404

3

گa�?�@svdZddlZddlZddlZddlZddlZddlZddlmZddlm	Z	ddlm
Z
ddlmZddlmZddlm
Z
dd	lmZdd
lmZddlZddlZddlZddlmZddlmZdd
lmZddlmZddlmZddlmZddlmZddl m!Z!ddl"m#Z#ddl"m$Z$ej%e&�Z'Gdd�d�Z(Gdd�dej)�Z*Gdd�dej+�Z,Gdd�dej)�Z-dS)z!Creates ACME accounts for server.�N)�Any)�Callable)�cast)�Dict)�List)�Mapping)�Optional)�
serialization)�fields)�messages)�
ClientBase)�
configuration)�errors)�
interfaces)�util)�	constants)�
filesystem)�osc@speZdZdZGdd�dej�Zdejej	e
ddd�dd�Zee
d�d	d
��Ze
d�dd�Zeed
�dd�ZdS)�Accountz�ACME protocol registration.

    :ivar .RegistrationResource regr: Registration Resource
    :ivar .JWK key: Authorized Account Key
    :ivar .Meta: Account metadata
    :ivar str id: Globally unique account identifier.

    c@s2eZdZdZejd�Zejd�Z	ejddd�Z
dS)zAccount.Metaa�Account metadata

        :ivar datetime.datetime creation_dt: Creation date and time (UTC).
        :ivar str creation_host: FQDN of host, where account has been created.
        :ivar str register_to_eff: If not None, Certbot will register the provided
                                        email during the account registration.

        .. note:: ``creation_dt`` and ``creation_host`` are useful in
            cross-machine migration scenarios.

        �creation_dt�
creation_host�register_to_effT)Z	omitemptyN)�__name__�
__module__�__qualname__�__doc__�acme_fieldsZRFC3339Fieldr�jose�Fieldrr�rr�/usr/lib/python3.6/account.py�Meta-s

r!N)�regr�key�meta�returnc
Cs�||_||_|dkr<|jtjjtjd�jdd�tj	�dd�n||_
ytj�}Wn2t
k
r�tjd	ttttfddi��}YnX|j|jjj�jtjjtjjd��|j�|_dS)
N)Ztzr)Zmicrosecond)rrr�md5ZusedforsecurityF)�encoding�format)r&)r#r"r!�datetimeZnow�pytzZUTC�replace�socketZgetfqdnr$�hashlibr&�
ValueError�newrr�strr�updateZ
public_keyZpublic_bytesr	ZEncodingZPEMZPublicFormatZSubjectPublicKeyInfoZ	hexdigest�id)�selfr"r#r$Zhasherrrr �__init__=s6$zAccount.__init__)r%cCs&djtj|jj�|jj|jdd��S)z3Short account identification string, useful for UI.z
{1}@{0} ({2})N�)r(�	pyrfc3339Zgenerater$rrr2)r3rrr �slug\szAccount.slugcCsdj|jj|j|j|j�S)Nz<{0}({1}, {2}, {3})>)r(�	__class__rr"r2r$)r3rrr �__repr__bszAccount.__repr__)�otherr%cCs0t||j�o.|j|jko.|j|jko.|j|jkS)N)�
isinstancer8r#r"r$)r3r:rrr �__eq__fszAccount.__eq__)N)rrrrrZJSONObjectWithFieldsr!r�RegistrationResource�JWKrr4�propertyr0r7r9r�boolr<rrrr r#src@s^eZdZdZdeeefdd�dd�Zeed�dd�Z	ee
dd	�d
d�Zeed�d
d�ZdS)�AccountMemoryStoragezIn-memory account storage.N)�initial_accountsr%cCs|dk	r|ni|_dS)N)�accounts)r3rBrrr r4oszAccountMemoryStorage.__init__)r%cCst|jj��S)N)�listrC�values)r3rrr �find_allrszAccountMemoryStorage.find_all)�account�clientr%cCs*|j|jkrtjd|j�||j|j<dS)NzOverwriting account: %s)r2rC�logger�debug)r3rGrHrrr �saveuszAccountMemoryStorage.save)�
account_idr%cCs.y
|j|Stk
r(tj|��YnXdS)N)rC�KeyErrorr�AccountNotFound)r3rLrrr �loadzs
zAccountMemoryStorage.load)N)
rrrrrr0rr4rrFrrKrOrrrr rAls
rAc@seZdZdZejd�ZdS)�$RegistrationResourceWithNewAuthzrURIafA backwards-compatible RegistrationResource with a new-authz URI.

