HEX

File: //usr/lib/python3.9/site-packages/certbot/_internal/__pycache__/account.cpython-39.pyc
a

}|�g29�@sddZddlZddlZddlZddlZddlZddlZddlmZddlm	Z	ddlm
Z
ddlmZddlmZddlm
Z
dd	lmZdd
lmZddlZddlZddlZddlmZddlmZdd
lmZddlmZddlmZddlmZddlmZddl m!Z!ddl"m#Z#ddl"m$Z$e�%e&�Z'Gdd�d�Z(Gdd�dej)�Z*Gdd�dej)�Z+dS)z!Creates ACME accounts for server.�N)�Any)�Callable)�cast)�Dict)�List)�Mapping)�Optional)�
serialization)�fields)�messages)�ClientV2)�
configuration)�errors)�
interfaces)�util)�	constants)�
filesystem)�osc@speZdZdZGdd�dej�Zdejej	e
ddd�dd�Zee
d�d	d
��Ze
d�dd�Zeed
�dd�ZdS)�Accountz�ACME protocol registration.

    :ivar .RegistrationResource regr: Registration Resource
    :ivar .JWK key: Authorized Account Key
    :ivar .Meta: Account metadata
    :ivar str id: Globally unique account identifier.

    c@sNeZdZUdZe�d�Zejed<e	�
d�Zeed<e	j
ddd�Z
eed<dS)zAccount.Metaa�Account metadata

        :ivar datetime.datetime creation_dt: Creation date and time (UTC).
        :ivar str creation_host: FQDN of host, where account has been created.
        :ivar str register_to_eff: If not None, Certbot will register the provided
                                        email during the account registration.

        .. note:: ``creation_dt`` and ``creation_host`` are useful in
            cross-machine migration scenarios.

        �creation_dt�
creation_host�register_to_effT)Z	omitemptyN)�__name__�
__module__�__qualname__�__doc__�acme_fieldsZrfc3339r�datetime�__annotations__�joseZfieldr�strr�r!r!�=/usr/lib/python3.9/site-packages/certbot/_internal/account.py�Meta-s
r#N)�regr�key�meta�returnc
Cs�||_||_|dur<|jtjjtjd�jdd�t�	�dd�n||_
zt��}Wn4t
y�tjd	ittttfddi���}Yn0|�|jj��jtjjtjjd��|��|_dS)
N)Ztzr)Zmicrosecond)rrr�md5ZusedforsecurityF)�encoding�format)r()r%r$r#rZnow�pytzZUTC�replace�socketZgetfqdnr&�hashlibr(�
ValueError�newrrr r�updateZ
public_keyZpublic_bytesr	ZEncodingZPEMZPublicFormatZSubjectPublicKeyInfoZ	hexdigest�id)�selfr$r%r&Zhasherr!r!r"�__init__=s&���(�zAccount.__init__�r'cCs&d�t�|jj�|jj|jdd��S)z3Short account identification string, useful for UI.z
{1}@{0} ({2})N�)r*�	pyrfc3339Zgenerater&rrr2�r3r!r!r"�slug\s
��zAccount.slugcCsd�|jj|j|j|j�S)Nz<{0}({1}, {2}, {3})>)r*�	__class__rr$r2r&r8r!r!r"�__repr__bs�zAccount.__repr__)�otherr'cCs0t||j�o.|j|jko.|j|jko.|j|jkS�N)�
isinstancer:r%r$r&)r3r<r!r!r"�__eq__fs
�
�
�zAccount.__eq__)N)rrrrrZJSONObjectWithFieldsr#r�RegistrationResource�JWKrr4�propertyr r9r;r�boolr?r!r!r!r"r#s	�
�rc@sbeZdZdZdeeeefdd�dd�Ze	ed�dd�Z
eedd	�d
d�Zeed�d
d�Z
dS)�AccountMemoryStoragezIn-memory account storage.N)�initial_accountsr'cCs|dur|ni|_dSr=)�accounts)r3rEr!r!r"r4oszAccountMemoryStorage.__init__r5cCst|j���Sr=)�listrF�valuesr8r!r!r"�find_allrszAccountMemoryStorage.find_all��account�clientr'cCs*|j|jvrt�d|j�||j|j<dS)NzOverwriting account: %s)r2rF�logger�debug)r3rKrLr!r!r"�saveuszAccountMemoryStorage.save��
account_idr'cCs.z|j|WSty(t�|��Yn0dSr=)rF�KeyErrorr�AccountNotFound�r3rQr!r!r"�loadzszAccountMemoryStorage.load)N)rrrrrrr rr4rrIrrOrUr!r!r!r"rDls
rDc@s�eZdZdZejdd�dd�Zeed�dd�Zeeed	�d
d�Z	e
eed�d
d��Ze
eed�dd��Ze
eed�dd��Z
eeed�dd�Zeed�dd�Zeeedd�dd�Zeedd�dd�Zeeed	�dd �Zeed�d!d"�Zeedd#�d$d%�Zedd&�d'd(�Zedd&�d)d*�Zedd�d+d,�Zeedd	�d-d.�Zedd�d/d0�Zeeegefed1�d2d3�Zeed&�d4d5�Zeedd6�d7d8�Z eedd6�d9d:�Z!eedd6�d;d<�Z"dS)=�AccountFileStoragezjAccounts file storage.

