Merge remote-tracking branch 'origin/master' into ocsp_apache_continued

.azure-pipelines/templates/installer-tests.yml

@@ -1,5 +1,5 @@
 jobs:
-  - job: installer
+  - job: installer_build
     pool:
       vmImage: vs2017-win2016
     steps:
@@ -20,10 +20,32 @@ jobs:
           path: $(Build.ArtifactStagingDirectory)
           artifact: windows-installer
         displayName: Publish Windows installer
-      - script: $(Build.ArtifactStagingDirectory)\certbot-beta-installer-win32.exe /S
+  - job: installer_run
+    dependsOn: installer_build
+    strategy:
+      matrix:
+        win2019:
+          imageName: windows-2019
+        win2016:
+          imageName: vs2017-win2016
+        win2012r2:
+          imageName: vs2015-win2012r2
+    pool:
+      vmImage: $(imageName)
+    steps:
+      - task: DownloadPipelineArtifact@2
+        inputs:
+          artifact: windows-installer
+          path: $(Build.SourcesDirectory)/bin
+        displayName: Retrieve Windows installer
+      - script: $(Build.SourcesDirectory)\bin\certbot-beta-installer-win32.exe /S
         displayName: Install Certbot
+      - powershell: Invoke-WebRequest https://www.python.org/ftp/python/3.8.0/python-3.8.0-amd64-webinstall.exe -OutFile C:\py3-setup.exe
+        displayName: Get Python
+      - script: C:\py3-setup.exe /quiet PrependPath=1 InstallAllUsers=1 Include_launcher=1 InstallLauncherAllUsers=1 Include_test=0 Include_doc=0 Include_dev=0 Include_debug=0 Include_tcltk=0 TargetDir=C:\py3
+        displayName: Install Python
       - script: |
-          python -m venv venv
+          py -3 -m venv venv
           venv\Scripts\python tools\pip_install.py -e certbot-ci
         displayName: Prepare Certbot-CI
       - script: |

.isort.cfg

@@ -0,0 +1,7 @@
+[settings]
+skip_glob=venv*
+skip=letsencrypt-auto-source
+force_sort_within_sections=True
+force_single_line=True
+order_by_type=False
+line_length=400

.pylintrc

@@ -24,6 +24,11 @@ persistent=yes
 # usually to register additional checkers.
 load-plugins=linter_plugin
 
+# A comma-separated list of package or module names from where C extensions may
+# be loaded. Extensions are loading into the active Python interpreter and may
+# run arbitrary code.
+extension-pkg-whitelist=pywintypes,win32api,win32file,win32security
+
 
 [MESSAGES CONTROL]
 
@@ -41,10 +46,14 @@ load-plugins=linter_plugin
 # --enable=similarities". If you want to run only the classes checker, but have
 # no Warning level messages displayed, use"--disable=all --enable=classes
 # --disable=W"
-disable=fixme,locally-disabled,locally-enabled,abstract-class-not-used,abstract-class-little-used,bad-continuation,no-self-use,invalid-name,cyclic-import,duplicate-code,design
-# abstract-class-not-used cannot be disabled locally (at least in
-# pylint 1.4.1), same for abstract-class-little-used
-
+# CERTBOT COMMENT
+# 1) Once certbot codebase is claimed to be compatible exclusively with Python 3,
+#    the useless-object-inheritance check can be enabled again, and code fixed accordingly.
+# 2) Check unsubscriptable-object tends to create a lot of false positives. Let's disable it.
+#    See https://github.com/PyCQA/pylint/issues/1498.
+# 3) Same as point 2 for no-value-for-parameter.
+#    See https://github.com/PyCQA/pylint/issues/2820.
+disable=fixme,locally-disabled,locally-enabled,bad-continuation,no-self-use,invalid-name,cyclic-import,duplicate-code,design,import-outside-toplevel,useless-object-inheritance,unsubscriptable-object,no-value-for-parameter,no-else-return,no-else-raise,no-else-break,no-else-continue
 
 [REPORTS]
 

.travis.yml

@@ -46,12 +46,9 @@ matrix:
     - python: "2.7"
       env: TOXENV=py27-cover FYI="py27 tests + code coverage"
 
