Edit File - File Manager

Edit File: init.cpython-36.pyc

گa�i������������������@���s���U�d�Z�ddlZddlZddlZddlZddlmZ�ddlmZ�ddlmZ�ddlm	Z	�ddl
Z
ddlmZ�ddl
mZ�dd	l
mZ�dd
l
mZ�ddl
mZ�ddl
mZ�dd
l
mZ�ddl
mZ�ddl
mZ�ddl
mZ�ddlmZ�ddlmZ�ddlmZ�ddlmZ�ddlmZ�ddlmZ�ddlmZ�ddlmZ�ddlm Z �ddlm!Z!�ddlm"Z"�ddlm#Z#�ddlm$Z$�ddlm%Z%�ddlm&Z&�dd lm'Z'�dd!l(m)Z)�dd"l*m+Z+�dd#l,m-Z-�dd$l.m/Z/�dd%l0m1Z1�dd&l2m3Z3�dd'l2m4Z4�dd(l5m6Z7�ddl8j9j:j;Z<dd)l=m>Z>�ej?e@�ZAdaBee+�Bd9e7jCeeD�eEejFd+�d,d-�ZGeDeEd.�d/d0�ZHdeH_IeDeeEd1�d2d3�ZJeDeeEd1�d4d5�ZKee	d6�d7d8�ZLdS�):z2Certbot command line argument & config processing.�����N)�Any)�List)�Optional)�Type)�	constants)�ARGPARSE_PARAMS_TO_REMOVE)�cli_command)�COMMAND_OVERVIEW)�DEPRECATED_OPTIONS)�EXIT_ACTIONS)�HELP_AND_VERSION_USAGE)�SHORT_USAGE)�
VAR_MODIFIERS)�ZERO_ARG_ACTIONS)�_Default)�_DeployHookAction)�_DomainsAction)�_EncodeReasonAction)�_PrefChallAction)�_RenewHookAction)�_user_agent_comment_type)�add_domains)�CaseInsensitiveList)�config_help)�CustomHelpFormatter)�flag_default)�HelpfulArgumentGroup)�nonnegative_int)�parse_preferred_challenges)�	read_file)�_add_all_groups)�HelpfulArgumentParser)�
_paths_parser)�_plugins_parsing)�_create_subparsers)�	VERB_HELP)�
VERB_HELP_MAP)�disco)�enhancementsF)�plugins�args�detect_defaults�returnc�������������C���s~��t�||�|�}t|��|jdddddtd�dd��|jddd	td	�tjd
��|jdddd
dtd
�tjd��|jddttd�dd��|jddddtd�tjd��|jdddddgdddddtd�dd��|jdddddgtjdtd�d d!��|jdddd"dgd#d$d%d&d't	td&�d(d)�	�|jddddgd*d+d,d-d.��|jddddgd/d0d1d2d.��|jdddd3d4d"d5dgd6d7d8td7�d9d:��|jdd;d5dgd<dd=td=�d>d?��|jddgd@dtdA�dBd!��|jddCdDdgdEdFtdG�t
dG�dH��|jddCdgdIdtdJ�dJdKdL��|jddCdgdMdNtdJ�dJdOdL��|jdddgdPdQdRdSdtdS�dTd��|jddUdtdV�dWd!��|jddXdYdZjtj
�d[d\��|jdd5gd]d^d_dtd_�d`d��|jddadbdtdb�dcd��|jddddedtde�dfd��|jddgdedNtde�dhd��|jdd5dgdidtdj�dkd!��|jddldmdtdm�dnd��|jdDdgdodptdq�drds��|jddtdudtdu�dvd��|jdd5ddgdwdxdydtdy�dzd��|jd;d{dgd|d}d~dtd~�dtj�d��|jd;d�dtd��d�d!��|jdddgd�dtd��d�d!��|jd;d�dt
d��td��d���|jd;d�d�gd�td�td��t
d��d���|jd;d�gd�d�td��t
d��d
��|jd;d�gd�ttd��t
d��d��|jd;d�dtd��d�d!��|jd�d�td�td��t
d��d���|jd�d�d�d�gttd��t
d��d���|jd�d�td�d�d�gd�td��t
d��d���|jd�d�dd�td��t
d��d?��|jd�dgd�dd�td��d�d?��|jd�d�dNd�td��d�d?��|jd�dgd�dd�td��d�d?��|jd�d�dNd�td��tjd?��|jd�dgd�dd�td��d�d?��|jd�d�dNd�td��tjd?��|jd�d�dd�td��d�d?��|jd�d�dNd�td��tjd?��|jd�d�dtd��d�d!��|jddd5dgd�d�td��t
d��d
��|jd�d�dd5gd�d�ttd��d�d��|jdddgd�td�tdt
dd���|jd5d�d�dō�|jd5d�d�dō�|jd5d�ttjdɍ�|jd5d�dNtd˃d�tjdL��|jd5d�td�dɍ�|jd5d�dNd�tdσd�d?��|jd5d�dNtd҃d�d�dL��|jd5d�dtdՃd�d�dL��|jd5d�dNtd؃d�d�dL��|jd�dۃ�|jd�dۃ�|jd�dۃ�|jd�dۃ�tj|j��t|��t|��t||���|�sv|a|j��S�)�z�Returns parsed command line arguments.

