tokens that start with a dash break arguments passed to out-handler

[mhowsden]

Frequently when I try to do a cert renewal for multiple domains, the token the letsencrypt server gives me starts with a -. When this is the case, renewal fails.

I run certbot with these options:

/venv/bin/certbot \
        --server https://acme-v02.api.letsencrypt.org/directory \
        --text --agree-tos --email [email protected] \
        --expand --renew-by-default \
        --configurator certbot-external-auth:out \
        --certbot-external-auth:out-public-ip-logging-ok \
        -d "subdomain1.example.com" \
        -d "subdomain2.example.com" \
        --preferred-challenges dns \
        --certbot-external-auth:out-handler ./dns_check.py \
        --certbot-external-auth:out-dehydrated-dns \
        --logs-dir logs --config-dir conf --work-dir work \
        run

My error would be:

dns_check.py: error: unrecognized arguments: -M-H_CewSxuh-sXrrwHNN0cwZyefCddAk07OIAFgNGs g0XdZcrbFDS2ZawnxKHP5Z6jfD_giutI5ZFWhAb_IgU\n'

and to patch this issue locally I prepended a space to each argument in the argument list that begins with a -:

        # plugin.py line 722      
        # arg_list = [self._get_handler(), command] + list(args)

        #new                                                                                                                                
        safe_arglist = []
        for arg in list(args):
            if arg.startswith('-'):
                arg = arg.replace('-', ' -', 1)
            safe_arglist.append(arg)                                                                                  
        arg_list = [self._get_handler(), command] + safe_arglist

I'm happy to submit a PR though there may be a less hacky way to handle this.