diff options
author | siddharth <s@ricketyspace.net> | 2021-04-16 21:22:35 -0400 |
---|---|---|
committer | siddharth <s@ricketyspace.net> | 2021-04-16 21:22:35 -0400 |
commit | 117bd824368ee1712f4095b405184ca13dad982b (patch) | |
tree | 4a0954179a997ac661b22daf98ec808a1bdd0738 | |
parent | 89d5ecba4d10a6214760a127eefed3394a4bf081 (diff) |
acmens.py: update sign_csr
* acmens.py (sign_csr): Update _do_challenge; add handling to fallback
to http-01 challenge if dns-01 is preferred but not available.
-rw-r--r-- | acmens.py | 16 |
1 files changed, 14 insertions, 2 deletions
@@ -134,8 +134,20 @@ def sign_csr(account_key, csr, email=None, challenge_type="http"): ) domain = chl_result["identifier"]["value"] - type_id = "dns-01" if challenge_type == "dns" else "http-01" - challenge = [c for c in chl_result["challenges"] if c["type"] == type_id][0] + # Choose challenge. + preferred_type = "dns-01" if challenge_type == "dns" else "http-01" + challenge = None + http_challenge = None + for c in chl_result["challenges"]: + if c["type"] == preferred_type: + challenge = c + if c["type"] == "http-01": + http_challenge = c + if challenge is None: + if http_challenge is None: + sys.stderr.write("Error: Unable to find challenges!") + sys.exit(1) + challenge = http_challenge # Fallback to http challenge. keyauthorization = "{0}.{1}".format(challenge["token"], thumbprint) dns_payload = _b64(hashlib.sha256(keyauthorization.encode()).digest()) |