Merge branch 'master' into legacy-standalone

certbot-apache/certbot_apache/tests/tls_sni_01_test.py

@@ -4,6 +4,7 @@ import shutil
 
 import mock
 
+from certbot import errors
 from certbot.plugins import common_test
 
 from certbot_apache import obj
@@ -137,6 +138,16 @@ class TlsSniPerformTest(util.ApacheTest):
             set([obj.Addr.fromstring("*:443")]),
             self.sni._get_addrs(self.achalls[0]))
 
+    def test_get_addrs_no_vhost_found(self):
+        self.sni.configurator.choose_vhost = mock.Mock(
+            side_effect=errors.MissingCommandlineFlag(
+                "Failed to run Apache plugin non-interactively"))
+
+        # pylint: disable=protected-access
+        self.assertEqual(
+            set([obj.Addr.fromstring("*:443")]),
+            self.sni._get_addrs(self.achalls[0]))
+
 
 if __name__ == "__main__":
     unittest.main()  # pragma: no cover

certbot-apache/certbot_apache/tls_sni_01.py

@@ -4,6 +4,7 @@ import os
 import logging
 
 from certbot.plugins import common
+from certbot.errors import PluginError, MissingCommandlineFlag
 
 from certbot_apache import obj
 from certbot_apache import parser
@@ -116,12 +117,21 @@ class ApacheTlsSni01(common.TLSSNI01):
 
     def _get_addrs(self, achall):
         """Return the Apache addresses needed for TLS-SNI-01."""
-        vhost = self.configurator.choose_vhost(achall.domain, temp=True)
         # TODO: Checkout _default_ rules.
         addrs = set()
         default_addr = obj.Addr(("*", str(
             self.configurator.config.tls_sni_01_port)))
 
+        try:
+            vhost = self.configurator.choose_vhost(achall.domain, temp=True)
+        except (PluginError, MissingCommandlineFlag):
+            # We couldn't find the virtualhost for this domain, possibly
+            # because it's a new vhost that's not configured yet (GH #677),
+            # or perhaps because there were multiple <VirtualHost> sections
+            # in the config file (GH #1042).  See also GH #2600.
+            addrs.add(default_addr)
+            return addrs
+
         for addr in vhost.addrs:
             if "_default_" == addr.get_addr():
                 addrs.add(default_addr)

tests/travis-integration.sh

@@ -6,14 +6,14 @@ set -o errexit
 
 source .tox/$TOXENV/bin/activate
 
-export LETSENCRYPT_PATH=`pwd`
+export CERTBOT_PATH=`pwd`
 
 cd $GOPATH/src/github.com/letsencrypt/boulder/
 
 # boulder's integration-test.py has code that knows to start and wait for the
 # boulder processes to start reliably and then will run the certbot
-# boulder-interation.sh on its own. The --letsencrypt flag says to run only the
+# boulder-interation.sh on its own. The --certbot flag says to run only the
 # certbot tests (instead of any other client tests it might run). We're
 # going to want to define a more robust interaction point between the boulder
 # and certbot tests, but that will be better built off of this.
-python test/integration-test.py --letsencrypt
+python test/integration-test.py --certbot