Merge remote-tracking branch 'origin/master' into nginx-plugin-map

.gitignore

@@ -8,6 +8,7 @@ dist*/
 /.tox/
 /releases/
 letsencrypt.log
+certbot.log
 letsencrypt-auto-source/letsencrypt-auto.sig.lzma.base64
 
 # coverage

.travis.yml

@@ -23,6 +23,7 @@ env:
   global:
     - GOPATH=/tmp/go
     - PATH=$GOPATH/bin:$PATH
+    - GO15VENDOREXPERIMENT=1  # Fixes problems with vendor directories
 
 matrix:
   include:
@@ -82,13 +83,14 @@ sudo: false
 
 addons:
   # Custom /etc/hosts required for simple verification of http-01
-  # and tls-sni-01, and for letsencrypt_test_nginx
+  # and tls-sni-01, and for certbot_test_nginx
   hosts:
     - le.wtf
     - le1.wtf
     - le2.wtf
     - le3.wtf
     - nginx.wtf
+    - boulder
     - boulder-mysql
     - boulder-rabbitmq
   mariadb: "10.0"
@@ -104,13 +106,12 @@ addons:
     - libssl-dev
     - libffi-dev
     - ca-certificates
-    # For letsencrypt-nginx integration testing
+    # For certbot-nginx integration testing
     - nginx-light
     - openssl
     # For Boulder integration testing
     - rsyslog
     # for apacheconftest
-    #- realpath
     #- apache2
     #- libapache2-mod-wsgi
     #- libapache2-mod-macro

Dockerfile

@@ -10,11 +10,11 @@ MAINTAINER William Budington <bill@eff.org>
 EXPOSE 443
 
 # TODO: make sure --config-dir and --work-dir cannot be changed
-# through the CLI (letsencrypt-docker wrapper that uses standalone
+# through the CLI (certbot-docker wrapper that uses standalone
 # authenticator and text mode only?)
 VOLUME /etc/letsencrypt /var/lib/letsencrypt
 
-WORKDIR /opt/letsencrypt
+WORKDIR /opt/certbot
 
 # no need to mkdir anything:
 # https://docs.docker.com/reference/builder/#copy
@@ -22,8 +22,8 @@ WORKDIR /opt/letsencrypt
 # directories in its path.
 
 
-COPY letsencrypt-auto-source/letsencrypt-auto /opt/letsencrypt/src/letsencrypt-auto-source/letsencrypt-auto
-RUN /opt/letsencrypt/src/letsencrypt-auto-source/letsencrypt-auto --os-packages-only && \
+COPY letsencrypt-auto-source/letsencrypt-auto /opt/certbot/src/letsencrypt-auto-source/letsencrypt-auto
+RUN /opt/certbot/src/letsencrypt-auto-source/letsencrypt-auto --os-packages-only && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* \
            /tmp/* \
@@ -33,7 +33,7 @@ RUN /opt/letsencrypt/src/letsencrypt-auto-source/letsencrypt-auto --os-packages-
 # Dockerfile we make sure we cache as much as possible
 
 
-COPY setup.py README.rst CHANGES.rst MANIFEST.in letsencrypt-auto-source/pieces/pipstrap.py /opt/letsencrypt/src/
+COPY setup.py README.rst CHANGES.rst MANIFEST.in letsencrypt-auto-source/pieces/pipstrap.py /opt/certbot/src/
 
 # all above files are necessary for setup.py and venv setup, however,
 # package source code directory has to be copied separately to a
@@ -44,26 +44,26 @@ COPY setup.py README.rst CHANGES.rst MANIFEST.in letsencrypt-auto-source/pieces/
 # copied, just its contents." Order again matters, three files are far
 # more likely to be cached than the whole project directory
 
-COPY letsencrypt /opt/letsencrypt/src/letsencrypt/
-COPY acme /opt/letsencrypt/src/acme/
-COPY letsencrypt-apache /opt/letsencrypt/src/letsencrypt-apache/
-COPY letsencrypt-nginx /opt/letsencrypt/src/letsencrypt-nginx/
+COPY certbot /opt/certbot/src/certbot/
+COPY acme /opt/certbot/src/acme/
+COPY certbot-apache /opt/certbot/src/certbot-apache/
+COPY certbot-nginx /opt/certbot/src/certbot-nginx/
 
 
-RUN virtualenv --no-site-packages -p python2 /opt/letsencrypt/venv
+RUN virtualenv --no-site-packages -p python2 /opt/certbot/venv
 
 # PATH is set now so pipstrap upgrades the correct (v)env
-ENV PATH /opt/letsencrypt/venv/bin:$PATH
-RUN /opt/letsencrypt/venv/bin/python /opt/letsencrypt/src/pipstrap.py && \
-    /opt/letsencrypt/venv/bin/pip install \
-    -e /opt/letsencrypt/src/acme \
-    -e /opt/letsencrypt/src \
-    -e /opt/letsencrypt/src/letsencrypt-apache \
-    -e /opt/letsencrypt/src/letsencrypt-nginx
+ENV PATH /opt/certbot/venv/bin:$PATH
+RUN /opt/certbot/venv/bin/python /opt/certbot/src/pipstrap.py && \
+    /opt/certbot/venv/bin/pip install \
+    -e /opt/certbot/src/acme \
+    -e /opt/certbot/src \
+    -e /opt/certbot/src/certbot-apache \
+    -e /opt/certbot/src/certbot-nginx
 
 # install in editable mode (-e) to save space: it's not possible to
-# "rm -rf /opt/letsencrypt/src" (it's stays in the underlaying image);
+# "rm -rf /opt/certbot/src" (it's stays in the underlaying image);
 # this might also help in debugging: you can "docker run --entrypoint
 # bash" and investigate, apply patches, etc.
 
-ENTRYPOINT [ "letsencrypt" ]
+ENTRYPOINT [ "certbot" ]

Dockerfile-dev

@@ -9,11 +9,11 @@ MAINTAINER Yan <yan@eff.org>
 EXPOSE 443
 
 # TODO: make sure --config-dir and --work-dir cannot be changed
-# through the CLI (letsencrypt-docker wrapper that uses standalone
+# through the CLI (certbot-docker wrapper that uses standalone
 # authenticator and text mode only?)
 VOLUME /etc/letsencrypt /var/lib/letsencrypt
 
-WORKDIR /opt/letsencrypt
+WORKDIR /opt/certbot
 
 # no need to mkdir anything:
 # https://docs.docker.com/reference/builder/#copy
@@ -22,8 +22,8 @@ WORKDIR /opt/letsencrypt
 
 # TODO: Install non-default Python versions for tox.
 # TODO: Install Apache/Nginx for plugin development.
-COPY letsencrypt-auto-source/letsencrypt-auto /opt/letsencrypt/src/letsencrypt-auto-source/letsencrypt-auto
-RUN /opt/letsencrypt/src/letsencrypt-auto-source/letsencrypt-auto --os-packages-only && \
+COPY letsencrypt-auto-source/letsencrypt-auto /opt/certbot/src/letsencrypt-auto-source/letsencrypt-auto
+RUN /opt/certbot/src/letsencrypt-auto-source/letsencrypt-auto --os-packages-only && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* \
            /tmp/* \
@@ -32,7 +32,7 @@ RUN /opt/letsencrypt/src/letsencrypt-auto-source/letsencrypt-auto --os-packages-
 # the above is not likely to change, so by putting it further up the
 # Dockerfile we make sure we cache as much as possible
 
-COPY setup.py README.rst CHANGES.rst MANIFEST.in linter_plugin.py tox.cover.sh tox.ini pep8.travis.sh .pep8 .pylintrc /opt/letsencrypt/src/
+COPY setup.py README.rst CHANGES.rst MANIFEST.in linter_plugin.py tox.cover.sh tox.ini pep8.travis.sh .pep8 .pylintrc /opt/certbot/src/
 
 # all above files are necessary for setup.py, however, package source
 # code directory has to be copied separately to a subdirectory...
@@ -42,27 +42,27 @@ COPY setup.py README.rst CHANGES.rst MANIFEST.in linter_plugin.py tox.cover.sh t
 # copied, just its contents." Order again matters, three files are far
 # more likely to be cached than the whole project directory
 
-COPY letsencrypt /opt/letsencrypt/src/letsencrypt/
-COPY acme /opt/letsencrypt/src/acme/
-COPY letsencrypt-apache /opt/letsencrypt/src/letsencrypt-apache/
-COPY letsencrypt-nginx /opt/letsencrypt/src/letsencrypt-nginx/
-COPY letshelp-letsencrypt /opt/letsencrypt/src/letshelp-letsencrypt/
-COPY letsencrypt-compatibility-test /opt/letsencrypt/src/letsencrypt-compatibility-test/
-COPY tests /opt/letsencrypt/src/tests/
+COPY certbot /opt/certbot/src/certbot/
+COPY acme /opt/certbot/src/acme/
+COPY certbot-apache /opt/certbot/src/certbot-apache/
+COPY certbot-nginx /opt/certbot/src/certbot-nginx/
+COPY letshelp-certbot /opt/certbot/src/letshelp-certbot/
+COPY certbot-compatibility-test /opt/certbot/src/certbot-compatibility-test/
+COPY tests /opt/certbot/src/tests/
 
-RUN virtualenv --no-site-packages -p python2 /opt/letsencrypt/venv && \
-    /opt/letsencrypt/venv/bin/pip install \
-    -e /opt/letsencrypt/src/acme \
-    -e /opt/letsencrypt/src \
-    -e /opt/letsencrypt/src/letsencrypt-apache \
-    -e /opt/letsencrypt/src/letsencrypt-nginx \
-    -e /opt/letsencrypt/src/letshelp-letsencrypt \
-    -e /opt/letsencrypt/src/letsencrypt-compatibility-test \
-    -e /opt/letsencrypt/src[dev,docs]
+RUN virtualenv --no-site-packages -p python2 /opt/certbot/venv && \
+    /opt/certbot/venv/bin/pip install \
+    -e /opt/certbot/src/acme \
+    -e /opt/certbot/src \
+    -e /opt/certbot/src/certbot-apache \
+    -e /opt/certbot/src/certbot-nginx \
+    -e /opt/certbot/src/letshelp-certbot \
+    -e /opt/certbot/src/certbot-compatibility-test \
+    -e /opt/certbot/src[dev,docs]
 
 # install in editable mode (-e) to save space: it's not possible to
-# "rm -rf /opt/letsencrypt/src" (it's stays in the underlaying image);
+# "rm -rf /opt/certbot/src" (it's stays in the underlaying image);
 # this might also help in debugging: you can "docker run --entrypoint
 # bash" and investigate, apply patches, etc.
 