:param .PluginsRegistry plugins: available plugins
    :param list args: command line arguments with the program name removed

:returns: parsed command line arguments
    :rtype: argparse.Namespace

Nz-vz	--verboseZ
verbose_count�countzbThis flag can be used multiple times to incrementally increase the verbosity of output, e.g. -vvv.)�dest�action�default�helpz--verbose-levelZ
verbose_level)r.���r0���r1���z-tz--textZ	text_mode�
store_truez--max-log-backupsZmax_log_backupsz�Specifies the maximum number of backup logs that should be kept by Certbot's built in log rotation. Setting this flag to 0 disables log rotation entirely, causing Certbot to always append to the same log file.)�typer0���r1���z--preconfigured-renewalZpreconfigured_renewalZ
automationZrunZcertonlyZenhancez-nz--non-interactivez--noninteractiveZnoninteractive_modez�Run without ever asking for user input. This may require additional command line flags; the client will try to explain which ones are required if it finds one missing�registerZforce_interactivez�Force Certbot to be interactive even if it detects it's not being run in a terminal. This flag cannot be used with the renew subcommand.)r/���r0���r1���Zcertificatesz-dz	--domainsz--domainZdomainsZDOMAINaK��Domain names to apply. For multiple domains you can use multiple -d flags or enter a comma separated list of domains as a parameter. The first domain provided will be the subject CN of the certificate, and all domains will be Subject Alternative Names on the certificate. The first domain will also be used in some software user interfaces and as the file paths for the certificate and related material unless otherwise specified or you already have a certificate with the same name. In the case of a name collision it will append a number like 0001 to the file path name. (default: Ask))r.����metavarr/���r0���r1���z	--eab-kidZeab_kidZEAB_KIDz+Key Identifier for External Account Binding)r.���r5���r1���z--eab-hmac-keyZeab_hmac_keyZEAB_HMAC_KEYz%HMAC key for External Account BindingZmanage�deleteZrenewz--cert-nameZcertnameZCERTNAMEa���Certificate name to apply. This name is used by Certbot for housekeeping and in file paths; it doesn't affect the content of the certificate itself. To see certificate names, run 'certbot certificates'. When creating a new certificate, specifies the new certificate's name. (default: the first provided domain or the name of an existing certificate on your system for the same domains))r.���r5���r0���r1���Ztestingz	--dry-runZdry_runa���Perform a test run of the client, obtaining test (invalid) certificates but not saving them to disk. This can currently only be used with the 'certonly' and 'renew' subcommands. 
Note: Although --dry-run tries to avoid making any persistent changes on a system, it  is not completely side-effect free: if used with webserver authenticator plugins like apache and nginx, it makes and then reverts temporary config changes in order to obtain test certificates, and reloads webservers to deploy and then roll back those changes.  It also calls --pre-hook and --post-hook commands if they are defined because they may be necessary to accurately simulate renewal. --deploy-hook commands are not called.)r/���r.���r0���r1���z!--register-unsafely-without-emailZregister_unsafely_without_emaila"��Specifying this flag enables registering an account with no email address. This is strongly discouraged, because you will be unable to receive notice about impending expiration or revocation of your certificates or problems with your Certbot installation that will lead to failure to renew.Zupdate_accountZ
unregisterz-mz--emailZemail)r0���r1���z--eff-emailZ	eff_emailz"Share your e-mail address with EFF)r/���r0���r.���r1���z--no-eff-emailZstore_falsez(Don't share your e-mail address with EFFz--keep-until-expiringz--keepz--reinstallZ	reinstallz�If the requested certificate matches an existing certificate, always keep the existing one until it is due for renewal (for the 'run' subcommand this means reinstall the existing certificate). (default: Ask)z--expand�expandz�If an existing certificate is a strict subset of the requested names, always expand and replace it with the additional names. (default: Ask)z	--version�versionz%(prog)s {0}z&show program's version number and exit)r/���r8���r1���z--force-renewalz--renew-by-defaultZrenew_by_defaultz�If a certificate already exists for the requested domains, renew it now, regardless of whether it is near expiry. (Often --keep-until-expiring is more appropriate). Also implies --expand.z--renew-with-new-domainsZrenew_with_new_domainsz�If a certificate already exists for the requested certificate name but does not match the requested domains, renew it now, regardless of whether it is near expiry.z--reuse-keyZ	reuse_keyzDWhen renewing, use the same private key as the existing certificate.z--no-reuse-keyz�When renewing, do not use the same private key as the existing certificate. Not reusing private keys is the default behavior of Certbot. This option may be used to unset --reuse-key on an existing certificate.z--allow-subset-of-namesZallow_subset_of_namesa8��When performing domain validation, do not consider it a failure if authorizations can not be obtained for a strict subset of the requested domains. This may be useful for allowing renewals for multiple domains to succeed even if some domains no longer point at this system. This option cannot be used with --csr.z--agree-tosZtosz5Agree to the ACME Subscriber Agreement (default: Ask)z	--accountZ
