Fix bugs / improve get_cert_days behavior.

ansible-collections · Feb 2, 2021 · 73166fb · 73166fb
1 parent a22e4d6
commit 73166fb
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/plugins/module_utils/acme/backend_cryptography.py b/plugins/module_utils/acme/backend_cryptography.py
@@ -248,7 +248,9 @@ def get_cert_days(self, cert_filename=None, cert_content=None, now=None):
         If now is not specified, datetime.datetime.now() is used.
         '''
         if cert_filename is not None:
-            cert_content = read_file(cert_filename)
+            cert_content = None
+            if os.path.exists(cert_filename):
+                cert_content = read_file(cert_filename)
         else:
             cert_content = to_bytes(cert_content)
 

diff --git a/plugins/module_utils/acme/backend_openssl_cli.py b/plugins/module_utils/acme/backend_openssl_cli.py
@@ -225,7 +225,7 @@ def get_csr_identifiers(self, csr_filename=None, csr_content=None):
             data = csr_content.encode('utf-8')
 
         openssl_csr_cmd = [self.openssl_binary, "req", "-in", filename, "-noout", "-text"]
-        dummy, out, dummy = self.module.run_command(openssl_csr_cmd, data=data, check_rc=True)
+        dummy, out, dummy = self.module.run_command(openssl_csr_cmd, data=data, check_rc=True, binary_data=True)
 
         identifiers = set([])
         common_name = re.search(r"Subject:.* CN\s?=\s?([^\s,;/]+)", to_text(out, errors='surrogate_or_strict'))
@@ -260,15 +260,17 @@ def get_cert_days(self, cert_filename=None, cert_content=None, now=None):
             filename = '-'
             data = cert_content.encode('utf-8')
             cert_filename_suffix = ''
-        else:
+        elif cert_filename is not None:
             if not os.path.exists(cert_filename):
                 return -1
             cert_filename_suffix = ' in {0}'.format(cert_filename)
+        else:
+            return -1
 
         openssl_cert_cmd = [self.openssl_binary, "x509", "-in", filename, "-noout", "-text"]
-        dummy, out, dummy = self.module.run_command(openssl_cert_cmd, data=data, check_rc=True, encoding=None)
+        dummy, out, dummy = self.module.run_command(openssl_cert_cmd, data=data, check_rc=True, binary_data=True)
         try:
-            not_after_str = re.search(r"\s+Not After\s*:\s+(.*)", out.decode('utf8')).group(1)
+            not_after_str = re.search(r"\s+Not After\s*:\s+(.*)", to_text(out, errors='surrogate_or_strict')).group(1)
             not_after = datetime.datetime.fromtimestamp(time.mktime(time.strptime(not_after_str, '%b %d %H:%M:%S %Y %Z')))
         except AttributeError:
             raise ModuleFailException("No 'Not after' date found{0}".format(cert_filename_suffix))