diff --git a/README.rst b/README.rst index 74dc870ed..244b6b510 100644 --- a/README.rst +++ b/README.rst @@ -152,11 +152,12 @@ Current Features * Supports multiple web servers: - - apache/2.x (working on Debian 8+ and Ubuntu 12.04+) - - standalone (runs its own simple webserver to prove you control a domain) + - apache/2.x (beta support for auto-configuration) + - nginx/0.8.48+ (alpha support for auto-configuration) - webroot (adds files to webroot directories in order to prove control of domains and obtain certs) - - nginx/0.8.48+ (highly experimental, not included in certbot-auto) + - standalone (runs its own simple webserver to prove you control a domain) + - other server software via `third party plugins `_ * The private key is generated locally on your system. * Can talk to the Let's Encrypt CA or optionally to other ACME diff --git a/certbot-apache/certbot_apache/tests/constants_test.py b/certbot-apache/certbot_apache/tests/constants_test.py index 1c842aee9..5ab324101 100644 --- a/certbot-apache/certbot_apache/tests/constants_test.py +++ b/certbot-apache/certbot_apache/tests/constants_test.py @@ -20,25 +20,25 @@ class ConstantsTest(unittest.TestCase): self.assertEqual(constants.os_constant("vhost_root"), "/etc/httpd/conf.d") + @mock.patch("certbot.util.get_systemd_os_like") @mock.patch("certbot.util.get_os_info") - def test_get_default_value(self, os_info): + def test_get_default_values(self, os_info, os_like): os_info.return_value = ('Nonexistent Linux', '', '') + os_like.return_value = {} + self.assertFalse(constants.os_constant("handle_mods")) + self.assertEqual(constants.os_constant("server_root"), "/etc/apache2") self.assertEqual(constants.os_constant("vhost_root"), "/etc/apache2/sites-available") + @mock.patch("certbot.util.get_systemd_os_like") @mock.patch("certbot.util.get_os_info") - def test_get_default_constants(self, os_info): + def test_get_darwin_like_values(self, os_info, os_like): os_info.return_value = ('Nonexistent Linux', '', '') - with mock.patch("certbot.util.get_systemd_os_like") as os_like: - # Get defaults - os_like.return_value = False - c_hm = constants.os_constant("handle_mods") - c_sr = constants.os_constant("server_root") - self.assertFalse(c_hm) - self.assertEqual(c_sr, "/etc/apache2") - # Use darwin as like test target - os_like.return_value = ["something", "nonexistent", "darwin"] - d_vr = constants.os_constant("vhost_root") - d_em = constants.os_constant("enmod") - self.assertFalse(d_em) - self.assertEqual(d_vr, "/etc/apache2/other") + os_like.return_value = ["something", "nonexistent", "darwin"] + self.assertFalse(constants.os_constant("enmod")) + self.assertEqual(constants.os_constant("vhost_root"), + "/etc/apache2/other") + + +if __name__ == "__main__": + unittest.main() # pragma: no cover diff --git a/certbot-auto b/certbot-auto index eb627032f..cba185eae 100755 --- a/certbot-auto +++ b/certbot-auto @@ -19,7 +19,7 @@ XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share} VENV_NAME="letsencrypt" VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"} VENV_BIN="$VENV_PATH/bin" -LE_AUTO_VERSION="0.9.1" +LE_AUTO_VERSION="0.9.3" BASENAME=$(basename $0) USAGE="Usage: $BASENAME [OPTIONS] A self-updating wrapper script for the Certbot ACME client. When run, updates @@ -761,18 +761,18 @@ letsencrypt==0.7.0 \ # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. -acme==0.9.1 \ - --hash=sha256:83e6188d5f149678b77ff3c8f8f94983f3c448490ffa634c7e9f2e93e7351fb0 \ - --hash=sha256:0effd08d144eedbfeb7dd784e9c8673ef3138cf48d35c8c33a1dd5bee9fd8207 -certbot==0.9.1 \ - --hash=sha256:88237a4f6d337d40185a644407f9c7adb6eab87c43b8bf56c1edc02ce82a9d81 \ - --hash=sha256:180354a3e95610ff8ba7f344011f2fcba1186d8efb7b25867266f47048e1e2f7 -certbot-apache==0.9.1 \ - --hash=sha256:cb9931294d44a1d6d44eaa2e92cb30daf6f2e0f29f6e7f00849709f0dd408b40 \ - --hash=sha256:1c09a6b4d087748f2aa143b0a7ced321458c3dd7ca70a80674f867b8b0e3cd6c -certbot-nginx==0.9.1 \ - --hash=sha256:3bd59a4f63a989eb31c04775107139bf45c2373a6f0b7bea4a3a1362da5c2ae7 \ - --hash=sha256:22f277846ccf5c8787cac2b35a7897780f05f4022de02d8b4b731c2cd957354c +acme==0.9.3 \ + --hash=sha256:d18ce17a75ad24d27981dfaef0524aa905eab757b267e027162b56a8967ab8fb \ + --hash=sha256:a6eff1f955eb2e4316abd9aa2fedb6d9345e6b5b8a2d64ea0ad35e05d6124099 +certbot==0.9.3 \ + --hash=sha256:a87ef4c53c018df4e52ee2f2e906ad16bbb37789f29e6f284c495a2eb4d9b243 \ + --hash=sha256:68149cb8392b29f5d5246e7226d25f913f2b10482bf3bc7368e8c8821d25f3b0 +certbot-apache==0.9.3 \ + --hash=sha256:f379b1053e10709692654d7a6fcea9eaed19b66c49a753b61e31bd06a04b0aac \ + --hash=sha256:a5d98cf972072de08f984db4e6a7f20269f3f023c43f6d4e781fe43be7c10086 +certbot-nginx==0.9.3 \ + --hash=sha256:3c26f18f0b57550f069263bd9b2984ef33eab6693e7796611c1b2cc16574069c \ + --hash=sha256:7337a2e90e0b28a1ab09e31d9fb81c6d78e6453500c824c0f18bab5d31b63058 UNLIKELY_EOF # ------------------------------------------------------------------------- diff --git a/certbot-nginx/certbot_nginx/obj.py b/certbot-nginx/certbot_nginx/obj.py index 8c93d0a8b..c58a82450 100644 --- a/certbot-nginx/certbot_nginx/obj.py +++ b/certbot-nginx/certbot_nginx/obj.py @@ -69,7 +69,8 @@ class Addr(common.Addr): return cls(host, port, ssl, default) - def __str__(self): + def to_string(self, include_default=True): + """Return string representation of Addr""" parts = '' if self.tup[0] and self.tup[1]: parts = "%s:%s" % self.tup @@ -78,13 +79,16 @@ class Addr(common.Addr): else: parts = self.tup[1] - if self.default: + if self.default and include_default: parts += ' default_server' if self.ssl: parts += ' ssl' return parts + def __str__(self): + return self.to_string() + def __repr__(self): return "Addr(" + self.__str__() + ")" diff --git a/certbot-nginx/certbot_nginx/tests/configurator_test.py b/certbot-nginx/certbot_nginx/tests/configurator_test.py index 10f5e5514..d871a5720 100644 --- a/certbot-nginx/certbot_nginx/tests/configurator_test.py +++ b/certbot-nginx/certbot_nginx/tests/configurator_test.py @@ -40,7 +40,7 @@ class NginxConfiguratorTest(util.NginxTest): def test_prepare(self): self.assertEqual((1, 6, 2), self.config.version) - self.assertEqual(6, len(self.config.parser.parsed)) + self.assertEqual(7, len(self.config.parser.parsed)) # ensure we successfully parsed a file for ssl_options self.assertTrue(self.config.parser.loc["ssl_options"]) @@ -68,7 +68,7 @@ class NginxConfiguratorTest(util.NginxTest): names = self.config.get_all_names() self.assertEqual(names, set( ["155.225.50.69.nephoscale.net", "www.example.org", "another.alias", - "migration.com", "summer.com", "geese.com"])) + "migration.com", "summer.com", "geese.com", "sslon.com"])) def test_supported_enhancements(self): self.assertEqual(['redirect', 'staple-ocsp'], @@ -242,6 +242,7 @@ class NginxConfiguratorTest(util.NginxTest): nginx_conf = self.config.parser.abs_path('nginx.conf') example_conf = self.config.parser.abs_path('sites-enabled/example.com') migration_conf = self.config.parser.abs_path('sites-enabled/migration.com') + sslon_conf = self.config.parser.abs_path('sites-enabled/sslon.com') # Get the default SSL vhost self.config.deploy_cert( @@ -269,6 +270,7 @@ class NginxConfiguratorTest(util.NginxTest): ('example/fullchain.pem', 'example/key.pem', example_conf), ('/etc/nginx/fullchain.pem', '/etc/nginx/key.pem', nginx_conf), ('migration/fullchain.pem', 'migration/key.pem', migration_conf), + ('snakeoil.cert', 'snakeoil.key', sslon_conf), ]), self.config.get_all_certs_keys()) @mock.patch("certbot_nginx.configurator.tls_sni_01.NginxTlsSni01.perform") diff --git a/certbot-nginx/certbot_nginx/tests/obj_test.py b/certbot-nginx/certbot_nginx/tests/obj_test.py index 200f2acb9..84d0c6bca 100644 --- a/certbot-nginx/certbot_nginx/tests/obj_test.py +++ b/certbot-nginx/certbot_nginx/tests/obj_test.py @@ -55,6 +55,16 @@ class AddrTest(unittest.TestCase): self.assertEqual(str(self.addr5), "myhost") self.assertEqual(str(self.addr6), "80 default_server") + def test_to_string(self): + self.assertEqual(self.addr1.to_string(), "192.168.1.1") + self.assertEqual(self.addr2.to_string(), "192.168.1.1:* ssl") + self.assertEqual(self.addr3.to_string(), "192.168.1.1:80") + self.assertEqual(self.addr4.to_string(), "*:80 default_server ssl") + self.assertEqual(self.addr4.to_string(include_default=False), "*:80 ssl") + self.assertEqual(self.addr5.to_string(), "myhost") + self.assertEqual(self.addr6.to_string(), "80 default_server") + self.assertEqual(self.addr6.to_string(include_default=False), "80") + def test_eq(self): from certbot_nginx.obj import Addr new_addr1 = Addr.fromstring("192.168.1.1 spdy") diff --git a/certbot-nginx/certbot_nginx/tests/parser_test.py b/certbot-nginx/certbot_nginx/tests/parser_test.py index d148e89aa..d5593171a 100644 --- a/certbot-nginx/certbot_nginx/tests/parser_test.py +++ b/certbot-nginx/certbot_nginx/tests/parser_test.py @@ -48,7 +48,8 @@ class NginxParserTest(util.NginxTest): ['foo.conf', 'nginx.conf', 'server.conf', 'sites-enabled/default', 'sites-enabled/example.com', - 'sites-enabled/migration.com']]), + 'sites-enabled/migration.com', + 'sites-enabled/sslon.com']]), set(nparser.parsed.keys())) self.assertEqual([['server_name', 'somename alias another.alias']], nparser.parsed[nparser.abs_path('server.conf')]) @@ -72,7 +73,7 @@ class NginxParserTest(util.NginxTest): parsed = nparser._parse_files(nparser.abs_path( 'sites-enabled/example.com.test')) self.assertEqual(3, len(glob.glob(nparser.abs_path('*.test')))) - self.assertEqual(3, len( + self.assertEqual(4, len( glob.glob(nparser.abs_path('sites-enabled/*.test')))) self.assertEqual([[['server'], [['listen', '69.50.225.155:9000'], ['listen', '127.0.0.1'], @@ -136,7 +137,7 @@ class NginxParserTest(util.NginxTest): '*.www.example.com']), [], [2, 1, 0]) - self.assertEqual(7, len(vhosts)) + self.assertEqual(8, len(vhosts)) example_com = [x for x in vhosts if 'example.com' in x.filep][0] self.assertEqual(vhost3, example_com) default = [x for x in vhosts if 'default' in x.filep][0] @@ -304,8 +305,10 @@ class NginxParserTest(util.NginxTest): replace=False) c_k = nparser.get_all_certs_keys() migration_file = nparser.abs_path('sites-enabled/migration.com') + sslon_file = nparser.abs_path('sites-enabled/sslon.com') self.assertEqual(set([('foo.pem', 'bar.key', filep), - ('cert.pem', 'cert.key', migration_file) + ('cert.pem', 