    :ivar certbot.configuration.NamespaceConfig config: Client configuration

    N)�configr'cCs||_t�|jd|jj�dS�Ni�)rWr�make_or_verify_dir�accounts_dir�strict_permissions)r3rWr!r!r"r4�szAccountFileStorage.__init__rPcCs|�||jj�Sr=)�!_account_dir_path_for_server_pathrW�server_pathrTr!r!r"�_account_dir_path�sz$AccountFileStorage._account_dir_path)rQr]r'cCs|j�|�}tj�||�Sr=)rW�accounts_dir_for_server_pathr�path�join)r3rQr]rZr!r!r"r\�sz4AccountFileStorage._account_dir_path_for_server_path)�account_dir_pathr'cCstj�|d�S)Nz	regr.json�rr`ra��clsrbr!r!r"�
_regr_path�szAccountFileStorage._regr_pathcCstj�|d�S)Nzprivate_key.jsonrcrdr!r!r"�	_key_path�szAccountFileStorage._key_pathcCstj�|d�S)Nz	meta.jsonrcrdr!r!r"�_metadata_path�sz!AccountFileStorage._metadata_path)r]r'c	Cs�|j�|�}zt�|�}Wnty0gYS0g}|D]>}z|�|�||��Wq:tjyvt	j
ddd�Yq:0q:|s�|tjvr�tj|}|�
|�}|r�z|�||�Wnty�gYS0|}|S)NzAccount loading problemT)�exc_info)rWr_r�listdir�OSError�append�_load_for_server_pathr�AccountStorageErrorrMrNr�LE_REUSE_SERVERS�_find_all_for_server_path�_symlink_to_accounts_dir)r3r]rZZ
candidatesrFrQ�prev_server_pathZ
prev_accountsr!r!r"rp�s*



z,AccountFileStorage._find_all_for_server_pathr5cCs|�|jj�Sr=)rprWr]r8r!r!r"rI�szAccountFileStorage.find_all)rrr]rQr'cCs(|�||�}|�||�}t�||�dSr=)r\r�symlink)r3rrr]rQ�prev_account_dirZnew_account_dirr!r!r"�_symlink_to_account_dir�sz*AccountFileStorage._symlink_to_account_dir)rrr]r'cCsJ|j�|�}tj�|�r$t�|�n
t�|�|j�|�}t�||�dSr=)rWr_rr`�islink�unlink�rmdirrs)r3rrr]rZrtr!r!r"rq�s
z+AccountFileStorage._symlink_to_accounts_dirc
Cs~|�||�}tj�|�s�|tjvrntj|}|�||�}|j�|�}t�	|�r^|�
|||�n|�||�|St�
d|�d���z�t|�|��� }tj�|���}Wd�n1s�0Yt|�|��� }	tj�|	���}
Wd�n1s�0Yt|�|��� }tj�|���}Wd�n1�s40YWn0t�yp}
zt�|
��WYd}
~
n
d}
~
00t||
|�S)N�Account at � does not exist)r\rr`�isdirrrormrWr_rjrurqrrS�openrfrr@Z
json_loads�readrgrrArhrr#rkrn)r3rQr]rbrrZprev_loaded_accountrZ�	regr_filer$�key_filer%�
metadata_filer&�errorr!r!r"rm�s*


..4 z(AccountFileStorage._load_for_server_pathcCs|�||jj�Sr=)rmrWr]rTr!r!r"rU�szAccountFileStorage.loadrJc
Csfz2|�|�}|�||�|�||�|�||�Wn.ty`}zt�|��WYd}~n
d}~00dS)z�Create a new account.

