a `.@sdZddlZddlZddlmZddlZddlZddlm Z ddl m Z ddl m Z ddl mZddl mZdd lmZdd lmZdd lmZeeZeje jeje jGd d d ejZGddde Z!ddZ"ddZ#ddZ$dS)z*Common code for DNS Authenticator Plugins.N)sleep) challenges)errors) interfaces) filesystem)os)ops)util)commoncseZdZdZfddZed ddZddZd d Zd d Z d dZ e j ddZ e j ddZe j ddZddZd!ddZd"ddZeddZed#ddZZS)$DNSAuthenticatorz"Base class for DNS Authenticatorscstt|||d|_dS)NF)superr __init___attempt_cleanup)selfconfigname __class__|jr:|D].}|j}||}||j}||||q dSr)rr$r%r&r'_cleanup)rr.r/r$r%r&rrrcleanupEs   zDNSAuthenticator.cleanupcCs tdS)z@ Establish credentials, prompting if necessary. NNotImplementedErrorr!rrrr#Nsz#DNSAuthenticator._setup_credentialscCs tdS)aX Performs a dns-01 challenge by creating a DNS TXT record. :param str domain: The domain being validated. :param str validation_domain_name: The validation record domain name. :param str validation: The validation record content. :raises errors.PluginError: If the challenge cannot be performed Nr3rr$Zvalidation_namer&rrrr(Us zDNSAuthenticator._performcCs tdS)aX Deletes the DNS TXT record which would have been created by `_perform_achall`. Fails gracefully if no such record exists. :param str domain: The domain being validated. :param str validation_domain_name: The validation record domain name. :param str validation: The validation record content. Nr3r5rrrr1as zDNSAuthenticator._cleanupcCs0||}|s,||}t|j|||dS)a Ensure that a configuration value is available. If necessary, prompts the user and stores the result. :param str key: The configuration key. :param str label: The user-friendly label for this piece of information. N)r-_prompt_for_datasetattrrdest)rkeylabelconfigured_value new_valuerrr _configurens  zDNSAuthenticator._configureNcCsB||}|s>|||}t|j||tjtj|dS)a  Ensure that a configuration value is available for a path. If necessary, prompts the user and stores the result. :param str key: The configuration key. :param str label: The user-friendly label for this piece of information. N) r-_prompt_for_filer7rr8rpathabspath expanduser)rr9r: validatorr;r<rrr_configure_file~s  z DNSAuthenticator._configure_filecsNfdd}|||t|j}r>|rJ||S)a As `_configure_file`, but for a credential configuration file. If necessary, prompts the user and stores the result. Always stores absolute paths to avoid issues during renewal. :param str key: The configuration key. :param str label: The user-friendly label for this piece of information. :param dict required_variables: Map of variable which must be present to error to display. :param callable validator: A method which will be called to validate the `CredentialsConfiguration` resulting from the supplied input after it has been validated to contain the `required_variables`. Should throw a `~certbot.errors.PluginError` to indicate any issue. cs*t|j}r|r&|dSr)CredentialsConfigurationr8require)filenameZ configurationrequired_variablesrrBrr __validators   z.__validator)rCrDr-r8rE)rr9r:rHrB_DNSAuthenticator__validatorZcredentials_configurationrrGr_configure_credentialss  z'DNSAuthenticator._configure_credentialscsHfdd}tj|ddd\}}|tjkr4|StddS)z Prompt the user for a piece of information. :param str label: The user-friendly label for this piece of information. :returns: The user's response (guaranteed non-empty). :rtype: str cs|stddS)NzPlease enter your {0}.)r PluginErrorformat)ir:rrrIsz6DNSAuthenticator._prompt_for_data..