upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-09 08:42:57 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

Update logic to use new version constraints

Browse source
This commit is contained in:
Erica Portnoy 2019-08-26 17:05:48 -07:00
parent 8a2be066e9
commit 35566c47f5
1 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
certbot-nginx/certbot_nginx/configurator.py
View file

@ -10,6 +10,7 @@ import pkg_resources
import OpenSSL
import zope.interface
from distutils.version import LooseVersion
from acme import challenges
from acme import crypto_util as acme_crypto_util
@ -129,11 +130,21 @@ class NginxConfigurator(common.Installer):
@property
def mod_ssl_conf_src(self):
"""Full absolute path to SSL configuration file source."""
config_filename = "options-ssl-nginx.conf"
if self.version < (1, 5, 9):
config_filename = "options-ssl-nginx-old.conf"
elif self.version < (1, 13, 0):
config_filename = "options-ssl-nginx-tls12-only.conf"
use_tls13 = self.version >= (1, 13, 0)
session_tix_off = self.version >= (1, 5, 9) and
LooseVersion(self.openssl_version) >= LooseVersion('1.0.2l')
if use_tls13:
if session_tix_off:
config_filename = "options-ssl-nginx.conf"
else:
config_filename = "options-ssl-nginx-tls13-session-tix-on.conf"
else:
if session_tix_off:
config_filename = "options-ssl-nginx-tls12-only.conf"
else:
config_filename = "options-ssl-nginx-old.conf"
return pkg_resources.resource_filename(
"certbot_nginx", os.path.join("tls_configs", config_filename))