From 244dc30306f1a78c0122987771f99798071ef946 Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Wed, 9 Sep 2015 00:11:44 -0700 Subject: [PATCH] Fewer locals (lint would still complain) --- letsencrypt/cli.py | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py index a21251172..b53e0a79e 100644 --- a/letsencrypt/cli.py +++ b/letsencrypt/cli.py @@ -189,7 +189,7 @@ def _find_duplicative_certs(domains, config, renew_config): return identical_names_cert, subset_names_cert -def run(args, config, plugins): # pylint: disable=too-many-branches +def run(args, config, plugins): # pylint: disable=too-many-branches,too-many-locals """Obtain a certificate and install.""" if args.configurator is not None and (args.installer is not None or @@ -212,15 +212,16 @@ def run(args, config, plugins): # pylint: disable=too-many-branches return "Configurator could not be determined" domains = _find_domains(args, installer) - renew_config = configuration.RenewerConfiguration(config) - # I am not sure whether that correctly reads the systemwide - # configuration file. treat_as_renewal = False + # Considering the possibility that the requested certificate is + # related to an existing certificate. if not config.duplicate: identical_names_cert, subset_names_cert = _find_duplicative_certs( - domains, config, renew_config) + domains, config, configuration.RenewerConfiguration(config)) + # I am not sure whether that correctly reads the systemwide + # configuration file. if identical_names_cert: question = ( "You have an existing certificate that contains exactly the " @@ -240,20 +241,20 @@ def run(args, config, plugins): # pylint: disable=too-many-branches question, "Replace", "Cancel"): treat_as_renewal = True else: - msg = "To obtain a new certificate that {0} an existing " - msg += "certificate in its domain-name coverage, you must use " - msg += "the --duplicate option.\n\nFor example:\n\n" - msg += sys.argv[0] + " --duplicate " + " ".join(sys.argv[1:]) - msg = msg.format( - "duplicates" if identical_names_cert else "overlaps with") reporter_util = zope.component.getUtility(interfaces.IReporter) - reporter_util.add_message(msg, reporter_util.HIGH_PRIORITY, True) + reporter_util.add_message(( + "To obtain a new certificate that {0} an existing certificate " + "in its domain-name coverage, you must use the --duplicate " + "option.\n\nFor example:\n\n{1} --duplicate {2}").format( + "duplicates" if identical_names_cert else "overlaps with", + sys.argv[0], " ".join(sys.argv[1:])), + reporter_util.HIGH_PRIORITY, True) sys.exit(1) + # Attempting to obtain the certificate # TODO: Handle errors from _init_le_client? le_client = _init_le_client(args, config, authenticator, installer) if treat_as_renewal: - # TREAT AS RENEWAL if identical_names_cert: lineage = identical_names_cert[1] else: @@ -261,9 +262,8 @@ def run(args, config, plugins): # pylint: disable=too-many-branches # TODO: Use existing privkey instead of generating a new one new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains) # TODO: Check whether it worked! - old_version = lineage.latest_common_version() lineage.save_successor( - old_version, OpenSSL.crypto.dump_certificate( + lineage.latest_common_version(), OpenSSL.crypto.dump_certificate( OpenSSL.crypto.FILETYPE_PEM, new_certr.body), new_key.pem, OpenSSL.crypto.dump_certificate( OpenSSL.crypto.FILETYPE_PEM, new_chain))