From 97fd44fe969bf8095595ded62c4f7e2844608f05 Mon Sep 17 00:00:00 2001
From: Daniel Roesler <diafygi@gmail.com>
Date: Tue, 14 Nov 2017 22:41:17 -0800
Subject: fixed #94, added dynamic agreement terms url fetching

---
 sign_csr.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'sign_csr.py')

diff --git a/sign_csr.py b/sign_csr.py
index e6af1f0..ae6401a 100644
--- a/sign_csr.py
+++ b/sign_csr.py
@@ -1,6 +1,10 @@
 #!/usr/bin/env python
 import argparse, subprocess, json, os, urllib2, sys, base64, binascii, time, \
     hashlib, tempfile, re, copy, textwrap
+try:
+    from urllib.request import urlopen # Python 3
+except ImportError:
+    from urllib2 import urlopen # Python 2
 
 
 def sign_csr(pubkey, csr, email=None, file_based=False):
@@ -22,7 +26,7 @@ def sign_csr(pubkey, csr, email=None, file_based=False):
     """
     #CA = "https://acme-staging.api.letsencrypt.org"
     CA = "https://acme-v01.api.letsencrypt.org"
-    TERMS = "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
+    DIRECTORY = json.loads(urlopen(CA + "/directory").read().decode('utf8'))
     nonce_req = urllib2.Request("{0}/directory".format(CA))
     nonce_req.get_method = lambda : 'HEAD'
 
@@ -93,7 +97,7 @@ def sign_csr(pubkey, csr, email=None, file_based=False):
     reg_raw = json.dumps({
         "resource": "new-reg",
         "contact": ["mailto:{0}".format(email)],
-        "agreement": TERMS,
+        "agreement": DIRECTORY['meta']['terms-of-service'],
     }, sort_keys=True, indent=4)
     reg_b64 = _b64(reg_raw)
     reg_protected = copy.deepcopy(header)
-- 
cgit v1.2.3