letsencrypt.le_util

Utilities for all Let’s Encrypt.

class letsencrypt.le_util.Key(file, pem)

Bases: tuple

_asdict()

Return a new OrderedDict which maps field names to their values

classmethod _make(iterable, new=<built-in method __new__ of type object at 0x9192c0>, len=<built-in function len>)

Make a new Key object from a sequence or iterable

_replace(_self, **kwds)

Return a new Key object replacing specified fields with new values

file

Alias for field number 0

pem

Alias for field number 1

class letsencrypt.le_util.CSR(file, data, form)

Bases: tuple

_asdict()

Return a new OrderedDict which maps field names to their values

classmethod _make(iterable, new=<built-in method __new__ of type object at 0x9192c0>, len=<built-in function len>)

Make a new CSR object from a sequence or iterable

_replace(_self, **kwds)

Return a new CSR object replacing specified fields with new values

data

Alias for field number 1

file

Alias for field number 0

form

Alias for field number 2

letsencrypt.le_util.run_script(params)[source]

Run the script with the given params.

Parameters:params (list) – List of parameters to pass to Popen
letsencrypt.le_util.exe_exists(exe)[source]

Determine whether path/name refers to an executable.

Parameters:exe (str) – Executable path or name
Returns:If exe is a valid executable
Return type:bool
letsencrypt.le_util.make_or_verify_dir(directory, mode=493, uid=0, strict=False)[source]

Make sure directory exists with proper permissions.

Parameters:
  • directory (str) – Path to a directory.
  • mode (int) – Directory mode.
  • uid (int) – Directory owner.
Raises:
  • .errors.Error – if a directory already exists, but has wrong permissions or owner
  • OSError – if invalid or inaccessible file names and paths, or other arguments that have the correct type, but are not accepted by the operating system.
letsencrypt.le_util.check_permissions(filepath, mode, uid=0)[source]

Check file or directory permissions.

Parameters:
  • filepath (str) – Path to the tested file (or directory).
  • mode (int) – Expected file mode.
  • uid (int) – Expected file owner.
Returns:

True if mode and uid match, False otherwise.
Return type:

bool
letsencrypt.le_util.safe_open(path, mode='w', chmod=None, buffering=None)[source]

Safely open a file.

Parameters:
  • path (str) – Path to a file.
  • mode (str) – Same os mode for open.
  • chmod (int) – Same as mode for os.open, uses Python defaults if None.
  • buffering (int) – Same as bufsize for os.fdopen, uses Python defaults if None.
letsencrypt.le_util.unique_file(path, mode=511)[source]

Safely finds a unique file.

Parameters:
  • path (str) – path/filename.ext
  • mode (int) – File mode
Returns:

tuple of file object and file name
letsencrypt.le_util.unique_lineage_name(path, filename, mode=511)[source]

Safely finds a unique file using lineage convention.

Parameters:
  • path (str) – directory path
  • filename (str) – proposed filename
  • mode (int) – file mode
Returns:

tuple of file object and file name (which may be modified from the requested one by appending digits to ensure uniqueness)
Raises OSError:

if writing files fails for an unanticipated reason, such as a full disk or a lack of permission to write to specified location.
letsencrypt.le_util.safely_remove(path)[source]

Remove a file that may not exist.

letsencrypt.le_util.get_os_info()[source]

Get Operating System type/distribution and major version

Returns:(os_name, os_version)
Return type:tuple of str
letsencrypt.le_util.safe_email(email)[source]

Scrub email address before using it.

letsencrypt.le_util.add_deprecated_argument(add_argument, argument_name, nargs)[source]

Adds a deprecated argument with the name argument_name.

Deprecated arguments are not shown in the help. If they are used on the command line, a warning is shown stating that the argument is deprecated and no other action is taken.

Parameters:
  • add_argument (callable) – Function that adds arguments to an argument parser/group.
  • argument_name (str) – Name of deprecated argument.
  • nargs – Value for nargs when adding the argument to argparse.
letsencrypt.le_util.check_domain_sanity(domain)[source]

Method which validates domain value and errors out if the requirements are not met.

Parameters:domain – Domain to check
Raises ConfigurationError:
 for invalid domains and cases where Let’s Encrypt currently will not issue certificates