'cert.key', migration_file), + ('snakeoil.cert', 'snakeoil.key', sslon_file) ]), c_k) def test_parse_server_ssl(self): diff --git a/certbot-nginx/certbot_nginx/tests/testdata/etc_nginx/sites-enabled/sslon.com b/certbot-nginx/certbot_nginx/tests/testdata/etc_nginx/sites-enabled/sslon.com new file mode 100644 index 000000000..b93e6ba2d --- /dev/null +++ b/certbot-nginx/certbot_nginx/tests/testdata/etc_nginx/sites-enabled/sslon.com @@ -0,0 +1,6 @@ +server { + server_name sslon.com; + ssl on; + ssl_certificate snakeoil.cert; + ssl_certificate_key snakeoil.key; +} diff --git a/certbot-nginx/certbot_nginx/tests/tls_sni_01_test.py b/certbot-nginx/certbot_nginx/tests/tls_sni_01_test.py index 283e326e9..e7dacb400 100644 --- a/certbot-nginx/certbot_nginx/tests/tls_sni_01_test.py +++ b/certbot-nginx/certbot_nginx/tests/tls_sni_01_test.py @@ -39,6 +39,10 @@ class TlsSniPerformTest(util.NginxTest): "\xeb9\xf1\xf5\xb9\xefVM\xc9w\xa4u\x9c\xe1\x87\xb4" ), "pending"), domain="www.example.org", account_key=account_key), + achallenges.KeyAuthorizationAnnotatedChallenge( + challb=acme_util.chall_to_challb( + challenges.TLSSNI01(token="kNdwjxOeX0I_A8DXt9Msmg"), "pending"), + domain="sslon.com", account_key=account_key), ] def setUp(self): @@ -100,7 +104,7 @@ class TlsSniPerformTest(util.NginxTest): sni_responses = self.sni.perform() - self.assertEqual(mock_setup_cert.call_count, 3) + self.assertEqual(mock_setup_cert.call_count, 4) for index, achall in enumerate(self.achalls): self.assertEqual( @@ -112,8 +116,8 @@ class TlsSniPerformTest(util.NginxTest): self.assertFalse( util.contains_at_depth(http, ['server_name', 'another.alias'], 3)) - self.assertEqual(len(sni_responses), 3) - for i in xrange(3): + self.assertEqual(len(sni_responses), 4) + for i in xrange(4): self.assertEqual(sni_responses[i], acme_responses[i]) def test_mod_config(self): @@ -123,6 +127,7 @@ class TlsSniPerformTest(util.NginxTest): v_addr1 = [obj.Addr("69.50.225.155", "9000", True, False), obj.Addr("127.0.0.1", "", False, False)] v_addr2 = [obj.Addr("myhost", "", False, True)] + v_addr2_print = [obj.Addr("myhost", "", False, False)] ll_addr = [v_addr1, v_addr2] self.sni._mod_config(ll_addr) # pylint: disable=protected-access @@ -142,7 +147,7 @@ class TlsSniPerformTest(util.NginxTest): response = self.achalls[0].response(self.account_key) else: response = self.achalls[2].response(self.account_key) - self.assertEqual(vhost.addrs, set(v_addr2)) + self.assertEqual(vhost.addrs, set(v_addr2_print)) self.assertEqual(vhost.names, set([response.z_domain])) self.assertEqual(len(vhs), 2) diff --git a/certbot-nginx/certbot_nginx/tls_sni_01.py b/certbot-nginx/certbot_nginx/tls_sni_01.py index 0543000ea..dec21e791 100644 --- a/certbot-nginx/certbot_nginx/tls_sni_01.py +++ b/certbot-nginx/certbot_nginx/tls_sni_01.py @@ -47,7 +47,7 @@ class NginxTlsSni01(common.TLSSNI01): return [] addresses = [] - default_addr = "{0} default_server ssl".format( + default_addr = "{0} ssl".format( self.configurator.config.tls_sni_01_port) for achall in self.achalls: @@ -59,12 +59,10 @@ class NginxTlsSni01(common.TLSSNI01): achall.domain) return None - for addr in vhost.addrs: - if addr.default: - addresses.append([obj.Addr.fromstring(default_addr)]) - break - else: + if vhost.addrs: addresses.append(list(vhost.addrs)) + else: + addresses.append([obj.Addr.fromstring(default_addr)]) # Create challenge certs responses = [self._setup_challenge_cert(x) for x in self.achalls] @@ -141,7 +139,7 @@ class NginxTlsSni01(common.TLSSNI01): document_root = os.path.join( self.configurator.config.work_dir, "tls_sni_01_page") - block = [['listen', ' ', str(addr)] for addr in addrs] + block = [['listen', ' ', addr.to_string(include_default=False)] for addr in addrs] block.extend([['server_name', ' ', achall.response(achall.account_key).z_domain], @@ -155,5 +153,4 @@ class NginxTlsSni01(common.TLSSNI01): ['ssl_certificate_key', ' ', self.get_key_path(achall)], [['location', ' ', '/'], [['root', ' ', document_root]]]] + self.configurator.parser.loc["ssl_options"]) - return [['server'], block] diff --git a/certbot/display/ops.py b/certbot/display/ops.py index ee570221f..662483ee0 100644 --- a/certbot/display/ops.py +++ b/certbot/display/ops.py @@ -29,7 +29,7 @@ def get_email(invalid=False, optional=True): """ invalid_prefix = "There seem to be problems with that address. " - msg = "Enter email address (used for urgent notices and lost key recovery)" + msg = "Enter email address (used for urgent renewal and security notices)" unsafe_suggestion = ("\n\nIf you really want to skip this, you can run " "the client with --register-unsafely-without-email " "but make sure you then backup your account key from " diff --git a/certbot/plugins/util.py b/certbot/plugins/util.py index 915b531c5..786f6ca92 100644 --- a/certbot/plugins/util.py +++ b/certbot/plugins/util.py @@ -91,6 +91,7 @@ def already_listening_socket(port, renewer=False): try: testsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) + testsocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) try: testsocket.bind(("", port)) except socket.error: @@ -129,8 +130,7 @@ def already_listening_psutil(port, renewer=False): return False listeners = [conn.pid for conn in net_connections - if (conn.status == 'LISTEN' or - conn.status == 'TIME_WAIT') and + if conn.status == 'LISTEN' and conn.type == socket.SOCK_STREAM and conn.laddr[1] == port] try: diff --git a/certbot/tests/cli_test.py b/certbot/tests/cli_test.py index 3d17cc467..5d2051cfe 100644 --- a/certbot/tests/cli_test.py +++ b/certbot/tests/cli_test.py @@ -346,11 +346,12 @@ class CLITest(unittest.TestCase): # pylint: disable=too-many-public-methods except errors.PluginSelectionError as e: self.assertTrue('The requested bad_auth plugin does not appear' in str(e)) + def test_punycode_ok(self): + # Punycode is now legal, so no longer an error; instead check + # that it's _not_ an error (at the initial sanity check stage) + util.enforce_domain_sanity('this.is.xn--ls8h.tld') + def test_check_config_sanity_domain(self): - # Punycode - self.assertRaises(errors.ConfigurationError, - self._call, - ['-d', 'this.is.xn--ls8h.tld']) # FQDN self.assertRaises(errors.ConfigurationError, self._call, diff --git a/certbot/tests/display/ops_test.py b/certbot/tests/display/ops_test.py index 2e3e65261..bc0696f9c 100644 --- a/certbot/tests/display/ops_test.py +++ b/certbot/tests/display/ops_test.py @@ -244,8 +244,8 @@ class ChooseNamesTest(unittest.TestCase): all_valid = ["example.com", "second.example.com", "also.example.com", "under_score.example.com", "justtld"] - all_invalid = ["xn--ls8h.tld", "*.wildcard.com", "uniçodé.com"] - two_valid = ["example.com", "xn--ls8h.tld", "also.example.com"] + all_invalid = ["öóòps.net", "*.wildcard.com", "uniçodé.com"] + two_valid = ["example.com", "úniçøde.com", "also.example.com"] self.assertEqual(get_valid_domains(all_valid), all_valid) self.assertEqual(get_valid_domains(all_invalid), []) self.assertEqual(len(get_valid_domains(two_valid)), 