-ENV PATH /opt/letsencrypt/venv/bin:$PATH
+ENV PATH /opt/certbot/venv/bin:$PATH

LICENSE.txt

@@ -1,4 +1,4 @@
-Let's Encrypt Python Client
+Certbot ACME Client
 Copyright (c) Electronic Frontier Foundation and others
 Licensed Apache Version 2.0
 

MANIFEST.in

@@ -5,4 +5,4 @@ include LICENSE.txt
 include linter_plugin.py
 recursive-include docs *
 recursive-include examples *
-recursive-include letsencrypt/tests/testdata *
+recursive-include certbot/tests/testdata *

README.rst

@@ -3,9 +3,9 @@
 Disclaimer
 ==========
 
-The Let's Encrypt Client is **BETA SOFTWARE**. It contains plenty of bugs and
-rough edges, and should be tested thoroughly in staging environments before use
-on production systems.
+Certbot (previously, the Let's Encrypt client) is **BETA SOFTWARE**. It
+contains plenty of bugs and rough edges, and should be tested thoroughly in
+staging environments before use on production systems.
 
 For more information regarding the status of the project, please see
 https://letsencrypt.org. Be sure to checkout the
@@ -128,16 +128,15 @@ System Requirements
 ===================
 
 The Let's Encrypt Client presently only runs on Unix-ish OSes that include
-Python 2.6 or 2.7; Python 3.x support will be added after the Public Beta
-launch. The client requires root access in order to write to
-``/etc/letsencrypt``, ``/var/log/letsencrypt``, ``/var/lib/letsencrypt``; to
-bind to ports 80 and 443 (if you use the ``standalone`` plugin) and to read and
-modify webserver configurations (if you use the ``apache`` or ``nginx``
-plugins).  If none of these apply to you, it is theoretically possible to run
-without root privileges, but for most users who want to avoid running an ACME
-client as root, either `letsencrypt-nosudo
-<https://github.com/diafygi/letsencrypt-nosudo>`_ or `simp_le
-<https://github.com/kuba/simp_le>`_ are more appropriate choices.
+Python 2.6 or 2.7; Python 3.x support will hopefully be added in the future. The
+client requires root access in order to write to ``/etc/letsencrypt``,
+``/var/log/letsencrypt``, ``/var/lib/letsencrypt``; to bind to ports 80 and 443
+(if you use the ``standalone`` plugin) and to read and modify webserver
+configurations (if you use the ``apache`` or ``nginx`` plugins).  If none of
+these apply to you, it is theoretically possible to run without root privileges,
+but for most users who want to avoid running an ACME client as root, either
+`letsencrypt-nosudo <https://github.com/diafygi/letsencrypt-nosudo>`_ or
+`simp_le <https://github.com/kuba/simp_le>`_ are more appropriate choices.
 
 The Apache plugin currently requires a Debian-based OS with augeas version
 1.0; this includes Ubuntu 12.04+ and Debian 7+.

acme/acme/client_test.py

@@ -484,9 +484,11 @@ class ClientNetworkTest(unittest.TestCase):
     def test_check_response_not_ok_jobj_no_error(self):
         self.response.ok = False
         self.response.json.return_value = {}
-        # pylint: disable=protected-access
-        self.assertRaises(
-            errors.ClientError, self.net._check_response, self.response)
+        with mock.patch('acme.client.messages.Error.from_json') as from_json:
+            from_json.side_effect = jose.DeserializationError
+            # pylint: disable=protected-access
+            self.assertRaises(
+                errors.ClientError, self.net._check_response, self.response)
 
     def test_check_response_not_ok_jobj_error(self):
         self.response.ok = False

acme/acme/messages.py

@@ -37,9 +37,9 @@ class Error(jose.JSONObjectWithFields, errors.Error):
         )
     )
 
-    typ = jose.Field('type')
+    typ = jose.Field('type', omitempty=True, default='about:blank')
     title = jose.Field('title', omitempty=True)
-    detail = jose.Field('detail')
+    detail = jose.Field('detail', omitempty=True)
 
     @property
     def description(self):
@@ -123,6 +123,12 @@ class Directory(jose.JSONDeSerializable):
 
     _REGISTERED_TYPES = {}
 
+    class Meta(jose.JSONObjectWithFields):
+        """Directory Meta."""
+        terms_of_service = jose.Field('terms-of-service', omitempty=True)
+        website = jose.Field('website', omitempty=True)
+        caa_identities = jose.Field('caa-identities', omitempty=True)
+
     @classmethod
     def _canon_key(cls, key):
         return getattr(key, 'resource_type', key)
@@ -137,11 +143,6 @@ class Directory(jose.JSONDeSerializable):
 
     def __init__(self, jobj):
         canon_jobj = util.map_keys(jobj, self._canon_key)
-        if not set(canon_jobj).issubset(self._REGISTERED_TYPES):
-            # TODO: acme-spec is not clear about this: 'It is a JSON
-            # dictionary, whose keys are the "resource" values listed
-            # in {{https-requests}}'z
-            raise ValueError('Wrong directory fields')
         # TODO: check that everything is an absolute URL; acme-spec is
         # not clear on that
         self._jobj = canon_jobj
@@ -163,10 +164,8 @@ class Directory(jose.JSONDeSerializable):
 
     @classmethod
     def from_json(cls, jobj):
-        try:
-            return cls(jobj)
-        except ValueError as error:
-            raise jose.DeserializationError(str(error))
+        jobj['meta'] = cls.Meta.from_json(jobj.pop('meta', {}))
+        return cls(jobj)
 
 
 class Resource(jose.JSONObjectWithFields):

acme/acme/messages_test.py

@@ -28,6 +28,14 @@ class ErrorTest(unittest.TestCase):
         self.error_custom = Error(typ='custom', detail='bar')
         self.jobj_cusom = {'type': 'custom', 'detail': 'bar'}
 
+    def test_default_typ(self):
+        from acme.messages import Error
+        self.assertEqual(Error().typ, 'about:blank')
+
+    def test_from_json_empty(self):
+        from acme.messages import Error
+        self.assertEqual(Error(), Error.from_json('{}'))
+
     def test_from_json_hashable(self):
         from acme.messages import Error
         hash(Error.from_json(self.error.to_json()))
@@ -90,11 +98,16 @@ class DirectoryTest(unittest.TestCase):
         self.dir = Directory({
             'new-reg': 'reg',
             mock.MagicMock(resource_type='new-cert'): 'cert',
+            'meta': Directory.Meta(
+                terms_of_service='https://example.com/acme/terms',
+                website='https://www.example.com/',
+                caa_identities=['example.com'],
+            ),
         })
 
-    def test_init_wrong_key_value_error(self):
+    def test_init_wrong_key_value_success(self):  # pylint: disable=no-self-use
         from acme.messages import Directory
-        self.assertRaises(ValueError, Directory, {'foo': 'bar'})
+        Directory({'foo': 'bar'})
 
     def test_getitem(self):
         self.assertEqual('reg', self.dir['new-reg'])
@@ -111,14 +124,20 @@ class DirectoryTest(unittest.TestCase):
     def test_getattr_fails_with_attribute_error(self):
         self.assertRaises(AttributeError, self.dir.__getattr__, 'foo')
 
-    def test_to_partial_json(self):
-        self.assertEqual(
-            self.dir.to_partial_json(), {'new-reg': 'reg', 'new-cert': 'cert'})
+    def test_to_json(self):
+        self.assertEqual(self.dir.to_json(), {
+            'new-reg': 'reg',
+            'new-cert': 'cert',
+            'meta': {
+                'terms-of-service': 'https://example.com/acme/terms',
+                'website': 'https://www.example.com/',
+                'caa-identities': ['example.com'],
+            },
+        })
 
-    def test_from_json_deserialization_error_on_wrong_key(self):
+    def test_from_json_deserialization_unknown_key_success(self):  # pylint: disable=no-self-use
         from acme.messages import Directory
-        self.assertRaises(
-            jose.DeserializationError, Directory.from_json, {'foo': 'bar'})
+        Directory.from_json({'foo': 'bar'})
 
 
 class RegistrationTest(unittest.TestCase):

acme/setup.py

@@ -53,7 +53,7 @@ setup(
     version=version,
     description='ACME protocol implementation in Python',
     url='https://github.com/letsencrypt/letsencrypt',
-    author="Let's Encrypt Project",
+    author="Certbot Project",
     author_email='client-dev@letsencrypt.org',
     license='Apache License 2.0',
     classifiers=[

certbot-apache/MANIFEST.in

@@ -0,0 +1,7 @@
+include LICENSE.txt
+include README.rst
+recursive-include docs *
+recursive-include certbot_apache/tests/testdata *
+include certbot_apache/centos-options-ssl-apache.conf
+include certbot_apache/options-ssl-apache.conf
+recursive-include certbot_apache/augeas_lens *.aug

certbot-apache/README.rst

@@ -0,0 +1 @@
+Apache plugin for Certbot

certbot-apache/certbot_apache/__init__.py

@@ -0,0 +1 @@
+"""Certbot Apache plugin."""

certbot-apache/certbot_apache/augeas_configurator.py

@@ -3,11 +3,11 @@ import logging
 
 import augeas
 
-from letsencrypt import errors
-from letsencrypt import reverter
-from letsencrypt.plugins import common
+from certbot import errors
+from certbot import reverter
+from certbot.plugins import common
 
-from letsencrypt_apache import constants
+from certbot_apache import constants
 
 logger = logging.getLogger(__name__)
 
@@ -16,14 +16,14 @@ class AugeasConfigurator(common.Plugin):
     """Base Augeas Configurator class.
 
