U ][#@sdZddlmZddlZddlmZmZddlmZm Z ddl m Z ddl m Z ddl mZdd l mZddlm ZeeZd d Zd d ZddZddZeZddZddZgZddZddZddZ ddZ!ddZ"d d!Z#d"d#Z$d$d%Z%dS)&z;Facilities for implementing hooks that call shell commands.)print_functionN)PopenPIPE)SetList)errors)util) filesystem)oscCs4t|jdt|jdt|jdt|jddS)z#Check hook commands are executable.ZpreZpostZdeployrenewN) validate_hookpre_hook post_hook deploy_hook renew_hook)configr//usr/lib/python3/dist-packages/certbot/hooks.pyvalidate_hookss   rcCs.t|s"t|t|s"dStj|S)zExtract the program run by a shell command. :param str shell_cmd: command to be executed :returns: basename of command or None if the command isn't found :rtype: str or None N)rZ exe_exists plug_utilZ path_surgeryr pathbasename) shell_cmdrrr_progs   rcCs\|rX|ddd}t|sXtjd}tj|r@d||}nd|||}t|dS)zCheck that a command provided as a hook is plausibly executable. :raises .errors.HookCommandNotFound: if the command is not found NrPATHz3{1}-hook command {0} exists, but is not executable.z>Unable to find {2}-hook command {0} in the PATH. (PATH is {1})) splitrr environrexistsformatrZHookCommandNotFound)rZ hook_namecmdrmsgrrrr *s  r cCs>|jdkr(|jr(t|jD] }t|q|j}|r:t|dS)aRun pre-hooks if they exist and haven't already been run. When Certbot is running with the renew subcommand, this function runs any hooks found in the config.renewal_pre_hooks_dir (if they have not already been run) followed by any pre-hook in the config. If hooks in config.renewal_pre_hooks_dir are run and the pre-hook in the config is a path to one of these scripts, it is not run twice. :param configuration.NamespaceConfig config: Certbot settings r N)verbdirectory_hooks list_hooksZrenewal_pre_hooks_dir_run_pre_hook_if_necessaryr )rhookr rrrr <s  r cCs.|tkrtd|ntd|t|dS)zRun the specified pre-hook if we haven't already. If we've already run this exact command before, a message is logged saying the pre-hook was skipped. :param str command: pre-hook to be run z*Pre-hook command already run, skipping: %szpre-hookN)executed_pre_hooksloggerinfo _run_hookaddcommandrrrr%Ts  r%cCsN|j}|jdkr<|jr.t|jD] }t|q |rJt|n|rJtd|dS)aRun post-hooks if defined. This function also registers any executables found in config.renewal_post_hooks_dir to be run when Certbot is used with the renew subcommand. If the verb is renew, we delay executing any post-hooks until :func:`run_saved_post_hooks` is called. In this case, this function registers all hooks found in config.renewal_post_hooks_dir to be called followed by any post-hook in the config. If the post-hook in the config is a path to an executable in the post-hook directory, it is not scheduled to be run twice. :param configuration.NamespaceConfig config: Certbot settings r post-hookN)rr"r#r$Zrenewal_post_hooks_dir_run_eventuallyr*)rr r&rrrrds   rcCs|tkrt|dS)zRegisters a post-hook to be run eventually. All commands given to this function will be run exactly once in the order they were given when :func:`run_saved_post_hooks` is called. :param str command: post-hook to register to be run N) post_hooksappendr,rrrr/s r/cCstD]}td|qdS)zGRun any post hooks that were saved up in the course of the 'renew' verbr.N)r0r*)r rrrrun_saved_post_hookssr2cCs|jrt|j|||jdS)aRun post-issuance hook if defined. :param configuration.NamespaceConfig config: Certbot settings :param domains: domains in the obtained certificate :type domains: `list` of `str` :param str lineage_path: live directory path for the new cert N)r_run_deploy_hookdry_run)rdomains lineage_pathrrrrs rcCslt}|jr6t|jD]}t||||j||q|jrh|j|krVt d|jnt|j|||jdS)a]Run post-renewal hooks. This function runs any hooks found in config.renewal_deploy_hooks_dir followed by any renew-hook in the config. If the renew-hook in the config is a path to a script in config.renewal_deploy_hooks_dir, it is not run twice. If Certbot is doing a dry run, no hooks are run and messages are logged saying that they were skipped. :param configuration.NamespaceConfig config: Certbot settings :param domains: domains in the obtained certificate :type domains: `list` of `str` :param str lineage_path: live directory path for the new cert z0Skipping deploy-hook '%s' as it was already run.N) setr#r$Zrenewal_deploy_hooks_dirr3r4r+rr(r))rr5r6Zexecuted_dir_hooksr&rrrrs  rcCs<|rtd|dSd|tjd<|tjd<td|dS)aRun the specified deploy-hook (if not doing a dry run). If dry_run is True, command is not run and a message is logged saying that it was skipped. If dry_run is False, the hook is run after setting the appropriate environment variables. :param str command: command to run as a deploy-hook :param domains: domains in the obtained certificate :type domains: `list` of `str` :param str lineage_path: live directory path for the new cert :param bool dry_run: True iff Certbot is doing a dry run z)Dry run: skipping deploy hook command: %sN ZRENEWED_DOMAINSZRENEWED_LINEAGEz deploy-hook)r(Zwarningjoinr rr*)r-r5r6r4rrrr3s r3cCst||\}}|S)zRun a hook command. :param str cmd_name: the user facing name of the hook being run :param shell_cmd: shell command to execute :type shell_cmd: `list` of `str` or `str` :returns: stderr if there was any)execute)cmd_namererr_rrrr*sr*cCstd||t|dttdd}|\}}tj|ddd}|rXtd||||j dkrtt d|||j |rt d |||||fS) zRun a command. :param str cmd_name: the user facing name of the hook being run :param shell_cmd: shell command to execute :type shell_cmd: `list` of `str` or `str` :returns: `tuple` (`str` stderr, `str` stdout)zRunning %s command: %sT)shellstdoutstderrZuniversal_newlinesNrrzOutput from %s command %s: %sz&%s command "%s" returned error code %dz#Error output from %s command %s: %s) r(r)rrZ communicater rrr returncodeerror)r;rr outr<Zbase_cmdrrrr:s$  r:cs.fddtD}dd|D}t|S)zList paths to all hooks found in dir_path in sorted order. :param str dir_path: directory to search :returns: `list` of `str` :rtype: sorted list of absolute paths to executables in dir_path c3s|]}tj|VqdS)N)r rr9).0fdir_pathrr szlist_hooks..cSs$g|]}t|r|ds|qS)~)r Z is_executableendswith)rDrrrr s zlist_hooks..)r listdirsorted)rGZallpathsZhooksrrFrr$s r$)&__doc__Z __future__rZlogging subprocessrrZacme.magic_typingrrZcertbotrrZcertbot.compatr r Zcertbot.pluginsrZ getLogger__name__r(rrr r r7r'r%rr0r/r2rrr3r*r:r$rrrrs4