2) @@ -266,10 +266,6 @@ class ChooseNamesTest(unittest.TestCase): unicode_error = UnicodeEncodeError('mock', u'', 0, 1, 'mock') mock_sli.side_effect = unicode_error self.assertEqual(_choose_names_manually(), []) - # Punycode and no retry - mock_util().input.return_value = (display_util.OK, - "xn--ls8h.tld") - self.assertEqual(_choose_names_manually(), []) # Valid domains mock_util().input.return_value = (display_util.OK, ("example.com," diff --git a/certbot/util.py b/certbot/util.py index 5cb4b4cad..577180b00 100644 --- a/certbot/util.py +++ b/certbot/util.py @@ -437,19 +437,13 @@ def enforce_domain_sanity(domain): """ if isinstance(domain, six.text_type): wildcard_marker = u"*." - punycode_marker = u"xn--" else: wildcard_marker = b"*." - punycode_marker = b"xn--" # Check if there's a wildcard domain if domain.startswith(wildcard_marker): raise errors.ConfigurationError( "Wildcard domains are not supported: {0}".format(domain)) - # Punycode - if punycode_marker in domain: - raise errors.ConfigurationError( - "Punycode domains are not presently supported: {0}".format(domain)) # Unicode try: diff --git a/docs/cli-help.txt b/docs/cli-help.txt index 7e321f407..f7340c48b 100644 --- a/docs/cli-help.txt +++ b/docs/cli-help.txt @@ -307,6 +307,15 @@ plugins: --webroot Obtain certs by placing files in a webroot directory. (default: False) +nginx: + Nginx Web Server plugin - Alpha + + --nginx-server-root NGINX_SERVER_ROOT + Nginx server root directory. (default: /etc/nginx) + --nginx-ctl NGINX_CTL + Path to the 'nginx' binary, used for 'configtest' and + retrieving nginx version number. (default: nginx) + standalone: Spin up a temporary webserver @@ -319,15 +328,6 @@ manual: Automatically allows public IP logging. (default: False) -nginx: - Nginx Web Server plugin - Alpha - - --nginx-server-root NGINX_SERVER_ROOT - Nginx server root directory. (default: /etc/nginx) - --nginx-ctl NGINX_CTL - Path to the 'nginx' binary, used for 'configtest' and - retrieving nginx version number. (default: nginx) - webroot: Place files in webroot directory diff --git a/docs/using.rst b/docs/using.rst index 41e99f716..57589349b 100644 --- a/docs/using.rst +++ b/docs/using.rst @@ -54,7 +54,7 @@ The ``certbot`` script on your web server might be named ``letsencrypt`` if your Other installation methods -------------------------- If you are offline or your operating system doesn't provide a package, you can use -an alternate method fo install ``certbot``. +an alternate method for installing ``certbot``. Certbot-Auto ^^^^^^^^^^^^ diff --git a/letsencrypt-auto b/letsencrypt-auto index eb627032f..cba185eae 100755 --- a/letsencrypt-auto +++ b/letsencrypt-auto @@ -19,7 +19,7 @@ XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share} VENV_NAME="letsencrypt" VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"} VENV_BIN="$VENV_PATH/bin" -LE_AUTO_VERSION="0.9.1" +LE_AUTO_VERSION="0.9.3" BASENAME=$(basename $0) USAGE="Usage: $BASENAME [OPTIONS] A self-updating wrapper script for the Certbot ACME client. When run, updates @@ -761,18 +761,18 @@ letsencrypt==0.7.0 \ # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. -acme==0.9.1 \ - --hash=sha256:83e6188d5f149678b77ff3c8f8f94983f3c448490ffa634c7e9f2e93e7351fb0 \ - --hash=sha256:0effd08d144eedbfeb7dd784e9c8673ef3138cf48d35c8c33a1dd5bee9fd8207 -certbot==0.9.1 \ - --hash=sha256:88237a4f6d337d40185a644407f9c7adb6eab87c43b8bf56c1edc02ce82a9d81 \ - --hash=sha256:180354a3e95610ff8ba7f344011f2fcba1186d8efb7b25867266f47048e1e2f7 -certbot-apache==0.9.1 \ - --hash=sha256:cb9931294d44a1d6d44eaa2e92cb30daf6f2e0f29f6e7f00849709f0dd408b40 \ - --hash=sha256:1c09a6b4d087748f2aa143b0a7ced321458c3dd7ca70a80674f867b8b0e3cd6c -certbot-nginx==0.9.1 \ - --hash=sha256:3bd59a4f63a989eb31c04775107139bf45c2373a6f0b7bea4a3a1362da5c2ae7 \ - --hash=sha256:22f277846ccf5c8787cac2b35a7897780f05f4022de02d8b4b731c2cd957354c +acme==0.9.3 \ + --hash=sha256:d18ce17a75ad24d27981dfaef0524aa905eab757b267e027162b56a8967ab8fb \ + --hash=sha256:a6eff1f955eb2e4316abd9aa2fedb6d9345e6b5b8a2d64ea0ad35e05d6124099 +certbot==0.9.3 \ + --hash=sha256:a87ef4c53c018df4e52ee2f2e906ad16bbb37789f29e6f284c495a2eb4d9b243 \ + --hash=sha256:68149cb8392b29f5d5246e7226d25f913f2b10482bf3bc7368e8c8821d25f3b0 +certbot-apache==0.9.3 \ + --hash=sha256:f379b1053e10709692654d7a6fcea9eaed19b66c49a753b61e31bd06a04b0aac \ + --hash=sha256:a5d98cf972072de08f984db4e6a7f20269f3f023c43f6d4e781fe43be7c10086 +certbot-nginx==0.9.3 \ + --hash=sha256:3c26f18f0b57550f069263bd9b2984ef33eab6693e7796611c1b2cc16574069c \ + --hash=sha256:7337a2e90e0b28a1ab09e31d9fb81c6d78e6453500c824c0f18bab5d31b63058 UNLIKELY_EOF # ------------------------------------------------------------------------- diff --git a/letsencrypt-auto-source/certbot-auto.asc b/letsencrypt-auto-source/certbot-auto.asc index 71a54bde5..db40cfb84 100644 --- a/letsencrypt-auto-source/certbot-auto.asc +++ b/letsencrypt-auto-source/certbot-auto.asc @@ -1,11 +1,11 @@ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 -iQEcBAABAgAGBQJX9shpAAoJEE0XyZXNl3XyeAUH/0928PysUZlLCQRpw3GPJnr0 -WgE1duULRfDKOdyoj8cIABEcxyK+rASyBju57Hx80Zuai9x4XSHJK7k9BXrZrU5k -KHZWbaNOKLN+C7/HTSOqGwalGTLglRJLZMwcj4rs8jtftg6GiWXvtnWuwqoiZJe4 -sCdddm2gu4D2VLp/QpBU6Gepuls4PmtB7SzwRUC6SAkWf5ntwJ4mq65bwKLcTPaZ -oRKoswo+eyiosH2SVVgiyAz7U96t2gxfK2pNoTdCUQGjuRaD6P2yBCdJA5h4L2l2 -W+/31zJpw/TgFErWpNuNYYoMh8cswaWXDNMUscsuduQ9KPLhSHQQ9JZ5f4w+9PM= -=Zhq9 +iQEcBAABAgAGBQJYADL6AAoJEE0XyZXNl3XyZW8H/RgPxga4SZ8VoMGGOpzYGzaD +C/VW6IZeHjD7urkAjfSiMMStkYKlZMGcT/3Pw1L39wIX/37jqQTTh01JL+TcqRMJ +AUHmSgrErjUU42YV68u2c/wT9Dsid+OxpP/WSbJn5MomWtvGpFxffc/FK/W8ccFR +r6ZhAt2rgkBmYjrC6w8V9KTzhp4+n7ZpQPxuMFxpJhyTmMzgj9K+aI2OuKDKT7iO +nke74Lgx/xPatLDgygw5bRiFyZ+X65p/awalEXBcFW0zmlN2Fqp8om8UjtUtkVw9 +ixr9/kq9VhcHjho9cmKWl14IShbcxZZc60xL2y6gmkgoBpzVlHfvRNnxapodTsc= +=jULW -----END PGP SIGNATURE----- diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 59aacba57..b5adeea86 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -761,18 +761,18 @@ letsencrypt==0.7.0 \ # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. -acme==0.9.1 \ - --hash=sha256:83e6188d5f149678b77ff3c8f8f94983f3c448490ffa634c7e9f2e93e7351fb0 \ - --hash=sha256:0effd08d144eedbfeb7dd784e9c8673ef3138cf48d35c8c33a1dd5bee9fd8207 -certbot==0.9.1 \ - --hash=sha256:88237a4f6d337d40185a644407f9c7adb6eab87c43b8bf56c1edc02ce82a9d81 \ - --hash=sha256:180354a3e95610ff8ba7f344011f2fcba1186d8efb7b25867266f47048e1e2f7 -certbot-apache==0.9.1 \ - --hash=sha256:cb9931294d44a1d6d44eaa2e92cb30daf6f2e0f29f6e7f00849709f0dd408b40 \ - --hash=sha256:1c09a6b4d087748f2aa143b0a7ced321458c3dd7ca70a80674f867b8b0e3cd6c -certbot-nginx==0.9.1 \ - --hash=sha256:3bd59a4f63a989eb31c04775107139bf45c2373a6f0b7bea4a3a1362da5c2ae7 \ - --hash=sha256:22f277846ccf5c8787cac2b35a7897780f05f4022de02d8b4b731c2cd957354c +acme==0.9.3 \ + --hash=sha256:d18ce17a75ad24d27981dfaef0524aa905eab757b267e027162b56a8967ab8fb \ + --hash=sha256:a6eff1f955eb2e4316abd9aa2fedb6d9345e6b5b8a2d64ea0ad35e05d6124099 +certbot==0.9.3 \ + --hash=sha256:a87ef4c53c018df4e52ee2f2e906ad16bbb37789f29e6f284c495a2eb4d9b243 \ + --hash=sha256:68149cb8392b29f5d5246e7226d25f913f2b10482bf3bc7368e8c8821d25f3b0 +certbot-apache==0.9.3 \ + --hash=sha256:f379b1053e10709692654d7a6fcea9eaed19b66c49a753b61e31bd06a04b0aac \ + --hash=sha256:a5d98cf972072de08f984db4e6a7f20269f3f023c43f6d4e781fe43be7c10086 +certbot-nginx==0.9.3 \ + --hash=sha256:3c26f18f0b57550f069263bd9b2984ef33eab6693e7796611c1b2cc16574069c \ + --hash=sha256:7337a2e90e0b28a1ab09e31d9fb81c6d78e6453500c824c0f18bab5d31b63058 UNLIKELY_EOF # ------------------------------------------------------------------------- diff --git a/letsencrypt-auto-source/letsencrypt-auto.sig b/letsencrypt-auto-source/letsencrypt-auto.sig index 80ec36e19..f3950b7d6 100644 Binary files a/letsencrypt-auto-source/letsencrypt-auto.sig and b/letsencrypt-auto-source/letsencrypt-auto.sig differ diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index ef309610e..1803d51b8 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -170,15 +170,15 @@ letsencrypt==0.7.0 \ # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. -acme==0.9.1 \ - --hash=sha256:83e6188d5f149678b77ff3c8f8f94983f3c448490ffa634c7e9f2e93e7351fb0 \ - --hash=sha256:0effd08d144eedbfeb7dd784e9c8673ef3138cf48d35c8c33a1dd5bee9fd8207 -certbot==0.9.1 \ - --hash=sha256:88237a4f6d337d40185a644407f9c7adb6eab87c43b8bf56c1edc02ce82a9d81 \ - --hash=sha256:180354a3e95610ff8ba7f344011f2fcba1186d8efb7b25867266f47048e1e2f7 -certbot-apache==0.9.1 \ - --hash=sha256:cb9931294d44a1d6d44eaa2e92cb30daf6f2e0f29f6e7f00849709f0dd408b40 \ - --hash=sha256:1c09a6b4d087748f2aa143b0a7ced321458c3dd7ca70a80674f867b8b0e3cd6c -certbot-nginx==0.9.1 \ - --hash=sha256:3bd59a4f63a989eb31c04775107139bf45c2373a6f0b7bea4a3a1362da5c2ae7 \ - --hash=sha256:22f277846ccf5c8787cac2b35a7897780f05f4022de02d8b4b731c2cd957354c +acme==0.9.3 \ + --hash=sha256:d18ce17a75ad24d27981dfaef0524aa905eab757b267e027162b56a8967ab8fb \ + --hash=sha256:a6eff1f955eb2e4316abd9aa2fedb6d9345e6b5b8a2d64ea0ad35e05d6124099 +certbot==0.9.3 \ + --hash=sha256:a87ef4c53c018df4e52ee2f2e906ad16bbb37789f29e6f284c495a2eb4d9b243 \ + --hash=sha256:68149cb8392b29f5d5246e7226d25f913f2b10482bf3bc7368e8c8821d25f3b0 +certbot-apache==0.9.3 \ + --hash=sha256:f379b1053e10709692654d7a6fcea9eaed19b66c49a753b61e31bd06a04b0aac \ + --hash=sha256:a5d98cf972072de08f984db4e6a7f20269f3f023c43f6d4e781fe43be7c10086 +certbot-nginx==0.9.3 \ + --hash=sha256:3c26f18f0b57550f069263bd9b2984ef33eab6693e7796611c1b2cc16574069c \ + --hash=sha256:7337a2e90e0b28a1ab09e31d9fb81c6d78e6453500c824c0f18bab5d31b63058 diff --git a/tests/letstest/scripts/test_tests.sh b/tests/letstest/scripts/test_tests.sh new file mode 100755 index 000000000..10cad2549 --- /dev/null +++ b/tests/letstest/scripts/test_tests.sh @@ -0,0 +1,17 @@ +#!/bin/sh -xe + +MODULES="acme certbot certbot_apache certbot_nginx" +VENV_NAME=venv + +# *-auto respects VENV_PATH +VENV_PATH=$VENV_NAME letsencrypt/certbot-auto --debug --non-interactive --version +. $VENV_NAME/bin/activate + +# change to an empty directory to ensure CWD doesn't affect tests +cd $(mktemp -d) +pip install nose + +for module in $MODULES ; do + echo testing $module + nosetests -v $module +done