     :ivar config: Configuration.
-    :type config: :class:`~letsencrypt.interfaces.IConfig`
+    :type config: :class:`~certbot.interfaces.IConfig`
 
     :ivar aug: Augeas object
     :type aug: :class:`augeas.Augeas`
 
     :ivar str save_notes: Human-readable configuration change notes
     :ivar reverter: saves and reverts checkpoints
-    :type reverter: :class:`letsencrypt.reverter.Reverter`
+    :type reverter: :class:`certbot.reverter.Reverter`
 
     """
     def __init__(self, *args, **kwargs):

certbot-apache/certbot_apache/augeas_lens/README

@@ -0,0 +1,2 @@
+Certbot includes the very latest Augeas lenses in order to ship bug fixes 
+to Apache configuration handling bugs as quickly as possible

certbot-apache/certbot_apache/augeas_lens/httpd.aug

@@ -45,8 +45,8 @@ autoload xfm
 let dels (s:string)     = del s s
 
 (* deal with continuation lines *)
-let sep_spc             = del /([ \t]+|[ \t]*\\\\\r?\n[ \t]*)/ " "
-let sep_osp             = del /([ \t]*|[ \t]*\\\\\r?\n[ \t]*)/ ""
+let sep_spc             = del /([ \t]+|[ \t]*\\\\\r?\n[ \t]*)+/ " "
+let sep_osp             = del /([ \t]*|[ \t]*\\\\\r?\n[ \t]*)*/ ""
 let sep_eq              = del /[ \t]*=[ \t]*/ "="
 
 let nmtoken             = /[a-zA-Z:_][a-zA-Z0-9:_.-]*/
@@ -58,8 +58,8 @@ let empty               = Util.empty_dos
 let indent              = Util.indent
 
 (* borrowed from shellvars.aug *)
-let char_arg_dir  = /([^\\ '"{\t\r\n]|[^ '"{\t\r\n]+[^\\ \t\r\n])|\\\\"|\\\\'/
-let char_arg_sec  = /([^\\ '"\t\r\n>]|[^ '"\t\r\n>]+[^\\ \t\r\n>])|\\\\"|\\\\'/
+let char_arg_dir  = /([^\\ '"{\t\r\n]|[^ '"{\t\r\n]+[^\\ \t\r\n])|\\\\"|\\\\'|\\\\ /
+let char_arg_sec  = /([^\\ '"\t\r\n>]|[^ '"\t\r\n>]+[^\\ \t\r\n>])|\\\\"|\\\\'|\\\\ /
 let char_arg_wl   = /([^\\ '"},\t\r\n]|[^ '"},\t\r\n]+[^\\ '"},\t\r\n])/
 
 let cdot = /\\\\./

certbot-apache/certbot_apache/configurator.py

@@ -13,18 +13,18 @@ import zope.interface
 
 from acme import challenges
 
-from letsencrypt import errors
-from letsencrypt import interfaces
-from letsencrypt import le_util
+from certbot import errors
+from certbot import interfaces
+from certbot import le_util
 
-from letsencrypt.plugins import common
+from certbot.plugins import common
 
-from letsencrypt_apache import augeas_configurator
-from letsencrypt_apache import constants
-from letsencrypt_apache import display_ops
-from letsencrypt_apache import tls_sni_01
-from letsencrypt_apache import obj
-from letsencrypt_apache import parser
+from certbot_apache import augeas_configurator
+from certbot_apache import constants
+from certbot_apache import display_ops
+from certbot_apache import tls_sni_01
+from certbot_apache import obj
+from certbot_apache import parser
 
 from collections import defaultdict
 
@@ -70,14 +70,14 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
     14.04 Apache 2.4 and it works for Ubuntu 12.04 Apache 2.2
 
     :ivar config: Configuration.
-    :type config: :class:`~letsencrypt.interfaces.IConfig`
+    :type config: :class:`~certbot.interfaces.IConfig`
 
     :ivar parser: Handles low level parsing
-    :type parser: :class:`~letsencrypt_apache.parser`
+    :type parser: :class:`~certbot_apache.parser`
 
     :ivar tup version: version of Apache
     :ivar list vhosts: All vhosts found in the configuration
-        (:class:`list` of :class:`~letsencrypt_apache.obj.VirtualHost`)
+        (:class:`list` of :class:`~certbot_apache.obj.VirtualHost`)
 
     :ivar dict assoc: Mapping between domains and vhosts
 
@@ -205,7 +205,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         installed, the VirtualHost is enabled if it isn't already.
 
         .. todo:: Might be nice to remove chain directive if none exists
-                  This shouldn't happen within letsencrypt though
+                  This shouldn't happen within certbot though
 
         :raises errors.PluginError: When unable to deploy certificate due to
             a lack of directives
@@ -290,7 +290,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         :param bool temp: whether the vhost is only used temporarily
 
         :returns: ssl vhost associated with name
-        :rtype: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :rtype: :class:`~certbot_apache.obj.VirtualHost`
 
         :raises .errors.PluginError: If no vhost is available or chosen
 
@@ -472,7 +472,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         """Helper function for get_virtual_hosts().
 
         :param host: In progress vhost whose names will be added
-        :type host: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type host: :class:`~certbot_apache.obj.VirtualHost`
 
         """
         # Take the final ServerName as each overrides the previous
@@ -498,7 +498,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         :param str path: Augeas path to virtual host
 
         :returns: newly created vhost
-        :rtype: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :rtype: :class:`~certbot_apache.obj.VirtualHost`
 
         """
         addrs = set()
@@ -534,7 +534,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
     def get_virtual_hosts(self):
         """Returns list of virtual hosts found in the Apache configuration.
 
-        :returns: List of :class:`~letsencrypt_apache.obj.VirtualHost`
+        :returns: List of :class:`~certbot_apache.obj.VirtualHost`
             objects found in configuration
         :rtype: list
 
@@ -572,7 +572,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         now NameVirtualHosts. If version is earlier than 2.4, check if addr
         has a NameVirtualHost directive in the Apache config
 
-        :param letsencrypt_apache.obj.Addr target_addr: vhost address
+        :param certbot_apache.obj.Addr target_addr: vhost address
 
         :returns: Success
         :rtype: bool
@@ -590,7 +590,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         """Adds NameVirtualHost directive for given address.
 
         :param addr: Address that will be added as NameVirtualHost directive
-        :type addr: :class:`~letsencrypt_apache.obj.Addr`
+        :type addr: :class:`~certbot_apache.obj.Addr`
 
         """
         loc = parser.get_aug_path(self.parser.loc["name"])
@@ -679,7 +679,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         """Checks to see if the server is ready for SNI challenges.
 
         :param addrs: Addresses to check SNI compatibility
-        :type addrs: :class:`~letsencrypt_apache.obj.Addr`
+        :type addrs: :class:`~certbot_apache.obj.Addr`
 
         """
         # Version 2.4 and later are automatically SNI ready.
@@ -697,15 +697,15 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
 
         Duplicates vhost and adds default ssl options
         New vhost will reside as (nonssl_vhost.path) +
-        ``letsencrypt_apache.constants.os_constant("le_vhost_ext")``
+        ``certbot_apache.constants.os_constant("le_vhost_ext")``
 
         .. note:: This function saves the configuration
 
         :param nonssl_vhost: Valid VH that doesn't have SSLEngine on
-        :type nonssl_vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type nonssl_vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         :returns: SSL vhost
-        :rtype: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :rtype: :class:`~certbot_apache.obj.VirtualHost`
 
         :raises .errors.PluginError: If more than one virtual host is in
             the file or if plugin is unable to write/read vhost files.
@@ -911,7 +911,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         https://httpd.apache.org/docs/2.2/mod/core.html#namevirtualhost
 
         :param vhost: New virtual host that was recently created.
-        :type vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         """
         need_to_save = False
@@ -951,9 +951,9 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
 
         :param str domain: domain to enhance
         :param str enhancement: enhancement type defined in
-            :const:`~letsencrypt.constants.ENHANCEMENTS`
+            :const:`~certbot.constants.ENHANCEMENTS`
         :param options: options for the enhancement
-            See :const:`~letsencrypt.constants.ENHANCEMENTS`
+            See :const:`~certbot.constants.ENHANCEMENTS`
             documentation for appropriate parameter.
 
         :raises .errors.PluginError: If Enhancement is not supported, or if
@@ -981,14 +981,14 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         .. note:: This function saves the configuration
 
         :param ssl_vhost: Destination of traffic, an ssl enabled vhost
-        :type ssl_vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type ssl_vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         :param header_substring: string that uniquely identifies a header.
                 e.g: Strict-Transport-Security, Upgrade-Insecure-Requests.
         :type str
 
         :returns: Success, general_vhost (HTTP vhost)
-        :rtype: (bool, :class:`~letsencrypt_apache.obj.VirtualHost`)
+        :rtype: (bool, :class:`~certbot_apache.obj.VirtualHost`)
 
         :raises .errors.PluginError: If no viable HTTP host can be created or
             set with header header_substring.
@@ -1016,7 +1016,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         contains the string header_substring.
 
         :param ssl_vhost: vhost to check
-        :type vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         :param header_substring: string that uniquely identifies a header.
                 e.g: Strict-Transport-Security, Upgrade-Insecure-Requests.
@@ -1053,13 +1053,13 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         .. note:: This function saves the configuration
 
         :param ssl_vhost: Destination of traffic, an ssl enabled vhost
-        :type ssl_vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type ssl_vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         :param unused_options: Not currently used
         :type unused_options: Not Available
 
         :returns: Success, general_vhost (HTTP vhost)
-        :rtype: (bool, :class:`~letsencrypt_apache.obj.VirtualHost`)
+        :rtype: (bool, :class:`~certbot_apache.obj.VirtualHost`)
 
         :raises .errors.PluginError: If no viable HTTP host can be created or
             used for the redirect.
@@ -1083,11 +1083,11 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
                         "redirection")
             self._create_redirect_vhost(ssl_vhost)
         else:
-            # Check if LetsEncrypt redirection already exists
-            self._verify_no_letsencrypt_redirect(general_vh)
+            # Check if Certbot redirection already exists
+            self._verify_no_certbot_redirect(general_vh)
 
             # Note: if code flow gets here it means we didn't find the exact
-            # letsencrypt RewriteRule config for redirection. Finding
+            # certbot RewriteRule config for redirection. Finding
             # another RewriteRule is likely to be fine in most or all cases,
             # but redirect loops are possible in very obscure cases; see #1620
             # for reasoning.
@@ -1121,17 +1121,17 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
             logger.info("Redirecting vhost in %s to ssl vhost in %s",
                         general_vh.filep, ssl_vhost.filep)
 
-    def _verify_no_letsencrypt_redirect(self, vhost):
-        """Checks to see if a redirect was already installed by letsencrypt.
+    def _verify_no_certbot_redirect(self, vhost):
+        """Checks to see if a redirect was already installed by certbot.
 
         Checks to see if virtualhost already contains a rewrite rule that is
-        identical to Letsencrypt's redirection rewrite rule.
+        identical to Certbot's redirection rewrite rule.
 
