a }|äg”)ã@sðUdZddlZddlmZddlmZddlmZddlmZddlmZddlm Z dd lm Z dd l m Z dd l m Z dd l mZdd lmZdd lm Ze e¡Zejddœdd„Zeeedœdd„Zeeddœdd„Zejddœdd„ZeƒZeeed<eddœdd„Z ejeeddœdd„Z!gZ"eeed <eddœd!d"„Z#eeeedd#œd$d%„Z$ejeeedd&œd'd(„Z%ejeeedd&œd)d*„Z&eeeee'e'dd+œd,d-„Z(d4eeeeeefed.œd/d0„Z)eeed1œd2d3„Z*dS)5z;Facilities for implementing hooks that call shell commands.éN)ÚDict)ÚList)ÚOptional)ÚSet)Ú configuration)Úerrors)Úutil)Ú filesystem)Úmisc)Úos)Úops)ÚconfigÚreturncCs4t|jdƒt|jdƒt|jdƒt|jdƒdS)z#Check hook commands are executable.ZpreZpostZdeployÚrenewN)Ú validate_hookÚpre_hookÚ post_hookÚ deploy_hookÚ renew_hook)r ©rú;/usr/lib/python3.9/site-packages/certbot/_internal/hooks.pyÚvalidate_hookss   r)Ú shell_cmdrcCs.t |¡s"t |¡t |¡s"dStj |¡S)zÁExtract the program run by a shell command. :param str shell_cmd: command to be executed :returns: basename of command or None if the command isn't found :rtype: str or None N)rZ exe_existsÚ plug_utilZ path_surgeryr ÚpathÚbasename)rrrrÚ_progs   r)rÚ hook_namercCsj|rf| dd¡d}t|ƒsftjd}tj |¡rD|›d|›d}nd|›d|›d|›d }t |¡‚dS) z‹Check that a command provided as a hook is plausibly executable. :raises .errors.HookCommandNotFound: if the command is not found NérÚPATHz-hook command z exists, but is not executable.zUnable to find z in the PATH. (PATH is z0) See also the --disable-hook-validation option.)Úsplitrr ÚenvironrÚexistsrZHookCommandNotFound)rrÚcmdrÚmsgrrrr.s  ÿÿrcCs>|jdkr(|jr(t|jƒD] }t|ƒq|j}|r:t|ƒdS)aåRun pre-hooks if they exist and haven't already been run. When Certbot is running with the renew subcommand, this function runs any hooks found in the config.renewal_pre_hooks_dir (if they have not already been run) followed by any pre-hook in the config. If hooks in config.renewal_pre_hooks_dir are run and the pre-hook in the config is a path to one of these scripts, it is not run twice. :param configuration.NamespaceConfig config: Certbot settings rN)ÚverbÚdirectory_hooksÚ list_hooksZrenewal_pre_hooks_dirÚ_run_pre_hook_if_necessaryr)r Úhookr#rrrrBs  rÚexecuted_pre_hooks)ÚcommandrcCs.|tvrt d|¡ntd|ƒt |¡dS)zÑRun the specified pre-hook if we haven't already. If we've already run this exact command before, a message is logged saying the pre-hook was skipped. :param str command: pre-hook to be run z*Pre-hook command already run, skipping: %szpre-hookN)r*ÚloggerÚinfoÚ _run_hookÚadd©r+rrrr(Zs  r()r Úrenewed_domainsrcCs‚|j}|jdkr<|jr.t|jƒD] }t|ƒq |r~t|ƒnB|r~d |¡}t|ƒdkrlt  d¡|dd…}t d||ddœƒdS) a…Run post-hooks if defined. This function also registers any executables found in config.renewal_post_hooks_dir to be run when Certbot is used with the renew subcommand. If the verb is renew, we delay executing any post-hooks until :func:`run_saved_post_hooks` is called. In this case, this function registers all hooks found in config.renewal_post_hooks_dir to be called followed by any post-hook in the config. If the post-hook in the config is a path to an executable in the post-hook directory, it is not scheduled to be run twice. :param configuration.NamespaceConfig config: Certbot settings rú i}z?Limiting RENEWED_DOMAINS environment variable to 32k charactersNú post-hookÚ©ÚRENEWED_DOMAINSZFAILED_DOMAINS) rr%r&r'Zrenewal_post_hooks_dirÚ_run_eventuallyÚjoinÚlenr,Úwarningr.)r r1r#r)Úrenewed_domains_strrrrrjs&       üýrÚ post_hookscCs|tvrt |¡dS)zúRegisters a post-hook to be run eventually. All commands given to this function will be run exactly once in the order they were given when :func:`run_saved_post_hooks` is