-    - python: "2.7"
+    - python: "3.7"
       env: TOXENV=lint
       <<: *not-on-master
-    - python: "3.4"
-      env: TOXENV=mypy
-      <<: *not-on-master
     - python: "3.5"
       env: TOXENV=mypy
       <<: *not-on-master
@@ -178,7 +175,7 @@ matrix:
     - python: "3.7"
       env: TOXENV=py37
       <<: *extended-test-suite
-    - python: "3.8-dev"
+    - python: "3.8"
       env: TOXENV=py38
       <<: *extended-test-suite
     - python: "3.4"
@@ -221,10 +218,10 @@ matrix:
       sudo: required
       services: docker
       <<: *extended-test-suite
-    - python: "3.8-dev"
+    - python: "3.8"
       env: ACME_SERVER=boulder-v1 TOXENV=integration
       <<: *extended-test-suite
-    - python: "3.8-dev"
+    - python: "3.8"
       env: ACME_SERVER=boulder-v2 TOXENV=integration
       <<: *extended-test-suite
     - sudo: required

Dockerfile-dev

@@ -6,16 +6,15 @@ EXPOSE 80 443
 
 WORKDIR /opt/certbot/src
 
-# TODO: Install Apache/Nginx for plugin development.
 COPY . .
 RUN apt-get update && \
-    apt-get install apache2 git nginx-light -y && \
-    letsencrypt-auto-source/letsencrypt-auto --os-packages-only && \
+    apt-get install apache2 git python3-dev python3-venv gcc libaugeas0 \
+                    libssl-dev libffi-dev ca-certificates openssl nginx-light -y && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* \
            /tmp/* \
            /var/tmp/*
 
-RUN VENV_NAME="../venv" python tools/venv.py
+RUN VENV_NAME="../venv3" python3 tools/venv3.py
 
-ENV PATH /opt/certbot/venv/bin:$PATH
+ENV PATH /opt/certbot/venv3/bin:$PATH

acme/acme/__init__.py

@@ -13,7 +13,6 @@ import warnings
 #
 # It is based on
 # https://github.com/requests/requests/blob/1278ecdf71a312dc2268f3bfc0aabfab3c006dcf/requests/packages.py
-
 import josepy as jose
 
 for mod in list(sys.modules):

acme/acme/challenges.py

@@ -54,8 +54,7 @@ class UnrecognizedChallenge(Challenge):
         object.__setattr__(self, "jobj", jobj)
 
     def to_partial_json(self):
-        # pylint: disable=no-member
-        return self.jobj
+        return self.jobj  # pylint: disable=no-member
 
     @classmethod
     def from_json(cls, jobj):
@@ -113,7 +112,7 @@ class KeyAuthorizationChallengeResponse(ChallengeResponse):
         :rtype: bool
 
         """
-        parts = self.key_authorization.split('.')  # pylint: disable=no-member
+        parts = self.key_authorization.split('.')
         if len(parts) != 2:
             logger.debug("Key authorization (%r) is not well formed",
                          self.key_authorization)

acme/acme/client.py

@@ -5,25 +5,26 @@ import datetime
 from email.utils import parsedate_tz
 import heapq
 import logging
-import time
 import re
 import sys
+import time
 
-import six
-from six.moves import http_client  # pylint: disable=import-error
 import josepy as jose
 import OpenSSL
 import requests
 from requests.adapters import HTTPAdapter
 from requests_toolbelt.adapters.source import SourceAddressAdapter
+import six
+from six.moves import http_client  # pylint: disable=import-error
 
 from acme import crypto_util
 from acme import errors
 from acme import jws
 from acme import messages
-# pylint: disable=unused-import, no-name-in-module
-from acme.magic_typing import Dict, List, Set, Text
-
+from acme.magic_typing import Dict  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import List  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Set  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Text  # pylint: disable=unused-import, no-name-in-module
 
 logger = logging.getLogger(__name__)
 
