Initial work on ignoring rate limits on dry rundry_run_ratelimits

author: Seth Schoen <schoen@eff.org> 2016-04-02 04:47:12 +0300
committer: Seth Schoen <schoen@eff.org> 2016-04-02 04:47:12 +0300
commit: e0a1871bb8a04a2868c180d4ff0a2f900e8cdebc (patch)
tree: 87807954fdeed6c6c1f3d918e43d9f196454d954
parent: 3d260485cd833571a2e8d4ac1baaa3dd228a292c (diff)
2 files changed, 45 insertions, 8 deletions
diff --git a/letsencrypt/client.py b/letsencrypt/client.py
index da2e1f086..93465379b 100644
--- a/letsencrypt/client.py
+++ b/letsencrypt/client.py
@@ -218,12 +218,31 @@ class Client(object):
         logger.debug("CSR: %s, domains: %s", csr, domains)
 
         if authzr is None:
-            authzr = self.auth_handler.get_authorizations(domains)
+            try:
+                authzr = self.auth_handler.get_authorizations(domains)
+            except errors.Error as error:
+                if error.typ == "urn:acme:error:rateLimited":
+                    if self.config.dry_run:
+                        # We convert this exception into a special one
+                        # that is reported differently.
+                        raise errors.DryRunAuthzRateLimited()
+                # We re-raise the original error.
+                raise
+
+        try:
+            certr = self.acme.request_issuance(
+                jose.ComparableX509(
+                    OpenSSL.crypto.load_certificate_request(typ, csr.data)),
+                    authzr)
+        except errors.Error as error:
+            if error.typ == "urn:acme:error:rateLimited":
+                if self.config.dry_run:
+                    # We convert this exception into a special one
+                    # that is reported differently.
+                    raise errors.DryRunNewCertRateLimited()
+            # We re-raise the original error.
+            raise
 
-        certr = self.acme.request_issuance(
-            jose.ComparableX509(
-                OpenSSL.crypto.load_certificate_request(typ, csr.data)),
-                authzr)
         return certr, self.acme.fetch_chain(certr)
 
     def obtain_certificate(self, domains):
@@ -240,9 +259,18 @@ class Client(object):
         :rtype: tuple
 
         """
-        authzr = self.auth_handler.get_authorizations(
-                domains,
-                self.config.allow_subset_of_names)
+        try:
+            authzr = self.auth_handler.get_authorizations(
+                    domains,
+                    self.config.allow_subset_of_names)
+        except errors.Error as error:
+            if error.typ == "urn:acme:error:rateLimited":
+                if self.config.dry_run:
+                    # We convert this exception into a special one
+                    # that is reported differently.
+                    raise errors.DryRunAuthzRateLimited()
+            # We re-raise the original error.
+            raise
 
         domains = [a.body.identifier.value.encode('ascii')
                                           for a in authzr]
diff --git a/letsencrypt/errors.py b/letsencrypt/errors.py
index 532a3a545..ab2d05360 100644
--- a/letsencrypt/errors.py
+++ b/letsencrypt/errors.py
@@ -94,3 +94,12 @@ class ConfigurationError(Error):
 
 class MissingCommandlineFlag(Error):
     """A command line argument was missing in noninteractive usage"""
+
+# Dry run rate limit errors to allow treating this event specially during
+# a dry run:
+
+class DryRunAuthzRateLimited(error):
+    """The server reported a rate limit on newauthz during a dry run."""
+
+class DryRunNewCertRateLimited(error):
+    """The server reported a rate limit on newcert during a dry run."""
author	Seth Schoen <schoen@eff.org>	2016-04-02 04:47:12 +0300
committer	Seth Schoen <schoen@eff.org>	2016-04-02 04:47:12 +0300
commit	e0a1871bb8a04a2868c180d4ff0a2f900e8cdebc (patch)
tree	87807954fdeed6c6c1f3d918e43d9f196454d954
parent	3d260485cd833571a2e8d4ac1baaa3dd228a292c (diff)