       Hack: Certbot versions pre-0.11.1 expect to load
       new_authzr_uri as part of the account. Because people
       sometimes switch between old and new versions, we will
       continue to write out this field for some time so older
       clients don't crash in that scenario.
    �new_authzr_uriN)rrrrrrrQrrrr rP�srPc@s�eZdZdZejdd�dd�Zeed�dd�Zeeed	�d
d�Z	e
eed�d
d��Ze
eed�dd��Ze
eed�dd��Z
eeed�dd�Zeed�dd�Zeeedd�dd�Zeedd�dd�Zeeed	�dd �Zeed�d!d"�Zeedd#�d$d%�Zeedd#�d&d'�Zedd(�d)d*�Zedd�d+d,�Zeedd	�d-d.�Zedd�d/d0�Zeeegefed1�d2d3�Zeed(�d4d5�Zeedd6�d7d8�Z eeedd9�d:d;�Z!eedd6�d<d=�Z"dS)>�AccountFileStoragezjAccounts file storage.

    :ivar certbot.configuration.NamespaceConfig config: Client configuration

    N)�configr%cCs||_tj|jd|jj�dS)Ni�)rSr�make_or_verify_dir�accounts_dir�strict_permissions)r3rSrrr r4�szAccountFileStorage.__init__)rLr%cCs|j||jj�S)N)�!_account_dir_path_for_server_pathrS�server_path)r3rLrrr �_account_dir_path�sz$AccountFileStorage._account_dir_path)rLrXr%cCs|jj|�}tjj||�S)N)rS�accounts_dir_for_server_pathr�path�join)r3rLrXrUrrr rW�sz4AccountFileStorage._account_dir_path_for_server_path)�account_dir_pathr%cCstjj|d�S)Nz	regr.json)rr[r\)�clsr]rrr �
_regr_path�szAccountFileStorage._regr_pathcCstjj|d�S)Nzprivate_key.json)rr[r\)r^r]rrr �	_key_path�szAccountFileStorage._key_pathcCstjj|d�S)Nz	meta.json)rr[r\)r^r]rrr �_metadata_path�sz!AccountFileStorage._metadata_path)rXr%cCs�|jj|�}ytj|�}Wntk
r.gSXg}xH|D]@}y|j|j||��Wq:tjk
rxt	j
ddd�Yq:Xq:W|r�|tjkr�tj|}|j
|�}|r�y|j||�Wntk
r�gSX|}|S)NzAccount loading problemT)�exc_info)rSrZr�listdir�OSError�append�_load_for_server_pathr�AccountStorageErrorrIrJr�LE_REUSE_SERVERS�_find_all_for_server_path�_symlink_to_accounts_dir)r3rXrUZ
candidatesrCrL�prev_server_pathZ
prev_accountsrrr ri�s*