@@ -33,7 +34,6 @@ logger = logging.getLogger(__name__)
 # https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning
 if sys.version_info < (2, 7, 9):  # pragma: no cover
     try:
-        # pylint: disable=no-member
         requests.packages.urllib3.contrib.pyopenssl.inject_into_urllib3()  # type: ignore
     except AttributeError:
         import urllib3.contrib.pyopenssl  # pylint: disable=import-error
@@ -279,7 +279,6 @@ class Client(ClientBase):
         assert response.status_code == http_client.CREATED
 
         # "Instance of 'Field' has no key/contact member" bug:
-        # pylint: disable=no-member
         return self._regr_from_response(response)
 
     def query_registration(self, regr):
@@ -464,7 +463,6 @@ class Client(ClientBase):
             updated[authzr] = updated_authzr
 
             attempts[authzr] += 1
-            # pylint: disable=no-member
             if updated_authzr.body.status not in (
                     messages.STATUS_VALID, messages.STATUS_INVALID):
                 if attempts[authzr] < max_attempts:
@@ -605,7 +603,6 @@ class ClientV2(ClientBase):
         if response.status_code == 200 and 'Location' in response.headers:
             raise errors.ConflictError(response.headers.get('Location'))
         # "Instance of 'Field' has no key/contact member" bug:
-        # pylint: disable=no-member
         regr = self._regr_from_response(response)
         self.net.account = regr
         return regr
@@ -729,7 +726,7 @@ class ClientV2(ClientBase):
         for authzr in responses:
             if authzr.body.status != messages.STATUS_VALID:
                 for chall in authzr.body.challenges:
-                    if chall.error != None:
+                    if chall.error is not None:
                         failed.append(authzr)
         if failed:
             raise errors.ValidationError(failed)
@@ -1124,10 +1121,9 @@ class ClientNetwork(object):
             err_regex = r".*host='(\S*)'.*Max retries exceeded with url\: (\/\w*).*(\[Errno \d+\])([A-Za-z ]*)"
             m = re.match(err_regex, str(e))
             if m is None:
-                raise # pragma: no cover
-            else:
-                host, path, _err_no, err_msg = m.groups()
-                raise ValueError("Requesting {0}{1}:{2}".format(host, path, err_msg))
+                raise  # pragma: no cover
+            host, path, _err_no, err_msg = m.groups()
+            raise ValueError("Requesting {0}{1}:{2}".format(host, path, err_msg))
 
         # If content is DER, log the base64 of it instead of raw bytes, to keep
         # binary data out of the logs.
@@ -1193,8 +1189,7 @@ class ClientNetwork(object):
             if error.code == 'badNonce':
                 logger.debug('Retrying request after error:\n%s', error)
                 return self._post_once(*args, **kwargs)
-            else:
-                raise
+            raise
 
     def _post_once(self, url, obj, content_type=JOSE_CONTENT_TYPE,
             acme_version=1, **kwargs):

acme/acme/crypto_util.py

@@ -6,15 +6,15 @@ import os
 import re
 import socket
 
-from OpenSSL import crypto
-from OpenSSL import SSL # type: ignore # https://github.com/python/typeshed/issues/2052
 import josepy as jose
+from OpenSSL import crypto
+from OpenSSL import SSL  # type: ignore # https://github.com/python/typeshed/issues/2052
 
 from acme import errors
-# pylint: disable=unused-import, no-name-in-module
-from acme.magic_typing import Callable, Union, Tuple, Optional
-# pylint: enable=unused-import, no-name-in-module
-
+from acme.magic_typing import Callable  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Optional  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Tuple  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Union  # pylint: disable=unused-import, no-name-in-module
 
 logger = logging.getLogger(__name__)
 

acme/acme/errors.py

@@ -29,7 +29,12 @@ class NonceError(ClientError):
 class BadNonce(NonceError):
     """Bad nonce error."""
     def __init__(self, nonce, error, *args, **kwargs):
-        super(BadNonce, self).__init__(*args, **kwargs)
+        # MyPy complains here that there is too many arguments for BaseException constructor.
+        # This is an error fixed in typeshed, see https://github.com/python/mypy/issues/4183
+        # The fix is included in MyPy>=0.740, but upgrading it would bring dozen of errors due to
+        #   new types definitions. So we ignore the error until the code base is fixed to match
+        #   with MyPy>=0.740 referential.
+        super(BadNonce, self).__init__(*args, **kwargs)  # type: ignore
         self.nonce = nonce
         self.error = error
 
