Merge pull request #1869 from letsencrypt/apache-conf-library

Apache conf library

tests/apache-conf-files/failing/missing-double-quote-1724.conf

@@ -0,0 +1,52 @@
+<VirtualHost *:443>
+        ServerAdmin webmaster@localhost
+        ServerAlias www.example.com
+        ServerName example.com
+        DocumentRoot /var/www/example.com/www/
+	SSLEngine on
+	
+	SSLProtocol all -SSLv2 -SSLv3
+        SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRS$
+        SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
+        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+        <Directory />
+                Options FollowSymLinks
+                AllowOverride All
+        </Directory>
+        <Directory /var/www/example.com/www>
+                Options Indexes FollowSymLinks MultiViews
+                AllowOverride All
+                Order allow,deny
+                allow from all
+                # This directive allows us to have apache2's default start page
+                # in /apache2-default/, but still have / go to the right place
+        </Directory>
+
+        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+        <Directory "/usr/lib/cgi-bin">
+                AllowOverride None
+                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+                Order allow,deny
+                Allow from all
+        </Directory>
+
+        ErrorLog /var/log/apache2/error.log
+
+        # Possible values include: debug, info, notice, warn, error, crit,
+        # alert, emerg.
+        LogLevel warn
+
+        CustomLog /var/log/apache2/access.log combined
+        ServerSignature On
+
+    Alias /apache_doc/ "/usr/share/doc/"
+    <Directory "/usr/share/doc/">
+        Options Indexes MultiViews FollowSymLinks
+        AllowOverride None
+        Order deny,allow
+        Deny from all
+        Allow from 127.0.0.0/255.0.0.0 ::1/128
+    </Directory>
+
+</VirtualHost>

tests/apache-conf-files/hackish-apache-test

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+# A hackish script to see if the client is behaving as expected 
+# with each of the "passing" conf files.
+
+# TODO presently this requires interaction and human judgement to 
+# assess, but it should be automated
+export EA=/etc/apache2/ 
+TESTDIR="`dirname $0`"
+LEROOT="`realpath \"$TESTDIR/../../\"`"
+cd $TESTDIR/passing
+
+function CleanupExit() {
+    echo control c, exiting tests...
+    if [ "$f" != "" ] ; then
+        sudo rm /etc/apache2/sites-{enabled,available}/"$f"
+    fi
+    exit 1
+}
+
+trap CleanupExit INT
+for f in *.conf ; do 
+    echo testing "$f"
+    sudo cp "$f" "$EA"/sites-available/
+    sudo ln -s "$EA/sites-available/$f" "$EA/sites-enabled/$f"
+    sudo "$LEROOT"/venv/bin/letsencrypt --apache  certonly -t
+    sudo rm /etc/apache2/sites-{enabled,available}/"$f"
+done

tests/apache-conf-files/passing/1626-1531.conf

@@ -0,0 +1,37 @@
+<VirtualHost *:80>
+        ServerAdmin denver@ossguy.com
+        ServerName  c-beta.ossguy.com
+
+        Alias /robots.txt /home/denver/www/c-beta.ossguy.com/static/robots.txt
+        Alias /favicon.ico /home/denver/www/c-beta.ossguy.com/static/favicon.ico
+
+        AliasMatch /(.*\.css) /home/denver/www/c-beta.ossguy.com/static/$1
+        AliasMatch /(.*\.js) /home/denver/www/c-beta.ossguy.com/static/$1
+        AliasMatch /(.*\.png) /home/denver/www/c-beta.ossguy.com/static/$1
+        AliasMatch /(.*\.gif) /home/denver/www/c-beta.ossguy.com/static/$1
+        AliasMatch /(.*\.jpg) /home/denver/www/c-beta.ossguy.com/static/$1
+
+        WSGIScriptAlias / /home/denver/www/c-beta.ossguy.com/django.wsgi
+        WSGIDaemonProcess c-beta-ossguy user=www-data group=www-data home=/var/www processes=5 threads=10 maximum-requests=1000 umask=0007 display-name=c-beta-ossguy
+        WSGIProcessGroup c-beta-ossguy
+        WSGIApplicationGroup %{GLOBAL}
+
+        DocumentRoot /home/denver/www/c-beta.ossguy.com/static
+
+        <Directory /home/denver/www/c-beta.ossguy.com/static>
+                Options -Indexes +FollowSymLinks -MultiViews
+                Require all granted
+                AllowOverride None
+        </Directory>
+
+        <Directory /home/denver/www/c-beta.ossguy.com/static/source>
+                Options +Indexes +FollowSymLinks -MultiViews
+                Require all granted
+                AllowOverride None
+        </Directory>
+
+        # Custom log file locations
+        LogLevel warn
+        ErrorLog  /tmp/error.log
+        CustomLog /tmp/access.log combined
+</VirtualHost>

