a-c-m
/
community.crypto
mirror of https://github.com/ansible-collections/community.crypto.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Handle new nonce call more gracefully when it does not return nonce. (#525)

pull/527/head
Felix Fontein 2022-11-02 09:32:01 +01:00 committed by GitHub
parent 9a64347ea6
commit 9ba0e25bfe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
changelogs/fragments/525-acme-no-nonce.yml Normal file
View File

@ -0,0 +1,2 @@
minor_changes:
- "acme_* modules - handle more gracefully if CA's new nonce call does not return a nonce (https://github.com/ansible-collections/community.crypto/pull/525)."

9
plugins/module_utils/acme/acme.py
View File

@ -140,7 +140,14 @@ class ACMEDirectory(object):
continue
if info['status'] not in (200, 204):
raise NetworkException("Failed to get replay-nonce, got status {0}".format(format_http_status(info['status'])))
return info['replay-nonce']
if 'replay-nonce' in info:
return info['replay-nonce']
self.module.log(
'HEAD to {0} did return status {1}, but no replay-nonce header!'.format(url, format_http_status(info['status'])))
if retry_count >= 5:
raise ACMEProtocolException(
self.module, msg='Was not able to obtain nonce, giving up after 5 retries', info=info, response=response)
retry_count += 1
class ACMEClient(object):