@@ -48,7 +53,8 @@ class MissingNonce(NonceError):
 
     """
     def __init__(self, response, *args, **kwargs):
-        super(MissingNonce, self).__init__(*args, **kwargs)
+        # See comment in BadNonce constructor above for an explanation of type: ignore here.
+        super(MissingNonce, self).__init__(*args, **kwargs)  # type: ignore
         self.response = response
 
     def __str__(self):
@@ -83,6 +89,7 @@ class PollError(ClientError):
         return '{0}(exhausted={1!r}, updated={2!r})'.format(
             self.__class__.__name__, self.exhausted, self.updated)
 
+
 class ValidationError(Error):
     """Error for authorization failures. Contains a list of authorization
     resources, each of which is invalid and should have an error field.
@@ -91,9 +98,11 @@ class ValidationError(Error):
         self.failed_authzrs = failed_authzrs
         super(ValidationError, self).__init__()
 
-class TimeoutError(Error):
+
+class TimeoutError(Error):  # pylint: disable=redefined-builtin
     """Error for when polling an authorization or an order times out."""
 
+
 class IssuanceError(Error):
     """Error sent by the server after requesting issuance of a certificate."""
 
@@ -105,6 +114,7 @@ class IssuanceError(Error):
         self.error = error
         super(IssuanceError, self).__init__()
 
+
 class ConflictError(ClientError):
     """Error for when the server returns a 409 (Conflict) HTTP status.
 

acme/acme/fields.py

@@ -4,7 +4,6 @@ import logging
 import josepy as jose
 import pyrfc3339
 
-
 logger = logging.getLogger(__name__)
 
 

acme/acme/jws.py

@@ -40,7 +40,7 @@ class Signature(jose.Signature):
 class JWS(jose.JWS):
     """ACME-specific JWS. Includes none, url, and kid in protected header."""
     signature_cls = Signature
-    __slots__ = jose.JWS._orig_slots  # pylint: disable=no-member
+    __slots__ = jose.JWS._orig_slots
 
     @classmethod
     # pylint: disable=arguments-differ

acme/acme/magic_typing.py

@@ -1,6 +1,7 @@
 """Shim class to not have to depend on typing module in prod."""
 import sys
 
+
 class TypingClass(object):
     """Ignore import errors by getting anything"""
     def __getattr__(self, name):

acme/acme/messages.py

@@ -1,18 +1,21 @@
 """ACME protocol messages."""
 import json
+
+import josepy as jose
 import six
+
+from acme import challenges
+from acme import errors
+from acme import fields
+from acme import jws
+from acme import util
+
 try:
     from collections.abc import Hashable  # pylint: disable=no-name-in-module
 except ImportError:  # pragma: no cover
     from collections import Hashable
 
-import josepy as jose
 
-from acme import challenges
-from acme import errors
-from acme import fields
-from acme import util
-from acme import jws
 
 OLD_ERROR_PREFIX = "urn:acme:error:"
 ERROR_PREFIX = "urn:ietf:params:acme:error:"
@@ -143,7 +146,7 @@ class _Constant(jose.JSONDeSerializable, Hashable):  # type: ignore
         if jobj not in cls.POSSIBLE_NAMES:  # pylint: disable=unsupported-membership-test
             raise jose.DeserializationError(
                 '{0} not recognized'.format(cls.__name__))
-        return cls.POSSIBLE_NAMES[jobj]  # pylint: disable=unsubscriptable-object
+        return cls.POSSIBLE_NAMES[jobj]
 
     def __repr__(self):
         return '{0}({1})'.format(self.__class__.__name__, self.name)

acme/acme/standalone.py

@@ -11,8 +11,7 @@ from six.moves import socketserver  # type: ignore  # pylint: disable=import-err
 
 from acme import challenges
 from acme import crypto_util
-from acme.magic_typing import List # pylint: disable=unused-import, no-name-in-module
-
+from acme.magic_typing import List  # pylint: disable=unused-import, no-name-in-module
 
 logger = logging.getLogger(__name__)
 
