AG

Angelo Gladding
lahacker.net

dlv5vbq7lzlthol5 4b942a3185b37d00

Home CodewebCommits

Suppress print statements during TLS certificate signing

by Angelo Gladding 09CEF88F29CC1A44

Changed Files

--- a/web/letsencrypt.py

+++ b/web/letsencrypt.py

 """  # TODO move subprocess and urllib calls to sh and request respectively+# TODO bring up to date with acme-tiny & post license  import base64 import binascii
     cache_dir = "letsencrypt-cache/{}".format(domain)     try:         shutil.copytree(cache_dir, ssl_dir)-        print("Using cached certificate.")+        # print("Using cached certificate.")         return     except (FileNotFoundError, FileExistsError):         pass
     # XXX intermediate_cert = root_dir / "etc/letsencrypt-intermediate.pem"     chained_cert = ssl_dir / "chained.pem" -    print("Parsing account key for public key...")+    # print("Parsing account key for public key...")     proc = subprocess.Popen(["openssl", "rsa", "-in", str(account_key),                              "-noout", "-text"],                             stdin=subprocess.PIPE, stdout=subprocess.PIPE,
         except IOError as e:             return getattr(e, "code", None), getattr(e, "read", e.__str__)() -    print("Parsing CSR for domains...")+    # print("Parsing CSR for domains...")     proc = subprocess.Popen(["openssl", "req", "-in", str(csr), "-noout",                              "-text"],                             stdout=subprocess.PIPE, stderr=subprocess.PIPE)
             if san.startswith("DNS:"):                 domains.add(san[4:]) -    print("Registering account...")  # get certificate domains and expiration+    # print("Registering account...")  # get certificate domains and expiration     code, result = _send_signed_request(CA + "/acme/new-reg",                                         {"resource": "new-reg",                                          "agreement": agreement_url})     if code == 201:-        print("Registered!")+        pass  # print("Registered!")     elif code == 409:-        print("Already registered!")+        pass  # print("Already registered!")     else:         raise ValueError("Error registering: {} {}".format(code, result))      for domain in domains:-        print("Verifying {}...".format(domain))+        # print("Verifying {}...".format(domain))          # get new challenge         code, result = _send_signed_request(CA + "/acme/new-authz",
             if challenge_status["status"] == "pending":                 time.sleep(2)             elif challenge_status["status"] == "valid":-                print("{} verified!".format(domain))+                # print("{} verified!".format(domain))                 (challenge_dir / token).unlink()                 break             else:                 raise ValueError("{} challenge did not pass: "                                  "{}".format(domain, challenge_status)) -    print("Signing certificate...")+    # print("Signing certificate...")     proc = subprocess.Popen(["openssl", "req", "-in", str(csr), "-outform",                              "DER"],                             stdout=subprocess.PIPE, stderr=subprocess.PIPE)
     if code != 201:         raise ValueError("Error signing certificate: {} {}".format(code,                                                                    result))-    print("Certificate signed!")+    # print("Certificate signed!")      cert_lines = textwrap.wrap(base64.b64encode(result).decode("utf8"), 64)     cert_data = ("-----BEGIN CERTIFICATE-----\n{}\n-----END CERTIFICATE-----"