���W5QRX|s�tj|�|�ddd��}|�|j���W5QRXt|�|�d��}|�|j���W5QRXWn.tk
�r}	zt�|	��W5d}	~	XYnXdS)NrD�wz	new-authz)rB�body�uri)r�r��)�chmod)rJr!rrEr0rGrgrRr�hasattrZ	directoryrAZ	new_authzr�rrh�writeZ
json_dumpsZ	safe_openrSrrTrrjrrZ)
r"r:rsrprQrkrrlrmrnrrrrr<s@�����zAccountFileStorage._saveN)r
rrrr#rJrH�classmethodrRrSrTr\r6rar]rYr@r;rtrwrurvrzrrrrrrrC�s.


	'rC)&rrrxr Zloggingr{rZjosepyrr%rr5Zzope.componentr/Zcryptography.hazmat.primitivesrrsrrrZcertbotrrrrZcertbot.compatr	Z	getLoggerr
r7�objectr
r1ZAccountStorager2rhrArCrrrr�<module>s2
;