@@ -45,7 +44,7 @@ class TLSServer(socketserver.TCPServer):
         return socketserver.TCPServer.server_bind(self)
 
 
-class ACMEServerMixin:  # pylint: disable=old-style-class
+class ACMEServerMixin:
     """ACME server common settings mixin."""
     # TODO: c.f. #858
     server_version = "ACME client standalone challenge solver"
@@ -106,7 +105,6 @@ class BaseDualNetworkedServers(object):
         """Wraps socketserver.TCPServer.serve_forever"""
         for server in self.servers:
             thread = threading.Thread(
-                # pylint: disable=no-member
                 target=server.serve_forever)
             thread.start()
             self.threads.append(thread)

acme/docs/conf.py

@@ -12,10 +12,9 @@
 # All configuration values have a default; values that are commented out
 # serve to show the default.
 
-import sys
 import os
 import shlex
-
+import sys
 
 here = os.path.abspath(os.path.dirname(__file__))
 

acme/examples/http01_example.py

@@ -26,8 +26,10 @@ Workflow:
     - Deactivate Account
 """
 from contextlib import contextmanager
+
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.asymmetric import rsa
+import josepy as jose
 import OpenSSL
 
 from acme import challenges
@@ -36,7 +38,6 @@ from acme import crypto_util
 from acme import errors
 from acme import messages
 from acme import standalone
-import josepy as jose
 
 # Constants:
 

acme/setup.py

@@ -1,9 +1,10 @@
-from setuptools import setup
-from setuptools import find_packages
-from setuptools.command.test import test as TestCommand
 import sys
 
-version = '1.0.0.dev0'
+from setuptools import find_packages
+from setuptools import setup
+from setuptools.command.test import test as TestCommand
+
+version = '1.1.0.dev0'
 
 # Please update tox.ini when modifying dependency version requirements
 install_requires = [
@@ -14,8 +15,8 @@ install_requires = [
     # 1.1.0+ is required to avoid the warnings described at
     # https://github.com/certbot/josepy/issues/13.
     'josepy>=1.1.0',
-    # Connection.set_tlsext_host_name (>=0.13)
     'mock',
+    # Connection.set_tlsext_host_name (>=0.13)
     'PyOpenSSL>=0.13.1',
     'pyrfc3339',
     'pytz',

acme/tests/challenges_test.py

@@ -4,8 +4,7 @@ import unittest
 import josepy as jose
 import mock
 import requests
-
-from six.moves.urllib import parse as urllib_parse  # pylint: disable=relative-import
+from six.moves.urllib import parse as urllib_parse
 
 import test_util
 
@@ -19,7 +18,6 @@ class ChallengeTest(unittest.TestCase):
         from acme.challenges import Challenge
         from acme.challenges import UnrecognizedChallenge
         chall = UnrecognizedChallenge({"type": "foo"})
-        # pylint: disable=no-member
         self.assertEqual(chall, Challenge.from_json(chall.jobj))
 
 

acme/tests/client_test.py

@@ -5,19 +5,17 @@ import datetime
 import json
 import unittest
 
-from six.moves import http_client  # pylint: disable=import-error
-
 import josepy as jose
 import mock
 import OpenSSL
 import requests
+from six.moves import http_client  # pylint: disable=import-error
 
 from acme import challenges
 from acme import errors
 from acme import jws as acme_jws
 from acme import messages
-from acme.magic_typing import Dict # pylint: disable=unused-import, no-name-in-module
-
+from acme.magic_typing import Dict  # pylint: disable=unused-import, no-name-in-module
 import messages_test
 import test_util
 