         :param vhost: vhost to check
-        :type vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         :raises errors.PluginEnhancementAlreadyPresent: When the exact
-                letsencrypt redirection WriteRule exists in virtual host.
+                certbot redirection WriteRule exists in virtual host.
         """
         rewrite_path = self.parser.find_dir(
             "RewriteRule", None, start=vhost.path)
@@ -1154,13 +1154,13 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
             for matches in rewrite_args_dict.values():
                 if [self.aug.get(x) for x in matches] in redirect_args:
                     raise errors.PluginEnhancementAlreadyPresent(
-                        "Let's Encrypt has already enabled redirection")
+                        "Certbot has already enabled redirection")
 
     def _is_rewrite_exists(self, vhost):
         """Checks if there exists a RewriteRule directive in vhost
 
         :param vhost: vhost to check
-        :type vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         :returns: True if a RewriteRule directive exists.
         :rtype: bool
@@ -1174,7 +1174,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         """Checks if a RewriteEngine directive is on
 
         :param vhost: vhost to check
-        :type vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         """
         rewrite_engine_path = self.parser.find_dir("RewriteEngine", "on",
@@ -1187,10 +1187,10 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         """Creates an http_vhost specifically to redirect for the ssl_vhost.
 
         :param ssl_vhost: ssl vhost
-        :type ssl_vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type ssl_vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         :returns: tuple of the form
-            (`success`, :class:`~letsencrypt_apache.obj.VirtualHost`)
+            (`success`, :class:`~certbot_apache.obj.VirtualHost`)
         :rtype: tuple
 
         """
@@ -1369,7 +1369,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         .. todo:: Make sure link is not broken...
 
         :param vhost: vhost to enable
-        :type vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
+        :type vhost: :class:`~certbot_apache.obj.VirtualHost`
 
         :raises .errors.NotSupportedError: If filesystem layout is not
             supported.
@@ -1452,7 +1452,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
         if not le_util.exe_exists(self.conf("dismod")):
             raise errors.MisconfigurationError(
                 "Unable to find a2dismod, please make sure a2enmod and "
-                "a2dismod are configured correctly for letsencrypt.")
+                "a2dismod are configured correctly for certbot.")
 
         self.reverter.register_undo_command(
             temp, [self.conf("dismod"), mod_name])
@@ -1635,11 +1635,11 @@ def get_file_path(vhost_path):
 
 def install_ssl_options_conf(options_ssl):
     """
-    Copy Let's Encrypt's SSL options file into the system's config dir if
+    Copy Certbot's SSL options file into the system's config dir if
     required.
     """
     # XXX if we ever try to enforce a local privilege boundary (eg, running
-    # letsencrypt for unprivileged users via setuid), this function will need
+    # certbot for unprivileged users via setuid), this function will need
     # to be modified.
 
     # XXX if the user is in security-autoupdate mode, we should be willing to

certbot-apache/certbot_apache/constants.py

@@ -1,6 +1,6 @@
 """Apache plugin constants."""
 import pkg_resources
-from letsencrypt import le_util
+from certbot import le_util
 
 
 CLI_DEFAULTS_DEBIAN = dict(
@@ -18,7 +18,7 @@ CLI_DEFAULTS_DEBIAN = dict(
     handle_sites=True,
     challenge_location="/etc/apache2",
     MOD_SSL_CONF_SRC=pkg_resources.resource_filename(
-        "letsencrypt_apache", "options-ssl-apache.conf")
+        "certbot_apache", "options-ssl-apache.conf")
 )
 CLI_DEFAULTS_CENTOS = dict(
     server_root="/etc/httpd",
@@ -35,7 +35,7 @@ CLI_DEFAULTS_CENTOS = dict(
     handle_sites=False,
     challenge_location="/etc/httpd/conf.d",
     MOD_SSL_CONF_SRC=pkg_resources.resource_filename(
-        "letsencrypt_apache", "centos-options-ssl-apache.conf")
+        "certbot_apache", "centos-options-ssl-apache.conf")
 )
 CLI_DEFAULTS_GENTOO = dict(
     server_root="/etc/apache2",
@@ -52,7 +52,7 @@ CLI_DEFAULTS_GENTOO = dict(
     handle_sites=False,
     challenge_location="/etc/apache2/vhosts.d",
     MOD_SSL_CONF_SRC=pkg_resources.resource_filename(
-        "letsencrypt_apache", "options-ssl-apache.conf")
+        "certbot_apache", "options-ssl-apache.conf")
 )
 CLI_DEFAULTS_DARWIN = dict(
     server_root="/etc/apache2",
@@ -69,7 +69,7 @@ CLI_DEFAULTS_DARWIN = dict(
     handle_sites=False,
     challenge_location="/etc/apache2/other",
     MOD_SSL_CONF_SRC=pkg_resources.resource_filename(
-        "letsencrypt_apache", "options-ssl-apache.conf")
+        "certbot_apache", "options-ssl-apache.conf")
 )
 CLI_DEFAULTS = {
     "debian": CLI_DEFAULTS_DEBIAN,
@@ -87,7 +87,7 @@ MOD_SSL_CONF_DEST = "options-ssl-apache.conf"
 """Name of the mod_ssl config file as saved in `IConfig.config_dir`."""
 
 AUGEAS_LENS_DIR = pkg_resources.resource_filename(
-    "letsencrypt_apache", "augeas_lens")
+    "certbot_apache", "augeas_lens")
 """Path to the Augeas lens directory"""
 
 REWRITE_HTTPS_ARGS = [

certbot-apache/certbot_apache/display_ops.py

@@ -4,10 +4,10 @@ import os
 
 import zope.component
 
-from letsencrypt import errors
-from letsencrypt import interfaces
+from certbot import errors
+from certbot import interfaces
 
-import letsencrypt.display.util as display_util
+import certbot.display.util as display_util
 
 
 logger = logging.getLogger(__name__)
@@ -50,7 +50,7 @@ def _vhost_menu(domain, vhosts):
 
     if free_chars < 2:
         logger.debug("Display size is too small for "
-                     "letsencrypt_apache.display_ops._vhost_menu()")
+                     "certbot_apache.display_ops._vhost_menu()")
         # This runs the edge off the screen, but it doesn't cause an "error"
         filename_size = 1
         disp_name_size = 1

certbot-apache/certbot_apache/obj.py

@@ -1,7 +1,7 @@
 """Module contains classes used by the Apache Configurator."""
 import re
 
-from letsencrypt.plugins import common
+from certbot.plugins import common
 
 
 class Addr(common.Addr):

certbot-apache/certbot_apache/parser.py

@@ -6,9 +6,9 @@ import os
 import re
 import subprocess
 
-from letsencrypt import errors
+from certbot import errors
 
-from letsencrypt_apache import constants
+from certbot_apache import constants
 
 logger = logging.getLogger(__name__)
 

certbot-apache/certbot_apache/tests/__init__.py

@@ -0,0 +1 @@
+"""Certbot Apache Tests"""

certbot-apache/certbot_apache/tests/apache-conf-files/NEEDED.txt

@@ -0,0 +1,6 @@
+Issues for which some kind of test case should be constructable, but we do not
+currently have one:
+
+https://github.com/certbot/certbot/issues/1213
+https://github.com/certbot/certbot/issues/1602
+

certbot-apache/certbot_apache/tests/apache-conf-files/apache-conf-test

@@ -5,9 +5,7 @@
 
 export EA=/etc/apache2/ 
 TESTDIR="`dirname $0`"
-LEROOT="`realpath \"$TESTDIR/../../../../\"`"
 cd $TESTDIR/passing
-LETSENCRYPT="${LETSENCRYPT:-$LEROOT/venv/bin/letsencrypt}"
 
 function CleanupExit() {
     echo control c, exiting tests...
@@ -21,13 +19,13 @@ function Setup() {
     if [ "$APPEND_APACHECONF" = "" ] ; then
         sudo cp "$f" "$EA"/sites-available/
         sudo ln -sf "$EA/sites-available/$f" "$EA/sites-enabled/$f"
-        sudo echo """
+        echo "
 <VirtualHost *:80>
     ServerName example.com
     DocumentRoot /tmp/
     ErrorLog /tmp/error.log
     CustomLog /tmp/requests.log combined
-</VirtualHost>""" >> $EA/sites-available/throwaway-example.conf
+</VirtualHost>" | sudo tee $EA/sites-available/throwaway-example.conf >/dev/null
     else
         TMP="/tmp/`basename \"$APPEND_APACHECONF\"`.$$"
         sudo cp -a "$APPEND_APACHECONF" "$TMP"
@@ -61,7 +59,7 @@ trap CleanupExit INT
 for f in *.conf ; do 
     echo -n  testing "$f"...
     Setup
-    RESULT=`echo c | sudo "$LETSENCRYPT" -vvvv --debug --staging --apache --register-unsafely-without-email --agree-tos certonly -t 2>&1`
+    RESULT=`echo c | sudo $(command -v certbot) -vvvv --debug --staging --apache --register-unsafely-without-email --agree-tos certonly -t 2>&1`
     if echo $RESULT | grep -Eq \("Which names would you like"\|"mod_macro is not yet"\) ; then
         echo passed
     else

certbot-apache/certbot_apache/tests/apache-conf-files/passing/escaped-space-arguments-2735.conf

@@ -0,0 +1,2 @@
+RewriteCond %{HTTP:Content-Disposition} \.php [NC]
+RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.+/trackback/?\ HTTP/ [NC]

certbot-apache/certbot_apache/tests/apache-conf-files/passing/section-empty-continuations-2731.conf