called. :param str command: post-hook to register to be run N)r<Úappendr0rrrr7Ÿs r7)r1Úfailed_domainsrcCsxd |¡}d |¡}t|ƒdkr6t d¡|dd…}t|ƒdkrXt d¡|dd…}tD]}td|||dœƒq\dS)zGRun any post hooks that were saved up in the course of the 'renew' verbr2i€>z?Limiting RENEWED_DOMAINS environment variable to 16k charactersNz>Limiting FAILED_DOMAINS environment variable to 16k charactersr3r5)r8r9r,r:r<r.)r1r>r;Zfailed_domains_strr#rrrÚrun_saved_post_hooks¬s         þýr?)r ÚdomainsÚ lineage_pathrcCs |jrt|j|||j|jƒdS)aRun post-issuance hook if defined. :param configuration.NamespaceConfig config: Certbot settings :param domains: domains in the obtained certificate :type domains: `list` of `str` :param str lineage_path: live directory path for the new cert N)rÚ_run_deploy_hookÚdry_runÚrun_deploy_hooks)r r@rArrrrÆs  ÿrcCsttƒ}|jr:t|jƒD]"}t||||j|jƒ| |¡q|jrp|j|vrZt   d|j¡nt|j|||j|jƒdS)a]Run post-renewal hooks. This function runs any hooks found in config.renewal_deploy_hooks_dir followed by any renew-hook in the config. If the renew-hook in the config is a path to a script in config.renewal_deploy_hooks_dir, it is not run twice. If Certbot is doing a dry run, no hooks are run and messages are logged saying that they were skipped. :param configuration.NamespaceConfig config: Certbot settings :param domains: domains in the obtained certificate :type domains: `list` of `str` :param str lineage_path: live directory path for the new cert z0Skipping deploy-hook '%s' as it was already run.N) Úsetr&r'Zrenewal_deploy_hooks_dirrBrCrDr/rr,r-)r r@rAZexecuted_dir_hooksr)rrrrÕs  ÿ ÿr)r+r@rArCrDrcCs@|r|st d|¡dSd |¡tjd<|tjd<td|ƒdS)atRun the specified deploy-hook (if not doing a dry run). If dry_run is True, command is not run and a message is logged saying that it was skipped. If dry_run is False, the hook is run after setting the appropriate environment variables. :param str command: command to run as a deploy-hook :param domains: domains in the obtained certificate :type domains: `list` of `str` :param str lineage_path: live directory path for the new cert :param bool dry_run: True iff Certbot is doing a dry run :param bool run_deploy_hooks: True if deploy hooks should run despite Certbot doing a dry run z)Dry run: skipping deploy hook command: %sNr2r6ZRENEWED_LINEAGEz deploy-hook)r,r-r8r r!r.)r+r@rArCrDrrrrBösÿ rB)Úcmd_namerÚ extra_envrcCsHt ¡}| |pi¡tj|||d\}}}t d|›d|||¡|S)aHRun a hook command. :param str cmd_name: the user facing name of the hook being run :param shell_cmd: shell command to execute :type shell_cmd: `list` of `str` or `str` :param dict extra_env: extra environment variables to set :type extra_env: `dict` of `str` to `str` :returns: stderr if there was any)ÚenvzHook 'ú')rZenv_no_snap_for_external_callsÚupdater Zexecute_command_statusÚ display_opsZreport_executed_command)rFrrGrHÚ returncodeÚerrÚoutrrrr.s ÿ r.)Údir_pathrcs.‡fdd„t ˆ¡Dƒ}dd„|Dƒ}t|ƒS)zÒList paths to all hooks found in dir_path in sorted order. :param str dir_path: directory to search :returns: `list` of `str` :rtype: sorted list of absolute paths to executables in dir_path c3s|]}tj ˆ|¡VqdS)N)r rr8)Ú.0Úf©rOrrÚ +ózlist_hooks..cSs$g|]}t |¡r| d¡s|‘qS)ú~)r Z is_executableÚendswith)rPrrrrÚ ,rTzlist_hooks..)r ÚlistdirÚsorted)rOZallpathsZhooksrrRrr'"s r')N)+Ú__doc__ZloggingÚtypingrrrrZcertbotrrrZcertbot.compatr r r Zcertbot.displayr rKZcertbot.pluginsrZ getLoggerÚ__name__r,ZNamespaceConfigrÚstrrrrrEr*Ú__annotations__r(rr<r7r?rrÚboolrBr.r'rrrrÚsL             ý 2  ÿ  ÿ ! ÿ "