@@ -63,7 +61,7 @@ class ClientTestBase(unittest.TestCase):
         self.contact = ('mailto:cert-admin@example.com', 'tel:+12025551212')
         reg = messages.Registration(
             contact=self.contact, key=KEY.public_key())
-        the_arg = dict(reg) # type: Dict
+        the_arg = dict(reg)  # type: Dict
         self.new_reg = messages.NewRegistration(**the_arg)
         self.regr = messages.RegistrationResource(
             body=reg, uri='https://www.letsencrypt-demo.org/acme/reg/1')
@@ -965,8 +963,8 @@ class ClientNetworkTest(unittest.TestCase):
 
     def test_check_response_not_ok_jobj_error(self):
         self.response.ok = False
-        self.response.json.return_value = messages.Error(
-            detail='foo', typ='serverInternal', title='some title').to_json()
+        self.response.json.return_value = messages.Error.with_code(
+            'serverInternal', detail='foo', title='some title').to_json()
         # pylint: disable=protected-access
         self.assertRaises(
             messages.Error, self.net._check_response, self.response)
@@ -991,7 +989,7 @@ class ClientNetworkTest(unittest.TestCase):
         self.response.json.side_effect = ValueError
         for response_ct in [self.net.JSON_CONTENT_TYPE, 'foo']:
             self.response.headers['Content-Type'] = response_ct
-            # pylint: disable=protected-access,no-value-for-parameter
+            # pylint: disable=protected-access
             self.assertEqual(
                 self.response, self.net._check_response(self.response))
 
@@ -1005,7 +1003,7 @@ class ClientNetworkTest(unittest.TestCase):
         self.response.json.return_value = {}
         for response_ct in [self.net.JSON_CONTENT_TYPE, 'foo']:
             self.response.headers['Content-Type'] = response_ct
-            # pylint: disable=protected-access,no-value-for-parameter
+            # pylint: disable=protected-access
             self.assertEqual(
                 self.response, self.net._check_response(self.response))
 
@@ -1130,8 +1128,8 @@ class ClientNetworkWithMockedResponseTest(unittest.TestCase):
         self.response.headers = {}
         self.response.links = {}
         self.response.checked = False
-        self.acmev1_nonce_response = mock.MagicMock(ok=False,
-            status_code=http_client.METHOD_NOT_ALLOWED)
+        self.acmev1_nonce_response = mock.MagicMock(
+            ok=False, status_code=http_client.METHOD_NOT_ALLOWED)
         self.acmev1_nonce_response.headers = {}
         self.obj = mock.MagicMock()
         self.wrapped_obj = mock.MagicMock()

acme/tests/crypto_util_test.py

@@ -5,17 +5,16 @@ import threading
 import time
 import unittest
 
-import six
-from six.moves import socketserver  #type: ignore  # pylint: disable=import-error
-
 import josepy as jose
 import OpenSSL
+import six
+from six.moves import socketserver  # type: ignore  # pylint: disable=import-error
 
 from acme import errors
-from acme.magic_typing import List # pylint: disable=unused-import, no-name-in-module
-
+from acme.magic_typing import List  # pylint: disable=unused-import, no-name-in-module
 import test_util
 
+
 class SSLSocketAndProbeSNITest(unittest.TestCase):
     """Tests for acme.crypto_util.SSLSocket/probe_sni."""
 
@@ -39,7 +38,6 @@ class SSLSocketAndProbeSNITest(unittest.TestCase):
         self.server = _TestServer(('', 0), socketserver.BaseRequestHandler)
         self.port = self.server.socket.getsockname()[1]
         self.server_thread = threading.Thread(
-            # pylint: disable=no-member
             target=self.server.handle_request)
 
     def tearDown(self):
@@ -66,7 +64,7 @@ class SSLSocketAndProbeSNITest(unittest.TestCase):
 
     def test_probe_connection_error(self):
         # pylint has a hard time with six
-        self.server.server_close()  # pylint: disable=no-member
+        self.server.server_close()
         original_timeout = socket.getdefaulttimeout()
         try:
             socket.setdefaulttimeout(1)

acme/tests/jose_test.py

@@ -2,6 +2,7 @@
 import importlib
 import unittest
 
+
 class JoseTest(unittest.TestCase):
     """Tests for acme.jose shim."""
 
