diff --git a/management/ssl_certificates.py b/management/ssl_certificates.py index c49443b9..bc803ea3 100755 --- a/management/ssl_certificates.py +++ b/management/ssl_certificates.py @@ -196,7 +196,7 @@ def get_certificates_to_provision(env, show_extended_problems=True, force_domain if cert.issuer == cert.subject: # This is self-signed. Get a real one. domains.add(domain) - + # Valid certificate today, but is it expiring soon? elif cert.not_valid_after-now < datetime.timedelta(days=14): domains.add(domain) @@ -238,6 +238,17 @@ def get_certificates_to_provision(env, show_extended_problems=True, force_domain except Exception as e: problems[domain] = "DNS isn't configured properly for this domain: DNS lookup had an error: %s." % str(e) return False + + # Unfortunately, the response.__str__ returns bytes + # instead of string, if it resulted from an AAAA-query. + # We need to convert manually, until this is fixed: + # https://github.com/rthalley/dnspython/issues/204 + # + # BEGIN HOTFIX + if isinstance(response[0].to_text(), bytes): + response = [response[0].to_text().decode('utf-8')] + # END HOTFIX + if len(response) != 1 or str(response[0]) != value: problems[domain] = "Domain control validation cannot be performed for this domain because DNS points the domain to another machine (%s %s)." % (rtype, ", ".join(str(r) for r in response)) return False @@ -406,7 +417,7 @@ def provision_certificates_cmdline(): headless = False force_domains = None show_extended_problems = True - + args = list(sys.argv) args.pop(0) # program name if args and args[0] == "-v": @@ -488,7 +499,7 @@ control panel. Do you agree to the agreement? Type Y or N and press : """ % request["url"], end='', flush=True) - + if sys.stdin.readline().strip().upper() != "Y": print("\nYou didn't agree. Quitting.") sys.exit(1) diff --git a/management/status_checks.py b/management/status_checks.py index 527495c7..4077066a 100755 --- a/management/status_checks.py +++ b/management/status_checks.py @@ -680,6 +680,22 @@ def query_dns(qname, rtype, nxdomain='[Not Set]', at=None): # periods from responses since that's how qnames are encoded in DNS but is # confusing for us. The order of the answers doesn't matter, so sort so we # can compare to a well known order. + + # Unfortunately, the response.__str__ returns bytes + # instead of string, if it resulted from an AAAA-query. + # We need to convert manually, until this is fixed: + # https://github.com/rthalley/dnspython/issues/204 + # + # BEGIN HOTFIX + response_new = [] + for r in response: + if isinstance(r.to_text(), bytes): + response_new.append(r.to_text().decode('utf-8')) + else: + response_new.append(r) + response = response_new + # END HOTFIX + return "; ".join(sorted(str(r).rstrip('.') for r in response)) def check_ssl_cert(domain, rounded_time, ssl_certificates, env, output):