From 581a701cd19c7b7236d018109ace58e5a9ba75c8 Mon Sep 17 00:00:00 2001
From: Jakub Warmuz <jakub@warmuz.org>
Date: Sat, 31 Oct 2015 22:23:57 +0000
Subject: [PATCH] Kill simpleHttp in core

---
 letsencrypt/achallenges.py             | 25 -------------------------
 letsencrypt/auth_handler.py            |  3 ---
 letsencrypt/configuration.py           |  4 ++--
 letsencrypt/constants.py               |  2 +-
 letsencrypt/tests/acme_util.py         |  7 ++-----
 letsencrypt/tests/auth_handler_test.py | 24 ++++++++++++------------
 6 files changed, 17 insertions(+), 48 deletions(-)

diff --git a/letsencrypt/achallenges.py b/letsencrypt/achallenges.py
index 7aa2bd35a..f08c6a396 100644
--- a/letsencrypt/achallenges.py
+++ b/letsencrypt/achallenges.py
@@ -85,31 +85,6 @@ class DVSNI(AnnotatedChallenge):
         return response, cert, key
 
 
-class SimpleHTTP(AnnotatedChallenge):
-    """Client annotated "simpleHttp" ACME challenge."""
-    __slots__ = ('challb', 'domain', 'account_key')
-    acme_type = challenges.SimpleHTTP
-
-    def gen_response_and_validation(self, tls):
-        """Generates a SimpleHTTP response and validation.
-
-        :param bool tls: True if TLS should be used
-
-        :returns: ``(response, validation)`` tuple, where ``response`` is
-            an instance of `acme.challenges.SimpleHTTPResponse` and
-            ``validation`` is an instance of
-            `acme.challenges.SimpleHTTPProvisionedResource`.
-        :rtype: tuple
-
-        """
-        response = challenges.SimpleHTTPResponse(tls=tls)
-
-        validation = response.gen_validation(
-            self.challb.chall, self.account_key)
-        logger.debug("Simple HTTP validation payload: %s", validation.payload)
-        return response, validation
-
-
 class DNS(AnnotatedChallenge):
     """Client annotated "dns" ACME challenge."""
     __slots__ = ('challb', 'domain')
diff --git a/letsencrypt/auth_handler.py b/letsencrypt/auth_handler.py
index f7b6bd507..11019daac 100644
--- a/letsencrypt/auth_handler.py
+++ b/letsencrypt/auth_handler.py
@@ -347,9 +347,6 @@ def challb_to_achall(challb, account_key, domain):
     if isinstance(chall, challenges.DVSNI):
         return achallenges.DVSNI(
             challb=challb, domain=domain, account_key=account_key)
-    elif isinstance(chall, challenges.SimpleHTTP):
-        return achallenges.SimpleHTTP(
-            challb=challb, domain=domain, account_key=account_key)
     elif isinstance(chall, challenges.DNS):
         return achallenges.DNS(challb=challb, domain=domain)
     elif isinstance(chall, challenges.RecoveryContact):
diff --git a/letsencrypt/configuration.py b/letsencrypt/configuration.py
index f72005233..4fb417127 100644
--- a/letsencrypt/configuration.py
+++ b/letsencrypt/configuration.py
@@ -39,7 +39,7 @@ class NamespaceConfig(object):
 
         if self.simple_http_port == self.dvsni_port:
             raise errors.Error(
-                "Trying to run SimpleHTTP and DVSNI "
+                "Trying to run http-01 and DVSNI "
                 "on the same port ({0})".format(self.dvsni_port))
 
     def __getattr__(self, name):
@@ -82,7 +82,7 @@ class NamespaceConfig(object):
         if self.namespace.simple_http_port is not None:
             return self.namespace.simple_http_port
         else:
-            return challenges.SimpleHTTPResponse.PORT
+            return challenges.HTTP01Response.PORT
 
 
 class RenewerConfiguration(object):
diff --git a/letsencrypt/constants.py b/letsencrypt/constants.py
index 362009ec6..15f8c53f0 100644
--- a/letsencrypt/constants.py
+++ b/letsencrypt/constants.py
@@ -41,7 +41,7 @@ RENEWER_DEFAULTS = dict(
 
