diff --git a/AUTHORS.md b/AUTHORS.md index 6b6b5d118..0cedcbd19 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -237,6 +237,7 @@ Authors * [Spencer Bliven](https://github.com/sbliven) * [Stacey Sheldon](https://github.com/solidgoldbomb) * [Stavros Korokithakis](https://github.com/skorokithakis) +* [Ștefan Talpalaru](https://github.com/stefantalpalaru) * [Stefan Weil](https://github.com/stweil) * [Steve Desmond](https://github.com/stevedesmond-ca) * [sydneyli](https://github.com/sydneyli) diff --git a/acme/acme/__init__.py b/acme/acme/__init__.py index d1679fcad..c16f95826 100644 --- a/acme/acme/__init__.py +++ b/acme/acme/__init__.py @@ -20,3 +20,11 @@ for mod in list(sys.modules): # preserved (acme.jose.* is josepy.*) if mod == 'josepy' or mod.startswith('josepy.'): sys.modules['acme.' + mod.replace('josepy', 'jose', 1)] = sys.modules[mod] + + +if sys.version_info[:2] == (3, 5): + warnings.warn( + "Python 3.5 support will be dropped in the next release of " + "acme. Please upgrade your Python version.", + PendingDeprecationWarning, + ) # pragma: no cover diff --git a/certbot-ci/certbot_integration_tests/utils/misc.py b/certbot-ci/certbot_integration_tests/utils/misc.py index 9d1676c60..38c2e60a8 100644 --- a/certbot-ci/certbot_integration_tests/utils/misc.py +++ b/certbot-ci/certbot_integration_tests/utils/misc.py @@ -279,16 +279,17 @@ def load_sample_data_path(workspace): shutil.copytree(original, copied, symlinks=True) if os.name == 'nt': - # Fix the symlinks on Windows since GIT is not creating them upon checkout + # Fix the symlinks on Windows if GIT is not configured to create them upon checkout for lineage in ['a.encryption-example.com', 'b.encryption-example.com']: current_live = os.path.join(copied, 'live', lineage) for name in os.listdir(current_live): if name != 'README': current_file = os.path.join(current_live, name) - with open(current_file) as file_h: - src = file_h.read() - os.unlink(current_file) - os.symlink(os.path.join(current_live, src), current_file) + if not os.path.islink(current_file): + with open(current_file) as file_h: + src = file_h.read() + os.unlink(current_file) + os.symlink(os.path.join(current_live, src), current_file) return copied diff --git a/certbot-dns-linode/certbot_dns_linode/__init__.py b/certbot-dns-linode/certbot_dns_linode/__init__.py index 107781a13..4bfd95573 100644 --- a/certbot-dns-linode/certbot_dns_linode/__init__.py +++ b/certbot-dns-linode/certbot_dns_linode/__init__.py @@ -14,10 +14,10 @@ Named Arguments DNS to propagate before asking the ACME server to verify the DNS record. - (Default: 1200 because Linode - updates its first DNS every 15 - minutes and we allow 5 more minutes - for the update to reach the other 5 + (Default: 120 because Linode + updates its first DNS every 60 + seconds and we allow 60 more seconds + for the update to reach other 5 servers) ========================================== =================================== @@ -80,15 +80,15 @@ Examples -d www.example.com .. code-block:: bash - :caption: To acquire a certificate for ``example.com``, waiting 1000 seconds - for DNS propagation (Linode updates its first DNS every 15 minutes - and we allow some extra time for the update to reach the other 5 + :caption: To acquire a certificate for ``example.com``, waiting 120 seconds + for DNS propagation (Linode updates its first DNS every minute + and we allow some extra time for the update to reach other 5 servers) certbot certonly \\ --dns-linode \\ --dns-linode-credentials ~/.secrets/certbot/linode.ini \\ - --dns-linode-propagation-seconds 1000 \\ + --dns-linode-propagation-seconds 120 \\ -d example.com """ diff --git a/certbot-dns-linode/certbot_dns_linode/_internal/dns_linode.py b/certbot-dns-linode/certbot_dns_linode/_internal/dns_linode.py index f7b3ec3d4..f9450c02c 100644 --- a/certbot-dns-linode/certbot_dns_linode/_internal/dns_linode.py +++ b/certbot-dns-linode/certbot_dns_linode/_internal/dns_linode.py @@ -32,7 +32,7 @@ class Authenticator(dns_common.DNSAuthenticator): @classmethod def add_parser_arguments(cls, add): # pylint: disable=arguments-differ - super(Authenticator, cls).add_parser_arguments(add, default_propagation_seconds=1200) + super(Authenticator, cls).add_parser_arguments(add, default_propagation_seconds=120) add('credentials', help='Linode credentials INI file.') def more_info(self): # pylint: disable=missing-function-docstring diff --git a/certbot/CHANGELOG.md b/certbot/CHANGELOG.md index 8124d1e0c..4eca065af 100644 --- a/certbot/CHANGELOG.md +++ b/certbot/CHANGELOG.md @@ -12,7 +12,10 @@ Certbot adheres to [Semantic Versioning](https://semver.org/). ### Changed -* +* The Linode DNS plugin now waits 120 seconds for DNS propagation, instead of 1200, + due to https://www.linode.com/blog/linode/linode-turns-17/ +* We deprecated support for Python 3.5 in Certbot and its ACME library. + Support for Python 3.5 will be removed in the next major release of Certbot. ### Fixed diff --git a/certbot/certbot/__init__.py b/certbot/certbot/__init__.py index 4db5f1e39..db2e829d4 100644 --- a/certbot/certbot/__init__.py +++ b/certbot/certbot/__init__.py @@ -1,4 +1,13 @@ """Certbot client.""" +import warnings +import sys # version number like 1.2.3a0, must have at least 2 parts, like 1.2 __version__ = '1.7.0.dev0' + +if sys.version_info[:2] == (3, 5): + warnings.warn( + "Python 3.5 support will be dropped in the next release of " + "certbot. Please upgrade your Python version.", + PendingDeprecationWarning, + ) # pragma: no cover diff --git a/certbot/certbot/_internal/main.py b/certbot/certbot/_internal/main.py index 30f4dd0a2..6cf2ccf17 100644 --- a/certbot/certbot/_internal/main.py +++ b/certbot/certbot/_internal/main.py @@ -1343,6 +1343,10 @@ def main(cli_args=None): if config.func != plugins_cmd: # pylint: disable=comparison-with-callable raise + if sys.version_info[:2] == (3, 5): + logger.warning("Python 3.5 support will be dropped in the next release " + "of Certbot - please upgrade your Python version.") + set_displayer(config) # Reporter diff --git a/certbot/docs/using.rst b/certbot/docs/using.rst index 0a0b6d1a2..0423b1fec 100644 --- a/certbot/docs/using.rst +++ b/certbot/docs/using.rst @@ -281,6 +281,7 @@ proxmox_ N Y Install certificates in Proxmox Virtualization serv dns-standalone_ Y N Obtain certificates via an integrated DNS server dns-ispconfig_ Y N DNS Authentication using ISPConfig as DNS server dns-clouddns_ Y N DNS Authentication using CloudDNS API +dns-inwx Y Y DNS Authentication for INWX through the XML API ================== ==== ==== =============================================================== .. _haproxy: https://github.com/greenhost/certbot-haproxy @@ -293,6 +294,7 @@ dns-clouddns_ Y N DNS Authentication using CloudDNS API .. _dns-standalone: https://github.com/siilike/certbot-dns-standalone .. _dns-ispconfig: https://github.com/m42e/certbot-dns-ispconfig .. _dns-clouddns: https://github.com/vshosting/certbot-dns-clouddns +.. _dns-inwx: https://github.com/oGGy990/certbot-dns-inwx/ If you're interested, you can also :ref:`write your own plugin `. diff --git a/certbot/setup.py b/certbot/setup.py index b2e0837d3..efa7e3c28 100644 --- a/certbot/setup.py +++ b/certbot/setup.py @@ -83,7 +83,6 @@ elif sys.version_info < (3,3): dev_extras = [ 'coverage', - 'ipdb', 'pytest', 'pytest-cov', 'pytest-xdist', @@ -94,6 +93,7 @@ dev_extras = [ dev3_extras = [ 'astroid', + 'ipdb', 'mypy', 'pylint', ] diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index a54398d44..54fa8434e 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -15,6 +15,7 @@ description: | - Help you revoke the certificate if that ever becomes necessary. confinement: classic base: core20 +grade: stable adopt-info: certbot apps: diff --git a/tools/dev_constraints.txt b/tools/dev_constraints.txt index 6e692841b..31ca577d5 100644 --- a/tools/dev_constraints.txt +++ b/tools/dev_constraints.txt @@ -10,6 +10,7 @@ asn1crypto==0.22.0 astroid==2.3.3 attrs==17.3.0 Babel==2.5.1 +backcall==0.2.0 backports.functools-lru-cache==1.5 backports.shutil-get-terminal-size==1.0.0 backports.ssl-match-hostname==3.7.0.1 @@ -40,9 +41,10 @@ httplib2==0.10.3 imagesize==0.7.1 importlib-metadata==0.23 ipdb==0.12.3 -ipython==5.8.0 +ipython==7.9.0 ipython-genutils==0.2.0 isort==4.3.21 +jedi==0.17.1 Jinja2==2.9.6 jmespath==0.9.4 josepy==1.1.0 @@ -59,13 +61,14 @@ ndg-httpsclient==0.3.2 oauth2client==4.0.0 packaging==19.2 paramiko==2.4.2 +parso==0.7.0 pathlib2==2.3.5 pexpect==4.7.0 pickleshare==0.7.5 pkginfo==1.4.2 pluggy==0.13.0 ply==3.4 -prompt-toolkit==1.0.18 +prompt-toolkit==2.0.10 ptyprocess==0.6.0 py==1.8.0 pyasn1==0.1.9 diff --git a/tools/oldest_constraints.txt b/tools/oldest_constraints.txt index ff4b8361a..5145e3ddf 100644 --- a/tools/oldest_constraints.txt +++ b/tools/oldest_constraints.txt @@ -63,3 +63,10 @@ dns-lexicon==2.2.1 # Tracking at https://github.com/certbot/certbot/issues/6473 boto3==1.4.7 botocore==1.7.41 + +# Old certbot[dev] constraints +# Old versions of certbot[dev] required ipdb and our normally pinned version of +# ipython which ipdb depends on doesn't support Python 2 so we pin an older +# version here to keep tests working while we have Python 2 support. +ipython==5.8.0 +prompt-toolkit==1.0.18 diff --git a/tools/snap/build.sh b/tools/snap/build.sh index ef34c479a..c9392f909 100755 --- a/tools/snap/build.sh +++ b/tools/snap/build.sh @@ -31,11 +31,14 @@ function cleanup() { trap cleanup EXIT +# NB: We use ARCH-stable-save tag instead of ARCH-stable, because recent versions of snapcraft images +# behave badly on QEMU for arm64 architecture. This should be fixed either by a new version of the +# image that does not have this problem anymore, or the migration to snapcraft remote builds. docker run \ --rm \ --net=host \ -v "${CERTBOT_DIR}:/certbot" \ -w "/certbot" \ -e "PIP_EXTRA_INDEX_URL=http://localhost:8080" \ - "adferrand/snapcraft:${DOCKER_ARCH}-stable" \ + "adferrand/snapcraft:${DOCKER_ARCH}-stable-save" \ bash -c "snapcraft clean && snapcraft" diff --git a/tools/snap/build_dns.sh b/tools/snap/build_dns.sh index aba008d7e..5ebad2969 100755 --- a/tools/snap/build_dns.sh +++ b/tools/snap/build_dns.sh @@ -60,6 +60,9 @@ for DNS_PLUGIN in ${DNS_PLUGINS}; do done EOF +# NB: We use ARCH-stable-save tag instead of ARCH-stable, because recent versions of snapcraft images +# behave badly on QEMU for arm64 architecture. This should be fixed either by a new version of the +# image that does not have this problem anymore, or the migration to snapcraft remote builds. docker run \ --rm \ --net=host \ @@ -69,5 +72,5 @@ docker run \ -w "/certbot" \ -e "DNS_PLUGINS=${DNS_PLUGINS}" \ -e "PIP_EXTRA_INDEX_URL=http://localhost:8080" \ - "adferrand/snapcraft:${DOCKER_ARCH}-stable" \ + "adferrand/snapcraft:${DOCKER_ARCH}-stable-save" \ /script.sh