Preserve --must-staple in configuration for renewal (#3844)

2026-06-07 15:52:08 -04:00 · 2016-12-03 06:50:57 +01:00 · 2016-12-03 06:50:57 +01:00 · 0e237e1c0b
commit 0e237e1c0b
parent da3332ccfa
4 changed files with 19 additions and 0 deletions
--- a/certbot/renewal.py
+++ b/certbot/renewal.py
@ -33,6 +33,7 @@ STR_CONFIG_ITEMS = ["config_dir", "logs_dir", "work_dir", "user_agent",
                    "server", "account", "authenticator", "installer",
                    "standalone_supported_challenges", "renew_hook"]
 INT_CONFIG_ITEMS = ["rsa_key_size", "tls_sni_01_port", "http01_port"]
+BOOL_CONFIG_ITEMS = ["must_staple"]


 def renewal_conf_files(config):
@ -190,6 +191,17 @@ def _restore_required_config_elements(config, renewalparams):
                    raise errors.Error(
                        "Expected a numeric value for {0}".format(config_item))
            setattr(config.namespace, config_item, int_value)
+    # bool-valued items to add if they're present
+    for config_item in BOOL_CONFIG_ITEMS:
+        if config_item in renewalparams and not cli.set_by_cli(config_item):
+            config_value = renewalparams[config_item]
+            if config_value in ("True", "False"):
+                # bool("False") == True
+                # pylint: disable=eval-used
+                setattr(config.namespace, config_item, eval(config_value))
+            else:
+                raise errors.Error(
+                    "Expected 'True' or 'False' for {0}".format(config_item))


 def should_renew(config, lineage):
--- a/certbot/storage.py
+++ b/certbot/storage.py
@ -154,6 +154,7 @@ def _relevant(option):
    plugins = list(plugins_disco.PluginsRegistry.find_all())
    return (option in renewal.STR_CONFIG_ITEMS
            or option in renewal.INT_CONFIG_ITEMS
+            or option in renewal.BOOL_CONFIG_ITEMS
            or any(option.startswith(x + "_") for x in plugins))


--- a/certbot/tests/cli_test.py
+++ b/certbot/tests/cli_test.py
@ -735,6 +735,11 @@ class CLITest(unittest.TestCase):  # pylint: disable=too-many-public-methods
        args = ["renew", "--dry-run", "-tvv"]
        self._test_renewal_common(True, [], args=args, should_renew=True)

+    def test_must_staple_renew(self):
+        self._make_lineage('sample-renewal.conf')
+        args = ["renew", "--must-staple"]
+        self._test_renewal_common(True, [], args=args, should_renew=True)
+
    def test_quiet_renew(self):
        self._make_lineage('sample-renewal.conf')
        args = ["renew", "--dry-run"]
--- a/certbot/tests/testdata/sample-renewal.conf
+++ b/certbot/tests/testdata/sample-renewal.conf
@ -73,4 +73,5 @@ tls_sni_01_port = 443
 logs_dir = /var/log/letsencrypt
 apache_vhost_root = /etc/apache2/sites-available
 configurator = None
+must_staple = True
 [[webroot_map]]