@@ -0,0 +1,247 @@
+#ATTENTION!
+#
+#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
+#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
+
+NameVirtualHost 192.168.100.218:80
+NameVirtualHost 10.128.178.192:80
+
+NameVirtualHost 192.168.100.218:443
+NameVirtualHost 10.128.178.192:443
+
+
+ServerName "254020-web1.example.com"
+ServerAdmin "name@example.com"
+
+DocumentRoot "/tmp"
+
+<IfModule mod_logio.c>
+    LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" plesklog
+</IfModule>
+<IfModule !mod_logio.c>
+    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" plesklog
+</IfModule>
+
+	TraceEnable off
+
+ServerTokens ProductOnly
+
+<Directory "/var/www/vhosts">
+    AllowOverride "All"
+    Options SymLinksIfOwnerMatch
+    Order allow,deny
+    Allow from all
+
+<IfModule sapi_apache2.c>
+php_admin_flag engine off
+</IfModule>
+
+<IfModule mod_php5.c>
+php_admin_flag engine off
+</IfModule>
+
+</Directory>
+
+<Directory "/usr/lib/mailman">
+    AllowOverride All
+    Options SymLinksIfOwnerMatch
+    Order allow,deny
+    Allow from all
+    <IfModule sapi_apache2.c>
+        php_admin_flag engine off
+    </IfModule>
+    <IfModule mod_php5.c>
+        php_admin_flag engine off
+    </IfModule>
+</Directory>
+
+<IfModule mod_headers.c>
+    Header add X-Powered-By PleskLin
+</IfModule>
+
+<IfModule mod_jk.c>
+   JkWorkersFile "/etc/httpd/conf/workers.properties"
+      JkLogFile /var/log/httpd/mod_jk.log
+   JkLogLevel info
+</IfModule>
+
+#Include "/etc/httpd/conf/plesk.conf.d/ip_default/*.conf"
+
+
+    <VirtualHost \
+        192.168.100.218:80 \
+        10.128.178.192:80 \
+         \
+    >
+     	ServerName "default"
+        UseCanonicalName Off
+        DocumentRoot "/tmp"
+        ScriptAlias /cgi-bin/ "/var/www/vhosts/default/cgi-bin"
+
+
+        <IfModule mod_ssl.c>
+            SSLEngine off
+        </IfModule>
+
+        <Directory "/var/www/vhosts/default/cgi-bin">
+            AllowOverride None
+            Options None
+            Order allow,deny
+            Allow from all
+        </Directory>
+
+        <Directory /var/www/vhosts/default/htdocs>
+
+<IfModule sapi_apache2.c>
+php_admin_flag engine on
+</IfModule>
+
+<IfModule mod_php5.c>
+php_admin_flag engine on
+</IfModule>
+
+	</Directory>
+
+    </VirtualHost>
+
+<IfModule mod_ssl.c>
+
+    <VirtualHost \
+        192.168.100.218:443 \
+         \
+    >
+     	ServerName "default-192_168_100_218"
+        UseCanonicalName Off
+        DocumentRoot "/tmp"
+        ScriptAlias /cgi-bin/ "/var/www/vhosts/default/cgi-bin"
+
+
+        SSLEngine on
+        SSLVerifyClient none
+        #SSLCertificateFile "/usr/local/psa/var/certificates/cert-9MgutN"
+
+        #SSLCACertificateFile "/usr/local/psa/var/certificates/cert-s6Wx3P"
+
+        <Directory "/var/www/vhosts/default/cgi-bin">
+            AllowOverride None
+            Options None
+            Order allow,deny
+            Allow from all
+        </Directory>
+
+        <Directory /var/www/vhosts/default/htdocs>
+
+<IfModule sapi_apache2.c>
+php_admin_flag engine on
+</IfModule>
+
+<IfModule mod_php5.c>
+php_admin_flag engine on
+</IfModule>
+
+	</Directory>
+
+    </VirtualHost>
+    <VirtualHost \
+        10.128.178.192:443 \
+         \
+    >
+     	ServerName "default-10_128_178_192"
+        UseCanonicalName Off
+        DocumentRoot "/tmp"
+        ScriptAlias /cgi-bin/ "/var/www/vhosts/default/cgi-bin"
+
+
+        SSLEngine on
+        SSLVerifyClient none
+        #SSLCertificateFile "/usr/local/psa/var/certificates/certxfb6025"
+
+
+        <Directory "/var/www/vhosts/default/cgi-bin">
+            AllowOverride None
+            Options None
+            Order allow,deny
+            Allow from all
+        </Directory>
+
+        <Directory /var/www/vhosts/default/htdocs>
+
+<IfModule sapi_apache2.c>
+php_admin_flag engine on
+</IfModule>
+
+<IfModule mod_php5.c>
+php_admin_flag engine on
+</IfModule>
+
+	</Directory>
+
+    </VirtualHost>
+
+</IfModule>
+
+
+<VirtualHost \
+	192.168.100.218:80 \
+                10.128.178.192:80 \
+             \
+>
+        DocumentRoot "/tmp"
+        ServerName lists
+        ServerAlias lists.*
+        UseCanonicalName Off
+
+        ScriptAlias "/mailman/" "/usr/lib/mailman/cgi-bin/"
+
+        Alias "/icons/" "/var/www/icons/"
+        Alias "/pipermail/" "/var/lib/mailman/archives/public/"
+
+        <IfModule mod_ssl.c>
+            SSLEngine off
+        </IfModule>
+
+
+        <Directory /var/lib/mailman/archives/>
+            Options FollowSymLinks
+            Order allow,deny
+            Allow from all
+        </Directory>
+
+    </VirtualHost>
+
+<IfModule mod_ssl.c>
+<VirtualHost \
+        192.168.100.218:443 \
+                10.128.178.192:443 \
+             \
+>
+        DocumentRoot "/tmp"
+        ServerName lists
+        ServerAlias lists.*
+        UseCanonicalName Off
+
+        ScriptAlias "/mailman/" "/usr/lib/mailman/cgi-bin/"
+
+        Alias "/icons/" "/var/www/icons/"
+        Alias "/pipermail/" "/var/lib/mailman/archives/public/"
+
+        SSLEngine on
+        SSLVerifyClient none
+        #SSLCertificateFile "/usr/local/psa/var/certificates/certxfb6025"
+
+
+        <Directory /var/lib/mailman/archives/>
+            Options FollowSymLinks
+            Order allow,deny
+            Allow from all
+        </Directory>
+
+    </VirtualHost>
+</IfModule>
+
+<IfModule mod_rpaf.c>
+    RPAFproxy_ips  192.168.100.218 10.128.178.192
+</IfModule>
+<IfModule mod_rpaf-2.0.c>
+    RPAFproxy_ips  192.168.100.218 10.128.178.192
+</IfModule>

certbot-apache/certbot_apache/tests/augeas_configurator_test.py

@@ -1,13 +1,13 @@
-"""Test for letsencrypt_apache.augeas_configurator."""
+"""Test for certbot_apache.augeas_configurator."""
 import os
 import shutil
 import unittest
 
 import mock
 
-from letsencrypt import errors
+from certbot import errors
 
-from letsencrypt_apache.tests import util
+from certbot_apache.tests import util
 
 
 class AugeasConfiguratorTest(util.ApacheTest):

certbot-apache/certbot_apache/tests/complex_parsing_test.py

@@ -1,11 +1,11 @@
-"""Tests for letsencrypt_apache.parser."""
+"""Tests for certbot_apache.parser."""
 import os
 import shutil
 import unittest
 
-from letsencrypt import errors
+from certbot import errors
 
-from letsencrypt_apache.tests import util
+from certbot_apache.tests import util
 
 
 class ComplexParserTest(util.ParserTest):
@@ -88,7 +88,7 @@ class ComplexParserTest(util.ParserTest):
 
     def verify_fnmatch(self, arg, hit=True):
         """Test if Include was correctly parsed."""
-        from letsencrypt_apache import parser
+        from certbot_apache import parser
         self.parser.add_dir(parser.get_aug_path(self.parser.loc["default"]),
                             "Include", [arg])
         if hit:

certbot-apache/certbot_apache/tests/configurator_test.py

@@ -1,5 +1,5 @@
 # pylint: disable=too-many-public-methods
-"""Test for letsencrypt_apache.configurator."""
+"""Test for certbot_apache.configurator."""
 import os
 import shutil
 import socket
@@ -9,15 +9,15 @@ import mock
 
 from acme import challenges
 
-from letsencrypt import achallenges
-from letsencrypt import errors
+from certbot import achallenges
+from certbot import errors
 
-from letsencrypt.tests import acme_util
+from certbot.tests import acme_util
 
-from letsencrypt_apache import configurator
-from letsencrypt_apache import obj
+from certbot_apache import configurator
+from certbot_apache import obj
 
-from letsencrypt_apache.tests import util
+from certbot_apache.tests import util
 
 
 class MultipleVhostsTest(util.ApacheTest):
@@ -38,7 +38,7 @@ class MultipleVhostsTest(util.ApacheTest):
 
         def mocked_deploy_cert(*args, **kwargs):
             """a helper to mock a deployed cert"""
-            with mock.patch("letsencrypt_apache.configurator.ApacheConfigurator.enable_mod"):
+            with mock.patch("certbot_apache.configurator.ApacheConfigurator.enable_mod"):
                 config.real_deploy_cert(*args, **kwargs)
         self.config.deploy_cert = mocked_deploy_cert
         return self.config
@@ -48,14 +48,14 @@ class MultipleVhostsTest(util.ApacheTest):
         shutil.rmtree(self.config_dir)
         shutil.rmtree(self.work_dir)
 
-    @mock.patch("letsencrypt_apache.configurator.le_util.exe_exists")
+    @mock.patch("certbot_apache.configurator.le_util.exe_exists")
     def test_prepare_no_install(self, mock_exe_exists):
         mock_exe_exists.return_value = False
         self.assertRaises(
             errors.NoInstallationError, self.config.prepare)
 
-    @mock.patch("letsencrypt_apache.parser.ApacheParser")
-    @mock.patch("letsencrypt_apache.configurator.le_util.exe_exists")
+    @mock.patch("certbot_apache.parser.ApacheParser")
+    @mock.patch("certbot_apache.configurator.le_util.exe_exists")
     def test_prepare_version(self, mock_exe_exists, _):
         mock_exe_exists.return_value = True
         self.config.version = None
@@ -65,8 +65,8 @@ class MultipleVhostsTest(util.ApacheTest):
         self.assertRaises(
             errors.NotSupportedError, self.config.prepare)
 
-    @mock.patch("letsencrypt_apache.parser.ApacheParser")
-    @mock.patch("letsencrypt_apache.configurator.le_util.exe_exists")
+    @mock.patch("certbot_apache.parser.ApacheParser")
+    @mock.patch("certbot_apache.configurator.le_util.exe_exists")
     def test_prepare_old_aug(self, mock_exe_exists, _):
         mock_exe_exists.return_value = True
         self.config.config_test = mock.Mock()
@@ -76,7 +76,7 @@ class MultipleVhostsTest(util.ApacheTest):
             errors.NotSupportedError, self.config.prepare)
 
     def test_add_parser_arguments(self):  # pylint: disable=no-self-use
-        from letsencrypt_apache.configurator import ApacheConfigurator
+        from certbot_apache.configurator import ApacheConfigurator
         # Weak test..
         ApacheConfigurator.add_parser_arguments(mock.MagicMock())
 
@@ -85,10 +85,10 @@ class MultipleVhostsTest(util.ApacheTest):
         mock_getutility.notification = mock.MagicMock(return_value=True)
         names = self.config.get_all_names()
         self.assertEqual(names, set(
-            ["letsencrypt.demo", "encryption-example.demo", "ip-172-30-0-17", "*.blue.purple.com"]))
+            ["certbot.demo", "encryption-example.demo", "ip-172-30-0-17", "*.blue.purple.com"]))
 
