Improve exception handling during http challenge
This commit is contained in:
Mathias Petermann
parent
9ebcdfc189
commit
fba1fdcc34
|
|
@ -12,7 +12,7 @@ import json
|
||||||
|
|
||||||
import OpenSSL
|
import OpenSSL
|
||||||
from acme import challenges
|
from acme import challenges
|
||||||
from acme.messages import STATUS_VALID
|
from acme.messages import errors, STATUS_VALID, ERROR_CODES
|
||||||
from flask import current_app
|
from flask import current_app
|
||||||
|
|
||||||
from lemur.authorizations import service as authorization_service
|
from lemur.authorizations import service as authorization_service
|
||||||
|
|
@ -109,13 +109,27 @@ class AcmeHttpChallenge(AcmeChallenge):
|
||||||
raise Exception('No token_destination configured for this authority. Cant complete HTTP-01 challenge')
|
raise Exception('No token_destination configured for this authority. Cant complete HTTP-01 challenge')
|
||||||
|
|
||||||
for challenge in chall:
|
for challenge in chall:
|
||||||
|
try:
|
||||||
response, validation = self.deploy(challenge, acme_client, validation_target)
|
response, validation = self.deploy(challenge, acme_client, validation_target)
|
||||||
validations[challenge.chall.path] = validation
|
validations[challenge.chall.path] = validation
|
||||||
acme_client.answer_challenge(challenge, response)
|
acme_client.answer_challenge(challenge, response)
|
||||||
|
except Exception as e:
|
||||||
|
current_app.logger.error(e)
|
||||||
|
raise Exception('Failure while trying to deploy token to configure destination. See logs for more information')
|
||||||
|
|
||||||
current_app.logger.info("Uploaded HTTP-01 challenge tokens, trying to poll and finalize the order")
|
current_app.logger.info("Uploaded HTTP-01 challenge tokens, trying to poll and finalize the order")
|
||||||
|
|
||||||
finalized_orderr = acme_client.poll_and_finalize(orderr, datetime.datetime.now() + datetime.timedelta(seconds=90))
|
try:
|
||||||
|
finalized_orderr = acme_client.poll_and_finalize(orderr,
|
||||||
|
datetime.datetime.now() + datetime.timedelta(seconds=90))
|
||||||
|
except errors.ValidationError as validationError:
|
||||||
|
for authz in validationError.failed_authzrs:
|
||||||
|
for chall in authz.body.challenges:
|
||||||
|
if chall.error:
|
||||||
|
current_app.logger.error(
|
||||||
|
"ValidationError occured of type {}, with message {}".format(chall.error.typ,
|
||||||
|
ERROR_CODES[chall.error.code]))
|
||||||
|
raise Exception('Validation error occured, can\'t complete challenges. See logs for more information.')
|
||||||
|
|
||||||
pem_certificate = OpenSSL.crypto.dump_certificate(
|
pem_certificate = OpenSSL.crypto.dump_certificate(
|
||||||
OpenSSL.crypto.FILETYPE_PEM,
|
OpenSSL.crypto.FILETYPE_PEM,
|
||||||
|
|
|
||||||
|
|
@ -306,3 +306,7 @@ class SFTPDestinationPlugin(DestinationPlugin):
|
||||||
ssh.close()
|
ssh.close()
|
||||||
except BaseException:
|
except BaseException:
|
||||||
pass
|
pass
|
||||||
|
message = ''
|
||||||
|
for _, error in e.errors.items():
|
||||||
|
message = error.strerror
|
||||||
|
raise Exception('Couldn\'t upload file to {}, error message: {}'.format(host, message))
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue