From c82a551e77faa228da0a9e445cd0eb7f0417537d Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Tue, 12 Apr 2016 00:03:48 +0300 Subject: [PATCH 01/32] os-release parsing WIP --- letsencrypt/le_util.py | 48 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/letsencrypt/le_util.py b/letsencrypt/le_util.py index cb1c61074..7ee5e33db 100644 --- a/letsencrypt/le_util.py +++ b/letsencrypt/le_util.py @@ -210,8 +210,56 @@ def safely_remove(path): def get_os_info(): + """ + Get OS name and version + + :returns: (os_name, os_version) + :rtype: `tuple` of `str` + """ + + +def get_systemd_os_info(): + """ + Parse systemd /etc/os-release for distribution information + + :returns: (os_name, os_version) + :rtype: `tuple` of `str` + """ + + os_name = _get_systemd_os_release_var("ID") + os_version = _get_systemd_os_release_var("VERSION_ID") + + return (os_name, os_version) + + +def _get_systemd_os_release_var(varname): + + OS_RELEASE_FILEPATH = "/etc/os-release" + var_string = varname+"=" + if not os.path.isfile(OS_RELEASE_FILEPATH): + return "" + with open(OS_RELEASE_FILEPATH, 'r') as fh: + contents = fh.readlines() + + for line in contents: + if line.strip().startswith(var_string): + # Return the value of var, normalized + return _normalize_string(line.strip()[len(var_string):]) + return "" + + +def _normalize_string(orig): + """ + Helper function for _get_systemd_os_release_var() to remove quotes + and whitespaces + """ + return orig.replace('"', '').replace("'", "").strip() + + +def get_python_os_info(): """ Get Operating System type/distribution and major version + using python platform module :returns: (os_name, os_version) :rtype: `tuple` of `str` From bbb300eb229bcca0938b50fef9421f02b3b6d88b Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Tue, 12 Apr 2016 14:27:00 +0300 Subject: [PATCH 02/32] Finalized parsing and fixed test case --- letsencrypt/le_util.py | 16 ++++++++++++++++ letsencrypt/tests/cli_test.py | 2 +- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/letsencrypt/le_util.py b/letsencrypt/le_util.py index 7ee5e33db..60cdd0314 100644 --- a/letsencrypt/le_util.py +++ b/letsencrypt/le_util.py @@ -217,6 +217,15 @@ def get_os_info(): :rtype: `tuple` of `str` """ + if os.path.isfile('/etc/os-release'): + # Systemd os-release parsing might be viable + os_name, os_version = get_systemd_os_info() + if os_name: + return (os_name, os_version) + + # Fallback to platform module + return get_python_os_info() + def get_systemd_os_info(): """ @@ -233,6 +242,13 @@ def get_systemd_os_info(): def _get_systemd_os_release_var(varname): + """ + Get single value from systemd /etc/os-release + + :param str varname: Name of variable to fetch + :returns: requested value + :rtype: `str` + """ OS_RELEASE_FILEPATH = "/etc/os-release" var_string = varname+"=" diff --git a/letsencrypt/tests/cli_test.py b/letsencrypt/tests/cli_test.py index eb3f48308..03ad45514 100644 --- a/letsencrypt/tests/cli_test.py +++ b/letsencrypt/tests/cli_test.py @@ -169,7 +169,7 @@ class CLITest(unittest.TestCase): # pylint: disable=too-many-public-methods import platform plat = platform.platform() if "linux" in plat.lower(): - self.assertTrue(platform.linux_distribution()[0] in ua) + self.assertTrue(le_util.get_os_info()[0] in ua) with mock.patch('letsencrypt.main.client.acme_client.ClientNetwork') as acme_net: ua = "bandersnatch" From 7ff8440b8f49d527f3a61055aa8fb311ca90063b Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Tue, 12 Apr 2016 18:12:47 +0300 Subject: [PATCH 03/32] Tests for systemd os-release. Fix for darwin OS version info and tests for it --- letsencrypt/le_util.py | 1 - letsencrypt/tests/le_util_test.py | 34 +++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/letsencrypt/le_util.py b/letsencrypt/le_util.py index 60cdd0314..71dff7575 100644 --- a/letsencrypt/le_util.py +++ b/letsencrypt/le_util.py @@ -300,7 +300,6 @@ def get_python_os_info(): ["sw_vers", "-productVersion"], stdout=subprocess.PIPE ).communicate()[0] - os_ver = os_ver.partition(".")[0] elif os_type.startswith('freebsd'): # eg "9.3-RC3-p1" os_ver = os_ver.partition("-")[0] diff --git a/letsencrypt/tests/le_util_test.py b/letsencrypt/tests/le_util_test.py index 0f9464c6f..e1770eaed 100644 --- a/letsencrypt/tests/le_util_test.py +++ b/letsencrypt/tests/le_util_test.py @@ -339,5 +339,39 @@ class EnforceDomainSanityTest(unittest.TestCase): u"eichh\u00f6rnchen.example.com") +class OsInfoTest(unittest.TestCase): + """Test OS / distribution detection""" + def _call(self): + from letsencrypt.le_util import get_os_info + return get_os_info() + + def test_systemd_os_release(self): + from letsencrypt.le_util import get_os_info + os_release = 'VERSION_ID=42\nID=doobian\n' + with mock.patch('__builtin__.open', + mock.mock_open(read_data=os_release)): + with mock.patch('os.path.isfile', return_value=True): + self.assertEqual(get_os_info()[0], 'doobian') + self.assertEqual(get_os_info()[1], '42') + + @mock.patch("letsencrypt.le_util.subprocess.Popen") + def test_non_systemd_os_info(self, popen_mock): + from letsencrypt.le_util import get_os_info + with mock.patch('os.path.isfile', return_value=False): + with mock.patch('platform.system_alias', + return_value=('NonSystemD','42','42')): + self.assertEqual(get_os_info()[0], 'nonsystemd') + + with mock.patch('platform.system_alias', + return_value=('darwin', '', '')): + comm_mock = mock.Mock() + comm_attrs = {'communicate.return_value': + ('42.42.42', 'error')} + comm_mock.configure_mock(**comm_attrs) + popen_mock.return_value = comm_mock + self.assertEqual(get_os_info()[0], 'darwin') + self.assertEqual(get_os_info()[1], '42.42.42') + + if __name__ == "__main__": unittest.main() # pragma: no cover From 34f0e260f1ee7c900330d60f47b7e6a06aabd15b Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Tue, 12 Apr 2016 18:49:08 +0300 Subject: [PATCH 04/32] Linter fixes --- letsencrypt/tests/le_util_test.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/letsencrypt/tests/le_util_test.py b/letsencrypt/tests/le_util_test.py index e1770eaed..10d2c91ad 100644 --- a/letsencrypt/tests/le_util_test.py +++ b/letsencrypt/tests/le_util_test.py @@ -359,7 +359,7 @@ class OsInfoTest(unittest.TestCase): from letsencrypt.le_util import get_os_info with mock.patch('os.path.isfile', return_value=False): with mock.patch('platform.system_alias', - return_value=('NonSystemD','42','42')): + return_value=('NonSystemD', '42', '42')): self.assertEqual(get_os_info()[0], 'nonsystemd') with mock.patch('platform.system_alias', @@ -367,7 +367,7 @@ class OsInfoTest(unittest.TestCase): comm_mock = mock.Mock() comm_attrs = {'communicate.return_value': ('42.42.42', 'error')} - comm_mock.configure_mock(**comm_attrs) + comm_mock.configure_mock(**comm_attrs) # pylint disable=star-args popen_mock.return_value = comm_mock self.assertEqual(get_os_info()[0], 'darwin') self.assertEqual(get_os_info()[1], '42.42.42') From 57738142e28c6841aab9a909883ecf166e6b9560 Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Tue, 12 Apr 2016 18:59:27 +0300 Subject: [PATCH 05/32] Added constants for os-release names --- letsencrypt-apache/letsencrypt_apache/constants.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/letsencrypt-apache/letsencrypt_apache/constants.py b/letsencrypt-apache/letsencrypt_apache/constants.py index 8b502b4d8..72bbdca6d 100644 --- a/letsencrypt-apache/letsencrypt_apache/constants.py +++ b/letsencrypt-apache/letsencrypt_apache/constants.py @@ -78,6 +78,8 @@ CLI_DEFAULTS = { "centos linux": CLI_DEFAULTS_CENTOS, "fedora": CLI_DEFAULTS_CENTOS, "red hat enterprise linux server": CLI_DEFAULTS_CENTOS, + "rhel": CLI_DEFAULTS_CENTOS, + "amazon": CLI_DEFAULTS_CENTOS, "gentoo base system": CLI_DEFAULTS_GENTOO, "darwin": CLI_DEFAULTS_DARWIN, } From 67c60ab406e7b1b34637371e7392d8ce51889d82 Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Tue, 12 Apr 2016 19:41:39 +0300 Subject: [PATCH 06/32] Disabled linter error --- letsencrypt/tests/le_util_test.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/letsencrypt/tests/le_util_test.py b/letsencrypt/tests/le_util_test.py index 10d2c91ad..74b1bb703 100644 --- a/letsencrypt/tests/le_util_test.py +++ b/letsencrypt/tests/le_util_test.py @@ -347,11 +347,11 @@ class OsInfoTest(unittest.TestCase): def test_systemd_os_release(self): from letsencrypt.le_util import get_os_info - os_release = 'VERSION_ID=42\nID=doobian\n' + os_release = 'VERSION_ID=42\nID=systemdos\n' with mock.patch('__builtin__.open', mock.mock_open(read_data=os_release)): with mock.patch('os.path.isfile', return_value=True): - self.assertEqual(get_os_info()[0], 'doobian') + self.assertEqual(get_os_info()[0], 'systemdos') self.assertEqual(get_os_info()[1], '42') @mock.patch("letsencrypt.le_util.subprocess.Popen") @@ -367,7 +367,7 @@ class OsInfoTest(unittest.TestCase): comm_mock = mock.Mock() comm_attrs = {'communicate.return_value': ('42.42.42', 'error')} - comm_mock.configure_mock(**comm_attrs) # pylint disable=star-args + comm_mock.configure_mock(**comm_attrs) # pylint: disable=star-args popen_mock.return_value = comm_mock self.assertEqual(get_os_info()[0], 'darwin') self.assertEqual(get_os_info()[1], '42.42.42') From 6fc63de5a587c91f3ba87d51b4e38ef8d9f0b44a Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Wed, 13 Apr 2016 00:49:51 +0300 Subject: [PATCH 07/32] Using mocked os-release file --- letsencrypt/le_util.py | 22 ++++++++++++---------- letsencrypt/tests/le_util_test.py | 13 +++++++------ 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/letsencrypt/le_util.py b/letsencrypt/le_util.py index 71dff7575..927d8f2e8 100644 --- a/letsencrypt/le_util.py +++ b/letsencrypt/le_util.py @@ -209,17 +209,18 @@ def safely_remove(path): raise -def get_os_info(): +def get_os_info(filepath="/etc/os-release"): """ Get OS name and version + :param str filepath: File path of os-release file :returns: (os_name, os_version) :rtype: `tuple` of `str` """ - if os.path.isfile('/etc/os-release'): + if os.path.isfile(filepath): # Systemd os-release parsing might be viable - os_name, os_version = get_systemd_os_info() + os_name, os_version = get_systemd_os_info(filepath=filepath) if os_name: return (os_name, os_version) @@ -227,34 +228,35 @@ def get_os_info(): return get_python_os_info() -def get_systemd_os_info(): +def get_systemd_os_info(filepath="/etc/os-release"): """ Parse systemd /etc/os-release for distribution information + :param str filepath: File path of os-release file :returns: (os_name, os_version) :rtype: `tuple` of `str` """ - os_name = _get_systemd_os_release_var("ID") - os_version = _get_systemd_os_release_var("VERSION_ID") + os_name = _get_systemd_os_release_var("ID", filepath=filepath) + os_version = _get_systemd_os_release_var("VERSION_ID", filepath=filepath) return (os_name, os_version) -def _get_systemd_os_release_var(varname): +def _get_systemd_os_release_var(varname, filepath="/etc/os-release"): """ Get single value from systemd /etc/os-release :param str varname: Name of variable to fetch + :param str filepath: File path of os-release file :returns: requested value :rtype: `str` """ - OS_RELEASE_FILEPATH = "/etc/os-release" var_string = varname+"=" - if not os.path.isfile(OS_RELEASE_FILEPATH): + if not os.path.isfile(filepath): return "" - with open(OS_RELEASE_FILEPATH, 'r') as fh: + with open(filepath, 'r') as fh: contents = fh.readlines() for line in contents: diff --git a/letsencrypt/tests/le_util_test.py b/letsencrypt/tests/le_util_test.py index 74b1bb703..c43dbfe2c 100644 --- a/letsencrypt/tests/le_util_test.py +++ b/letsencrypt/tests/le_util_test.py @@ -4,6 +4,7 @@ import errno import os import shutil import stat +import sys import tempfile import unittest @@ -11,6 +12,7 @@ import mock import six from letsencrypt import errors +from letsencrypt.tests import test_util class RunScriptTest(unittest.TestCase): @@ -347,12 +349,11 @@ class OsInfoTest(unittest.TestCase): def test_systemd_os_release(self): from letsencrypt.le_util import get_os_info - os_release = 'VERSION_ID=42\nID=systemdos\n' - with mock.patch('__builtin__.open', - mock.mock_open(read_data=os_release)): - with mock.patch('os.path.isfile', return_value=True): - self.assertEqual(get_os_info()[0], 'systemdos') - self.assertEqual(get_os_info()[1], '42') + with mock.patch('os.path.isfile', return_value=True): + self.assertEqual(get_os_info( + test_util.vector_path("os-release"))[0], 'systemdos') + self.assertEqual(get_os_info( + test_util.vector_path("os-release"))[1], '42') @mock.patch("letsencrypt.le_util.subprocess.Popen") def test_non_systemd_os_info(self, popen_mock): From 608352157c3fb618e4e345509e0163481596dcba Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Wed, 13 Apr 2016 00:55:21 +0300 Subject: [PATCH 08/32] ..and the test file of course --- letsencrypt/tests/testdata/os-release | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 letsencrypt/tests/testdata/os-release diff --git a/letsencrypt/tests/testdata/os-release b/letsencrypt/tests/testdata/os-release new file mode 100644 index 000000000..b7c3ceb1b --- /dev/null +++ b/letsencrypt/tests/testdata/os-release @@ -0,0 +1,8 @@ +NAME="SystemdOS" +VERSION="42.42.42 LTS, Unreal" +ID=systemdos +ID_LIKE=debian +PRETTY_NAME="SystemdOS 42.42.42 Unreal" +VERSION_ID="42" +HOME_URL="http://www.example.com/" +SUPPORT_URL="http://help.example.com/" From 096873ca1c7d2c998283fa0cd3835db6bac3ea9c Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Wed, 13 Apr 2016 01:21:34 +0300 Subject: [PATCH 09/32] Removed unused import --- letsencrypt/tests/le_util_test.py | 1 - 1 file changed, 1 deletion(-) diff --git a/letsencrypt/tests/le_util_test.py b/letsencrypt/tests/le_util_test.py index c43dbfe2c..bab711ded 100644 --- a/letsencrypt/tests/le_util_test.py +++ b/letsencrypt/tests/le_util_test.py @@ -4,7 +4,6 @@ import errno import os import shutil import stat -import sys import tempfile import unittest From 995b22684f20a5de2f5b48dc34816f54f9af654c Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Thu, 14 Apr 2016 08:08:08 +0300 Subject: [PATCH 10/32] Removed unused test method --- letsencrypt/tests/le_util_test.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/letsencrypt/tests/le_util_test.py b/letsencrypt/tests/le_util_test.py index bab711ded..5187964a4 100644 --- a/letsencrypt/tests/le_util_test.py +++ b/letsencrypt/tests/le_util_test.py @@ -342,9 +342,6 @@ class EnforceDomainSanityTest(unittest.TestCase): class OsInfoTest(unittest.TestCase): """Test OS / distribution detection""" - def _call(self): - from letsencrypt.le_util import get_os_info - return get_os_info() def test_systemd_os_release(self): from letsencrypt.le_util import get_os_info From b1d7bd318e649474dd763667920e8e8744b961b9 Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Thu, 14 Apr 2016 08:39:39 +0300 Subject: [PATCH 11/32] Full test coverage for le_util and os detection --- letsencrypt/tests/le_util_test.py | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/letsencrypt/tests/le_util_test.py b/letsencrypt/tests/le_util_test.py index 5187964a4..435760828 100644 --- a/letsencrypt/tests/le_util_test.py +++ b/letsencrypt/tests/le_util_test.py @@ -344,16 +344,19 @@ class OsInfoTest(unittest.TestCase): """Test OS / distribution detection""" def test_systemd_os_release(self): - from letsencrypt.le_util import get_os_info + from letsencrypt.le_util import get_os_info, get_systemd_os_info with mock.patch('os.path.isfile', return_value=True): self.assertEqual(get_os_info( test_util.vector_path("os-release"))[0], 'systemdos') self.assertEqual(get_os_info( test_util.vector_path("os-release"))[1], '42') + self.assertEqual(get_systemd_os_info("/dev/null"), ("", "")) + with mock.patch('os.path.isfile', return_value=False): + self.assertEqual(get_systemd_os_info(), ("", "")) @mock.patch("letsencrypt.le_util.subprocess.Popen") def test_non_systemd_os_info(self, popen_mock): - from letsencrypt.le_util import get_os_info + from letsencrypt.le_util import get_os_info, get_python_os_info with mock.patch('os.path.isfile', return_value=False): with mock.patch('platform.system_alias', return_value=('NonSystemD', '42', '42')): @@ -364,11 +367,32 @@ class OsInfoTest(unittest.TestCase): comm_mock = mock.Mock() comm_attrs = {'communicate.return_value': ('42.42.42', 'error')} - comm_mock.configure_mock(**comm_attrs) # pylint: disable=star-args + comm_mock.configure_mock(**comm_attrs) # pylint: disable=star-args popen_mock.return_value = comm_mock self.assertEqual(get_os_info()[0], 'darwin') self.assertEqual(get_os_info()[1], '42.42.42') + with mock.patch('platform.system_alias', + return_value=('linux', '', '')): + with mock.patch('platform.linux_distribution', + return_value=('', '', '')): + self.assertEqual(get_python_os_info(), ("linux", "")) + + with mock.patch('platform.linux_distribution', + return_value=('testdist', '42', '')): + self.assertEqual(get_python_os_info(), ("testdist", "42")) + + with mock.patch('platform.system_alias', + return_value=('freebsd', '9.3-RC3-p1', '')): + self.assertEqual(get_python_os_info(), ("freebsd", "9")) + + with mock.patch('platform.system_alias', + return_value=('windows', '', '')): + with mock.patch('platform.win32_ver', + return_value=('4242', '95', '2', '')): + self.assertEqual(get_python_os_info(), + ("windows", "95")) + if __name__ == "__main__": unittest.main() # pragma: no cover From 7563d65cb324c5702f55593276e941e036e585b8 Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Sat, 16 Apr 2016 15:39:31 +0300 Subject: [PATCH 12/32] Name change for tests --- certbot/tests/le_util_test.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/certbot/tests/le_util_test.py b/certbot/tests/le_util_test.py index 752e66a63..23ea40987 100644 --- a/certbot/tests/le_util_test.py +++ b/certbot/tests/le_util_test.py @@ -344,7 +344,7 @@ class OsInfoTest(unittest.TestCase): """Test OS / distribution detection""" def test_systemd_os_release(self): - from letsencrypt.le_util import get_os_info, get_systemd_os_info + from certbot.le_util import get_os_info, get_systemd_os_info with mock.patch('os.path.isfile', return_value=True): self.assertEqual(get_os_info( test_util.vector_path("os-release"))[0], 'systemdos') @@ -354,9 +354,9 @@ class OsInfoTest(unittest.TestCase): with mock.patch('os.path.isfile', return_value=False): self.assertEqual(get_systemd_os_info(), ("", "")) - @mock.patch("letsencrypt.le_util.subprocess.Popen") + @mock.patch("certbot.le_util.subprocess.Popen") def test_non_systemd_os_info(self, popen_mock): - from letsencrypt.le_util import get_os_info, get_python_os_info + from certbot.le_util import get_os_info, get_python_os_info with mock.patch('os.path.isfile', return_value=False): with mock.patch('platform.system_alias', return_value=('NonSystemD', '42', '42')): From c2a5fb7f21c04af7a3664e14b4d7e73af23d6db9 Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Sat, 16 Apr 2016 16:03:46 +0300 Subject: [PATCH 13/32] Re-add test file --- certbot/tests/testdata/os-release | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 certbot/tests/testdata/os-release diff --git a/certbot/tests/testdata/os-release b/certbot/tests/testdata/os-release new file mode 100644 index 000000000..b7c3ceb1b --- /dev/null +++ b/certbot/tests/testdata/os-release @@ -0,0 +1,8 @@ +NAME="SystemdOS" +VERSION="42.42.42 LTS, Unreal" +ID=systemdos +ID_LIKE=debian +PRETTY_NAME="SystemdOS 42.42.42 Unreal" +VERSION_ID="42" +HOME_URL="http://www.example.com/" +SUPPORT_URL="http://help.example.com/" From ff30fb71d2cabeae6951d3c77ed536fe1070c415 Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Fri, 29 Apr 2016 15:31:59 +0300 Subject: [PATCH 14/32] New method for determining UA string --- certbot/client.py | 2 +- certbot/le_util.py | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/certbot/client.py b/certbot/client.py index 60e37a787..4c90a84ca 100644 --- a/certbot/client.py +++ b/certbot/client.py @@ -52,7 +52,7 @@ def _determine_user_agent(config): if config.user_agent is None: ua = "CertbotACMEClient/{0} ({1}) Authenticator/{2} Installer/{3}" - ua = ua.format(certbot.__version__, " ".join(le_util.get_os_info()), + ua = ua.format(certbot.__version__, le_util.get_os_info_ua(), config.authenticator, config.installer) else: ua = config.user_agent diff --git a/certbot/le_util.py b/certbot/le_util.py index c1f4d1acd..fcde840c9 100644 --- a/certbot/le_util.py +++ b/certbot/le_util.py @@ -228,6 +228,24 @@ def get_os_info(filepath="/etc/os-release"): return get_python_os_info() +def get_os_info_ua(filepath="/etc/os-release"): + """ + Get OS name and version string for User Agent + + :param str filepath: File path of os-release file + :returns: os_ua + :rtype: `str` + """ + + if os.path.isfile(filepath): + os_ua = _get_systemd_os_release_var("NAME", filepath=filepath) + if os_ua: + return os_ua + + # Fallback + return " ".join(get_python_os_info()) + + def get_systemd_os_info(filepath="/etc/os-release"): """ Parse systemd /etc/os-release for distribution information From 1b5efc842719312fbb22cd19f27ab8011ace3f81 Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Fri, 29 Apr 2016 15:52:24 +0300 Subject: [PATCH 15/32] Added tests for new UA method --- certbot/tests/le_util_test.py | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/certbot/tests/le_util_test.py b/certbot/tests/le_util_test.py index 23ea40987..99aaba44e 100644 --- a/certbot/tests/le_util_test.py +++ b/certbot/tests/le_util_test.py @@ -344,23 +344,31 @@ class OsInfoTest(unittest.TestCase): """Test OS / distribution detection""" def test_systemd_os_release(self): - from certbot.le_util import get_os_info, get_systemd_os_info + from certbot.le_util import (get_os_info, get_systemd_os_info, + get_os_info_ua) + with mock.patch('os.path.isfile', return_value=True): self.assertEqual(get_os_info( test_util.vector_path("os-release"))[0], 'systemdos') self.assertEqual(get_os_info( test_util.vector_path("os-release"))[1], '42') self.assertEqual(get_systemd_os_info("/dev/null"), ("", "")) + self.assertEqual(get_os_info_ua( + test_util.vector_path("os-release")), + "SystemdOS") with mock.patch('os.path.isfile', return_value=False): self.assertEqual(get_systemd_os_info(), ("", "")) @mock.patch("certbot.le_util.subprocess.Popen") def test_non_systemd_os_info(self, popen_mock): - from certbot.le_util import get_os_info, get_python_os_info + from certbot.le_util import (get_os_info, get_python_os_info, + get_os_info_ua) with mock.patch('os.path.isfile', return_value=False): with mock.patch('platform.system_alias', return_value=('NonSystemD', '42', '42')): self.assertEqual(get_os_info()[0], 'nonsystemd') + self.assertEqual(get_os_info_ua(), + " ".join(get_python_os_info())) with mock.patch('platform.system_alias', return_value=('darwin', '', '')): From 9af0994ca6144daa45903e182f48e7036bd9047b Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Fri, 29 Apr 2016 16:23:52 +0300 Subject: [PATCH 16/32] More verbose UA & test UA test fixes --- certbot/le_util.py | 9 ++++++--- certbot/tests/cli_test.py | 4 ++-- certbot/tests/testdata/os-release | 1 - 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/certbot/le_util.py b/certbot/le_util.py index fcde840c9..d18032d9c 100644 --- a/certbot/le_util.py +++ b/certbot/le_util.py @@ -238,7 +238,9 @@ def get_os_info_ua(filepath="/etc/os-release"): """ if os.path.isfile(filepath): - os_ua = _get_systemd_os_release_var("NAME", filepath=filepath) + os_ua = _get_systemd_os_release_var("PRETTY_NAME", filepath=filepath) + if not os_ua: + os_ua = _get_systemd_os_release_var("NAME", filepath=filepath) if os_ua: return os_ua @@ -396,7 +398,7 @@ def enforce_domain_sanity(domain): domain = domain.encode('ascii').lower() except UnicodeError: error_fmt = (u"Internationalized domain names " - "are not presently supported: {0}") + "are not presently supported: {0}") if isinstance(domain, six.text_type): raise errors.ConfigurationError(error_fmt.format(domain)) else: @@ -423,5 +425,6 @@ def enforce_domain_sanity(domain): # first and last char is not "-" fqdn = re.compile("^((?!-)[A-Za-z0-9-]{1,63}(? Date: Thu, 5 May 2016 09:22:50 +0200 Subject: [PATCH 17/32] Fixing auto_test.py for Python 2.6 --- letsencrypt-auto-source/tests/auto_test.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/letsencrypt-auto-source/tests/auto_test.py b/letsencrypt-auto-source/tests/auto_test.py index 3b7e8731b..fa265c1c0 100644 --- a/letsencrypt-auto-source/tests/auto_test.py +++ b/letsencrypt-auto-source/tests/auto_test.py @@ -11,7 +11,7 @@ from shutil import copy, rmtree import socket import ssl from stat import S_IRUSR, S_IXUSR -from subprocess import CalledProcessError, check_output, Popen, PIPE +from subprocess import CalledProcessError, Popen, PIPE import sys from tempfile import mkdtemp from threading import Thread @@ -146,7 +146,7 @@ def out_and_err(command, input=None, shell=False, env=None): out, err = process.communicate(input=input) status = process.poll() # same as in check_output(), though wait() sounds better if status: - raise CalledProcessError(status, command, output=out) + raise CalledProcessError(status, command) return out, err From d57c9434710a2bd1d74dd382420da6caf9781974 Mon Sep 17 00:00:00 2001 From: Amjad Mashaal Date: Thu, 5 May 2016 10:08:28 +0200 Subject: [PATCH 18/32] Fixing broken tests --- letsencrypt-auto-source/tests/auto_test.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/letsencrypt-auto-source/tests/auto_test.py b/letsencrypt-auto-source/tests/auto_test.py index fa265c1c0..7f0b31b67 100644 --- a/letsencrypt-auto-source/tests/auto_test.py +++ b/letsencrypt-auto-source/tests/auto_test.py @@ -146,7 +146,9 @@ def out_and_err(command, input=None, shell=False, env=None): out, err = process.communicate(input=input) status = process.poll() # same as in check_output(), though wait() sounds better if status: - raise CalledProcessError(status, command) + error = CalledProcessError(status, command) + error.output = out + raise error return out, err From 3aed4fc59d355df158b08f11f96df084b6a53e9b Mon Sep 17 00:00:00 2001 From: Christopher Brown Date: Thu, 19 May 2016 14:19:13 -0500 Subject: [PATCH 19/32] Typo: too many self's The extra self will push along the arguments, resulting in the accurate but not very helpful error message: "AttributeError: 'JWKRSA' object has no attribute 'kty'" --- acme/acme/challenges.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/acme/acme/challenges.py b/acme/acme/challenges.py index 280bc8308..c436cc631 100644 --- a/acme/acme/challenges.py +++ b/acme/acme/challenges.py @@ -500,7 +500,7 @@ class DNS(_TokenChallenge): """ return DNSResponse(validation=self.gen_validation( - self, account_key, **kwargs)) + account_key, **kwargs)) def validation_domain_name(self, name): """Domain name for TXT validation record. From d9d23772422153a58328556b305e626fe61ac898 Mon Sep 17 00:00:00 2001 From: Blake Griffith Date: Wed, 25 May 2016 18:28:40 -0500 Subject: [PATCH 20/32] Rename certbot.le_util to certbot.util Also rename certbot/tests/le_util_test.py to certbot/tests/util_test.py --- certbot-apache/certbot_apache/configurator.py | 19 +++--- certbot-apache/certbot_apache/constants.py | 4 +- certbot-nginx/certbot_nginx/configurator.py | 14 ++-- certbot/account.py | 8 +-- certbot/cli.py | 6 +- certbot/client.py | 22 +++--- certbot/colored_logging.py | 4 +- certbot/configuration.py | 4 +- certbot/crypto_util.py | 27 ++++---- certbot/display/ops.py | 8 +-- certbot/main.py | 8 +-- certbot/plugins/common.py | 4 +- certbot/plugins/common_test.py | 2 +- certbot/renewal.py | 4 +- certbot/reporter.py | 8 +-- certbot/reverter.py | 10 +-- certbot/storage.py | 8 +-- certbot/tests/auth_handler_test.py | 4 +- certbot/tests/cli_test.py | 8 +-- certbot/tests/client_test.py | 6 +- certbot/tests/colored_logging_test.py | 6 +- certbot/tests/crypto_util_test.py | 16 ++--- certbot/tests/display/ops_test.py | 6 +- certbot/tests/reverter_test.py | 2 +- certbot/tests/storage_test.py | 2 +- .../tests/{le_util_test.py => util_test.py} | 68 +++++++++---------- certbot/{le_util.py => util.py} | 0 27 files changed, 138 insertions(+), 140 deletions(-) rename certbot/tests/{le_util_test.py => util_test.py} (85%) rename certbot/{le_util.py => util.py} (100%) diff --git a/certbot-apache/certbot_apache/configurator.py b/certbot-apache/certbot_apache/configurator.py index 1e02ae7b3..e4c06ba7e 100644 --- a/certbot-apache/certbot_apache/configurator.py +++ b/certbot-apache/certbot_apache/configurator.py @@ -15,7 +15,7 @@ from acme import challenges from certbot import errors from certbot import interfaces -from certbot import le_util +from certbot import util from certbot.plugins import common @@ -106,8 +106,8 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): add("handle-sites", default=constants.os_constant("handle_sites"), help="Let installer handle enabling sites for you." + "(Only Ubuntu/Debian currently)") - le_util.add_deprecated_argument(add, argument_name="ctl", nargs=1) - le_util.add_deprecated_argument( + util.add_deprecated_argument(add, argument_name="ctl", nargs=1) + util.add_deprecated_argument( add, argument_name="init-script", nargs=1) def __init__(self, *args, **kwargs): @@ -151,7 +151,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): """ # Verify Apache is installed - if not le_util.exe_exists(constants.os_constant("restart_cmd")[0]): + if not util.exe_exists(constants.os_constant("restart_cmd")[0]): raise errors.NoInstallationError # Make sure configuration is valid @@ -1521,14 +1521,14 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): # Generate reversal command. # Try to be safe here... check that we can probably reverse before # applying enmod command - if not le_util.exe_exists(self.conf("dismod")): + if not util.exe_exists(self.conf("dismod")): raise errors.MisconfigurationError( "Unable to find a2dismod, please make sure a2enmod and " "a2dismod are configured correctly for certbot.") self.reverter.register_undo_command( temp, [self.conf("dismod"), mod_name]) - le_util.run_script([self.conf("enmod"), mod_name]) + util.run_script([self.conf("enmod"), mod_name]) def restart(self): """Runs a config test and reloads the Apache server. @@ -1547,7 +1547,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): """ try: - le_util.run_script(constants.os_constant("restart_cmd")) + util.run_script(constants.os_constant("restart_cmd")) except errors.SubprocessError as err: raise errors.MisconfigurationError(str(err)) @@ -1558,7 +1558,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): """ try: - le_util.run_script(constants.os_constant("conftest_cmd")) + util.run_script(constants.os_constant("conftest_cmd")) except errors.SubprocessError as err: raise errors.MisconfigurationError(str(err)) @@ -1574,8 +1574,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): """ try: - stdout, _ = le_util.run_script( - constants.os_constant("version_cmd")) + stdout, _ = util.run_script(constants.os_constant("version_cmd")) except errors.SubprocessError: raise errors.PluginError( "Unable to run %s -v" % diff --git a/certbot-apache/certbot_apache/constants.py b/certbot-apache/certbot_apache/constants.py index f3226572c..faf74394d 100644 --- a/certbot-apache/certbot_apache/constants.py +++ b/certbot-apache/certbot_apache/constants.py @@ -1,6 +1,6 @@ """Apache plugin constants.""" import pkg_resources -from certbot import le_util +from certbot import util CLI_DEFAULTS_DEBIAN = dict( @@ -116,7 +116,7 @@ def os_constant(key): :param key: name of cli constant :return: value of constant for active os """ - os_info = le_util.get_os_info() + os_info = util.get_os_info() try: constants = CLI_DEFAULTS[os_info[0].lower()] except KeyError: diff --git a/certbot-nginx/certbot_nginx/configurator.py b/certbot-nginx/certbot_nginx/configurator.py index e402d5c79..30928e56c 100644 --- a/certbot-nginx/certbot_nginx/configurator.py +++ b/certbot-nginx/certbot_nginx/configurator.py @@ -17,7 +17,7 @@ from certbot import constants as core_constants from certbot import crypto_util from certbot import errors from certbot import interfaces -from certbot import le_util +from certbot import util from certbot import reverter from certbot.plugins import common @@ -111,7 +111,7 @@ class NginxConfigurator(common.Plugin): :raises .errors.MisconfigurationError: If Nginx is misconfigured """ # Verify Nginx is installed - if not le_util.exe_exists(self.conf('ctl')): + if not util.exe_exists(self.conf('ctl')): raise errors.NoInstallationError # Make sure configuration is valid @@ -318,7 +318,7 @@ class NginxConfigurator(common.Plugin): cert = acme_crypto_util.gen_ss_cert(key, domains=[socket.gethostname()]) cert_pem = OpenSSL.crypto.dump_certificate( OpenSSL.crypto.FILETYPE_PEM, cert) - cert_file, cert_path = le_util.unique_file(os.path.join(tmp_dir, "cert.pem")) + cert_file, cert_path = util.unique_file(os.path.join(tmp_dir, "cert.pem")) with cert_file: cert_file.write(cert_pem) return cert_path, le_key.file @@ -426,7 +426,7 @@ class NginxConfigurator(common.Plugin): """ try: - le_util.run_script([self.conf('ctl'), "-c", self.nginx_conf, "-t"]) + util.run_script([self.conf('ctl'), "-c", self.nginx_conf, "-t"]) except errors.SubprocessError as err: raise errors.MisconfigurationError(str(err)) @@ -439,11 +439,11 @@ class NginxConfigurator(common.Plugin): """ uid = os.geteuid() - le_util.make_or_verify_dir( + util.make_or_verify_dir( self.config.work_dir, core_constants.CONFIG_DIRS_MODE, uid) - le_util.make_or_verify_dir( + util.make_or_verify_dir( self.config.backup_dir, core_constants.CONFIG_DIRS_MODE, uid) - le_util.make_or_verify_dir( + util.make_or_verify_dir( self.config.config_dir, core_constants.CONFIG_DIRS_MODE, uid) def get_version(self): diff --git a/certbot/account.py b/certbot/account.py index cc50a6ea6..2ef3629e2 100644 --- a/certbot/account.py +++ b/certbot/account.py @@ -16,7 +16,7 @@ from acme import messages from certbot import errors from certbot import interfaces -from certbot import le_util +from certbot import util logger = logging.getLogger(__name__) @@ -130,7 +130,7 @@ class AccountFileStorage(interfaces.AccountStorage): """ def __init__(self, config): self.config = config - le_util.make_or_verify_dir(config.accounts_dir, 0o700, os.geteuid(), + util.make_or_verify_dir(config.accounts_dir, 0o700, os.geteuid(), self.config.strict_permissions) def _account_dir_path(self, account_id): @@ -187,12 +187,12 @@ class AccountFileStorage(interfaces.AccountStorage): def save(self, account): account_dir_path = self._account_dir_path(account.id) - le_util.make_or_verify_dir(account_dir_path, 0o700, os.geteuid(), + util.make_or_verify_dir(account_dir_path, 0o700, os.geteuid(), self.config.strict_permissions) try: with open(self._regr_path(account_dir_path), "w") as regr_file: regr_file.write(account.regr.json_dumps()) - with le_util.safe_open(self._key_path(account_dir_path), + with util.safe_open(self._key_path(account_dir_path), "w", chmod=0o400) as key_file: key_file.write(account.key.json_dumps()) with open(self._metadata_path(account_dir_path), "w") as metadata_file: diff --git a/certbot/cli.py b/certbot/cli.py index 05a189712..e8f4a16f0 100644 --- a/certbot/cli.py +++ b/certbot/cli.py @@ -17,7 +17,7 @@ from certbot import crypto_util from certbot import errors from certbot import hooks from certbot import interfaces -from certbot import le_util +from certbot import util from certbot.plugins import disco as plugins_disco import certbot.plugins.selection as plugin_selection @@ -505,7 +505,7 @@ class HelpfulArgumentParser(object): :param int nargs: Number of arguments the option takes. """ - le_util.add_deprecated_argument( + util.add_deprecated_argument( self.parser.add_argument, argument_name, num_args) def add_group(self, topic, **kwargs): @@ -938,7 +938,7 @@ def add_domains(args_or_config, domains): """ validated_domains = [] for domain in domains.split(","): - domain = le_util.enforce_domain_sanity(domain.strip()) + domain = util.enforce_domain_sanity(domain.strip()) validated_domains.append(domain) if domain not in args_or_config.domains: args_or_config.domains.append(domain) diff --git a/certbot/client.py b/certbot/client.py index ba31f8760..3d17e2295 100644 --- a/certbot/client.py +++ b/certbot/client.py @@ -21,7 +21,7 @@ from certbot import crypto_util from certbot import errors from certbot import error_handler from certbot import interfaces -from certbot import le_util +from certbot import util from certbot import reverter from certbot import storage from certbot import cli @@ -53,7 +53,7 @@ def _determine_user_agent(config): if config.user_agent is None: ua = "CertbotACMEClient/{0} ({1}) Authenticator/{2} Installer/{3}" - ua = ua.format(certbot.__version__, " ".join(le_util.get_os_info()), + ua = ua.format(certbot.__version__, " ".join(util.get_os_info()), config.authenticator, config.installer) else: ua = config.user_agent @@ -198,7 +198,7 @@ class Client(object): consistent with identifiers present in the `csr`. :param list domains: Domain names. - :param .le_util.CSR csr: DER-encoded Certificate Signing + :param .util.CSR csr: DER-encoded Certificate Signing Request. The key used to generate this CSR can be different than `authkey`. :param list authzr: List of @@ -237,8 +237,8 @@ class Client(object): :returns: `.CertificateResource`, certificate chain (as returned by `.fetch_chain`), and newly generated private key - (`.le_util.Key`) and DER-encoded Certificate Signing Request - (`.le_util.CSR`). + (`.util.Key`) and DER-encoded Certificate Signing Request + (`.util.CSR`). :rtype: tuple """ @@ -312,7 +312,7 @@ class Client(object): """ for path in cert_path, chain_path, fullchain_path: - le_util.make_or_verify_dir( + util.make_or_verify_dir( os.path.dirname(path), 0o755, os.geteuid(), self.config.strict_permissions) @@ -504,9 +504,9 @@ def validate_key_csr(privkey, csr=None): If csr is left as None, only the key will be validated. :param privkey: Key associated with CSR - :type privkey: :class:`certbot.le_util.Key` + :type privkey: :class:`certbot.util.Key` - :param .le_util.CSR csr: CSR + :param .util.CSR csr: CSR :raises .errors.Error: when validation fails @@ -523,7 +523,7 @@ def validate_key_csr(privkey, csr=None): if csr.form == "der": csr_obj = OpenSSL.crypto.load_certificate_request( OpenSSL.crypto.FILETYPE_ASN1, csr.data) - csr = le_util.CSR(csr.file, OpenSSL.crypto.dump_certificate( + csr = util.CSR(csr.file, OpenSSL.crypto.dump_certificate( OpenSSL.crypto.FILETYPE_PEM, csr_obj), "pem") # If CSR is provided, it must be readable and valid. @@ -586,10 +586,10 @@ def _open_pem_file(cli_arg_path, pem_path): """ if cli.set_by_cli(cli_arg_path): - return le_util.safe_open(pem_path, chmod=0o644),\ + return util.safe_open(pem_path, chmod=0o644),\ os.path.abspath(pem_path) else: - uniq = le_util.unique_file(pem_path, 0o644) + uniq = util.unique_file(pem_path, 0o644) return uniq[0], os.path.abspath(uniq[1]) def _save_chain(chain_pem, chain_file): diff --git a/certbot/colored_logging.py b/certbot/colored_logging.py index d42fb5966..93bf3a55a 100644 --- a/certbot/colored_logging.py +++ b/certbot/colored_logging.py @@ -2,7 +2,7 @@ import logging import sys -from certbot import le_util +from certbot import util class StreamHandler(logging.StreamHandler): @@ -40,6 +40,6 @@ class StreamHandler(logging.StreamHandler): if sys.version_info < (2, 7) else super(StreamHandler, self).format(record)) if self.colored and record.levelno >= self.red_level: - return ''.join((le_util.ANSI_SGR_RED, out, le_util.ANSI_SGR_RESET)) + return ''.join((util.ANSI_SGR_RED, out, util.ANSI_SGR_RESET)) else: return out diff --git a/certbot/configuration.py b/certbot/configuration.py index 172b35bfe..712135b8d 100644 --- a/certbot/configuration.py +++ b/certbot/configuration.py @@ -8,7 +8,7 @@ import zope.interface from certbot import constants from certbot import errors from certbot import interfaces -from certbot import le_util +from certbot import util @zope.interface.implementer(interfaces.IConfig) @@ -132,4 +132,4 @@ def check_config_sanity(config): if config.namespace.domains is not None: for domain in config.namespace.domains: # This may be redundant, but let's be paranoid - le_util.enforce_domain_sanity(domain) + util.enforce_domain_sanity(domain) diff --git a/certbot/crypto_util.py b/certbot/crypto_util.py index 68e07e059..6b1b8426c 100644 --- a/certbot/crypto_util.py +++ b/certbot/crypto_util.py @@ -17,7 +17,7 @@ from acme import jose from certbot import errors from certbot import interfaces -from certbot import le_util +from certbot import util logger = logging.getLogger(__name__) @@ -37,7 +37,7 @@ def init_save_key(key_size, key_dir, keyname="key-certbot.pem"): :param str keyname: Filename of key :returns: Key - :rtype: :class:`certbot.le_util.Key` + :rtype: :class:`certbot.util.Key` :raises ValueError: If unable to generate the key given key_size. @@ -50,30 +50,29 @@ def init_save_key(key_size, key_dir, keyname="key-certbot.pem"): config = zope.component.getUtility(interfaces.IConfig) # Save file - le_util.make_or_verify_dir(key_dir, 0o700, os.geteuid(), - config.strict_permissions) - key_f, key_path = le_util.unique_file( - os.path.join(key_dir, keyname), 0o600) + util.make_or_verify_dir(key_dir, 0o700, os.geteuid(), + config.strict_permissions) + key_f, key_path = util.unique_file(os.path.join(key_dir, keyname), 0o600) with key_f: key_f.write(key_pem) logger.info("Generating key (%d bits): %s", key_size, key_path) - return le_util.Key(key_path, key_pem) + return util.Key(key_path, key_pem) def init_save_csr(privkey, names, path, csrname="csr-certbot.pem"): """Initialize a CSR with the given private key. :param privkey: Key to include in the CSR - :type privkey: :class:`certbot.le_util.Key` + :type privkey: :class:`certbot.util.Key` :param set names: `str` names to include in the CSR :param str path: Certificate save directory. :returns: CSR - :rtype: :class:`certbot.le_util.CSR` + :rtype: :class:`certbot.util.CSR` """ config = zope.component.getUtility(interfaces.IConfig) @@ -82,16 +81,16 @@ def init_save_csr(privkey, names, path, csrname="csr-certbot.pem"): must_staple=config.must_staple) # Save CSR - le_util.make_or_verify_dir(path, 0o755, os.geteuid(), + util.make_or_verify_dir(path, 0o755, os.geteuid(), config.strict_permissions) - csr_f, csr_filename = le_util.unique_file( + csr_f, csr_filename = util.unique_file( os.path.join(path, csrname), 0o644) csr_f.write(csr_pem) csr_f.close() logger.info("Creating CSR: %s", csr_filename) - return le_util.CSR(csr_filename, csr_der, "der") + return util.CSR(csr_filename, csr_der, "der") # Lower level functions @@ -187,7 +186,7 @@ def import_csr_file(csrfile, data): :param str data: contents of the CSR file :returns: (`OpenSSL.crypto.FILETYPE_PEM` or `OpenSSL.crypto.FILETYPE_ASN1`, - le_util.CSR object representing the CSR, + util.CSR object representing the CSR, list of domains requested in the CSR) :rtype: tuple @@ -200,7 +199,7 @@ def import_csr_file(csrfile, data): logger.debug("CSR parse error (form=%s, typ=%s):", form, typ) logger.debug(traceback.format_exc()) continue - return typ, le_util.CSR(file=csrfile, data=data, form=form), domains + return typ, util.CSR(file=csrfile, data=data, form=form), domains raise errors.Error("Failed to parse CSR file: {0}".format(csrfile)) diff --git a/certbot/display/ops.py b/certbot/display/ops.py index 6752bf0c1..a8f2283fc 100644 --- a/certbot/display/ops.py +++ b/certbot/display/ops.py @@ -6,7 +6,7 @@ import zope.component from certbot import errors from certbot import interfaces -from certbot import le_util +from certbot import util from certbot.display import util as display_util logger = logging.getLogger(__name__) @@ -42,7 +42,7 @@ def get_email(more=False, invalid=False): raise errors.MissingCommandlineFlag(msg) if code == display_util.OK: - if le_util.safe_email(email): + if util.safe_email(email): return email else: # TODO catch the server's ACME invalid email address error, and @@ -119,7 +119,7 @@ def get_valid_domains(domains): valid_domains = [] for domain in domains: try: - valid_domains.append(le_util.enforce_domain_sanity(domain)) + valid_domains.append(util.enforce_domain_sanity(domain)) except errors.ConfigurationError: continue return valid_domains @@ -163,7 +163,7 @@ def _choose_names_manually(): for i, domain in enumerate(domain_list): try: - domain_list[i] = le_util.enforce_domain_sanity(domain) + domain_list[i] = util.enforce_domain_sanity(domain) except errors.ConfigurationError as e: invalid_domains[domain] = e.message diff --git a/certbot/main.py b/certbot/main.py index 4ef2e6ac8..933a102d8 100644 --- a/certbot/main.py +++ b/certbot/main.py @@ -24,7 +24,7 @@ from certbot import constants from certbot import errors from certbot import hooks from certbot import interfaces -from certbot import le_util +from certbot import util from certbot import log from certbot import reporter from certbot import renewal @@ -229,7 +229,7 @@ def _find_duplicative_certs(config, domains): cli_config = configuration.RenewerConfiguration(config) configs_dir = cli_config.renewal_configs_dir # Verify the directory is there - le_util.make_or_verify_dir(configs_dir, mode=0o755, uid=os.geteuid()) + util.make_or_verify_dir(configs_dir, mode=0o755, uid=os.geteuid()) for renewal_file in renewal.renewal_conf_files(cli_config): try: @@ -656,12 +656,12 @@ def main(cli_args=sys.argv[1:]): # Setup logging ASAP, otherwise "No handlers could be found for # logger ..." TODO: this should be done before plugins discovery for directory in config.config_dir, config.work_dir: - le_util.make_or_verify_dir( + util.make_or_verify_dir( directory, constants.CONFIG_DIRS_MODE, os.geteuid(), "--strict-permissions" in cli_args) # TODO: logs might contain sensitive data such as contents of the # private key! #525 - le_util.make_or_verify_dir( + util.make_or_verify_dir( config.logs_dir, 0o700, os.geteuid(), "--strict-permissions" in cli_args) setup_logging(config, _cli_log_handler, logfile='letsencrypt.log') cli.possible_deprecation_warning(config) diff --git a/certbot/plugins/common.py b/certbot/plugins/common.py index 757bf19d8..007105c7b 100644 --- a/certbot/plugins/common.py +++ b/certbot/plugins/common.py @@ -12,7 +12,7 @@ from acme.jose import util as jose_util from certbot import constants from certbot import interfaces -from certbot import le_util +from certbot import util def option_namespace(name): @@ -255,7 +255,7 @@ class TLSSNI01(object): # Write out challenge cert and key with open(cert_path, "wb") as cert_chall_fd: cert_chall_fd.write(cert_pem) - with le_util.safe_open(key_path, 'wb', chmod=0o400) as key_file: + with util.safe_open(key_path, 'wb', chmod=0o400) as key_file: key_file.write(key_pem) return response diff --git a/certbot/plugins/common_test.py b/certbot/plugins/common_test.py index 0dd1cd522..f3ea714c4 100644 --- a/certbot/plugins/common_test.py +++ b/certbot/plugins/common_test.py @@ -193,7 +193,7 @@ class TLSSNI01Test(unittest.TestCase): with mock.patch("certbot.plugins.common.open", mock_open, create=True): - with mock.patch("certbot.plugins.common.le_util.safe_open", + with mock.patch("certbot.plugins.common.util.safe_open", mock_safe_open): # pylint: disable=protected-access self.assertEqual(response, self.sni._setup_challenge_cert( diff --git a/certbot/renewal.py b/certbot/renewal.py index b5b982972..d04e2d27c 100644 --- a/certbot/renewal.py +++ b/certbot/renewal.py @@ -18,7 +18,7 @@ from certbot import constants from certbot import crypto_util from certbot import errors from certbot import interfaces -from certbot import le_util +from certbot import util from certbot import hooks from certbot import storage from certbot.plugins import disco as plugins_disco @@ -86,7 +86,7 @@ def _reconstitute(config, full_path): return None try: - config.domains = [le_util.enforce_domain_sanity(d) + config.domains = [util.enforce_domain_sanity(d) for d in renewal_candidate.names()] except errors.ConfigurationError as error: logger.warning("Renewal configuration file %s references a cert " diff --git a/certbot/reporter.py b/certbot/reporter.py index d509cb0b8..0c5238d12 100644 --- a/certbot/reporter.py +++ b/certbot/reporter.py @@ -11,7 +11,7 @@ from six.moves import queue # pylint: disable=import-error import zope.interface from certbot import interfaces -from certbot import le_util +from certbot import util logger = logging.getLogger(__name__) @@ -79,7 +79,7 @@ class Reporter(object): bold_on = sys.stdout.isatty() if not self.config.quiet: if bold_on: - print(le_util.ANSI_SGR_BOLD) + print(util.ANSI_SGR_BOLD) print('IMPORTANT NOTES:') first_wrapper = textwrap.TextWrapper( initial_indent=' - ', subsequent_indent=(' ' * 3)) @@ -96,7 +96,7 @@ class Reporter(object): if no_exception or msg.on_crash: if bold_on and msg.priority > self.HIGH_PRIORITY: if not self.config.quiet: - sys.stdout.write(le_util.ANSI_SGR_RESET) + sys.stdout.write(util.ANSI_SGR_RESET) bold_on = False lines = msg.text.splitlines() print(first_wrapper.fill(lines[0])) @@ -104,4 +104,4 @@ class Reporter(object): print("\n".join( next_wrapper.fill(line) for line in lines[1:])) if bold_on and not self.config.quiet: - sys.stdout.write(le_util.ANSI_SGR_RESET) + sys.stdout.write(util.ANSI_SGR_RESET) diff --git a/certbot/reverter.py b/certbot/reverter.py index 16ee5d8a4..f8140d60d 100644 --- a/certbot/reverter.py +++ b/certbot/reverter.py @@ -13,7 +13,7 @@ import zope.component from certbot import constants from certbot import errors from certbot import interfaces -from certbot import le_util +from certbot import util from certbot.display import util as display_util @@ -33,7 +33,7 @@ class Reverter(object): def __init__(self, config): self.config = config - le_util.make_or_verify_dir( + util.make_or_verify_dir( config.backup_dir, constants.CONFIG_DIRS_MODE, os.geteuid(), self.config.strict_permissions) @@ -185,7 +185,7 @@ class Reverter(object): :raises .ReverterError: if unable to add checkpoint """ - le_util.make_or_verify_dir( + util.make_or_verify_dir( cp_dir, constants.CONFIG_DIRS_MODE, os.geteuid(), self.config.strict_permissions) @@ -281,7 +281,7 @@ class Reverter(object): csvreader = csv.reader(csvfile) for command in reversed(list(csvreader)): try: - le_util.run_script(command) + util.run_script(command) except errors.SubprocessError: logger.error( "Unable to run undo command: %s", " ".join(command)) @@ -397,7 +397,7 @@ class Reverter(object): else: cp_dir = self.config.in_progress_dir - le_util.make_or_verify_dir( + util.make_or_verify_dir( cp_dir, constants.CONFIG_DIRS_MODE, os.geteuid(), self.config.strict_permissions) diff --git a/certbot/storage.py b/certbot/storage.py index 6c13eb844..b0c8245d3 100644 --- a/certbot/storage.py +++ b/certbot/storage.py @@ -13,12 +13,12 @@ from certbot import constants from certbot import crypto_util from certbot import errors from certbot import error_handler -from certbot import le_util +from certbot import util logger = logging.getLogger(__name__) ALL_FOUR = ("cert", "privkey", "chain", "fullchain") -CURRENT_VERSION = le_util.get_strict_version(certbot.__version__) +CURRENT_VERSION = util.get_strict_version(certbot.__version__) def config_with_defaults(config=None): @@ -264,7 +264,7 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes conf_version = self.configuration.get("version") if (conf_version is not None and - le_util.get_strict_version(conf_version) > CURRENT_VERSION): + util.get_strict_version(conf_version) > CURRENT_VERSION): logger.warning( "Attempting to parse the version %s renewal configuration " "file found at %s with version %s of Certbot. This might not " @@ -769,7 +769,7 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes if not os.path.exists(i): os.makedirs(i, 0o700) logger.debug("Creating directory %s.", i) - config_file, config_filename = le_util.unique_lineage_name( + config_file, config_filename = util.unique_lineage_name( cli_config.renewal_configs_dir, lineagename) if not config_filename.endswith(".conf"): raise errors.CertStorageError( diff --git a/certbot/tests/auth_handler_test.py b/certbot/tests/auth_handler_test.py index 3facd4f7c..eccc36418 100644 --- a/certbot/tests/auth_handler_test.py +++ b/certbot/tests/auth_handler_test.py @@ -11,7 +11,7 @@ from acme import messages from certbot import achallenges from certbot import errors -from certbot import le_util +from certbot import util from certbot.tests import acme_util @@ -69,7 +69,7 @@ class GetAuthorizationsTest(unittest.TestCase): self.mock_auth.perform.side_effect = gen_auth_resp - self.mock_account = mock.Mock(key=le_util.Key("file_path", "PEM")) + self.mock_account = mock.Mock(key=util.Key("file_path", "PEM")) self.mock_net = mock.MagicMock(spec=acme_client.Client) self.handler = AuthHandler( diff --git a/certbot/tests/cli_test.py b/certbot/tests/cli_test.py index 00c9a0a26..0beff81e7 100644 --- a/certbot/tests/cli_test.py +++ b/certbot/tests/cli_test.py @@ -22,7 +22,7 @@ from certbot import configuration from certbot import constants from certbot import crypto_util from certbot import errors -from certbot import le_util +from certbot import util from certbot import main from certbot import renewal from certbot import storage @@ -163,7 +163,7 @@ class CLITest(unittest.TestCase): # pylint: disable=too-many-public-methods with mock.patch('certbot.main.client.acme_client.ClientNetwork') as acme_net: self._call_no_clientmock(args) - os_ver = " ".join(le_util.get_os_info()) + os_ver = " ".join(util.get_os_info()) ua = acme_net.call_args[1]["user_agent"] self.assertTrue(os_ver in ua) import platform @@ -201,7 +201,7 @@ class CLITest(unittest.TestCase): # pylint: disable=too-many-public-methods '--key-path', 'key', '--chain-path', 'chain']) self.assertEqual(mock_pick_installer.call_count, 1) - @mock.patch('certbot.le_util.exe_exists') + @mock.patch('certbot.util.exe_exists') def test_configurator_selection(self, mock_exe_exists): mock_exe_exists.return_value = True real_plugins = disco.PluginsRegistry.find_all() @@ -983,7 +983,7 @@ class DuplicativeCertsTest(storage_test.BaseRenewableCertTest): def tearDown(self): shutil.rmtree(self.tempdir) - @mock.patch('certbot.le_util.make_or_verify_dir') + @mock.patch('certbot.util.make_or_verify_dir') def test_find_duplicative_names(self, unused_makedir): from certbot.main import _find_duplicative_certs test_cert = test_util.load_vector('cert-san.pem') diff --git a/certbot/tests/client_test.py b/certbot/tests/client_test.py index 8490efd9f..9156277a9 100644 --- a/certbot/tests/client_test.py +++ b/certbot/tests/client_test.py @@ -11,7 +11,7 @@ from acme import jose from certbot import account from certbot import errors -from certbot import le_util +from certbot import util from certbot.tests import test_util @@ -137,7 +137,7 @@ class ClientTest(unittest.TestCase): @mock.patch("certbot.client.logger") def test_obtain_certificate_from_csr(self, mock_logger): self._mock_obtain_certificate() - test_csr = le_util.CSR(form="der", file=None, data=CSR_SAN) + test_csr = util.CSR(form="der", file=None, data=CSR_SAN) auth_handler = self.client.auth_handler authzr = auth_handler.get_authorizations(self.eg_domains, False) @@ -172,7 +172,7 @@ class ClientTest(unittest.TestCase): def test_obtain_certificate(self, mock_crypto_util): self._mock_obtain_certificate() - csr = le_util.CSR(form="der", file=None, data=CSR_SAN) + csr = util.CSR(form="der", file=None, data=CSR_SAN) mock_crypto_util.init_save_csr.return_value = csr mock_crypto_util.init_save_key.return_value = mock.sentinel.key domains = ["example.com", "www.example.com"] diff --git a/certbot/tests/colored_logging_test.py b/certbot/tests/colored_logging_test.py index 91c6b8c08..0a7929561 100644 --- a/certbot/tests/colored_logging_test.py +++ b/certbot/tests/colored_logging_test.py @@ -4,7 +4,7 @@ import unittest import six -from certbot import le_util +from certbot import util class StreamHandlerTest(unittest.TestCase): @@ -32,9 +32,9 @@ class StreamHandlerTest(unittest.TestCase): self.logger.debug(msg) self.assertEqual(self.stream.getvalue(), - '{0}{1}{2}\n'.format(le_util.ANSI_SGR_RED, + '{0}{1}{2}\n'.format(util.ANSI_SGR_RED, msg, - le_util.ANSI_SGR_RESET)) + util.ANSI_SGR_RESET)) if __name__ == "__main__": diff --git a/certbot/tests/crypto_util_test.py b/certbot/tests/crypto_util_test.py index eeea0f4ab..fa88e89e7 100644 --- a/certbot/tests/crypto_util_test.py +++ b/certbot/tests/crypto_util_test.py @@ -10,7 +10,7 @@ import zope.component from certbot import errors from certbot import interfaces -from certbot import le_util +from certbot import util from certbot.tests import test_util @@ -63,7 +63,7 @@ class InitSaveCSRTest(unittest.TestCase): shutil.rmtree(self.csr_dir) @mock.patch('certbot.crypto_util.make_csr') - @mock.patch('certbot.crypto_util.le_util.make_or_verify_dir') + @mock.patch('certbot.crypto_util.util.make_or_verify_dir') def test_it(self, unused_mock_verify, mock_csr): from certbot.crypto_util import init_save_csr @@ -174,9 +174,9 @@ class ImportCSRFileTest(unittest.TestCase): self.assertEqual( (OpenSSL.crypto.FILETYPE_ASN1, - le_util.CSR(file=csrfile, - data=data, - form="der"), + util.CSR(file=csrfile, + data=data, + form="der"), ["example.com"],), self._call(csrfile, data)) @@ -186,9 +186,9 @@ class ImportCSRFileTest(unittest.TestCase): self.assertEqual( (OpenSSL.crypto.FILETYPE_PEM, - le_util.CSR(file=csrfile, - data=data, - form="pem"), + util.CSR(file=csrfile, + data=data, + form="pem"), ["example.com"],), self._call(csrfile, data)) diff --git a/certbot/tests/display/ops_test.py b/certbot/tests/display/ops_test.py index 05cb6b12d..874a9cc9e 100644 --- a/certbot/tests/display/ops_test.py +++ b/certbot/tests/display/ops_test.py @@ -41,13 +41,13 @@ class GetEmailTest(unittest.TestCase): def test_ok_safe(self): self.input.return_value = (display_util.OK, "foo@bar.baz") - with mock.patch("certbot.display.ops.le_util.safe_email") as mock_safe_email: + with mock.patch("certbot.display.ops.util.safe_email") as mock_safe_email: mock_safe_email.return_value = True self.assertTrue(self._call() is "foo@bar.baz") def test_ok_not_safe(self): self.input.return_value = (display_util.OK, "foo@bar.baz") - with mock.patch("certbot.display.ops.le_util.safe_email") as mock_safe_email: + with mock.patch("certbot.display.ops.util.safe_email") as mock_safe_email: mock_safe_email.side_effect = [False, True] self.assertTrue(self._call() is "foo@bar.baz") @@ -56,7 +56,7 @@ class GetEmailTest(unittest.TestCase): invalid_txt = "There seem to be problems" base_txt = "Enter email" self.input.return_value = (display_util.OK, "foo@bar.baz") - with mock.patch("certbot.display.ops.le_util.safe_email") as mock_safe_email: + with mock.patch("certbot.display.ops.util.safe_email") as mock_safe_email: mock_safe_email.return_value = True self._call() msg = self.input.call_args[0][0] diff --git a/certbot/tests/reverter_test.py b/certbot/tests/reverter_test.py index 85234b76a..58cc68dce 100644 --- a/certbot/tests/reverter_test.py +++ b/certbot/tests/reverter_test.py @@ -164,7 +164,7 @@ class ReverterCheckpointLocalTest(unittest.TestCase): errors.ReverterError, self.reverter.register_undo_command, True, ["command"]) - @mock.patch("certbot.le_util.run_script") + @mock.patch("certbot.util.run_script") def test_run_undo_commands(self, mock_run): mock_run.side_effect = ["", errors.SubprocessError] coms = [ diff --git a/certbot/tests/storage_test.py b/certbot/tests/storage_test.py index f19b7d89d..0c88d3d55 100644 --- a/certbot/tests/storage_test.py +++ b/certbot/tests/storage_test.py @@ -682,7 +682,7 @@ class RenewableCertTests(BaseRenewableCertTest): self.assertTrue(os.path.exists(os.path.join( self.cli_config.archive_dir, "the-lineage.com", "privkey1.pem"))) - @mock.patch("certbot.storage.le_util.unique_lineage_name") + @mock.patch("certbot.storage.util.unique_lineage_name") def test_invalid_config_filename(self, mock_uln): from certbot import storage mock_uln.return_value = "this_does_not_end_with_dot_conf", "yikes" diff --git a/certbot/tests/le_util_test.py b/certbot/tests/util_test.py similarity index 85% rename from certbot/tests/le_util_test.py rename to certbot/tests/util_test.py index 6e4eef0f1..ada64edb2 100644 --- a/certbot/tests/le_util_test.py +++ b/certbot/tests/util_test.py @@ -1,4 +1,4 @@ -"""Tests for certbot.le_util.""" +"""Tests for certbot.util.""" import argparse import errno import os @@ -15,13 +15,13 @@ from certbot import errors class RunScriptTest(unittest.TestCase): - """Tests for certbot.le_util.run_script.""" + """Tests for certbot.util.run_script.""" @classmethod def _call(cls, params): - from certbot.le_util import run_script + from certbot.util import run_script return run_script(params) - @mock.patch("certbot.le_util.subprocess.Popen") + @mock.patch("certbot.util.subprocess.Popen") def test_default(self, mock_popen): """These will be changed soon enough with reload.""" mock_popen().returncode = 0 @@ -31,13 +31,13 @@ class RunScriptTest(unittest.TestCase): self.assertEqual(out, "stdout") self.assertEqual(err, "stderr") - @mock.patch("certbot.le_util.subprocess.Popen") + @mock.patch("certbot.util.subprocess.Popen") def test_bad_process(self, mock_popen): mock_popen.side_effect = OSError self.assertRaises(errors.SubprocessError, self._call, ["test"]) - @mock.patch("certbot.le_util.subprocess.Popen") + @mock.patch("certbot.util.subprocess.Popen") def test_failure(self, mock_popen): mock_popen().communicate.return_value = ("", "") mock_popen().returncode = 1 @@ -46,29 +46,29 @@ class RunScriptTest(unittest.TestCase): class ExeExistsTest(unittest.TestCase): - """Tests for certbot.le_util.exe_exists.""" + """Tests for certbot.util.exe_exists.""" @classmethod def _call(cls, exe): - from certbot.le_util import exe_exists + from certbot.util import exe_exists return exe_exists(exe) - @mock.patch("certbot.le_util.os.path.isfile") - @mock.patch("certbot.le_util.os.access") + @mock.patch("certbot.util.os.path.isfile") + @mock.patch("certbot.util.os.access") def test_full_path(self, mock_access, mock_isfile): mock_access.return_value = True mock_isfile.return_value = True self.assertTrue(self._call("/path/to/exe")) - @mock.patch("certbot.le_util.os.path.isfile") - @mock.patch("certbot.le_util.os.access") + @mock.patch("certbot.util.os.path.isfile") + @mock.patch("certbot.util.os.access") def test_on_path(self, mock_access, mock_isfile): mock_access.return_value = True mock_isfile.return_value = True self.assertTrue(self._call("exe")) - @mock.patch("certbot.le_util.os.path.isfile") - @mock.patch("certbot.le_util.os.access") + @mock.patch("certbot.util.os.path.isfile") + @mock.patch("certbot.util.os.access") def test_not_found(self, mock_access, mock_isfile): mock_access.return_value = False mock_isfile.return_value = True @@ -76,7 +76,7 @@ class ExeExistsTest(unittest.TestCase): class MakeOrVerifyDirTest(unittest.TestCase): - """Tests for certbot.le_util.make_or_verify_dir. + """Tests for certbot.util.make_or_verify_dir. Note that it is not possible to test for a wrong directory owner, as this testing script would have to be run as root. @@ -94,7 +94,7 @@ class MakeOrVerifyDirTest(unittest.TestCase): shutil.rmtree(self.root_path, ignore_errors=True) def _call(self, directory, mode): - from certbot.le_util import make_or_verify_dir + from certbot.util import make_or_verify_dir return make_or_verify_dir(directory, mode, self.uid, strict=True) def test_creates_dir_when_missing(self): @@ -117,7 +117,7 @@ class MakeOrVerifyDirTest(unittest.TestCase): class CheckPermissionsTest(unittest.TestCase): - """Tests for certbot.le_util.check_permissions. + """Tests for certbot.util.check_permissions. Note that it is not possible to test for a wrong file owner, as this testing script would have to be run as root. @@ -132,7 +132,7 @@ class CheckPermissionsTest(unittest.TestCase): os.remove(self.path) def _call(self, mode): - from certbot.le_util import check_permissions + from certbot.util import check_permissions return check_permissions(self.path, mode, self.uid) def test_ok_mode(self): @@ -145,7 +145,7 @@ class CheckPermissionsTest(unittest.TestCase): class UniqueFileTest(unittest.TestCase): - """Tests for certbot.le_util.unique_file.""" + """Tests for certbot.util.unique_file.""" def setUp(self): self.root_path = tempfile.mkdtemp() @@ -155,7 +155,7 @@ class UniqueFileTest(unittest.TestCase): shutil.rmtree(self.root_path, ignore_errors=True) def _call(self, mode=0o600): - from certbot.le_util import unique_file + from certbot.util import unique_file return unique_file(self.default_name, mode) def test_returns_fd_for_writing(self): @@ -190,7 +190,7 @@ class UniqueFileTest(unittest.TestCase): class UniqueLineageNameTest(unittest.TestCase): - """Tests for certbot.le_util.unique_lineage_name.""" + """Tests for certbot.util.unique_lineage_name.""" def setUp(self): self.root_path = tempfile.mkdtemp() @@ -199,7 +199,7 @@ class UniqueLineageNameTest(unittest.TestCase): shutil.rmtree(self.root_path, ignore_errors=True) def _call(self, filename, mode=0o777): - from certbot.le_util import unique_lineage_name + from certbot.util import unique_lineage_name return unique_lineage_name(self.root_path, filename, mode) def test_basic(self): @@ -214,14 +214,14 @@ class UniqueLineageNameTest(unittest.TestCase): self.assertTrue(isinstance(name, str)) self.assertTrue("wow-0009.conf" in name) - @mock.patch("certbot.le_util.os.fdopen") + @mock.patch("certbot.util.os.fdopen") def test_failure(self, mock_fdopen): err = OSError("whoops") err.errno = errno.EIO mock_fdopen.side_effect = err self.assertRaises(OSError, self._call, "wow") - @mock.patch("certbot.le_util.os.fdopen") + @mock.patch("certbot.util.os.fdopen") def test_subsequent_failure(self, mock_fdopen): self._call("wow") err = OSError("whoops") @@ -231,7 +231,7 @@ class UniqueLineageNameTest(unittest.TestCase): class SafelyRemoveTest(unittest.TestCase): - """Tests for certbot.le_util.safely_remove.""" + """Tests for certbot.util.safely_remove.""" def setUp(self): self.tmp = tempfile.mkdtemp() @@ -241,7 +241,7 @@ class SafelyRemoveTest(unittest.TestCase): shutil.rmtree(self.tmp) def _call(self): - from certbot.le_util import safely_remove + from certbot.util import safely_remove return safely_remove(self.path) def test_exists(self): @@ -255,7 +255,7 @@ class SafelyRemoveTest(unittest.TestCase): # no error, yay! self.assertFalse(os.path.exists(self.path)) - @mock.patch("certbot.le_util.os.remove") + @mock.patch("certbot.util.os.remove") def test_other_error_passthrough(self, mock_remove): mock_remove.side_effect = OSError self.assertRaises(OSError, self._call) @@ -265,7 +265,7 @@ class SafeEmailTest(unittest.TestCase): """Test safe_email.""" @classmethod def _call(cls, addr): - from certbot.le_util import safe_email + from certbot.util import safe_email return safe_email(addr) def test_valid_emails(self): @@ -293,7 +293,7 @@ class AddDeprecatedArgumentTest(unittest.TestCase): self.parser = argparse.ArgumentParser() def _call(self, argument_name, nargs): - from certbot.le_util import add_deprecated_argument + from certbot.util import add_deprecated_argument add_deprecated_argument(self.parser.add_argument, argument_name, nargs) @@ -309,14 +309,14 @@ class AddDeprecatedArgumentTest(unittest.TestCase): def _get_argparse_warnings(self, args): stderr = six.StringIO() - with mock.patch("certbot.le_util.sys.stderr", new=stderr): + with mock.patch("certbot.util.sys.stderr", new=stderr): self.parser.parse_args(args) return stderr.getvalue() def test_help(self): self._call("--old-option", 2) stdout = six.StringIO() - with mock.patch("certbot.le_util.sys.stdout", new=stdout): + with mock.patch("certbot.util.sys.stdout", new=stdout): try: self.parser.parse_args(["-h"]) except SystemExit: @@ -328,7 +328,7 @@ class EnforceDomainSanityTest(unittest.TestCase): """Test enforce_domain_sanity.""" def _call(self, domain): - from certbot.le_util import enforce_domain_sanity + from certbot.util import enforce_domain_sanity return enforce_domain_sanity(domain) def test_nonascii_str(self): @@ -341,11 +341,11 @@ class EnforceDomainSanityTest(unittest.TestCase): class GetStrictVersionTest(unittest.TestCase): - """Tests for certbot.le_util.get_strict_version.""" + """Tests for certbot.util.get_strict_version.""" @classmethod def _call(cls, *args, **kwargs): - from certbot.le_util import get_strict_version + from certbot.util import get_strict_version return get_strict_version(*args, **kwargs) def test_two_dev_versions(self): diff --git a/certbot/le_util.py b/certbot/util.py similarity index 100% rename from certbot/le_util.py rename to certbot/util.py From 1322ae12ce2bcd362399023ee2852927f7910a1b Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Thu, 26 May 2016 10:20:47 -0700 Subject: [PATCH 21/32] Stop packaging letshelp --- tools/release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/release.sh b/tools/release.sh index abaad09ff..ca09c03a4 100755 --- a/tools/release.sh +++ b/tools/release.sh @@ -45,7 +45,7 @@ export GPG_TTY=$(tty) PORT=${PORT:-1234} # subpackages to be released -SUBPKGS=${SUBPKGS:-"acme certbot-apache certbot-nginx letshelp-certbot letsencrypt letsencrypt-apache letsencrypt-nginx letshelp-letsencrypt"} +SUBPKGS=${SUBPKGS:-"acme certbot-apache certbot-nginx letsencrypt letsencrypt-apache letsencrypt-nginx"} subpkgs_modules="$(echo $SUBPKGS | sed s/-/_/g)" # certbot_compatibility_test is not packaged because: # - it is not meant to be used by anyone else than Certbot devs From 7e039d15044738bca2326f26e8e7bdc2b88386db Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Thu, 26 May 2016 10:24:57 -0700 Subject: [PATCH 22/32] With us packaging the shim packages, there are more lines in letsencrypt-auto-requirements.txt that will change with every release. This change strips the hashes of the previous packages before adding the new ones. --- tools/release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/release.sh b/tools/release.sh index ca09c03a4..154172322 100755 --- a/tools/release.sh +++ b/tools/release.sh @@ -176,7 +176,7 @@ if ! wc -l /tmp/hashes.$$ | grep -qE "^\s*15 " ; then fi # perform hideous surgery on requirements.txt... -head -n -9 letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt > /tmp/req.$$ +head -n -15 letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt > /tmp/req.$$ cat /tmp/hashes.$$ >> /tmp/req.$$ cp /tmp/req.$$ letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt From a7edc4b1e5ac9f99875ca7bc887d6db4b3415c97 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Thu, 26 May 2016 10:33:18 -0700 Subject: [PATCH 23/32] Previously, the script relied on global `pip` for hashing packages. This doesn't work if you don't have `pip` installed (like me) and I think using `pip` from the venv should be preferred to ensure you are using the latest `pip` (which was updated in the venv earlier in the script). --- tools/release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/release.sh b/tools/release.sh index 154172322..89a2f5140 100755 --- a/tools/release.sh +++ b/tools/release.sh @@ -162,13 +162,13 @@ for module in certbot $subpkgs_modules ; do echo testing $module nosetests $module done -deactivate # pin pip hashes of the things we just built for pkg in acme certbot certbot-apache letsencrypt letsencrypt-apache ; do echo $pkg==$version \\ pip hash dist."$version/$pkg"/*.{whl,gz} | grep "^--hash" | python2 -c 'from sys import stdin; input = stdin.read(); print " ", input.replace("\n--hash", " \\\n --hash"),' done > /tmp/hashes.$$ +deactivate if ! wc -l /tmp/hashes.$$ | grep -qE "^\s*15 " ; then echo Unexpected pip hash output From f0dc0de40a50c6b6957691a8c43fc51598f05a04 Mon Sep 17 00:00:00 2001 From: Blake Griffith Date: Thu, 26 May 2016 13:43:00 -0500 Subject: [PATCH 24/32] Catch more le_util usage in certbot-apache --- .../certbot_apache/tests/configurator_test.py | 48 +++++++++---------- .../certbot_apache/tests/constants_test.py | 6 +-- .../certbot_apache/tests/tls_sni_01_test.py | 4 +- certbot-apache/certbot_apache/tests/util.py | 4 +- 4 files changed, 31 insertions(+), 31 deletions(-) diff --git a/certbot-apache/certbot_apache/tests/configurator_test.py b/certbot-apache/certbot_apache/tests/configurator_test.py index d7a5fd75a..a2e39de47 100644 --- a/certbot-apache/certbot_apache/tests/configurator_test.py +++ b/certbot-apache/certbot_apache/tests/configurator_test.py @@ -49,14 +49,14 @@ class MultipleVhostsTest(util.ApacheTest): shutil.rmtree(self.config_dir) shutil.rmtree(self.work_dir) - @mock.patch("certbot_apache.configurator.le_util.exe_exists") + @mock.patch("certbot_apache.configurator.util.exe_exists") def test_prepare_no_install(self, mock_exe_exists): mock_exe_exists.return_value = False self.assertRaises( errors.NoInstallationError, self.config.prepare) @mock.patch("certbot_apache.parser.ApacheParser") - @mock.patch("certbot_apache.configurator.le_util.exe_exists") + @mock.patch("certbot_apache.configurator.util.exe_exists") def test_prepare_version(self, mock_exe_exists, _): mock_exe_exists.return_value = True self.config.version = None @@ -67,7 +67,7 @@ class MultipleVhostsTest(util.ApacheTest): errors.NotSupportedError, self.config.prepare) @mock.patch("certbot_apache.parser.ApacheParser") - @mock.patch("certbot_apache.configurator.le_util.exe_exists") + @mock.patch("certbot_apache.configurator.util.exe_exists") def test_prepare_old_aug(self, mock_exe_exists, _): mock_exe_exists.return_value = True self.config.config_test = mock.Mock() @@ -268,8 +268,8 @@ class MultipleVhostsTest(util.ApacheTest): self.config.is_site_enabled, "irrelevant") - @mock.patch("certbot.le_util.run_script") - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.run_script") + @mock.patch("certbot.util.exe_exists") @mock.patch("certbot_apache.parser.subprocess.Popen") def test_enable_mod(self, mock_popen, mock_exe_exists, mock_run_script): mock_popen().communicate.return_value = ("Define: DUMP_RUN_CFG", "") @@ -287,7 +287,7 @@ class MultipleVhostsTest(util.ApacheTest): self.assertRaises( errors.NotSupportedError, self.config.enable_mod, "ssl") - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.exe_exists") def test_enable_mod_no_disable(self, mock_exe_exists): mock_exe_exists.return_value = False self.assertRaises( @@ -695,7 +695,7 @@ class MultipleVhostsTest(util.ApacheTest): self.config.cleanup([achall1, achall2]) self.assertTrue(mock_restart.called) - @mock.patch("certbot.le_util.run_script") + @mock.patch("certbot.util.run_script") def test_get_version(self, mock_script): mock_script.return_value = ( "Server Version: Apache/2.4.2 (Debian)", "") @@ -717,21 +717,21 @@ class MultipleVhostsTest(util.ApacheTest): mock_script.side_effect = errors.SubprocessError("Can't find program") self.assertRaises(errors.PluginError, self.config.get_version) - @mock.patch("certbot_apache.configurator.le_util.run_script") + @mock.patch("certbot_apache.configurator.util.run_script") def test_restart(self, _): self.config.restart() - @mock.patch("certbot_apache.configurator.le_util.run_script") + @mock.patch("certbot_apache.configurator.util.run_script") def test_restart_bad_process(self, mock_run_script): mock_run_script.side_effect = [None, errors.SubprocessError] self.assertRaises(errors.MisconfigurationError, self.config.restart) - @mock.patch("certbot.le_util.run_script") + @mock.patch("certbot.util.run_script") def test_config_test(self, _): self.config.config_test() - @mock.patch("certbot.le_util.run_script") + @mock.patch("certbot.util.run_script") def test_config_test_bad_process(self, mock_run_script): mock_run_script.side_effect = errors.SubprocessError @@ -771,7 +771,7 @@ class MultipleVhostsTest(util.ApacheTest): @mock.patch("certbot_apache.configurator.ApacheConfigurator._get_http_vhost") @mock.patch("certbot_apache.display_ops.select_vhost") - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.exe_exists") def test_enhance_unknown_vhost(self, mock_exe, mock_sel_vhost, mock_get): self.config.parser.modules.add("rewrite_module") mock_exe.return_value = True @@ -792,8 +792,8 @@ class MultipleVhostsTest(util.ApacheTest): errors.PluginError, self.config.enhance, "certbot.demo", "unknown_enhancement") - @mock.patch("certbot.le_util.run_script") - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.run_script") + @mock.patch("certbot.util.exe_exists") def test_ocsp_stapling(self, mock_exe, mock_run_script): self.config.parser.update_runtime_variables = mock.Mock() self.config.parser.modules.add("mod_ssl.c") @@ -821,7 +821,7 @@ class MultipleVhostsTest(util.ApacheTest): self.assertEqual(len(stapling_cache_aug_path), 1) - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.exe_exists") def test_ocsp_stapling_twice(self, mock_exe): self.config.parser.update_runtime_variables = mock.Mock() self.config.parser.modules.add("mod_ssl.c") @@ -848,7 +848,7 @@ class MultipleVhostsTest(util.ApacheTest): self.assertEqual(len(stapling_cache_aug_path), 1) - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.exe_exists") def test_ocsp_unsupported_apache_version(self, mock_exe): mock_exe.return_value = True self.config.parser.update_runtime_variables = mock.Mock() @@ -871,8 +871,8 @@ class MultipleVhostsTest(util.ApacheTest): http_vh = self.config._get_http_vhost(ssl_vh) self.assertTrue(http_vh.ssl == False) - @mock.patch("certbot.le_util.run_script") - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.run_script") + @mock.patch("certbot.util.exe_exists") def test_http_header_hsts(self, mock_exe, _): self.config.parser.update_runtime_variables = mock.Mock() self.config.parser.modules.add("mod_ssl.c") @@ -909,8 +909,8 @@ class MultipleVhostsTest(util.ApacheTest): self.config.enhance, "encryption-example.demo", "ensure-http-header", "Strict-Transport-Security") - @mock.patch("certbot.le_util.run_script") - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.run_script") + @mock.patch("certbot.util.exe_exists") def test_http_header_uir(self, mock_exe, _): self.config.parser.update_runtime_variables = mock.Mock() self.config.parser.modules.add("mod_ssl.c") @@ -947,8 +947,8 @@ class MultipleVhostsTest(util.ApacheTest): self.config.enhance, "encryption-example.demo", "ensure-http-header", "Upgrade-Insecure-Requests") - @mock.patch("certbot.le_util.run_script") - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.run_script") + @mock.patch("certbot.util.exe_exists") def test_redirect_well_formed_http(self, mock_exe, _): self.config.parser.update_runtime_variables = mock.Mock() mock_exe.return_value = True @@ -991,8 +991,8 @@ class MultipleVhostsTest(util.ApacheTest): # pylint: disable=protected-access self.assertTrue(self.config._is_rewrite_engine_on(self.vh_truth[3])) - @mock.patch("certbot.le_util.run_script") - @mock.patch("certbot.le_util.exe_exists") + @mock.patch("certbot.util.run_script") + @mock.patch("certbot.util.exe_exists") def test_redirect_with_existing_rewrite(self, mock_exe, _): self.config.parser.update_runtime_variables = mock.Mock() mock_exe.return_value = True diff --git a/certbot-apache/certbot_apache/tests/constants_test.py b/certbot-apache/certbot_apache/tests/constants_test.py index d970c96be..c040030df 100644 --- a/certbot-apache/certbot_apache/tests/constants_test.py +++ b/certbot-apache/certbot_apache/tests/constants_test.py @@ -8,19 +8,19 @@ from certbot_apache import constants class ConstantsTest(unittest.TestCase): - @mock.patch("certbot.le_util.get_os_info") + @mock.patch("certbot.util.get_os_info") def test_get_debian_value(self, os_info): os_info.return_value = ('Debian', '', '') self.assertEqual(constants.os_constant("vhost_root"), "/etc/apache2/sites-available") - @mock.patch("certbot.le_util.get_os_info") + @mock.patch("certbot.util.get_os_info") def test_get_centos_value(self, os_info): os_info.return_value = ('CentOS Linux', '', '') self.assertEqual(constants.os_constant("vhost_root"), "/etc/httpd/conf.d") - @mock.patch("certbot.le_util.get_os_info") + @mock.patch("certbot.util.get_os_info") def test_get_default_value(self, os_info): os_info.return_value = ('Nonexistent Linux', '', '') self.assertEqual(constants.os_constant("vhost_root"), diff --git a/certbot-apache/certbot_apache/tests/tls_sni_01_test.py b/certbot-apache/certbot_apache/tests/tls_sni_01_test.py index aa6a2a09c..5e369e3db 100644 --- a/certbot-apache/certbot_apache/tests/tls_sni_01_test.py +++ b/certbot-apache/certbot_apache/tests/tls_sni_01_test.py @@ -38,8 +38,8 @@ class TlsSniPerformTest(util.ApacheTest): resp = self.sni.perform() self.assertEqual(len(resp), 0) - @mock.patch("certbot.le_util.exe_exists") - @mock.patch("certbot.le_util.run_script") + @mock.patch("certbot.util.exe_exists") + @mock.patch("certbot.util.run_script") def test_perform1(self, _, mock_exists): mock_register = mock.Mock() self.sni.configurator.reverter.register_undo_command = mock_register diff --git a/certbot-apache/certbot_apache/tests/util.py b/certbot-apache/certbot_apache/tests/util.py index 8935ee908..050876687 100644 --- a/certbot-apache/certbot_apache/tests/util.py +++ b/certbot-apache/certbot_apache/tests/util.py @@ -95,8 +95,8 @@ def get_apache_configurator( in_progress_dir=os.path.join(backups, "IN_PROGRESS"), work_dir=work_dir) - with mock.patch("certbot_apache.configurator.le_util.run_script"): - with mock.patch("certbot_apache.configurator.le_util." + with mock.patch("certbot_apache.configurator.util.run_script"): + with mock.patch("certbot_apache.configurator.util." "exe_exists") as mock_exe_exists: mock_exe_exists.return_value = True with mock.patch("certbot_apache.parser.ApacheParser." From 2d121585c92a1f37eb51573984d5676228882df7 Mon Sep 17 00:00:00 2001 From: Blake Griffith Date: Thu, 26 May 2016 15:51:56 -0500 Subject: [PATCH 25/32] Catch more le_util in certbot-nginx --- certbot-nginx/certbot_nginx/tests/configurator_test.py | 8 ++++---- certbot-nginx/certbot_nginx/tests/util.py | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/certbot-nginx/certbot_nginx/tests/configurator_test.py b/certbot-nginx/certbot_nginx/tests/configurator_test.py index b36802939..30f287249 100644 --- a/certbot-nginx/certbot_nginx/tests/configurator_test.py +++ b/certbot-nginx/certbot_nginx/tests/configurator_test.py @@ -30,7 +30,7 @@ class NginxConfiguratorTest(util.NginxTest): shutil.rmtree(self.config_dir) shutil.rmtree(self.work_dir) - @mock.patch("certbot_nginx.configurator.le_util.exe_exists") + @mock.patch("certbot_nginx.configurator.util.exe_exists") def test_prepare_no_install(self, mock_exe_exists): mock_exe_exists.return_value = False self.assertRaises( @@ -40,7 +40,7 @@ class NginxConfiguratorTest(util.NginxTest): self.assertEquals((1, 6, 2), self.config.version) self.assertEquals(5, len(self.config.parser.parsed)) - @mock.patch("certbot_nginx.configurator.le_util.exe_exists") + @mock.patch("certbot_nginx.configurator.util.exe_exists") @mock.patch("certbot_nginx.configurator.subprocess.Popen") def test_prepare_initializes_version(self, mock_popen, mock_exe_exists): mock_popen().communicate.return_value = ( @@ -362,11 +362,11 @@ class NginxConfiguratorTest(util.NginxTest): mock_popen.side_effect = OSError("Can't find program") self.assertRaises(errors.MisconfigurationError, self.config.restart) - @mock.patch("certbot.le_util.run_script") + @mock.patch("certbot.util.run_script") def test_config_test(self, _): self.config.config_test() - @mock.patch("certbot.le_util.run_script") + @mock.patch("certbot.util.run_script") def test_config_test_bad_process(self, mock_run_script): mock_run_script.side_effect = errors.SubprocessError self.assertRaises(errors.MisconfigurationError, self.config.config_test) diff --git a/certbot-nginx/certbot_nginx/tests/util.py b/certbot-nginx/certbot_nginx/tests/util.py index 3c4731700..ddacd041b 100644 --- a/certbot-nginx/certbot_nginx/tests/util.py +++ b/certbot-nginx/certbot_nginx/tests/util.py @@ -51,7 +51,7 @@ def get_nginx_configurator( with mock.patch("certbot_nginx.configurator.NginxConfigurator." "config_test"): - with mock.patch("certbot_nginx.configurator.le_util." + with mock.patch("certbot_nginx.configurator.util." "exe_exists") as mock_exe_exists: mock_exe_exists.return_value = True config = configurator.NginxConfigurator( From b05258243a2b367632c207f3d2a14cc924258225 Mon Sep 17 00:00:00 2001 From: Blake Griffith Date: Thu, 26 May 2016 15:57:50 -0500 Subject: [PATCH 26/32] More le_util in docs and compatibility tests --- .../configurators/apache/common.py | 4 ++-- docs/api/le_util.rst | 5 ----- docs/api/util.rst | 5 +++++ 3 files changed, 7 insertions(+), 7 deletions(-) delete mode 100644 docs/api/le_util.rst create mode 100644 docs/api/util.rst diff --git a/certbot-compatibility-test/certbot_compatibility_test/configurators/apache/common.py b/certbot-compatibility-test/certbot_compatibility_test/configurators/apache/common.py index f57e0512d..9148666fc 100644 --- a/certbot-compatibility-test/certbot_compatibility_test/configurators/apache/common.py +++ b/certbot-compatibility-test/certbot_compatibility_test/configurators/apache/common.py @@ -47,10 +47,10 @@ class Proxy(configurators_common.Proxy): "certbot_apache.parser.subprocess", mock_subprocess).start() mock.patch( - "certbot.le_util.subprocess", + "certbot.util.subprocess", mock_subprocess).start() mock.patch( - "certbot_apache.configurator.le_util.exe_exists", + "certbot_apache.configurator.util.exe_exists", _is_apache_command).start() patch = mock.patch( diff --git a/docs/api/le_util.rst b/docs/api/le_util.rst deleted file mode 100644 index c9e332745..000000000 --- a/docs/api/le_util.rst +++ /dev/null @@ -1,5 +0,0 @@ -:mod:`certbot.le_util` --------------------------- - -.. automodule:: certbot.le_util - :members: diff --git a/docs/api/util.rst b/docs/api/util.rst new file mode 100644 index 000000000..7d0e33501 --- /dev/null +++ b/docs/api/util.rst @@ -0,0 +1,5 @@ +:mod:`certbot.util` +-------------------------- + +.. automodule:: certbot.util + :members: From 46d8f6e18c1d053a5811f55a619a31a75d21fc89 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Fri, 27 May 2016 13:30:46 -0700 Subject: [PATCH 27/32] Release 0.7.0 --- acme/setup.py | 2 +- certbot-apache/setup.py | 2 +- certbot-auto | 99 ++++++++++-------- certbot-compatibility-test/setup.py | 2 +- certbot-nginx/setup.py | 2 +- certbot/__init__.py | 2 +- docs/cli-help.txt | 32 ++++-- letsencrypt-apache/setup.py | 2 +- letsencrypt-auto | 99 ++++++++++-------- letsencrypt-auto-source/certbot-auto.asc | 14 +-- letsencrypt-auto-source/letsencrypt-auto | 32 +++--- letsencrypt-auto-source/letsencrypt-auto.sig | Bin 256 -> 256 bytes .../pieces/letsencrypt-auto-requirements.txt | 30 +++--- letsencrypt-nginx/setup.py | 2 +- letsencrypt/setup.py | 2 +- 15 files changed, 176 insertions(+), 146 deletions(-) diff --git a/acme/setup.py b/acme/setup.py index d38864dc1..3b01a6b73 100644 --- a/acme/setup.py +++ b/acme/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.7.0.dev0' +version = '0.7.0' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/certbot-apache/setup.py b/certbot-apache/setup.py index 56c6a451d..8974df882 100644 --- a/certbot-apache/setup.py +++ b/certbot-apache/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.7.0.dev0' +version = '0.7.0' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/certbot-auto b/certbot-auto index 8c6e6c486..5fbef43b1 100755 --- a/certbot-auto +++ b/certbot-auto @@ -19,7 +19,7 @@ XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share} VENV_NAME="letsencrypt" VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"} VENV_BIN="$VENV_PATH/bin" -LE_AUTO_VERSION="0.6.0" +LE_AUTO_VERSION="0.7.0" BASENAME=$(basename $0) USAGE="Usage: $BASENAME [OPTIONS] A self-updating wrapper script for the Certbot ACME client. When run, updates @@ -38,17 +38,6 @@ Help for certbot itself cannot be provided until it is installed. All arguments are accepted and forwarded to the Certbot client when run." -while getopts ":hnv" arg; do - case $arg in - h) - HELP=1;; - n) - ASSUME_YES=1;; - v) - VERBOSE=1;; - esac -done - for arg in "$@" ; do case "$arg" in --debug) @@ -65,9 +54,26 @@ for arg in "$@" ; do ASSUME_YES=1;; --verbose) VERBOSE=1;; + -[!-]*) + while getopts ":hnv" short_arg $arg; do + case "$short_arg" in + h) + HELP=1;; + n) + ASSUME_YES=1;; + v) + VERBOSE=1;; + esac + done;; esac done +if [ $BASENAME = "letsencrypt-auto" ]; then + # letsencrypt-auto does not respect --help or --yes for backwards compatibility + ASSUME_YES=1 + HELP=0 +fi + # certbot-auto needs root access to bootstrap OS dependencies, and # certbot itself needs root access for almost all modes of operation # The "normal" case is that sudo is used for the steps that need root, but @@ -107,12 +113,6 @@ else SUDO= fi -if [ $BASENAME = "letsencrypt-auto" ]; then - # letsencrypt-auto does not respect --help or --yes for backwards compatibility - ASSUME_YES=1 - HELP=0 -fi - ExperimentalBootstrap() { # Arguments: Platform name, bootstrap function name if [ "$DEBUG" = 1 ]; then @@ -425,7 +425,8 @@ BootstrapMac() { $pkgcmd augeas $pkgcmd dialog - if [ "$(which python)" = "/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python" ]; then + if [ "$(which python)" = "/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python" \ + -o "$(which python)" = "/usr/bin/python" ]; then # We want to avoid using the system Python because it requires root to use pip. # python.org, MacPorts or HomeBrew Python installations should all be OK. echo "Installing python..." @@ -435,7 +436,8 @@ BootstrapMac() { # Workaround for _dlopen not finding augeas on OS X if [ "$pkgman" = "port" ] && ! [ -e "/usr/local/lib/libaugeas.dylib" ] && [ -e "/opt/local/lib/libaugeas.dylib" ]; then echo "Applying augeas workaround" - $SUDO ln -s /opt/local/lib/libaugeas.dylib /usr/local/lib + $SUDO mkdir -p /usr/local/lib/ + $SUDO ln -s /opt/local/lib/libaugeas.dylib /usr/local/lib/ fi if ! hash pip 2>/dev/null; then @@ -451,6 +453,11 @@ BootstrapMac() { fi } +BootstrapSmartOS() { + pkgin update + pkgin -y install 'gcc49' 'py27-augeas' 'py27-virtualenv' +} + # Install required OS packages: Bootstrap() { @@ -483,8 +490,10 @@ Bootstrap() { ExperimentalBootstrap "FreeBSD" BootstrapFreeBsd elif uname | grep -iq Darwin ; then ExperimentalBootstrap "Mac OS X" BootstrapMac - elif grep -iq "Amazon Linux" /etc/issue ; then + elif [ -f /etc/issue ] && grep -iq "Amazon Linux" /etc/issue ; then ExperimentalBootstrap "Amazon Linux" BootstrapRpmCommon + elif [ -f /etc/product ] && grep -q "Joyent Instance" /etc/product ; then + ExperimentalBootstrap "Joyent SmartOS Zone" BootstrapSmartOS else echo "Sorry, I don't know how to bootstrap Certbot on your operating system!" echo @@ -523,6 +532,7 @@ if [ "$1" = "--le-auto-phase2" ]; then echo "Installing Python packages..." TEMP_DIR=$(TempDir) + trap 'rm -rf "$TEMP_DIR"' EXIT # There is no $ interpolation due to quotes on starting heredoc delimiter. # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/letsencrypt-auto-requirements.txt" @@ -706,21 +716,21 @@ mock==1.0.1 \ # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. -acme==0.6.0 \ - --hash=sha256:cbe4e7a340a19725a8740ed86e30abdbe18fc22c4c6022b7a8e56642d502bcc3 \ - --hash=sha256:ec4e6009dfbd629b58473eb06bbebfd9fb2a79fc8831c149e9205bc38a98ecc6 -certbot==0.6.0 \ - --hash=sha256:a893632d228864b0a751db9f3fdd93439ed34b988ea21b64fb0f0fa2ceded6a2 \ - --hash=sha256:80b0b7dc5afeec2816ef638a61e7c628d73cd72666eebf4984be426d1c2b492d -certbot-apache==0.6.0 \ - --hash=sha256:0ab077f0913b81ed5c1b141c3a7c4c0228ef3738d8d61a93db794d9a80718d43 \ - --hash=sha256:1cfbe751209079a803758f472200816fac559f2a36fdd582d25e3ba5601423a1 -letsencrypt==0.6.0 \ - --hash=sha256:93196c7dcd57272a753e525d145c5a9987c8968c22ec954bcf83dcc9d2499a76 \ - --hash=sha256:a16d6c395f1bf5fd61a28ef83dc78f42dbecbad9d00be6236f2ad8915645c154 -letsencrypt-apache==0.6.0 \ - --hash=sha256:02fadc52a0796e53978c508beec9c53e1fc047660240832b9bde5d53ab3a1379 \ - --hash=sha256:1c5522d94d7750bdb9bfa6201d2c263e914f662c9d0079e673167233cf4364f1 +acme==0.7.0 \ + --hash=sha256:6e61dba343806ad4cb27af84628152abc9e83a0fa24be6065587d2b46f340d7a \ + --hash=sha256:9f75a1947978402026b741bdee8a18fc5a1cfd539b78e523b7e5f279bf18eeb9 +certbot==0.7.0 \ + --hash=sha256:55604e43d231ac226edefed8dc110d792052095c3d75ad0e4a228ae0989fe5fd \ + --hash=sha256:ad5083d75e16d1ab806802d3a32f34973b6d7adaf083aee87e07a6c1359efe88 +certbot-apache==0.7.0 \ + --hash=sha256:5ab5ed9b2af6c7db9495ce1491122798e9d0764e3df8f0843d11d89690bf7f88 \ + --hash=sha256:1ddbfaf01bcb0b05c0dcc8b2ebd37637f080cf798151e8140c20c9f5fe7bae75 +letsencrypt==0.7.0 \ + --hash=sha256:105a5fb107e45bcd0722eb89696986dcf5f08a86a321d6aef25a0c7c63375ade \ + --hash=sha256:c36e532c486a7e92155ee09da54b436a3c420813ec1c590b98f635d924720de9 +letsencrypt-apache==0.7.0 \ + --hash=sha256:10445980a6afc810325ea22a56e269229999120848f6c0b323b00275696b5c80 \ + --hash=sha256:3f4656088a18e4efea7cd7eb4965e14e8d901f3b64f4691e79cafd0bb91890f0 UNLIKELY_EOF # ------------------------------------------------------------------------- @@ -880,7 +890,6 @@ UNLIKELY_EOF PIP_OUT=`"$VENV_BIN/pip" install --no-cache-dir --require-hashes -r "$TEMP_DIR/letsencrypt-auto-requirements.txt" 2>&1` PIP_STATUS=$? set -e - rm -rf "$TEMP_DIR" if [ "$PIP_STATUS" != 0 ]; then # Report error. (Otherwise, be quiet.) echo "Had a problem while installing Python packages:" @@ -890,14 +899,16 @@ UNLIKELY_EOF fi echo "Installation succeeded." fi - echo "Requesting root privileges to run certbot..." + if [ -n "$SUDO" ]; then + # SUDO is su wrapper or sudo + echo "Requesting root privileges to run certbot..." + echo " $VENV_BIN/letsencrypt" "$@" + fi if [ -z "$SUDO_ENV" ] ; then # SUDO is su wrapper / noop - echo " " $SUDO "$VENV_BIN/letsencrypt" "$@" $SUDO "$VENV_BIN/letsencrypt" "$@" else # sudo - echo " " $SUDO "$SUDO_ENV" "$VENV_BIN/letsencrypt" "$@" $SUDO "$SUDO_ENV" "$VENV_BIN/letsencrypt" "$@" fi @@ -923,8 +934,8 @@ else fi if [ "$NO_SELF_UPGRADE" != 1 ]; then - echo "Checking for new version..." TEMP_DIR=$(TempDir) + trap 'rm -rf "$TEMP_DIR"' EXIT # --------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/fetch.py" """Do downloading and JSON parsing without additional dependencies. :: @@ -997,7 +1008,7 @@ def latest_stable_version(get): """Return the latest stable release of letsencrypt.""" metadata = loads(get( environ.get('LE_AUTO_JSON_URL', - 'https://pypi.python.org/pypi/letsencrypt/json'))) + 'https://pypi.python.org/pypi/certbot/json'))) # metadata['info']['version'] actually returns the latest of any kind of # release release, contrary to https://wiki.python.org/moin/PyPIJSON. # The regex is a sufficient regex for picking out prereleases for most @@ -1016,7 +1027,7 @@ def verified_new_le_auto(get, tag, temp_dir): """ le_auto_dir = environ.get( 'LE_AUTO_DIR_TEMPLATE', - 'https://raw.githubusercontent.com/letsencrypt/letsencrypt/%s/' + 'https://raw.githubusercontent.com/certbot/certbot/%s/' 'letsencrypt-auto-source/') % tag write(get(le_auto_dir + 'letsencrypt-auto'), temp_dir, 'letsencrypt-auto') write(get(le_auto_dir + 'letsencrypt-auto.sig'), temp_dir, 'letsencrypt-auto.sig') @@ -1079,8 +1090,6 @@ UNLIKELY_EOF # filesystems is non-atomic, doing `rm dest, cp src dest, rm src`, but the # cp is unlikely to fail (esp. under sudo) if the rm doesn't. $SUDO mv -f "$TEMP_DIR/letsencrypt-auto.permission-clone" "$0" - # TODO: Clean up temp dir safely, even if it has quotes in its path. - rm -rf "$TEMP_DIR" fi # A newer version is available. fi # Self-upgrading is allowed. diff --git a/certbot-compatibility-test/setup.py b/certbot-compatibility-test/setup.py index 8f9452c5a..b1196eb23 100644 --- a/certbot-compatibility-test/setup.py +++ b/certbot-compatibility-test/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.7.0.dev0' +version = '0.7.0' install_requires = [ 'certbot=={0}'.format(version), diff --git a/certbot-nginx/setup.py b/certbot-nginx/setup.py index a74b93093..bfdfd5f66 100644 --- a/certbot-nginx/setup.py +++ b/certbot-nginx/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.7.0.dev0' +version = '0.7.0' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/certbot/__init__.py b/certbot/__init__.py index 85f370e7a..06a1930db 100644 --- a/certbot/__init__.py +++ b/certbot/__init__.py @@ -1,4 +1,4 @@ """Certbot client.""" # version number like 1.2.3a0, must have at least 2 parts, like 1.2 -__version__ = '0.7.0.dev0' +__version__ = '0.7.0' diff --git a/docs/cli-help.txt b/docs/cli-help.txt index cb4bace58..4026f1cc8 100644 --- a/docs/cli-help.txt +++ b/docs/cli-help.txt @@ -28,6 +28,7 @@ optional arguments: require additional command line flags; the client will try to explain which ones are required if it finds one missing (default: False) + --dialog Run using dialog (default: False) --dry-run Perform a test run of the client, obtaining test (invalid) certs but not saving them to disk. This can currently only be used with the 'certonly' and 'renew' @@ -130,6 +131,10 @@ security: Security parameters & server settings --rsa-key-size N Size of the RSA key. (default: 2048) + --must-staple Adds the OCSP Must Staple extension to the + certificate. Autoconfigures OCSP Stapling for + supported setups (Apache version >= 2.3.3 ). (default: + False) --redirect Automatically redirect all HTTP traffic to HTTPS for the newly authenticated vhost. (default: None) --no-redirect Do not automatically redirect all HTTP traffic to @@ -148,6 +153,11 @@ security: --no-uir Do not automatically set the "Content-Security-Policy: upgrade-insecure-requests" header to every HTTP response. (default: None) + --staple-ocsp Enables OCSP Stapling. A valid OCSP response is + stapled to the certificate that the server offers + during TLS. (default: None) + --no-staple-ocsp Do not automatically enable OCSP Stapling. (default: + None) --strict-permissions Require that all configuration files are owned by the current user; only needed if your config is somewhere unsafe like /tmp/ (default: False) @@ -173,7 +183,9 @@ renew: Command to be run in a shell after attempting to obtain/renew certificates. Can be used to deploy renewed certificates, or to restart any servers that - were stopped by --pre-hook. (default: None) + were stopped by --pre-hook. This is only run if an + attempt was made to obtain/renew a certificate. + (default: None) --renew-hook RENEW_HOOK Command to be run in a shell once for each successfully renewed certificate.For this command, the @@ -263,15 +275,6 @@ plugins: --webroot Obtain certs by placing files in a webroot directory. (default: False) -nginx: - Nginx Web Server - currently doesn't work - - --nginx-server-root NGINX_SERVER_ROOT - Nginx server root directory. (default: /etc/nginx) - --nginx-ctl NGINX_CTL - Path to the 'nginx' binary, used for 'configtest' and - retrieving nginx version number. (default: nginx) - standalone: Automatically use a temporary webserver @@ -288,6 +291,15 @@ manual: Automatically allows public IP logging. (default: False) +nginx: + Nginx Web Server - currently doesn't work + + --nginx-server-root NGINX_SERVER_ROOT + Nginx server root directory. (default: /etc/nginx) + --nginx-ctl NGINX_CTL + Path to the 'nginx' binary, used for 'configtest' and + retrieving nginx version number. (default: nginx) + webroot: Place files in webroot directory diff --git a/letsencrypt-apache/setup.py b/letsencrypt-apache/setup.py index b94746150..29b3df09f 100644 --- a/letsencrypt-apache/setup.py +++ b/letsencrypt-apache/setup.py @@ -16,7 +16,7 @@ here = os.path.abspath(os.path.dirname(__file__)) readme = read_file(os.path.join(here, 'README.rst')) -version = '0.7.0.dev0' +version = '0.7.0' # This package is a simple shim around certbot-apache diff --git a/letsencrypt-auto b/letsencrypt-auto index 8c6e6c486..5fbef43b1 100755 --- a/letsencrypt-auto +++ b/letsencrypt-auto @@ -19,7 +19,7 @@ XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share} VENV_NAME="letsencrypt" VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"} VENV_BIN="$VENV_PATH/bin" -LE_AUTO_VERSION="0.6.0" +LE_AUTO_VERSION="0.7.0" BASENAME=$(basename $0) USAGE="Usage: $BASENAME [OPTIONS] A self-updating wrapper script for the Certbot ACME client. When run, updates @@ -38,17 +38,6 @@ Help for certbot itself cannot be provided until it is installed. All arguments are accepted and forwarded to the Certbot client when run." -while getopts ":hnv" arg; do - case $arg in - h) - HELP=1;; - n) - ASSUME_YES=1;; - v) - VERBOSE=1;; - esac -done - for arg in "$@" ; do case "$arg" in --debug) @@ -65,9 +54,26 @@ for arg in "$@" ; do ASSUME_YES=1;; --verbose) VERBOSE=1;; + -[!-]*) + while getopts ":hnv" short_arg $arg; do + case "$short_arg" in + h) + HELP=1;; + n) + ASSUME_YES=1;; + v) + VERBOSE=1;; + esac + done;; esac done +if [ $BASENAME = "letsencrypt-auto" ]; then + # letsencrypt-auto does not respect --help or --yes for backwards compatibility + ASSUME_YES=1 + HELP=0 +fi + # certbot-auto needs root access to bootstrap OS dependencies, and # certbot itself needs root access for almost all modes of operation # The "normal" case is that sudo is used for the steps that need root, but @@ -107,12 +113,6 @@ else SUDO= fi -if [ $BASENAME = "letsencrypt-auto" ]; then - # letsencrypt-auto does not respect --help or --yes for backwards compatibility - ASSUME_YES=1 - HELP=0 -fi - ExperimentalBootstrap() { # Arguments: Platform name, bootstrap function name if [ "$DEBUG" = 1 ]; then @@ -425,7 +425,8 @@ BootstrapMac() { $pkgcmd augeas $pkgcmd dialog - if [ "$(which python)" = "/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python" ]; then + if [ "$(which python)" = "/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python" \ + -o "$(which python)" = "/usr/bin/python" ]; then # We want to avoid using the system Python because it requires root to use pip. # python.org, MacPorts or HomeBrew Python installations should all be OK. echo "Installing python..." @@ -435,7 +436,8 @@ BootstrapMac() { # Workaround for _dlopen not finding augeas on OS X if [ "$pkgman" = "port" ] && ! [ -e "/usr/local/lib/libaugeas.dylib" ] && [ -e "/opt/local/lib/libaugeas.dylib" ]; then echo "Applying augeas workaround" - $SUDO ln -s /opt/local/lib/libaugeas.dylib /usr/local/lib + $SUDO mkdir -p /usr/local/lib/ + $SUDO ln -s /opt/local/lib/libaugeas.dylib /usr/local/lib/ fi if ! hash pip 2>/dev/null; then @@ -451,6 +453,11 @@ BootstrapMac() { fi } +BootstrapSmartOS() { + pkgin update + pkgin -y install 'gcc49' 'py27-augeas' 'py27-virtualenv' +} + # Install required OS packages: Bootstrap() { @@ -483,8 +490,10 @@ Bootstrap() { ExperimentalBootstrap "FreeBSD" BootstrapFreeBsd elif uname | grep -iq Darwin ; then ExperimentalBootstrap "Mac OS X" BootstrapMac - elif grep -iq "Amazon Linux" /etc/issue ; then + elif [ -f /etc/issue ] && grep -iq "Amazon Linux" /etc/issue ; then ExperimentalBootstrap "Amazon Linux" BootstrapRpmCommon + elif [ -f /etc/product ] && grep -q "Joyent Instance" /etc/product ; then + ExperimentalBootstrap "Joyent SmartOS Zone" BootstrapSmartOS else echo "Sorry, I don't know how to bootstrap Certbot on your operating system!" echo @@ -523,6 +532,7 @@ if [ "$1" = "--le-auto-phase2" ]; then echo "Installing Python packages..." TEMP_DIR=$(TempDir) + trap 'rm -rf "$TEMP_DIR"' EXIT # There is no $ interpolation due to quotes on starting heredoc delimiter. # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/letsencrypt-auto-requirements.txt" @@ -706,21 +716,21 @@ mock==1.0.1 \ # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. -acme==0.6.0 \ - --hash=sha256:cbe4e7a340a19725a8740ed86e30abdbe18fc22c4c6022b7a8e56642d502bcc3 \ - --hash=sha256:ec4e6009dfbd629b58473eb06bbebfd9fb2a79fc8831c149e9205bc38a98ecc6 -certbot==0.6.0 \ - --hash=sha256:a893632d228864b0a751db9f3fdd93439ed34b988ea21b64fb0f0fa2ceded6a2 \ - --hash=sha256:80b0b7dc5afeec2816ef638a61e7c628d73cd72666eebf4984be426d1c2b492d -certbot-apache==0.6.0 \ - --hash=sha256:0ab077f0913b81ed5c1b141c3a7c4c0228ef3738d8d61a93db794d9a80718d43 \ - --hash=sha256:1cfbe751209079a803758f472200816fac559f2a36fdd582d25e3ba5601423a1 -letsencrypt==0.6.0 \ - --hash=sha256:93196c7dcd57272a753e525d145c5a9987c8968c22ec954bcf83dcc9d2499a76 \ - --hash=sha256:a16d6c395f1bf5fd61a28ef83dc78f42dbecbad9d00be6236f2ad8915645c154 -letsencrypt-apache==0.6.0 \ - --hash=sha256:02fadc52a0796e53978c508beec9c53e1fc047660240832b9bde5d53ab3a1379 \ - --hash=sha256:1c5522d94d7750bdb9bfa6201d2c263e914f662c9d0079e673167233cf4364f1 +acme==0.7.0 \ + --hash=sha256:6e61dba343806ad4cb27af84628152abc9e83a0fa24be6065587d2b46f340d7a \ + --hash=sha256:9f75a1947978402026b741bdee8a18fc5a1cfd539b78e523b7e5f279bf18eeb9 +certbot==0.7.0 \ + --hash=sha256:55604e43d231ac226edefed8dc110d792052095c3d75ad0e4a228ae0989fe5fd \ + --hash=sha256:ad5083d75e16d1ab806802d3a32f34973b6d7adaf083aee87e07a6c1359efe88 +certbot-apache==0.7.0 \ + --hash=sha256:5ab5ed9b2af6c7db9495ce1491122798e9d0764e3df8f0843d11d89690bf7f88 \ + --hash=sha256:1ddbfaf01bcb0b05c0dcc8b2ebd37637f080cf798151e8140c20c9f5fe7bae75 +letsencrypt==0.7.0 \ + --hash=sha256:105a5fb107e45bcd0722eb89696986dcf5f08a86a321d6aef25a0c7c63375ade \ + --hash=sha256:c36e532c486a7e92155ee09da54b436a3c420813ec1c590b98f635d924720de9 +letsencrypt-apache==0.7.0 \ + --hash=sha256:10445980a6afc810325ea22a56e269229999120848f6c0b323b00275696b5c80 \ + --hash=sha256:3f4656088a18e4efea7cd7eb4965e14e8d901f3b64f4691e79cafd0bb91890f0 UNLIKELY_EOF # ------------------------------------------------------------------------- @@ -880,7 +890,6 @@ UNLIKELY_EOF PIP_OUT=`"$VENV_BIN/pip" install --no-cache-dir --require-hashes -r "$TEMP_DIR/letsencrypt-auto-requirements.txt" 2>&1` PIP_STATUS=$? set -e - rm -rf "$TEMP_DIR" if [ "$PIP_STATUS" != 0 ]; then # Report error. (Otherwise, be quiet.) echo "Had a problem while installing Python packages:" @@ -890,14 +899,16 @@ UNLIKELY_EOF fi echo "Installation succeeded." fi - echo "Requesting root privileges to run certbot..." + if [ -n "$SUDO" ]; then + # SUDO is su wrapper or sudo + echo "Requesting root privileges to run certbot..." + echo " $VENV_BIN/letsencrypt" "$@" + fi if [ -z "$SUDO_ENV" ] ; then # SUDO is su wrapper / noop - echo " " $SUDO "$VENV_BIN/letsencrypt" "$@" $SUDO "$VENV_BIN/letsencrypt" "$@" else # sudo - echo " " $SUDO "$SUDO_ENV" "$VENV_BIN/letsencrypt" "$@" $SUDO "$SUDO_ENV" "$VENV_BIN/letsencrypt" "$@" fi @@ -923,8 +934,8 @@ else fi if [ "$NO_SELF_UPGRADE" != 1 ]; then - echo "Checking for new version..." TEMP_DIR=$(TempDir) + trap 'rm -rf "$TEMP_DIR"' EXIT # --------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/fetch.py" """Do downloading and JSON parsing without additional dependencies. :: @@ -997,7 +1008,7 @@ def latest_stable_version(get): """Return the latest stable release of letsencrypt.""" metadata = loads(get( environ.get('LE_AUTO_JSON_URL', - 'https://pypi.python.org/pypi/letsencrypt/json'))) + 'https://pypi.python.org/pypi/certbot/json'))) # metadata['info']['version'] actually returns the latest of any kind of # release release, contrary to https://wiki.python.org/moin/PyPIJSON. # The regex is a sufficient regex for picking out prereleases for most @@ -1016,7 +1027,7 @@ def verified_new_le_auto(get, tag, temp_dir): """ le_auto_dir = environ.get( 'LE_AUTO_DIR_TEMPLATE', - 'https://raw.githubusercontent.com/letsencrypt/letsencrypt/%s/' + 'https://raw.githubusercontent.com/certbot/certbot/%s/' 'letsencrypt-auto-source/') % tag write(get(le_auto_dir + 'letsencrypt-auto'), temp_dir, 'letsencrypt-auto') write(get(le_auto_dir + 'letsencrypt-auto.sig'), temp_dir, 'letsencrypt-auto.sig') @@ -1079,8 +1090,6 @@ UNLIKELY_EOF # filesystems is non-atomic, doing `rm dest, cp src dest, rm src`, but the # cp is unlikely to fail (esp. under sudo) if the rm doesn't. $SUDO mv -f "$TEMP_DIR/letsencrypt-auto.permission-clone" "$0" - # TODO: Clean up temp dir safely, even if it has quotes in its path. - rm -rf "$TEMP_DIR" fi # A newer version is available. fi # Self-upgrading is allowed. diff --git a/letsencrypt-auto-source/certbot-auto.asc b/letsencrypt-auto-source/certbot-auto.asc index 8b4f34c70..454cbe598 100644 --- a/letsencrypt-auto-source/certbot-auto.asc +++ b/letsencrypt-auto-source/certbot-auto.asc @@ -1,11 +1,11 @@ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 -iQEcBAABAgAGBQJXM9ZDAAoJEE0XyZXNl3XyzGkH/2KeR0jYxXKlvwfCkxU6hSC0 -eXcxZVQk59hCSvkNGE6Mj6rwQcyjSqmRp14MaJpq7NZADN6F+HWb6VB/Wq6moMQs -PJtthqwhF767Qg+Py9Hp6XmlKscjXB6AKCVxq5TBwEIOTtj0rhQRLF9/+GW6jFuf -kT6aUcDWNjOyWWUtp9vOVprDtegrltp0/2DNitlvPu263pKC+7I3GyLTq4fKP4EE -auZSAhFry9SNR3Usf2wD3kzhvLSrT3h9Yh5oA04oaX9H6e86EHwt6RJJRHpg8s6b -e0CBIIuaRJEmdiMUWlV/gAfH6M2PbG1wtJdxc0ThNEoWAjTsopr61BoHJ3cpCy4= -=+e7/ +iQEcBAABAgAGBQJXSK5DAAoJEE0XyZXNl3Xyyb4H/Ahy9/8ADDaN5V/O/6kl6gE5 +amQfm8T10EUD8APnNWYrYKBYruDBVvH0KiEcuAEs7q4xE5BaQatlobSnsHfv4AWW +TwInk2lRxYZ++MwwQf3DrqMK5QKfcoVnViZsRpZ8gHMLzsJllRm7R5eaTewO2ViM +KM+yDB3UsquLUvE4d3/hgBl2mXAUwsxLeFreZayvpoTcX2ARnzbtKqMaIBYDYWcx +DewWtDsPrhKFpb2DY06S6JLmEttysUgv+hbKlaVO0yZ8cCUehkzBIGYoeS4chOLq +fonNCzB8u3RtnLEFiPIy0N+A592jbLsqqUkxjammaJq3lH7nitduMLnpvGKt4yc= +=ex1J -----END PGP SIGNATURE----- diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index fee63c2f5..5fbef43b1 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -19,7 +19,7 @@ XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share} VENV_NAME="letsencrypt" VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"} VENV_BIN="$VENV_PATH/bin" -LE_AUTO_VERSION="0.7.0.dev0" +LE_AUTO_VERSION="0.7.0" BASENAME=$(basename $0) USAGE="Usage: $BASENAME [OPTIONS] A self-updating wrapper script for the Certbot ACME client. When run, updates @@ -716,21 +716,21 @@ mock==1.0.1 \ # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. -acme==0.6.0 \ - --hash=sha256:cbe4e7a340a19725a8740ed86e30abdbe18fc22c4c6022b7a8e56642d502bcc3 \ - --hash=sha256:ec4e6009dfbd629b58473eb06bbebfd9fb2a79fc8831c149e9205bc38a98ecc6 -certbot==0.6.0 \ - --hash=sha256:a893632d228864b0a751db9f3fdd93439ed34b988ea21b64fb0f0fa2ceded6a2 \ - --hash=sha256:80b0b7dc5afeec2816ef638a61e7c628d73cd72666eebf4984be426d1c2b492d -certbot-apache==0.6.0 \ - --hash=sha256:0ab077f0913b81ed5c1b141c3a7c4c0228ef3738d8d61a93db794d9a80718d43 \ - --hash=sha256:1cfbe751209079a803758f472200816fac559f2a36fdd582d25e3ba5601423a1 -letsencrypt==0.6.0 \ - --hash=sha256:93196c7dcd57272a753e525d145c5a9987c8968c22ec954bcf83dcc9d2499a76 \ - --hash=sha256:a16d6c395f1bf5fd61a28ef83dc78f42dbecbad9d00be6236f2ad8915645c154 -letsencrypt-apache==0.6.0 \ - --hash=sha256:02fadc52a0796e53978c508beec9c53e1fc047660240832b9bde5d53ab3a1379 \ - --hash=sha256:1c5522d94d7750bdb9bfa6201d2c263e914f662c9d0079e673167233cf4364f1 +acme==0.7.0 \ + --hash=sha256:6e61dba343806ad4cb27af84628152abc9e83a0fa24be6065587d2b46f340d7a \ + --hash=sha256:9f75a1947978402026b741bdee8a18fc5a1cfd539b78e523b7e5f279bf18eeb9 +certbot==0.7.0 \ + --hash=sha256:55604e43d231ac226edefed8dc110d792052095c3d75ad0e4a228ae0989fe5fd \ + --hash=sha256:ad5083d75e16d1ab806802d3a32f34973b6d7adaf083aee87e07a6c1359efe88 +certbot-apache==0.7.0 \ + --hash=sha256:5ab5ed9b2af6c7db9495ce1491122798e9d0764e3df8f0843d11d89690bf7f88 \ + --hash=sha256:1ddbfaf01bcb0b05c0dcc8b2ebd37637f080cf798151e8140c20c9f5fe7bae75 +letsencrypt==0.7.0 \ + --hash=sha256:105a5fb107e45bcd0722eb89696986dcf5f08a86a321d6aef25a0c7c63375ade \ + --hash=sha256:c36e532c486a7e92155ee09da54b436a3c420813ec1c590b98f635d924720de9 +letsencrypt-apache==0.7.0 \ + --hash=sha256:10445980a6afc810325ea22a56e269229999120848f6c0b323b00275696b5c80 \ + --hash=sha256:3f4656088a18e4efea7cd7eb4965e14e8d901f3b64f4691e79cafd0bb91890f0 UNLIKELY_EOF # ------------------------------------------------------------------------- diff --git a/letsencrypt-auto-source/letsencrypt-auto.sig b/letsencrypt-auto-source/letsencrypt-auto.sig index cb360f89ef5443af2c6bc157704a98d3cd68fcef..e7e6546a25178083f007351bbba85fda56c87bb2 100644 GIT binary patch literal 256 zcmV+b0ssD(3r1$c09~FFRL*(rn=D5xr$W>4tf{yJ0Yd>ifFOs3`#iS_w(uP+p(fG& zTEmPXK+5%ZpiHyaPtmN4i1xvJn%fgm9b2nF4!4kuT8ov;Uq`~S8bQzaVDw}C5Xzw8cyZq9H=SydJxxr0AB GYGOMK)`FS< diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index f4ceae536..6405efd78 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -178,18 +178,18 @@ mock==1.0.1 \ # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. -acme==0.6.0 \ - --hash=sha256:cbe4e7a340a19725a8740ed86e30abdbe18fc22c4c6022b7a8e56642d502bcc3 \ - --hash=sha256:ec4e6009dfbd629b58473eb06bbebfd9fb2a79fc8831c149e9205bc38a98ecc6 -certbot==0.6.0 \ - --hash=sha256:a893632d228864b0a751db9f3fdd93439ed34b988ea21b64fb0f0fa2ceded6a2 \ - --hash=sha256:80b0b7dc5afeec2816ef638a61e7c628d73cd72666eebf4984be426d1c2b492d -certbot-apache==0.6.0 \ - --hash=sha256:0ab077f0913b81ed5c1b141c3a7c4c0228ef3738d8d61a93db794d9a80718d43 \ - --hash=sha256:1cfbe751209079a803758f472200816fac559f2a36fdd582d25e3ba5601423a1 -letsencrypt==0.6.0 \ - --hash=sha256:93196c7dcd57272a753e525d145c5a9987c8968c22ec954bcf83dcc9d2499a76 \ - --hash=sha256:a16d6c395f1bf5fd61a28ef83dc78f42dbecbad9d00be6236f2ad8915645c154 -letsencrypt-apache==0.6.0 \ - --hash=sha256:02fadc52a0796e53978c508beec9c53e1fc047660240832b9bde5d53ab3a1379 \ - --hash=sha256:1c5522d94d7750bdb9bfa6201d2c263e914f662c9d0079e673167233cf4364f1 +acme==0.7.0 \ + --hash=sha256:6e61dba343806ad4cb27af84628152abc9e83a0fa24be6065587d2b46f340d7a \ + --hash=sha256:9f75a1947978402026b741bdee8a18fc5a1cfd539b78e523b7e5f279bf18eeb9 +certbot==0.7.0 \ + --hash=sha256:55604e43d231ac226edefed8dc110d792052095c3d75ad0e4a228ae0989fe5fd \ + --hash=sha256:ad5083d75e16d1ab806802d3a32f34973b6d7adaf083aee87e07a6c1359efe88 +certbot-apache==0.7.0 \ + --hash=sha256:5ab5ed9b2af6c7db9495ce1491122798e9d0764e3df8f0843d11d89690bf7f88 \ + --hash=sha256:1ddbfaf01bcb0b05c0dcc8b2ebd37637f080cf798151e8140c20c9f5fe7bae75 +letsencrypt==0.7.0 \ + --hash=sha256:105a5fb107e45bcd0722eb89696986dcf5f08a86a321d6aef25a0c7c63375ade \ + --hash=sha256:c36e532c486a7e92155ee09da54b436a3c420813ec1c590b98f635d924720de9 +letsencrypt-apache==0.7.0 \ + --hash=sha256:10445980a6afc810325ea22a56e269229999120848f6c0b323b00275696b5c80 \ + --hash=sha256:3f4656088a18e4efea7cd7eb4965e14e8d901f3b64f4691e79cafd0bb91890f0 diff --git a/letsencrypt-nginx/setup.py b/letsencrypt-nginx/setup.py index 95ffd6cd8..3acfa9bb8 100644 --- a/letsencrypt-nginx/setup.py +++ b/letsencrypt-nginx/setup.py @@ -16,7 +16,7 @@ here = os.path.abspath(os.path.dirname(__file__)) readme = read_file(os.path.join(here, 'README.rst')) -version = '0.7.0.dev0' +version = '0.7.0' # This package is a simple shim around certbot-nginx diff --git a/letsencrypt/setup.py b/letsencrypt/setup.py index 7c974ea9b..fd6544265 100644 --- a/letsencrypt/setup.py +++ b/letsencrypt/setup.py @@ -20,7 +20,7 @@ readme = read_file(os.path.join(here, 'README.rst')) install_requires = ['certbot'] -version = '0.7.0.dev0' +version = '0.7.0' setup( From 7153220b4106031fcf7cc4a958d0a3f44215d6f8 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Fri, 27 May 2016 13:30:54 -0700 Subject: [PATCH 28/32] Bump version to 0.8.0 --- acme/setup.py | 2 +- certbot-apache/setup.py | 2 +- certbot-compatibility-test/setup.py | 2 +- certbot-nginx/setup.py | 2 +- certbot/__init__.py | 2 +- letsencrypt-apache/setup.py | 2 +- letsencrypt-auto-source/letsencrypt-auto | 2 +- letsencrypt-nginx/setup.py | 2 +- letsencrypt/setup.py | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/acme/setup.py b/acme/setup.py index 3b01a6b73..c25cb5c00 100644 --- a/acme/setup.py +++ b/acme/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.7.0' +version = '0.8.0.dev0' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/certbot-apache/setup.py b/certbot-apache/setup.py index 8974df882..2a4716db7 100644 --- a/certbot-apache/setup.py +++ b/certbot-apache/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.7.0' +version = '0.8.0.dev0' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/certbot-compatibility-test/setup.py b/certbot-compatibility-test/setup.py index b1196eb23..8d2bd925d 100644 --- a/certbot-compatibility-test/setup.py +++ b/certbot-compatibility-test/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.7.0' +version = '0.8.0.dev0' install_requires = [ 'certbot=={0}'.format(version), diff --git a/certbot-nginx/setup.py b/certbot-nginx/setup.py index bfdfd5f66..bb8b3414e 100644 --- a/certbot-nginx/setup.py +++ b/certbot-nginx/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.7.0' +version = '0.8.0.dev0' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/certbot/__init__.py b/certbot/__init__.py index 06a1930db..dc0e2764d 100644 --- a/certbot/__init__.py +++ b/certbot/__init__.py @@ -1,4 +1,4 @@ """Certbot client.""" # version number like 1.2.3a0, must have at least 2 parts, like 1.2 -__version__ = '0.7.0' +__version__ = '0.8.0.dev0' diff --git a/letsencrypt-apache/setup.py b/letsencrypt-apache/setup.py index 29b3df09f..09703841c 100644 --- a/letsencrypt-apache/setup.py +++ b/letsencrypt-apache/setup.py @@ -16,7 +16,7 @@ here = os.path.abspath(os.path.dirname(__file__)) readme = read_file(os.path.join(here, 'README.rst')) -version = '0.7.0' +version = '0.8.0.dev0' # This package is a simple shim around certbot-apache diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 5fbef43b1..2de0652a9 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -19,7 +19,7 @@ XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share} VENV_NAME="letsencrypt" VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"} VENV_BIN="$VENV_PATH/bin" -LE_AUTO_VERSION="0.7.0" +LE_AUTO_VERSION="0.8.0.dev0" BASENAME=$(basename $0) USAGE="Usage: $BASENAME [OPTIONS] A self-updating wrapper script for the Certbot ACME client. When run, updates diff --git a/letsencrypt-nginx/setup.py b/letsencrypt-nginx/setup.py index 3acfa9bb8..25db12a47 100644 --- a/letsencrypt-nginx/setup.py +++ b/letsencrypt-nginx/setup.py @@ -16,7 +16,7 @@ here = os.path.abspath(os.path.dirname(__file__)) readme = read_file(os.path.join(here, 'README.rst')) -version = '0.7.0' +version = '0.8.0.dev0' # This package is a simple shim around certbot-nginx diff --git a/letsencrypt/setup.py b/letsencrypt/setup.py index fd6544265..4541e85fe 100644 --- a/letsencrypt/setup.py +++ b/letsencrypt/setup.py @@ -20,7 +20,7 @@ readme = read_file(os.path.join(here, 'README.rst')) install_requires = ['certbot'] -version = '0.7.0' +version = '0.8.0.dev0' setup( From b627f643772444b965f0e03b0da19f99b5d7c4f5 Mon Sep 17 00:00:00 2001 From: Peter Eckersley Date: Fri, 27 May 2016 15:04:59 -0700 Subject: [PATCH 29/32] Fix stray merge error --- certbot/tests/cli_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/certbot/tests/cli_test.py b/certbot/tests/cli_test.py index 09a882c89..671da16f0 100644 --- a/certbot/tests/cli_test.py +++ b/certbot/tests/cli_test.py @@ -177,7 +177,7 @@ class CLITest(unittest.TestCase): # pylint: disable=too-many-public-methods import platform plat = platform.platform() if "linux" in plat.lower(): - self.assertTrue(le_util.get_os_info_ua() in ua) + self.assertTrue(util.get_os_info_ua() in ua) with mock.patch('certbot.main.client.acme_client.ClientNetwork') as acme_net: ua = "bandersnatch" From 24915f6d008e50c2a242e9ac7e752ad28cb0f623 Mon Sep 17 00:00:00 2001 From: Peter Eckersley Date: Fri, 27 May 2016 16:45:12 -0700 Subject: [PATCH 30/32] Lint --- certbot/tests/util_test.py | 1 - 1 file changed, 1 deletion(-) diff --git a/certbot/tests/util_test.py b/certbot/tests/util_test.py index 4cbc9b663..8e1b330ed 100644 --- a/certbot/tests/util_test.py +++ b/certbot/tests/util_test.py @@ -10,7 +10,6 @@ import unittest import mock import six -import certbot from certbot import errors from certbot.tests import test_util From b24768751753c6ad2aead5167b5ca3eaf345b155 Mon Sep 17 00:00:00 2001 From: Chris Lamb Date: Sat, 28 May 2016 10:45:57 +0100 Subject: [PATCH 31/32] Don't call os.pid() the default kwargs to atexit_print_messages Whilst it has no side-effects, this results in non-reproducible output when generating the certbot documentation: http://i.imgur.com/Q6VGi9S.jpg Signed-off-by: Chris Lamb --- certbot/reporter.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/certbot/reporter.py b/certbot/reporter.py index d509cb0b8..fe34ece54 100644 --- a/certbot/reporter.py +++ b/certbot/reporter.py @@ -16,6 +16,11 @@ from certbot import le_util logger = logging.getLogger(__name__) +# Store the pid of the process that first imported this module so that +# atexit_print_messages side-effects such as error reporting can be limited to +# this process and not any fork()'d children. +INITIAL_PID = os.getpid() + @zope.interface.implementer(interfaces.IReporter) class Reporter(object): @@ -55,12 +60,14 @@ class Reporter(object): self.messages.put(self._msg_type(priority, msg, on_crash)) logger.info("Reporting to user: %s", msg) - def atexit_print_messages(self, pid=os.getpid()): + def atexit_print_messages(self, pid=None): """Function to be registered with atexit to print messages. :param int pid: Process ID """ + if pid is None: + pid = INITIAL_PID # This ensures that messages are only printed from the process that # created the Reporter. if pid == os.getpid(): From 2e12fda802627b91953e0bc5397a7aa7fe4cc544 Mon Sep 17 00:00:00 2001 From: Shaun Cummiskey Date: Sat, 28 May 2016 16:08:28 -0500 Subject: [PATCH 32/32] Spelling correction --- certbot/main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/certbot/main.py b/certbot/main.py index 933a102d8..96c0221a2 100644 --- a/certbot/main.py +++ b/certbot/main.py @@ -292,7 +292,7 @@ def _report_new_cert(config, cert_path, fullchain_path): msg = ('Congratulations! Your certificate {0} been saved at {1}.' ' Your cert will expire on {2}. To obtain a new or tweaked version of this ' 'certificate in the future, simply run {3} again{4}. ' - 'To non-interactively renew *all* of your ceriticates, run "{3} renew"' + 'To non-interactively renew *all* of your certificates, run "{3} renew"' .format(and_chain, path, expiry, cli.cli_command, verbswitch)) reporter_util.add_message(msg, reporter_util.MEDIUM_PRIORITY)