 
 EXCLUSIVE_CHALLENGES = frozenset([frozenset([
-    challenges.DVSNI, challenges.SimpleHTTP])])
+    challenges.DVSNI, challenges.HTTP01])])
 """Mutually exclusive challenges."""
 
 
diff --git a/letsencrypt/tests/acme_util.py b/letsencrypt/tests/acme_util.py
index 1e3086b18..300eb453b 100644
--- a/letsencrypt/tests/acme_util.py
+++ b/letsencrypt/tests/acme_util.py
@@ -12,8 +12,6 @@ from letsencrypt.tests import test_util
 KEY = test_util.load_rsa_private_key('rsa512_key.pem')
 
 # Challenges
-SIMPLE_HTTP = challenges.SimpleHTTP(
-    token="evaGxfADs6pSRb2LAv9IZf17Dt3juxGJ+PCt92wr+oA")
 HTTP01 = challenges.HTTP01(
     token="evaGxfADs6pSRb2LAv9IZf17Dt3juxGJ+PCt92wr+oA")
 DVSNI = challenges.DVSNI(
@@ -43,7 +41,7 @@ POP = challenges.ProofOfPossession(
     )
 )
 
-CHALLENGES = [SIMPLE_HTTP, DVSNI, DNS, RECOVERY_CONTACT, POP]
+CHALLENGES = [HTTP01, DVSNI, DNS, RECOVERY_CONTACT, POP]
 DV_CHALLENGES = [chall for chall in CHALLENGES
                  if isinstance(chall, challenges.DVChallenge)]
 CONT_CHALLENGES = [chall for chall in CHALLENGES
@@ -82,13 +80,12 @@ def chall_to_challb(chall, status):  # pylint: disable=redefined-outer-name
 
 # Pending ChallengeBody objects
 DVSNI_P = chall_to_challb(DVSNI, messages.STATUS_PENDING)
-SIMPLE_HTTP_P = chall_to_challb(SIMPLE_HTTP, messages.STATUS_PENDING)
 HTTP01_P = chall_to_challb(HTTP01, messages.STATUS_PENDING)
 DNS_P = chall_to_challb(DNS, messages.STATUS_PENDING)
 RECOVERY_CONTACT_P = chall_to_challb(RECOVERY_CONTACT, messages.STATUS_PENDING)
 POP_P = chall_to_challb(POP, messages.STATUS_PENDING)
 
-CHALLENGES_P = [SIMPLE_HTTP_P, DVSNI_P, DNS_P, RECOVERY_CONTACT_P, POP_P]
+CHALLENGES_P = [HTTP01_P, DVSNI_P, DNS_P, RECOVERY_CONTACT_P, POP_P]
 DV_CHALLENGES_P = [challb for challb in CHALLENGES_P
                    if isinstance(challb.chall, challenges.DVChallenge)]
 CONT_CHALLENGES_P = [
diff --git a/letsencrypt/tests/auth_handler_test.py b/letsencrypt/tests/auth_handler_test.py
index 8a4c371f5..7be37c91e 100644
--- a/letsencrypt/tests/auth_handler_test.py
+++ b/letsencrypt/tests/auth_handler_test.py
@@ -309,8 +309,8 @@ class GenChallengePathTest(unittest.TestCase):
         return gen_challenge_path(challbs, preferences, combinations)
 
     def test_common_case(self):
-        """Given DVSNI and SimpleHTTP with appropriate combos."""
-        challbs = (acme_util.DVSNI_P, acme_util.SIMPLE_HTTP_P)
+        """Given DVSNI and HTTP01 with appropriate combos."""
+        challbs = (acme_util.DVSNI_P, acme_util.HTTP01_P)
         prefs = [challenges.DVSNI]
         combos = ((0,), (1,))
 