     @mock.patch("zope.component.getUtility")
-    @mock.patch("letsencrypt_apache.configurator.socket.gethostbyaddr")
+    @mock.patch("certbot_apache.configurator.socket.gethostbyaddr")
     def test_get_all_names_addrs(self, mock_gethost, mock_getutility):
         mock_gethost.side_effect = [("google.com", "", ""), socket.error]
         notification = mock.Mock()
@@ -106,7 +106,7 @@ class MultipleVhostsTest(util.ApacheTest):
         self.assertEqual(len(names), 6)
         self.assertTrue("zombo.com" in names)
         self.assertTrue("google.com" in names)
-        self.assertTrue("letsencrypt.demo" in names)
+        self.assertTrue("certbot.demo" in names)
 
     def test_add_servernames_alias(self):
         self.config.parser.add_dir(
@@ -139,25 +139,25 @@ class MultipleVhostsTest(util.ApacheTest):
 
         # Handle case of non-debian layout get_virtual_hosts
         with mock.patch(
-                "letsencrypt_apache.configurator.ApacheConfigurator.conf"
+                "certbot_apache.configurator.ApacheConfigurator.conf"
         ) as mock_conf:
             mock_conf.return_value = False
             vhs = self.config.get_virtual_hosts()
             self.assertEqual(len(vhs), 7)
 
-    @mock.patch("letsencrypt_apache.display_ops.select_vhost")
+    @mock.patch("certbot_apache.display_ops.select_vhost")
     def test_choose_vhost_none_avail(self, mock_select):
         mock_select.return_value = None
         self.assertRaises(
             errors.PluginError, self.config.choose_vhost, "none.com")
 
-    @mock.patch("letsencrypt_apache.display_ops.select_vhost")
+    @mock.patch("certbot_apache.display_ops.select_vhost")
     def test_choose_vhost_select_vhost_ssl(self, mock_select):
         mock_select.return_value = self.vh_truth[1]
         self.assertEqual(
             self.vh_truth[1], self.config.choose_vhost("none.com"))
 
-    @mock.patch("letsencrypt_apache.display_ops.select_vhost")
+    @mock.patch("certbot_apache.display_ops.select_vhost")
     def test_choose_vhost_select_vhost_non_ssl(self, mock_select):
         mock_select.return_value = self.vh_truth[0]
         chosen_vhost = self.config.choose_vhost("none.com")
@@ -169,13 +169,13 @@ class MultipleVhostsTest(util.ApacheTest):
         self.assertFalse(self.vh_truth[0].ssl)
         self.assertTrue(chosen_vhost.ssl)
 
-    @mock.patch("letsencrypt_apache.display_ops.select_vhost")
+    @mock.patch("certbot_apache.display_ops.select_vhost")
     def test_choose_vhost_select_vhost_with_temp(self, mock_select):
         mock_select.return_value = self.vh_truth[0]
         chosen_vhost = self.config.choose_vhost("none.com", temp=True)
         self.assertEqual(self.vh_truth[0], chosen_vhost)
 
-    @mock.patch("letsencrypt_apache.display_ops.select_vhost")
+    @mock.patch("certbot_apache.display_ops.select_vhost")
     def test_choose_vhost_select_vhost_conflicting_non_ssl(self, mock_select):
         mock_select.return_value = self.vh_truth[3]
         conflicting_vhost = obj.VirtualHost(
@@ -203,7 +203,7 @@ class MultipleVhostsTest(util.ApacheTest):
     def test_find_best_vhost(self):
         # pylint: disable=protected-access
         self.assertEqual(
-            self.vh_truth[3], self.config._find_best_vhost("letsencrypt.demo"))
+            self.vh_truth[3], self.config._find_best_vhost("certbot.demo"))
         self.assertEqual(
             self.vh_truth[0],
             self.config._find_best_vhost("encryption-example.demo"))
@@ -224,7 +224,7 @@ class MultipleVhostsTest(util.ApacheTest):
         # Assume only the two default vhosts.
         self.config.vhosts = [
             vh for vh in self.config.vhosts
-            if vh.name not in ["letsencrypt.demo", "encryption-example.demo"]
+            if vh.name not in ["certbot.demo", "encryption-example.demo"]
             and "*.blue.purple.com" not in vh.aliases
         ]
 
@@ -254,9 +254,9 @@ class MultipleVhostsTest(util.ApacheTest):
                               self.config.is_site_enabled,
                               "irrelevant")
 
-    @mock.patch("letsencrypt.le_util.run_script")
-    @mock.patch("letsencrypt.le_util.exe_exists")
-    @mock.patch("letsencrypt_apache.parser.subprocess.Popen")
+    @mock.patch("certbot.le_util.run_script")
+    @mock.patch("certbot.le_util.exe_exists")
+    @mock.patch("certbot_apache.parser.subprocess.Popen")
     def test_enable_mod(self, mock_popen, mock_exe_exists, mock_run_script):
         mock_popen().communicate.return_value = ("Define: DUMP_RUN_CFG", "")
         mock_popen().returncode = 0
@@ -273,7 +273,7 @@ class MultipleVhostsTest(util.ApacheTest):
         self.assertRaises(
             errors.NotSupportedError, self.config.enable_mod, "ssl")
 
-    @mock.patch("letsencrypt.le_util.exe_exists")
+    @mock.patch("certbot.le_util.exe_exists")
     def test_enable_mod_no_disable(self, mock_exe_exists):
         mock_exe_exists.return_value = False
         self.assertRaises(
@@ -636,8 +636,8 @@ class MultipleVhostsTest(util.ApacheTest):
         self.config._add_name_vhost_if_necessary(self.vh_truth[0])
         self.assertEqual(self.config.save.call_count, 2)
 
-    @mock.patch("letsencrypt_apache.configurator.tls_sni_01.ApacheTlsSni01.perform")
-    @mock.patch("letsencrypt_apache.configurator.ApacheConfigurator.restart")
+    @mock.patch("certbot_apache.configurator.tls_sni_01.ApacheTlsSni01.perform")
+    @mock.patch("certbot_apache.configurator.ApacheConfigurator.restart")
     def test_perform(self, mock_restart, mock_perform):
         # Only tests functionality specific to configurator.perform
         # Note: As more challenges are offered this will have to be expanded
@@ -656,7 +656,7 @@ class MultipleVhostsTest(util.ApacheTest):
 
         self.assertEqual(mock_restart.call_count, 1)
 
-    @mock.patch("letsencrypt_apache.configurator.ApacheConfigurator.restart")
+    @mock.patch("certbot_apache.configurator.ApacheConfigurator.restart")
     def test_cleanup(self, mock_restart):
         _, achall1, achall2 = self.get_achalls()
 
@@ -669,7 +669,7 @@ class MultipleVhostsTest(util.ApacheTest):
         self.config.cleanup([achall2])
         self.assertTrue(mock_restart.called)
 
-    @mock.patch("letsencrypt_apache.configurator.ApacheConfigurator.restart")
+    @mock.patch("certbot_apache.configurator.ApacheConfigurator.restart")
     def test_cleanup_no_errors(self, mock_restart):
         _, achall1, achall2 = self.get_achalls()
 
@@ -681,7 +681,7 @@ class MultipleVhostsTest(util.ApacheTest):
         self.config.cleanup([achall1, achall2])
         self.assertTrue(mock_restart.called)
 
-    @mock.patch("letsencrypt.le_util.run_script")
+    @mock.patch("certbot.le_util.run_script")
     def test_get_version(self, mock_script):
         mock_script.return_value = (
             "Server Version: Apache/2.4.2 (Debian)", "")
@@ -703,21 +703,21 @@ class MultipleVhostsTest(util.ApacheTest):
         mock_script.side_effect = errors.SubprocessError("Can't find program")
         self.assertRaises(errors.PluginError, self.config.get_version)
 
-    @mock.patch("letsencrypt_apache.configurator.le_util.run_script")
+    @mock.patch("certbot_apache.configurator.le_util.run_script")
     def test_restart(self, _):
         self.config.restart()
 
-    @mock.patch("letsencrypt_apache.configurator.le_util.run_script")
+    @mock.patch("certbot_apache.configurator.le_util.run_script")
     def test_restart_bad_process(self, mock_run_script):
         mock_run_script.side_effect = [None, errors.SubprocessError]
 
         self.assertRaises(errors.MisconfigurationError, self.config.restart)
 
-    @mock.patch("letsencrypt.le_util.run_script")
+    @mock.patch("certbot.le_util.run_script")
     def test_config_test(self, _):
         self.config.config_test()
 
-    @mock.patch("letsencrypt.le_util.run_script")
+    @mock.patch("certbot.le_util.run_script")
     def test_config_test_bad_process(self, mock_run_script):
         mock_run_script.side_effect = errors.SubprocessError
 
@@ -747,7 +747,7 @@ class MultipleVhostsTest(util.ApacheTest):
         self.assertTrue(isinstance(self.config.get_chall_pref(""), list))
 
     def test_install_ssl_options_conf(self):
-        from letsencrypt_apache.configurator import install_ssl_options_conf
+        from certbot_apache.configurator import install_ssl_options_conf
         path = os.path.join(self.work_dir, "test_it")
         install_ssl_options_conf(path)
         self.assertTrue(os.path.isfile(path))
@@ -756,7 +756,7 @@ class MultipleVhostsTest(util.ApacheTest):
     def test_supported_enhancements(self):
         self.assertTrue(isinstance(self.config.supported_enhancements(), list))
 
-    @mock.patch("letsencrypt.le_util.exe_exists")
+    @mock.patch("certbot.le_util.exe_exists")
     def test_enhance_unknown_vhost(self, mock_exe):
         self.config.parser.modules.add("rewrite_module")
         mock_exe.return_value = True
@@ -772,23 +772,23 @@ class MultipleVhostsTest(util.ApacheTest):
     def test_enhance_unknown_enhancement(self):
         self.assertRaises(
             errors.PluginError,
-            self.config.enhance, "letsencrypt.demo", "unknown_enhancement")
+            self.config.enhance, "certbot.demo", "unknown_enhancement")
 
-    @mock.patch("letsencrypt.le_util.run_script")
-    @mock.patch("letsencrypt.le_util.exe_exists")
+    @mock.patch("certbot.le_util.run_script")
+    @mock.patch("certbot.le_util.exe_exists")
     def test_http_header_hsts(self, mock_exe, _):
         self.config.parser.update_runtime_variables = mock.Mock()
         self.config.parser.modules.add("mod_ssl.c")
         mock_exe.return_value = True
 