z,AccountFileStorage._find_all_for_server_path)r%cCs|j|jj�S)N)rirSrX)r3rrr rF�szAccountFileStorage.find_all)rkrXrLr%cCs(|j||�}|j||�}tj||�dS)N)rWr�symlink)r3rkrXrL�prev_account_dirZnew_account_dirrrr �_symlink_to_account_dir�sz*AccountFileStorage._symlink_to_account_dir)rkrXr%cCsJ|jj|�}tjj|�r$tj|�n
tj|�|jj|�}tj||�dS)N)rSrZrr[�islink�unlink�rmdirrl)r3rkrXrUrmrrr rj�s
z+AccountFileStorage._symlink_to_accounts_dircCsR|j||�}tjj|�s||tjkrntj|}|j||�}|jj|�}tj	|�r^|j
|||�n|j||�|Stj
d|��y�t|j|���}ttjtjj|j���}WdQRXt|j|���}	ttjtjj|	j���}
WdQRXt|j|���}ttjtjj|j���}WdQRXWn.tk
�rD}
ztj|
��WYdd}
~
XnXt||
|�S)NzAccount at %s does not exist)rWrr[�isdirrrhrfrSrZrcrnrjrrN�openr_rrr=Z
json_loads�readr`rr>rarr!�IOErrorrg)r3rLrXr]rkZprev_loaded_accountrU�	regr_filer"�key_filer#�
metadata_filer$�errorrrr rf�s.



"&z(AccountFileStorage._load_for_server_pathcCs|j||jj�S)N)rfrSrX)r3rLrrr rO�szAccountFileStorage.load)rGrHr%cCsfy4|j|�}|j||�|j||�|j|||�Wn,tk
r`}ztj|��WYdd}~XnXdS)z�Create a new account.

        :param Account account: account to create
        :param ClientBase client: ACME client associated to the account

        N)�_prepare�_create�_update_meta�_update_regrrurrg)r3rGrH�dir_pathryrrr rK�s
zAccountFileStorage.savecCsNy|j|�}|j|||�Wn,tk
rH}ztj|��WYdd}~XnXdS)z�Update the registration resource.

        :param Account account: account to update
        :param ClientBase client: ACME client associated to the account

        N)rzr}rurrg)r3rGrHr~ryrrr �update_regrs

zAccountFileStorage.update_regr)rGr%cCsLy|j|�}|j||�Wn,tk
rF}ztj|��WYdd}~XnXdS)zVUpdate the meta resource.

        :param Account account: account to update

        N)rzr|rurrg)r3rGr~ryrrr �update_metas

zAccountFileStorage.update_metacCsT|j|�}tjj|�s$tjd|��|j||jj�tj	|jj
�sP|j|jj�dS)znDelete registration info from disk

        :param account_id: id of account which should be deleted

        zAccount at %s does not existN)rYrr[rrrrN�#_delete_account_dir_for_server_pathrSrXrcrU�$_delete_accounts_dir_for_server_path)r3rLr]rrr �delete!s

zAccountFileStorage.deletecCs(tj|j|�}|j||�}tj|�dS)N)�	functools�partialrW�!_delete_links_and_find_target_dir�shutilZrmtree)r3rLrX�	link_func�nonsymlinked_dirrrr r�2sz6AccountFileStorage._delete_account_dir_for_server_pathcCs"|jj}|j||�}tj|�dS)N)rSrZr�rrq)r3rXr�r�rrr r�7sz7AccountFileStorage._delete_accounts_dir_for_server_path)rXr�r%cCs�||�}i}xtjj�D]\}}|||<qWd}xJ|rzd}||kr2||}||�}	tjj|	�r2tj|	�|kr2d}|}|	}q2Wx(tjj|�r�tj|�}
tj|�|
}q~W|S)a/Delete symlinks and return the nonsymlinked directory path.