@@ -325,7 +325,7 @@ class GenChallengePathTest(unittest.TestCase):
         challbs = (acme_util.POP_P,
                    acme_util.RECOVERY_CONTACT_P,
                    acme_util.DVSNI_P,
-                   acme_util.SIMPLE_HTTP_P)
+                   acme_util.HTTP01_P)
         prefs = [challenges.ProofOfPossession, challenges.DVSNI]
         combos = acme_util.gen_combos(challbs)
         self.assertEqual(self._call(challbs, prefs, combos), (0, 2))
@@ -337,12 +337,12 @@ class GenChallengePathTest(unittest.TestCase):
         challbs = (acme_util.RECOVERY_CONTACT_P,
                    acme_util.POP_P,
                    acme_util.DVSNI_P,
-                   acme_util.SIMPLE_HTTP_P,
+                   acme_util.HTTP01_P,
                    acme_util.DNS_P)
         # Typical webserver client that can do everything except DNS
         # Attempted to make the order realistic
         prefs = [challenges.ProofOfPossession,
-                 challenges.SimpleHTTP,
+                 challenges.HTTP01,
                  challenges.DVSNI,
                  challenges.RecoveryContact]
         combos = acme_util.gen_combos(challbs)
@@ -411,8 +411,8 @@ class IsPreferredTest(unittest.TestCase):
     def _call(cls, chall, satisfied):
         from letsencrypt.auth_handler import is_preferred
         return is_preferred(chall, satisfied, exclusive_groups=frozenset([
-            frozenset([challenges.DVSNI, challenges.SimpleHTTP]),
-            frozenset([challenges.DNS, challenges.SimpleHTTP]),
+            frozenset([challenges.DVSNI, challenges.HTTP01]),
+            frozenset([challenges.DNS, challenges.HTTP01]),
         ]))
 
     def test_empty_satisfied(self):
@@ -421,7 +421,7 @@ class IsPreferredTest(unittest.TestCase):
     def test_mutually_exclusvie(self):
         self.assertFalse(
             self._call(
-                acme_util.DVSNI_P, frozenset([acme_util.SIMPLE_HTTP_P])))
+                acme_util.DVSNI_P, frozenset([acme_util.HTTP01_P])))
 
     def test_mutually_exclusive_same_type(self):
         self.assertTrue(
@@ -434,13 +434,13 @@ class ReportFailedChallsTest(unittest.TestCase):
 
     def setUp(self):
         kwargs = {
-            "chall": acme_util.SIMPLE_HTTP,
+            "chall": acme_util.HTTP01,
             "uri": "uri",
             "status": messages.STATUS_INVALID,
             "error": messages.Error(typ="tls", detail="detail"),
         }
 
-        self.simple_http = achallenges.SimpleHTTP(
+        self.http01 = achallenges.KeyAuthorizationAnnotatedChallenge(
             # pylint: disable=star-args
             challb=messages.ChallengeBody(**kwargs),
             domain="example.com",
@@ -464,7 +464,7 @@ class ReportFailedChallsTest(unittest.TestCase):
     def test_same_error_and_domain(self, mock_zope):
         from letsencrypt import auth_handler
 
-        auth_handler._report_failed_challs([self.simple_http, self.dvsni_same])
+        auth_handler._report_failed_challs([self.http01, self.dvsni_same])
         call_list = mock_zope().add_message.call_args_list
         self.assertTrue(len(call_list) == 1)
         self.assertTrue("Domains: example.com\n" in call_list[0][0][0])
@@ -473,7 +473,7 @@ class ReportFailedChallsTest(unittest.TestCase):
     def test_different_errors_and_domains(self, mock_zope):
         from letsencrypt import auth_handler
 
-        auth_handler._report_failed_challs([self.simple_http, self.dvsni_diff])
+        auth_handler._report_failed_challs([self.http01, self.dvsni_diff])
         self.assertTrue(mock_zope().add_message.call_count == 2)