tests/apache-conf-files/passing/README.modules

@@ -3,3 +3,5 @@ Modules required to parse these conf files:
 ssl
 rewrite
 macro
+wsgi
+deflate

tests/apache-conf-files/passing/example-1755.conf

@@ -0,0 +1,36 @@
+<VirtualHost *:80>
+	# The ServerName directive sets the request scheme, hostname and port that
+	# the server uses to identify itself. This is used when creating
+	# redirection URLs. In the context of virtual hosts, the ServerName
+	# specifies what hostname must appear in the request's Host: header to
+	# match this virtual host. For the default virtual host (this file) this
+	# value is not decisive as it is used as a last resort host regardless.
+	# However, you must set it for any further virtual host explicitly.
+	ServerName www.example.com
+    ServerAlias example.com
+SetOutputFilter DEFLATE
+# Do not attempt to compress the following extensions
+SetEnvIfNoCase Request_URI \
+\.(?:gif|jpe?g|png|swf|flv|zip|gz|tar|mp3|mp4|m4v)$ no-gzip dont-vary
+
+	ServerAdmin webmaster@localhost
+	DocumentRoot /var/www/proof
+
+	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+	# error, crit, alert, emerg.
+	# It is also possible to configure the loglevel for particular
+	# modules, e.g.
+	#LogLevel info ssl:warn
+
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+	# For most configuration files from conf-available/, which are
+	# enabled or disabled at a global level, it is possible to
+	# include a line for only one particular virtual host. For example the
+	# following line enables the CGI configuration for this host only
+	# after it has been globally disabled with "a2disconf".
+	#Include conf-available/serve-cgi-bin.conf
+</VirtualHost>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

tests/apache-conf-files/passing/missing-quote-1724.conf

@@ -0,0 +1,52 @@
+<VirtualHost *:443>
+        ServerAdmin webmaster@localhost
+        ServerAlias www.example.com
+        ServerName example.com
+        DocumentRoot /var/www/example.com/www/
+	SSLEngine on
+	
+	SSLProtocol all -SSLv2 -SSLv3
+        SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRS$
+        SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
+        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+        <Directory />
+                Options FollowSymLinks
+                AllowOverride All
+        </Directory>
+        <Directory /var/www/example.com/www>
+                Options Indexes FollowSymLinks MultiViews
+                AllowOverride All
+                Order allow,deny
+                allow from all
+                # This directive allows us to have apache2's default start page
+                # in /apache2-default/, but still have / go to the right place
+        </Directory>
+
+        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+        <Directory "/usr/lib/cgi-bin">
+                AllowOverride None
+                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+                Order allow,deny
+                Allow from all
+        </Directory>
+
+        ErrorLog /var/log/apache2/error.log
+
+        # Possible values include: debug, info, notice, warn, error, crit,
+        # alert, emerg.
+        LogLevel warn
+
+        CustomLog /var/log/apache2/access.log combined
+        ServerSignature On
+
+    Alias /apache_doc/ "/usr/share/doc/"
+    <Directory "/usr/share/doc/">
+        Options Indexes MultiViews FollowSymLinks
+        AllowOverride None
+        Order deny,allow
+        Deny from all
+        Allow from 127.0.0.0/255.0.0.0 ::1/128
+    </Directory>
+
+</VirtualHost>