From 73166fb062b8a0a976fe766e5edfe1d486131c10 Mon Sep 17 00:00:00 2001
From: Felix Fontein <felix@fontein.de>
Date: Tue, 2 Feb 2021 22:06:11 +0100
Subject: [PATCH] Fix bugs / improve get_cert_days behavior.

---
 plugins/module_utils/acme/backend_cryptography.py |  4 +++-
 plugins/module_utils/acme/backend_openssl_cli.py  | 10 ++++++----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/plugins/module_utils/acme/backend_cryptography.py b/plugins/module_utils/acme/backend_cryptography.py
index 4682c77c0..cf2ea551e 100644
--- a/plugins/module_utils/acme/backend_cryptography.py
+++ b/plugins/module_utils/acme/backend_cryptography.py
@@ -248,7 +248,9 @@ def get_cert_days(self, cert_filename=None, cert_content=None, now=None):
         If now is not specified, datetime.datetime.now() is used.
         '''
         if cert_filename is not None:
-            cert_content = read_file(cert_filename)
+            cert_content = None
+            if os.path.exists(cert_filename):
+                cert_content = read_file(cert_filename)
         else:
             cert_content = to_bytes(cert_content)
 
diff --git a/plugins/module_utils/acme/backend_openssl_cli.py b/plugins/module_utils/acme/backend_openssl_cli.py
index 05f4a53d9..4b8a9f44c 100644
--- a/plugins/module_utils/acme/backend_openssl_cli.py
+++ b/plugins/module_utils/acme/backend_openssl_cli.py
@@ -225,7 +225,7 @@ def get_csr_identifiers(self, csr_filename=None, csr_content=None):
             data = csr_content.encode('utf-8')
 
         openssl_csr_cmd = [self.openssl_binary, "req", "-in", filename, "-noout", "-text"]
-        dummy, out, dummy = self.module.run_command(openssl_csr_cmd, data=data, check_rc=True)
+        dummy, out, dummy = self.module.run_command(openssl_csr_cmd, data=data, check_rc=True, binary_data=True)
 
         identifiers = set([])
         common_name = re.search(r"Subject:.* CN\s?=\s?([^\s,;/]+)", to_text(out, errors='surrogate_or_strict'))
@@ -260,15 +260,17 @@ def get_cert_days(self, cert_filename=None, cert_content=None, now=None):
             filename = '-'
             data = cert_content.encode('utf-8')
             cert_filename_suffix = ''
-        else:
+        elif cert_filename is not None:
             if not os.path.exists(cert_filename):
                 return -1
             cert_filename_suffix = ' in {0}'.format(cert_filename)
+        else:
+            return -1
 
         openssl_cert_cmd = [self.openssl_binary, "x509", "-in", filename, "-noout", "-text"]
-        dummy, out, dummy = self.module.run_command(openssl_cert_cmd, data=data, check_rc=True, encoding=None)
+        dummy, out, dummy = self.module.run_command(openssl_cert_cmd, data=data, check_rc=True, binary_data=True)
         try:
-            not_after_str = re.search(r"\s+Not After\s*:\s+(.*)", out.decode('utf8')).group(1)
+            not_after_str = re.search(r"\s+Not After\s*:\s+(.*)", to_text(out, errors='surrogate_or_strict')).group(1)
             not_after = datetime.datetime.fromtimestamp(time.mktime(time.strptime(not_after_str, '%b %d %H:%M:%S %Y %Z')))
         except AttributeError:
             raise ModuleFailException("No 'Not after' date found{0}".format(cert_filename_suffix))