From 43ae6c39e31c3bfbbcc94fcd57631be51d3c79a4 Mon Sep 17 00:00:00 2001 From: Curtis Castrapel Date: Fri, 17 Aug 2018 12:14:02 -0700 Subject: [PATCH 1/2] wait right here --- lemur/plugins/lemur_acme/plugin.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/lemur/plugins/lemur_acme/plugin.py b/lemur/plugins/lemur_acme/plugin.py index 926035c4..837b11ff 100644 --- a/lemur/plugins/lemur_acme/plugin.py +++ b/lemur/plugins/lemur_acme/plugin.py @@ -424,13 +424,15 @@ class ACMEIssuerPlugin(IssuerPlugin): }) for entry in pending: + # Recreate acme client for each cert + acme_client, _ = self.acme.setup_acme_client(pending_cert.authority) try: entry["authorizations"] = self.acme.finalize_authorizations( - entry["acme_client"], + acme_client, entry["authorizations"], ) pem_certificate, pem_certificate_chain = self.acme.request_certificate( - entry["acme_client"], + acme_client, entry["authorizations"], entry["order"] ) @@ -453,7 +455,7 @@ class ACMEIssuerPlugin(IssuerPlugin): }) # Ensure DNS records get deleted self.acme.cleanup_dns_challenges( - entry["acme_client"], + acme_client, entry["authorizations"], ) return certs From 9f64f0523bef1f9ec525bdfe250419a172567760 Mon Sep 17 00:00:00 2001 From: Curtis Castrapel Date: Fri, 17 Aug 2018 15:36:56 -0700 Subject: [PATCH 2/2] Increase timeouts --- lemur/plugins/lemur_acme/plugin.py | 10 ++++------ requirements-docs.txt | 4 ++-- requirements-tests.txt | 6 +++--- requirements.txt | 4 ++-- 4 files changed, 11 insertions(+), 13 deletions(-) diff --git a/lemur/plugins/lemur_acme/plugin.py b/lemur/plugins/lemur_acme/plugin.py index 837b11ff..3f0e8314 100644 --- a/lemur/plugins/lemur_acme/plugin.py +++ b/lemur/plugins/lemur_acme/plugin.py @@ -164,7 +164,7 @@ class AcmeHandler(object): current_app.logger.debug("Connecting with directory at {0}".format(directory_url)) - net = ClientNetwork(key, account=None) + net = ClientNetwork(key, account=None, timeout=3600) client = BackwardsCompatibleClientV2(net, key, directory_url) registration = client.new_account_and_tos(messages.NewRegistration.from_data(email=email)) current_app.logger.debug("Connected: {0}".format(registration.uri)) @@ -424,15 +424,13 @@ class ACMEIssuerPlugin(IssuerPlugin): }) for entry in pending: - # Recreate acme client for each cert - acme_client, _ = self.acme.setup_acme_client(pending_cert.authority) try: entry["authorizations"] = self.acme.finalize_authorizations( - acme_client, + entry["acme_client"], entry["authorizations"], ) pem_certificate, pem_certificate_chain = self.acme.request_certificate( - acme_client, + entry["acme_client"], entry["authorizations"], entry["order"] ) @@ -455,7 +453,7 @@ class ACMEIssuerPlugin(IssuerPlugin): }) # Ensure DNS records get deleted self.acme.cleanup_dns_challenges( - acme_client, + entry["acme_client"], entry["authorizations"], ) return certs diff --git a/requirements-docs.txt b/requirements-docs.txt index 559d2424..22621681 100644 --- a/requirements-docs.txt +++ b/requirements-docs.txt @@ -15,8 +15,8 @@ asyncpool==1.0 babel==2.6.0 # via sphinx bcrypt==3.1.4 blinker==1.4 -boto3==1.7.78 -botocore==1.10.78 +boto3==1.7.79 +botocore==1.10.79 certifi==2018.8.13 cffi==1.11.5 chardet==3.0.4 diff --git a/requirements-tests.txt b/requirements-tests.txt index 0021c653..2575b631 100644 --- a/requirements-tests.txt +++ b/requirements-tests.txt @@ -8,9 +8,9 @@ asn1crypto==0.24.0 # via cryptography atomicwrites==1.1.5 # via pytest attrs==18.1.0 # via pytest aws-xray-sdk==0.95 # via moto -boto3==1.7.78 # via moto +boto3==1.7.79 # via moto boto==2.49.0 # via moto -botocore==1.10.78 # via boto3, moto, s3transfer +botocore==1.10.79 # via boto3, moto, s3transfer certifi==2018.8.13 # via requests cffi==1.11.5 # via cryptography chardet==3.0.4 # via requests @@ -43,7 +43,7 @@ pluggy==0.7.1 # via pytest py==1.5.4 # via pytest pyaml==17.12.1 # via moto pycparser==2.18 # via cffi -pycryptodome==3.6.5 # via python-jose +pycryptodome==3.6.6 # via python-jose pyflakes==2.0.0 pytest-flask==0.10.0 pytest-mock==1.10.0 diff --git a/requirements.txt b/requirements.txt index 883a4dd2..5503758b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -13,8 +13,8 @@ asn1crypto==0.24.0 # via cryptography asyncpool==1.0 bcrypt==3.1.4 # via flask-bcrypt, paramiko blinker==1.4 # via flask-mail, flask-principal, raven -boto3==1.7.78 -botocore==1.10.78 # via boto3, s3transfer +boto3==1.7.79 +botocore==1.10.79 # via boto3, s3transfer certifi==2018.8.13 cffi==1.11.5 # via bcrypt, cryptography, pynacl chardet==3.0.4 # via requests