-        # This will create an ssl vhost for letsencrypt.demo
-        self.config.enhance("letsencrypt.demo", "ensure-http-header",
+        # This will create an ssl vhost for certbot.demo
+        self.config.enhance("certbot.demo", "ensure-http-header",
                             "Strict-Transport-Security")
 
         self.assertTrue("headers_module" in self.config.parser.modules)
 
-        # Get the ssl vhost for letsencrypt.demo
-        ssl_vhost = self.config.assoc["letsencrypt.demo"]
+        # Get the ssl vhost for certbot.demo
+        ssl_vhost = self.config.assoc["certbot.demo"]
 
         # These are not immediately available in find_dir even with save() and
         # load(). They must be found in sites-available
@@ -803,7 +803,7 @@ class MultipleVhostsTest(util.ApacheTest):
         # skip the enable mod
         self.config.parser.modules.add("headers_module")
 
-        # This will create an ssl vhost for letsencrypt.demo
+        # This will create an ssl vhost for certbot.demo
         self.config.enhance("encryption-example.demo", "ensure-http-header",
                             "Strict-Transport-Security")
 
@@ -812,21 +812,21 @@ class MultipleVhostsTest(util.ApacheTest):
             self.config.enhance, "encryption-example.demo",
             "ensure-http-header", "Strict-Transport-Security")
 
-    @mock.patch("letsencrypt.le_util.run_script")
-    @mock.patch("letsencrypt.le_util.exe_exists")
+    @mock.patch("certbot.le_util.run_script")
+    @mock.patch("certbot.le_util.exe_exists")
     def test_http_header_uir(self, mock_exe, _):
         self.config.parser.update_runtime_variables = mock.Mock()
         self.config.parser.modules.add("mod_ssl.c")
         mock_exe.return_value = True
 
-        # This will create an ssl vhost for letsencrypt.demo
-        self.config.enhance("letsencrypt.demo", "ensure-http-header",
+        # This will create an ssl vhost for certbot.demo
+        self.config.enhance("certbot.demo", "ensure-http-header",
                             "Upgrade-Insecure-Requests")
 
         self.assertTrue("headers_module" in self.config.parser.modules)
 
-        # Get the ssl vhost for letsencrypt.demo
-        ssl_vhost = self.config.assoc["letsencrypt.demo"]
+        # Get the ssl vhost for certbot.demo
+        ssl_vhost = self.config.assoc["certbot.demo"]
 
         # These are not immediately available in find_dir even with save() and
         # load(). They must be found in sites-available
@@ -841,7 +841,7 @@ class MultipleVhostsTest(util.ApacheTest):
         # skip the enable mod
         self.config.parser.modules.add("headers_module")
 
-        # This will create an ssl vhost for letsencrypt.demo
+        # This will create an ssl vhost for certbot.demo
         self.config.enhance("encryption-example.demo", "ensure-http-header",
                             "Upgrade-Insecure-Requests")
 
@@ -850,15 +850,15 @@ class MultipleVhostsTest(util.ApacheTest):
             self.config.enhance, "encryption-example.demo",
             "ensure-http-header", "Upgrade-Insecure-Requests")
 
-    @mock.patch("letsencrypt.le_util.run_script")
-    @mock.patch("letsencrypt.le_util.exe_exists")
+    @mock.patch("certbot.le_util.run_script")
+    @mock.patch("certbot.le_util.exe_exists")
     def test_redirect_well_formed_http(self, mock_exe, _):
         self.config.parser.update_runtime_variables = mock.Mock()
         mock_exe.return_value = True
         self.config.get_version = mock.Mock(return_value=(2, 2))
 
-        # This will create an ssl vhost for letsencrypt.demo
-        self.config.enhance("letsencrypt.demo", "redirect")
+        # This will create an ssl vhost for certbot.demo
+        self.config.enhance("certbot.demo", "redirect")
 
         # These are not immediately available in find_dir even with save() and
         # load(). They must be found in sites-available
@@ -894,8 +894,8 @@ class MultipleVhostsTest(util.ApacheTest):
         # pylint: disable=protected-access
         self.assertTrue(self.config._is_rewrite_engine_on(self.vh_truth[3]))
 
-    @mock.patch("letsencrypt.le_util.run_script")
-    @mock.patch("letsencrypt.le_util.exe_exists")
+    @mock.patch("certbot.le_util.run_script")
+    @mock.patch("certbot.le_util.exe_exists")
     def test_redirect_with_existing_rewrite(self, mock_exe, _):
         self.config.parser.update_runtime_variables = mock.Mock()
         mock_exe.return_value = True
@@ -907,8 +907,8 @@ class MultipleVhostsTest(util.ApacheTest):
                                                    "UnknownTarget"])
         self.config.save()
 
-        # This will create an ssl vhost for letsencrypt.demo
-        self.config.enhance("letsencrypt.demo", "redirect")
+        # This will create an ssl vhost for certbot.demo
+        self.config.enhance("certbot.demo", "redirect")
 
         # These are not immediately available in find_dir even with save() and
         # load(). They must be found in sites-available
@@ -981,7 +981,7 @@ class MultipleVhostsTest(util.ApacheTest):
         normal_target = "RewriteRule ^/(.*) http://www.a.com:1234/$1 [L,R]"
         self.assertFalse(self.config._sift_line(normal_target))
 
-    @mock.patch("letsencrypt_apache.configurator.zope.component.getUtility")
+    @mock.patch("certbot_apache.configurator.zope.component.getUtility")
     def test_make_vhost_ssl_with_existing_rewrite_rule(self, mock_get_utility):
         self.config.parser.modules.add("rewrite_module")
 
@@ -1024,7 +1024,7 @@ class MultipleVhostsTest(util.ApacheTest):
                 challenges.TLSSNI01(
                     token="uqnaPzxtrndteOqtrXb0Asl5gOJfWAnnx6QJyvcmlDU"),
                 "pending"),
-            domain="letsencrypt.demo", account_key=account_key)
+            domain="certbot.demo", account_key=account_key)
 
         return account_key, achall1, achall2
 

certbot-apache/certbot_apache/tests/constants_test.py

@@ -1,26 +1,26 @@
-"""Test for letsencrypt_apache.configurator."""
+"""Test for certbot_apache.configurator."""
 
 import mock
 import unittest
 
-from letsencrypt_apache import constants
+from certbot_apache import constants
 
 
 class ConstantsTest(unittest.TestCase):
 
-    @mock.patch("letsencrypt.le_util.get_os_info")
+    @mock.patch("certbot.le_util.get_os_info")
     def test_get_debian_value(self, os_info):
         os_info.return_value = ('Debian', '', '')
         self.assertEqual(constants.os_constant("vhost_root"),
                          "/etc/apache2/sites-available")
 
-    @mock.patch("letsencrypt.le_util.get_os_info")
+    @mock.patch("certbot.le_util.get_os_info")
     def test_get_centos_value(self, os_info):
         os_info.return_value = ('CentOS Linux', '', '')
         self.assertEqual(constants.os_constant("vhost_root"),
                          "/etc/httpd/conf.d")
 
-    @mock.patch("letsencrypt.le_util.get_os_info")
+    @mock.patch("certbot.le_util.get_os_info")
     def test_get_default_value(self, os_info):
         os_info.return_value = ('Nonexistent Linux', '', '')
         self.assertEqual(constants.os_constant("vhost_root"),

certbot-apache/certbot_apache/tests/display_ops_test.py

@@ -1,20 +1,20 @@
-"""Test letsencrypt_apache.display_ops."""
+"""Test certbot_apache.display_ops."""
 import sys
 import unittest
 
 import mock
 import zope.component
 
-from letsencrypt.display import util as display_util
-from letsencrypt import errors
+from certbot.display import util as display_util
+from certbot import errors
 
-from letsencrypt_apache import obj
+from certbot_apache import obj
 
-from letsencrypt_apache.tests import util
+from certbot_apache.tests import util
 
 
 class SelectVhostTest(unittest.TestCase):
-    """Tests for letsencrypt_apache.display_ops.select_vhost."""
+    """Tests for certbot_apache.display_ops.select_vhost."""
 
     def setUp(self):
         zope.component.provideUtility(display_util.FileDisplay(sys.stdout))
@@ -24,15 +24,15 @@ class SelectVhostTest(unittest.TestCase):
 
     @classmethod
     def _call(cls, vhosts):
-        from letsencrypt_apache.display_ops import select_vhost
+        from certbot_apache.display_ops import select_vhost
         return select_vhost("example.com", vhosts)
 
-    @mock.patch("letsencrypt_apache.display_ops.zope.component.getUtility")
+    @mock.patch("certbot_apache.display_ops.zope.component.getUtility")
     def test_successful_choice(self, mock_util):
         mock_util().menu.return_value = (display_util.OK, 3)
         self.assertEqual(self.vhosts[3], self._call(self.vhosts))
 
-    @mock.patch("letsencrypt_apache.display_ops.zope.component.getUtility")
+    @mock.patch("certbot_apache.display_ops.zope.component.getUtility")
     def test_noninteractive(self, mock_util):
         mock_util().menu.side_effect = errors.MissingCommandlineFlag("no vhost default")
         try:
@@ -40,7 +40,7 @@ class SelectVhostTest(unittest.TestCase):
         except errors.MissingCommandlineFlag as e:
             self.assertTrue("VirtualHost directives" in e.message)
 
-    @mock.patch("letsencrypt_apache.display_ops.zope.component.getUtility")
+    @mock.patch("certbot_apache.display_ops.zope.component.getUtility")
     def test_more_info_cancel(self, mock_util):
         mock_util().menu.side_effect = [
             (display_util.HELP, 1),
@@ -54,9 +54,9 @@ class SelectVhostTest(unittest.TestCase):
     def test_no_vhosts(self):
         self.assertEqual(self._call([]), None)
 
-    @mock.patch("letsencrypt_apache.display_ops.display_util")
-    @mock.patch("letsencrypt_apache.display_ops.zope.component.getUtility")
-    @mock.patch("letsencrypt_apache.display_ops.logger")
+    @mock.patch("certbot_apache.display_ops.display_util")
+    @mock.patch("certbot_apache.display_ops.zope.component.getUtility")
+    @mock.patch("certbot_apache.display_ops.logger")
     def test_small_display(self, mock_logger, mock_util, mock_display_util):
         mock_display_util.WIDTH = 20
         mock_util().menu.return_value = (display_util.OK, 0)
@@ -64,7 +64,7 @@ class SelectVhostTest(unittest.TestCase):
 
         self.assertEqual(mock_logger.debug.call_count, 1)
 