__validatorzInput your {0}TZforce_interactive{0} required to proceed.N)rZvalidated_inputrM display_utilOKrrL)r:rJcoder*rrOrr6s   z!DNSAuthenticator._prompt_for_datacsJfdd}tj|ddd\}}|tjkr6|StddS)a Prompt the user for a path. :param str label: The user-friendly label for the file. :param callable validator: A method which will be called to validate the supplied input after it has been validated to be a non-empty path to an existing file. Should throw a `~certbot.errors.PluginError` to indicate any issue. :returns: The user's response (guaranteed to exist). :rtype: str cs8|stdtj|}t|r4|dS)Nz&Please enter a valid path to your {0}.)rrLrMrr?rA validate_filerFr:rBrrrIs  z6DNSAuthenticator._prompt_for_file..__validatorzInput the path to your {0}TrPrQN)rZvalidated_directoryrMrRrSrrL)r:rBrJrTr*rrWrr>s    z!DNSAuthenticator._prompt_for_file)r)N)NN)N)__name__ __module__ __qualname____doc__r classmethodrr r"r0r2abcabstractmethodr#r(r1r=rCrK staticmethodr6r> __classcell__rrrrr s*        % r c@s@eZdZdZddfddZddZdd Zd d Zd d ZdS)rDz>Represents a user-supplied filed which stores API credentials.cCs|Srr)xrrrz!CredentialsConfiguration.c Csjt|zt||_WnFtjy^}z,tjd|ddtd |WYd}~n d}~00||_ dS)z :param str filename: A path to the configuration file. :param callable mapper: A transformation to apply to configuration key names :raises errors.PluginError: If the file does not exist or is not a valid format. z+Error parsing credentials configuration: %sT)exc_infoz,Error parsing credentials configuration: {0}N) validate_file_permissions configobjZ ConfigObjconfobjZConfigObjErrorr+debugrrLrMmapper)rrFrierrrr s&z!CredentialsConfiguration.__init__c Csg}|D]R}||s4|d||||q||s|d||||q|rtdt|dkrxdnd|jj d |dS) zEnsures that the supplied set of variables are all present in the file. :param dict required_variables: Map of variable which must be present to error to display. :raises errors.PluginError: If one or more are missing. z)Property "{0}" not found (should be {1}).z'Property "{0}" not set (should be {1}).z9Missing {0} in credentials configuration file {1}: * {2}propertyZ propertiesz * N) _hasr)rMri_getrrLlenrgrFjoin)rrHZmessagesvarrrrrEs$  z CredentialsConfiguration.requirecCs ||S)zFind a configuration value for variable `var`, as transformed by `mapper`. :param str var: The variable to get. :returns: The value of the variable. :rtype: str )rnrrqrrrr-szCredentialsConfiguration.confcCs|||jvSr)rirgrrrrrrm"szCredentialsConfiguration._hascCs|j||Sr)rggetrirrrrrrn%szCredentialsConfiguration._getN) rXrYrZr[r rEr-rmrnrrrrrDs  rDcCs<tj|std|tj|r8td|dS)z&Ensure that the specified file exists.zFile not found: {0}zPath is a directory: {0}N)rr?existsrrLrMisdirrVrrrrU)s  rUcCs"t|t|rtd|dS)zHEnsure that the specified file exists and warn about unsafe permissions.z8Unsafe permissions on credentials configuration file: %sN)rUrZhas_world_permissionsr+ZwarningrVrrrre3s recs&|dfddtdtDS)aReturn a list of progressively less-specific domain names. One of these will probably be the domain name known to the DNS provider. :Example: >>> base_domain_name_guesses('foo.bar.baz.example.com') ['foo.bar.baz.example.com', 'bar.baz.example.com', 'baz.example.com', 'example.com', 'com'] :param str domain: The domain for which to return guesses. :returns: The a list of less specific domain names. :rtype: list .csg|]}d|dqS)rvN)rp).0rNZ fragmentsrr Lrcz,base_domain_name_guesses..r)splitrangero)r$rrxrbase_domain_name_guesses<s r|)%r[r]ZloggingtimerrfZzope.interfacezopeZacmerZcertbotrrZcertbot.compatrrZcertbot.displayrr rRZcertbot.pluginsr Z getLoggerrXr+Z interfaceZ implementerZIAuthenticatorZproviderZIPluginFactoryZPluginr objectrDrUrer|rrrrs,            U=