        :param Account account: account to create
        :param ClientV2 client: ACME client associated to the account

        N)�_prepare�_create�_update_meta�_update_regrrkrrn)r3rKrL�dir_pathr�r!r!r"rO�s
zAccountFileStorage.save)rKr'c
CsNz|�|�}|�||�Wn.tyH}zt�|��WYd}~n
d}~00dS)z^Update the registration resource.

        :param Account account: account to update

        N)r�r�rkrrn�r3rKr�r�r!r!r"�update_regr�s

zAccountFileStorage.update_regrc
CsNz|�|�}|�||�Wn.tyH}zt�|��WYd}~n
d}~00dS)zVUpdate the meta resource.

        :param Account account: account to update

        N)r�r�rkrrnr�r!r!r"�update_metas

zAccountFileStorage.update_metacCsX|�|�}tj�|�s(t�d|�d���|�||jj�t�	|jj
�sT|�|jj�dS)znDelete registration info from disk

        :param account_id: id of account which should be deleted

        ryrzN)r^rr`r{rrS�#_delete_account_dir_for_server_pathrWr]rjrZ�$_delete_accounts_dir_for_server_path)r3rQrbr!r!r"�deletes
zAccountFileStorage.deletecCs(t�|j|�}|�||�}t�|�dSr=)�	functools�partialr\�!_delete_links_and_find_target_dir�shutil�rmtree)r3rQr]�	link_func�nonsymlinked_dirr!r!r"r�!sz6AccountFileStorage._delete_account_dir_for_server_pathcCs"|jj}|�||�}t�|�dSr=)rWr_r�rrx)r3r]r�r�r!r!r"r�&sz7AccountFileStorage._delete_accounts_dir_for_server_path)r]r�r'cCs�||�}i}tj��D]\}}|||<qd}|rtd}||vr,||}||�}	tj�|	�r,t�|	�|kr,d}|}|	}q,tj�|�r�t�|�}
t�|�|
}qt|S)a/Delete symlinks and return the nonsymlinked directory path.

        :param str server_path: file path based on server
        :param callable link_func: callable that returns possible links
            given a server_path

        :returns: the final, non-symlinked target
        :rtype: str

        TF)	rro�itemsrr`rvr�readlinkrw)r3r]r�r�Zreused_servers�k�vZpossible_next_linkZnext_server_pathZ
next_dir_path�targetr!r!r"r�+s&


z4AccountFileStorage._delete_links_and_find_target_dircCs"|�|j�}t�|d|jj�|SrX)r^r2rrYrWr[)r3rKrbr!r!r"r�SszAccountFileStorage._prepare)rKr�r'cCsJtj|�|�ddd�� }|�|j���Wd�n1s<0YdS)N�w�)�chmod)rZ	safe_openrg�writer%�
json_dumps)r3rKr�rr!r!r"r�XszAccountFileStorage._createcCsTt|�|�d��0}tji|jjd�}|�|���Wd�n1sF0YdS)Nr�)�body�uri)r|rfrr@r$r�r�r�)r3rKr�r~r$r!r!r"r�\s�zAccountFileStorage._update_regrcCsDt|�|�d�� }|�|j���Wd�n1s60YdS)Nr�)r|rhr�r&r�)r3rKr�r�r!r!r"r�cszAccountFileStorage._update_meta)#rrrrr
ZNamespaceConfigr4r r^r\�classmethodrfrgrhrrrprIrurqrmrUrrOr�r�r�r�r�rr�r�r�r�r�r!r!r!r"rV�s>�	�(rV),rrr�r.Zloggingr�r-�typingrrrrrrrZcryptography.hazmat.primitivesr	Zjosepyrr7r+Zacmer
rrZacme.clientrZcertbotr
rrrZcertbot._internalrZcertbot.compatrrZ	getLoggerrrMrZAccountStoragerDrVr!r!r!r"�<module>s>
I