-    @mock.patch("letsencrypt_apache.display_ops.zope.component.getUtility")
+    @mock.patch("certbot_apache.display_ops.zope.component.getUtility")
     def test_multiple_names(self, mock_util):
         mock_util().menu.return_value = (display_util.OK, 5)
 

certbot-apache/certbot_apache/tests/obj_test.py

@@ -1,4 +1,4 @@
-"""Tests for letsencrypt_apache.obj."""
+"""Tests for certbot_apache.obj."""
 import unittest
 
 
@@ -6,8 +6,8 @@ class VirtualHostTest(unittest.TestCase):
     """Test the VirtualHost class."""
 
     def setUp(self):
-        from letsencrypt_apache.obj import Addr
-        from letsencrypt_apache.obj import VirtualHost
+        from certbot_apache.obj import Addr
+        from certbot_apache.obj import VirtualHost
 
         self.addr1 = Addr.fromstring("127.0.0.1")
         self.addr2 = Addr.fromstring("127.0.0.1:443")
@@ -33,8 +33,8 @@ class VirtualHostTest(unittest.TestCase):
         self.assertFalse(self.vhost1 != self.vhost1b)
 
     def test_conflicts(self):
-        from letsencrypt_apache.obj import Addr
-        from letsencrypt_apache.obj import VirtualHost
+        from certbot_apache.obj import Addr
+        from certbot_apache.obj import VirtualHost
 
         complex_vh = VirtualHost(
             "fp", "vhp",
@@ -51,7 +51,7 @@ class VirtualHostTest(unittest.TestCase):
                                                 self.addr_default]))
 
     def test_same_server(self):
-        from letsencrypt_apache.obj import VirtualHost
+        from certbot_apache.obj import VirtualHost
         no_name1 = VirtualHost(
             "fp", "vhp", set([self.addr1]), False, False, None)
         no_name2 = VirtualHost(
@@ -74,7 +74,7 @@ class VirtualHostTest(unittest.TestCase):
 class AddrTest(unittest.TestCase):
     """Test obj.Addr."""
     def setUp(self):
-        from letsencrypt_apache.obj import Addr
+        from certbot_apache.obj import Addr
         self.addr = Addr.fromstring("*:443")
 
         self.addr1 = Addr.fromstring("127.0.0.1")
@@ -89,7 +89,7 @@ class AddrTest(unittest.TestCase):
         self.assertTrue(self.addr2.is_wildcard())
 
     def test_get_sni_addr(self):
-        from letsencrypt_apache.obj import Addr
+        from certbot_apache.obj import Addr
         self.assertEqual(
             self.addr.get_sni_addr("443"), Addr.fromstring("*:443"))
         self.assertEqual(

certbot-apache/certbot_apache/tests/parser_test.py

@@ -1,4 +1,4 @@
-"""Tests for letsencrypt_apache.parser."""
+"""Tests for certbot_apache.parser."""
 import os
 import shutil
 import unittest
@@ -6,9 +6,9 @@ import unittest
 import augeas
 import mock
 
-from letsencrypt import errors
+from certbot import errors
 
-from letsencrypt_apache.tests import util
+from certbot_apache.tests import util
 
 
 class BasicParserTest(util.ParserTest):
@@ -31,12 +31,12 @@ class BasicParserTest(util.ParserTest):
     def test_parse_file(self):
         """Test parse_file.
 
-        letsencrypt.conf is chosen as the test file as it will not be
+        certbot.conf is chosen as the test file as it will not be
         included during the normal course of execution.
 
         """
         file_path = os.path.join(
-            self.config_path, "not-parsed-by-default", "letsencrypt.conf")
+            self.config_path, "not-parsed-by-default", "certbot.conf")
 
         self.parser._parse_file(file_path)  # pylint: disable=protected-access
 
@@ -72,7 +72,7 @@ class BasicParserTest(util.ParserTest):
         Path must be valid before attempting to add to augeas
 
         """
-        from letsencrypt_apache.parser import get_aug_path
+        from certbot_apache.parser import get_aug_path
         # This makes sure that find_dir will work
         self.parser.modules.add("mod_ssl.c")
 
@@ -86,7 +86,7 @@ class BasicParserTest(util.ParserTest):
         self.assertTrue("IfModule" in matches[0])
 
     def test_add_dir_to_ifmodssl_multiple(self):
-        from letsencrypt_apache.parser import get_aug_path
+        from certbot_apache.parser import get_aug_path
         # This makes sure that find_dir will work
         self.parser.modules.add("mod_ssl.c")
 
@@ -100,11 +100,11 @@ class BasicParserTest(util.ParserTest):
         self.assertTrue("IfModule" in matches[0])
 
     def test_get_aug_path(self):
-        from letsencrypt_apache.parser import get_aug_path
+        from certbot_apache.parser import get_aug_path
         self.assertEqual("/files/etc/apache", get_aug_path("/etc/apache"))
 
     def test_set_locations(self):
-        with mock.patch("letsencrypt_apache.parser.os.path") as mock_path:
+        with mock.patch("certbot_apache.parser.os.path") as mock_path:
 
             mock_path.isfile.side_effect = [False, False]
 
@@ -114,7 +114,7 @@ class BasicParserTest(util.ParserTest):
             self.assertEqual(results["default"], results["listen"])
             self.assertEqual(results["default"], results["name"])
 
-    @mock.patch("letsencrypt_apache.parser.ApacheParser._get_runtime_cfg")
+    @mock.patch("certbot_apache.parser.ApacheParser._get_runtime_cfg")
     def test_update_runtime_variables(self, mock_cfg):
         mock_cfg.return_value = (
             'ServerRoot: "/etc/apache2"\n'
@@ -139,7 +139,7 @@ class BasicParserTest(util.ParserTest):
         self.parser.update_runtime_variables()
         self.assertEqual(self.parser.variables, expected_vars)
 
-    @mock.patch("letsencrypt_apache.parser.ApacheParser._get_runtime_cfg")
+    @mock.patch("certbot_apache.parser.ApacheParser._get_runtime_cfg")
     def test_update_runtime_vars_bad_output(self, mock_cfg):
         mock_cfg.return_value = "Define: TLS=443=24"
         self.parser.update_runtime_variables()
@@ -148,8 +148,8 @@ class BasicParserTest(util.ParserTest):
         self.assertRaises(
             errors.PluginError, self.parser.update_runtime_variables)
 
-    @mock.patch("letsencrypt_apache.constants.os_constant")
-    @mock.patch("letsencrypt_apache.parser.subprocess.Popen")
+    @mock.patch("certbot_apache.constants.os_constant")
+    @mock.patch("certbot_apache.parser.subprocess.Popen")
     def test_update_runtime_vars_bad_ctl(self, mock_popen, mock_const):
         mock_popen.side_effect = OSError
         mock_const.return_value = "nonexistent"
@@ -157,7 +157,7 @@ class BasicParserTest(util.ParserTest):
             errors.MisconfigurationError,
             self.parser.update_runtime_variables)
 
-    @mock.patch("letsencrypt_apache.parser.subprocess.Popen")
+    @mock.patch("certbot_apache.parser.subprocess.Popen")
     def test_update_runtime_vars_bad_exit(self, mock_popen):
         mock_popen().communicate.return_value = ("", "")
         mock_popen.returncode = -1
@@ -177,9 +177,9 @@ class ParserInitTest(util.ApacheTest):
         shutil.rmtree(self.config_dir)
         shutil.rmtree(self.work_dir)
 
-    @mock.patch("letsencrypt_apache.parser.ApacheParser._get_runtime_cfg")
+    @mock.patch("certbot_apache.parser.ApacheParser._get_runtime_cfg")
     def test_unparsable(self, mock_cfg):
-        from letsencrypt_apache.parser import ApacheParser
+        from certbot_apache.parser import ApacheParser
         mock_cfg.return_value = ('Define: TEST')
         self.assertRaises(
             errors.PluginError,
@@ -187,9 +187,9 @@ class ParserInitTest(util.ApacheTest):
             "/dummy/vhostpath", version=(2, 2, 22))
 
     def test_root_normalized(self):
-        from letsencrypt_apache.parser import ApacheParser
+        from certbot_apache.parser import ApacheParser
 
-        with mock.patch("letsencrypt_apache.parser.ApacheParser."
+        with mock.patch("certbot_apache.parser.ApacheParser."
                         "update_runtime_variables"):
             path = os.path.join(
                 self.temp_dir,
@@ -201,8 +201,8 @@ class ParserInitTest(util.ApacheTest):
         self.assertEqual(parser.root, self.config_path)
 
     def test_root_absolute(self):
-        from letsencrypt_apache.parser import ApacheParser
-        with mock.patch("letsencrypt_apache.parser.ApacheParser."
+        from certbot_apache.parser import ApacheParser
+        with mock.patch("certbot_apache.parser.ApacheParser."
                         "update_runtime_variables"):
             parser = ApacheParser(
                 self.aug, os.path.relpath(self.config_path),
@@ -211,8 +211,8 @@ class ParserInitTest(util.ApacheTest):
         self.assertEqual(parser.root, self.config_path)
 
     def test_root_no_trailing_slash(self):
-        from letsencrypt_apache.parser import ApacheParser
-        with mock.patch("letsencrypt_apache.parser.ApacheParser."
+        from certbot_apache.parser import ApacheParser
+        with mock.patch("certbot_apache.parser.ApacheParser."
                         "update_runtime_variables"):
             parser = ApacheParser(
                 self.aug, self.config_path + os.path.sep,

certbot-apache/certbot_apache/tests/testdata/debian_apache_2_4/default_vhost/apache2/sites-available/000-default.conf

@@ -1,5 +1,5 @@
 <VirtualHost *:80>
-        # How well does Let's Encrypt work without a ServerName/Alias?
+        # How well does Certbot work without a ServerName/Alias?
 	ServerAdmin webmaster@localhost
 	DocumentRoot /var/www/html
 

certbot-apache/certbot_apache/tests/testdata/debian_apache_2_4/default_vhost/apache2/sites-available/default-ssl.conf

@@ -16,8 +16,8 @@
 		#   /usr/share/doc/apache2/README.Debian.gz for more info.
 		#   If both key and certificate are stored in the same file, only the
 		#   SSLCertificateFile directive is needed.
-		SSLCertificateFile	/etc/apache2/certs/letsencrypt-cert_5.pem
-		SSLCertificateKeyFile /etc/apache2/ssl/key-letsencrypt_15.pem
+		SSLCertificateFile	/etc/apache2/certs/certbot-cert_5.pem
+		SSLCertificateKeyFile /etc/apache2/ssl/key-certbot_15.pem
 
 		<FilesMatch "\.(cgi|shtml|phtml|php)$">
 				SSLOptions +StdEnvVars