ACCOUNT_IDZaccountzAccount ID to use)r5���r0���r1���z--duplicateZ	duplicatezdAllow making a certificate lineage that duplicates an existing one (both can be renewed in parallel)z-qz--quiet�quietz\Silence all output except errors. Useful for automation via cron. Implies --non-interactive.Zrevokez--test-certz	--stagingZstagingz_Use the staging server to obtain or revoke test (invalid) certificates; equivalent to --server z--debug�debugz!Show tracebacks in case of errorsz--debug-challengesZdebug_challengeszHAfter setting up challenges, wait for user input before submitting to CAz--no-verify-sslZ
no_verify_ssl)r/���r1���r0���Z
standaloneZmanualz--http-01-portZhttp01_port)r3���r.���r0���r1���z--http-01-addressZhttp01_addressZnginxz--https-portZ
https_portz--break-my-certsZbreak_my_certsz]Be willing to replace or renew valid certificates with invalid (testing/staging) certificatesZsecurityz--rsa-key-size�NZrsa_key_size)r3���r5���r0���r1���z
--key-typeZrsaZecdsaZkey_type)�choicesr3���r0���r1���z--elliptic-curveZ	secp256r1Z	secp384r1Z	secp521r1Zelliptic_curve)r3���r<���r5���r0���r1���z
--must-stapleZmust_staplez
--redirectZredirectz�Automatically redirect all HTTP traffic to HTTPS for the newly authenticated vhost. (default: redirect enabled for install and run, disabled for enhance)z
--no-redirectz�Do not automatically redirect all HTTP traffic to HTTPS for the newly authenticated vhost. (default: redirect enabled for install and run, disabled for enhance)z--hstsZhstsz�Add the Strict-Transport-Security header to every HTTP response. Forcing browser to always use SSL for the domain. Defends against SSL Stripping.z	--no-hstsz--uirZuirz�Add the "Content-Security-Policy: upgrade-insecure-requests" header to every HTTP response. Forcing the browser to use https:// for every http:// resource.z--no-uirz
--staple-ocspZstaplezmEnables OCSP Stapling. A valid OCSP response is stapled to the certificate that the server offers during TLS.z--no-staple-ocspz--strict-permissionsZstrict_permissionsz}Require that all configuration files are owned by the current user; only needed if your config is somewhere unsafe like /tmp/z--preferred-chainZpreferred_chainz--preferred-challengesZpref_challsa���A sorted, comma delimited list of the preferred challenge to use during authorization with the most preferred challenge listed first (Eg, "dns" or "http,dns"). Not all plugins support all challenges. See https://certbot.eff.org/docs/using.html#plugins for details. ACME Challenges are versioned, but if you pick "http" rather than "http-01", Certbot will select the latest version automatically.z--issuance-timeoutZissuance_timeoutz
--pre-hookaz��Command to be run in a shell before obtaining any certificates. Intended primarily for renewal, where it can be used to temporarily shut down a webserver that might conflict with the standalone plugin. This will only be called if a certificate is actually to be obtained/renewed. When renewing several certificates that have identical pre-hooks, only the first will be executed.)r1���z--post-hookaK��Command to be run in a shell after attempting to obtain/renew certificates. Can be used to deploy renewed certificates, or to restart any servers that were stopped by --pre-hook. This is only run if an attempt was made to obtain/renew a certificate. If multiple renewed certificates have identical post-hooks, only one will be run.z--renew-hook)r/���r1���z--no-random-sleep-on-renewZrandom_sleep_on_renewz
--deploy-hooka���Command to be run in a shell once for each successfully issued certificate. For this command, the shell variable $RENEWED_LINEAGE will point to the config live subdirectory (for example, "/etc/letsencrypt/live/example.com") containing the new certificates and keys; the shell variable $RENEWED_DOMAINS will contain a space-delimited list of renewed certificate domains (for example, "example.com www.example.com"z--disable-hook-validationZvalidate_hooksa���Ordinarily the commands specified for --pre-hook/--post-hook/--deploy-hook will be checked for validity, to see if the programs being run are in the $PATH, so that mistakes can be caught early, even when the hooks aren't being run just yet. The validation is rather simplistic and fails if you use more advanced shell constructs, so you can use this switch to disable it. (default: False)z--no-directory-hooksZdirectory_hooksz`Disable running executables found in Certbot's hook directories during renewal. (default: False)z--disable-renew-updatesZdisable_renew_updatesa��Disable automatic updates to your server configuration that would otherwise be done by the selected installer plugin, and triggered when the user executes "certbot renew", regardless of if the certificate is renewed. This setting does not apply to important TLS configuration updates.z--no-autorenewZ	autorenewz%Disable auto renewal of certificates.z--os-packages-onlyr���z--no-self-upgradez--no-bootstrapz--no-permissions-check)r!���r ����addr����argparseZSUPPRESSr���r���ZFORCE_INTERACTIVE_FLAGr���r����format�certbot�__version__ZSTAGING_URI�int�strr���r���r���Zadd_deprecated_argumentr(���Zpopulate_clir$���r"���r#����helpful_parser�
parse_args)r)���r*���r+���Zhelpful��rF����/usr/lib/python3.6/__init__.py�prepare_and_parse_args9���s���

rH���)�varr,���c�������������C���s����|�t�krdS�tj}|dkr`tdk	r`tjj��}tjtjg�}t	||dd��}t_t
j|�\|_|_
tt||��t�s�tjd|�t||����dS�x6tj|�g��D�]&}t|�r�tjd|�tj|�g����dS�q�W�dS�)z�
    Return True if a particular config variable has been set by the user
    (CLI or config file) including if the user explicitly set it to the
    default.  Returns False if the variable was assigned a default value.
    FNT)r+���zVar %s=%s (set by user).)r
����
set_by_cli�detectorrD����
plugins_disco�PluginsRegistryZfind_allr*���ZverbrH����plugin_selectionZcli_plugin_requestsZ
authenticatorZ	installer�
isinstance�getattrr����loggerr:���r����get)rI���rK���r)���Zreconstructed_argsZmodifierrF���rF���rG���rJ������s$����
rJ���)�option�valuer,���c�������������C���s$���t�dk	r |�t�jkot�j|��|kS�dS�)aH��Does option have the default value?

If the default value of option is not known, False is returned.

:param str option: configuration variable being considered
    :param value: value of the configuration variable named option

:returns: True if option has the default value, otherwise, False
    :rtype: bool

NF)rD���Zdefaults)rS���rT���rF���rF���rG����has_default_value���s����
rU���c�������������C���s ���|�t�krdS�t|��pt|�|��S�)a��Was option set by the user or does it differ from the default?

:param str option: configuration variable being considered
    :param value: value of the configuration variable named option

:returns: True if the option was set, otherwise, False
    :rtype: bool

F)r
���rJ���rU���)rS���rT���rF���rF���rG����option_was_set��s����rV���)�variabler,���c�������������C���s8���t�dk	r4x*t�jjD�]}|jdk	r|j|�kr|jS�qW�tS�)zFReturn our argparse type function for a config variable (default: str)N)rD����parserZ_actionsr3���r.���rC���)rW���r/���rF���rF���rG����
argparse_type��s
����
rY���)F)M�__doc__r>���ZloggingZlogging.handlers�sysZtypingr���r���r���r���r@���Zcertbot._internalr���Z#certbot._internal.cli.cli_constantsr���r���r	���r
���r���r���r
���r���r���Zcertbot._internal.cli.cli_utilsr���r���r���r���r���r���r���r���r���r���r���r���r���r���r���r���Z!certbot._internal.cli.group_adderr ���Zcertbot._internal.cli.helpfulr!���Z"certbot._internal.cli.paths_parserr"���Z%certbot._internal.cli.plugins_parsingr#���Z certbot._internal.cli.subparsersr$���Zcertbot._internal.cli.verb_helpr%���r&���Zcertbot._internal.pluginsr'���rL���Z#certbot._internal.plugins.selectionZ	_internalr)���Z	selectionrN���Zcertbot.pluginsr(���Z	getLogger�__name__rQ���rD���rM���rC����boolZ	NamespacerH���rJ���rK���rU���rV���rY���rF���rF���rF���rG����<module>���sp���
���)

Back to File Manager

Edit File: __init__.cpython-36.pyc

Edit File: init.cpython-36.pyc