From 1ba44b02d477105ac539d6f833486b70bf1fa18d Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Mon, 15 Feb 2016 18:19:59 -0500 Subject: [PATCH] forgot to catch free_tls_certificates.client.ChallengeFailed Provisioning could crash if, e.g., the DNS we see is different from the DNS Let's Encrypt sees. see #695, probably fixes it --- CHANGELOG.md | 1 + management/ssl_certificates.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c59bd421..949281b2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ In Development * Roundcube updated to version 1.1.4. * On multi-homed machines, Postfix now binds to the right network interface when sending outbound mail so that SPF checks on the receiving end will pass. +* TLS certificate provisioning would crash if DNS propagation was in progress and a challenge failed. * Backup times were displayed with the wrong time zone. * On low-usage systems, don't hold backups for quite so long by taking a full backup more often. * Nightly status checks might fail if any domains had non-ASCII characters. diff --git a/management/ssl_certificates.py b/management/ssl_certificates.py index 477d9c8f..d6cc7c9f 100755 --- a/management/ssl_certificates.py +++ b/management/ssl_certificates.py @@ -365,7 +365,7 @@ def provision_certificates(env, agree_to_tos_url=None, logger=None, show_extende "message": "Something unexpected went wrong. It looks like your local Let's Encrypt account data is corrupted. There was a problem with the file " + e.account_file_path + ".", }) - except (client.InvalidDomainName, client.NeedToTakeAction, acme.messages.Error, requests.exceptions.RequestException) as e: + except (client.InvalidDomainName, client.NeedToTakeAction, client.ChallengeFailed, acme.messages.Error, requests.exceptions.RequestException) as e: ret_item.update({ "result": "error", "message": "Something unexpected went wrong: " + str(e),