        :param str server_path: file path based on server
        :param callable link_func: callable that returns possible links
            given a server_path

        :returns: the final, non-symlinked target
        :rtype: str

        TF)	rrh�itemsrr[ror�readlinkrp)r3rXr�r~Zreused_servers�k�vZpossible_next_linkZnext_server_pathZ
next_dir_path�targetrrr r�<s&

z4AccountFileStorage._delete_links_and_find_target_dircCs"|j|j�}tj|d|jj�|S)Ni�)rYr2rrTrSrV)r3rGr]rrr rzdszAccountFileStorage._prepare)rGr~r%c	Cs6tj|j|�ddd��}|j|jj��WdQRXdS)N�w�)�chmod)rZ	safe_openr`�writer#�
json_dumps)r3rGr~rwrrr r{iszAccountFileStorage._create)rG�acmer~r%cCsft|j|�d��L}|j}t|jd�r:t|jji|jd�}ntj	i|jd�}|j
|j��WdQRXdS)Nr�z	new-authz)rQ�body�uri)r�r�)rsr_r"�hasattrZ	directoryrPZ	new_authzr�rr=r�r�)r3rGr�r~rvr"rrr r}ms
zAccountFileStorage._update_regrc	Cs0t|j|�d��}|j|jj��WdQRXdS)Nr�)rsrar�r$r�)r3rGr~rxrrr r|szAccountFileStorage._update_meta)#rrrrr
ZNamespaceConfigr4r0rYrW�classmethodr_r`rarrrirFrnrjrfrOrrKrr�r�r�r�rr�rzr{r}r|rrrr rR�s:	!
'rR).rr)r�r-Zloggingr�r,ZtypingrrrrrrrZcryptography.hazmat.primitivesr	Zjosepyrr6r*r�r
rrZacme.clientrZcertbotr
rrrZcertbot._internalrZcertbot.compatrrZ	getLoggerrrIrZAccountStoragerAr=rPrRrrrr �<module>s@
I

Name	Type	Size	Permission
__init__.cpython-36.opt-1.pyc	File	302 B	0644
__init__.cpython-36.pyc	File	302 B	0644
account.cpython-36.opt-1.pyc	File	13.29 KB	0644
account.cpython-36.pyc	File	13.29 KB	0644
auth_handler.cpython-36.opt-1.pyc	File	16.2 KB	0644
auth_handler.cpython-36.pyc	File	16.29 KB	0644
cert_manager.cpython-36.opt-1.pyc	File	14.98 KB	0644
cert_manager.cpython-36.pyc	File	14.98 KB	0644
client.cpython-36.opt-1.pyc	File	25.25 KB	0644
client.cpython-36.pyc	File	25.25 KB	0644
constants.cpython-36.opt-1.pyc	File	3.98 KB	0644
constants.cpython-36.pyc	File	3.98 KB	0644
eff.cpython-36.opt-1.pyc	File	4.45 KB	0644
eff.cpython-36.pyc	File	4.45 KB	0644
error_handler.cpython-36.opt-1.pyc	File	5.8 KB	0644
error_handler.cpython-36.pyc	File	5.8 KB	0644
hooks.cpython-36.opt-1.pyc	File	8.34 KB	0644
hooks.cpython-36.pyc	File	8.34 KB	0644
lock.cpython-36.opt-1.pyc	File	8.77 KB	0644
lock.cpython-36.pyc	File	8.77 KB	0644
log.cpython-36.opt-1.pyc	File	12.77 KB	0644
log.cpython-36.pyc	File	12.85 KB	0644
main.cpython-36.opt-1.pyc	File	43.5 KB	0644
main.cpython-36.pyc	File	43.69 KB	0644
renewal.cpython-36.opt-1.pyc	File	15.53 KB	0644
renewal.cpython-36.pyc	File	15.53 KB	0644
reporter.cpython-36.opt-1.pyc	File	2.85 KB	0644
reporter.cpython-36.pyc	File	2.91 KB	0644
snap_config.cpython-36.opt-1.pyc	File	4.04 KB	0644
snap_config.cpython-36.pyc	File	4.04 KB	0644
storage.cpython-36.opt-1.pyc	File	38.5 KB	0644
storage.cpython-36.pyc	File	38.5 KB	0644
updater.cpython-36.opt-1.pyc	File	4.18 KB	0644
updater.cpython-36.pyc	File	4.18 KB	0644

[ Avaa Bypassed ]

Upload:

Command:

Filemanager

Server Info

System Info