@@ -20,11 +21,10 @@ class JoseTest(unittest.TestCase):
 
         # We use the imports below with eval, but pylint doesn't
         # understand that.
-        # pylint: disable=eval-used,unused-variable
-        import acme
-        import josepy
-        acme_jose_mod = eval(acme_jose_path)
-        josepy_mod = eval(josepy_path)
+        import acme  # pylint: disable=unused-import
+        import josepy  # pylint: disable=unused-import
+        acme_jose_mod = eval(acme_jose_path)  # pylint: disable=eval-used
+        josepy_mod = eval(josepy_path)  # pylint: disable=eval-used
         self.assertIs(acme_jose_mod, josepy_mod)
         self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
 

acme/tests/jws_test.py

@@ -5,7 +5,6 @@ import josepy as jose
 
 import test_util
 
-
 KEY = jose.JWKRSA.load(test_util.load_vector('rsa512_key.pem'))
 
 

acme/tests/messages_test.py

@@ -5,8 +5,7 @@ import josepy as jose
 import mock
 
 from acme import challenges
-from acme.magic_typing import Dict # pylint: disable=unused-import, no-name-in-module
-
+from acme.magic_typing import Dict  # pylint: disable=unused-import, no-name-in-module
 import test_util
 
 CERT = test_util.load_comparable_cert('cert.der')
@@ -19,8 +18,7 @@ class ErrorTest(unittest.TestCase):
 
     def setUp(self):
         from acme.messages import Error, ERROR_PREFIX
-        self.error = Error(
-            detail='foo', typ=ERROR_PREFIX + 'malformed', title='title')
+        self.error = Error.with_code('malformed', detail='foo', title='title')
         self.jobj = {
             'detail': 'foo',
             'title': 'some title',
@@ -28,7 +26,6 @@ class ErrorTest(unittest.TestCase):
         }
         self.error_custom = Error(typ='custom', detail='bar')
         self.empty_error = Error()
-        self.jobj_custom = {'type': 'custom', 'detail': 'bar'}
 
     def test_default_typ(self):
         from acme.messages import Error
@@ -43,8 +40,7 @@ class ErrorTest(unittest.TestCase):
         hash(Error.from_json(self.error.to_json()))
 
     def test_description(self):
-        self.assertEqual(
-            'The request message was malformed', self.error.description)
+        self.assertEqual('The request message was malformed', self.error.description)
         self.assertTrue(self.error_custom.description is None)
 
     def test_code(self):
@@ -54,17 +50,17 @@ class ErrorTest(unittest.TestCase):
         self.assertEqual(None, Error().code)
 
     def test_is_acme_error(self):
-        from acme.messages import is_acme_error
+        from acme.messages import is_acme_error, Error
         self.assertTrue(is_acme_error(self.error))
         self.assertFalse(is_acme_error(self.error_custom))
+        self.assertFalse(is_acme_error(Error()))
         self.assertFalse(is_acme_error(self.empty_error))
         self.assertFalse(is_acme_error("must pet all the {dogs|rabbits}"))
 
     def test_unicode_error(self):
-        from acme.messages import Error, ERROR_PREFIX, is_acme_error
-        arabic_error = Error(
-                detail=u'\u0639\u062f\u0627\u0644\u0629', typ=ERROR_PREFIX + 'malformed',
-            title='title')
+        from acme.messages import Error, is_acme_error
+        arabic_error = Error.with_code(
+            'malformed', detail=u'\u0639\u062f\u0627\u0644\u0629', title='title')
         self.assertTrue(is_acme_error(arabic_error))
 
     def test_with_code(self):
@@ -305,8 +301,7 @@ class ChallengeBodyTest(unittest.TestCase):
         from acme.messages import Error
         from acme.messages import STATUS_INVALID
         self.status = STATUS_INVALID
-        error = Error(typ='urn:ietf:params:acme:error:serverInternal',
-                      detail='Unable to communicate with DNS server')
+        error = Error.with_code('serverInternal', detail='Unable to communicate with DNS server')
         self.challb = ChallengeBody(
             uri='http://challb', chall=self.chall, status=self.status,
             error=error)

acme/tests/standalone_test.py

@@ -3,18 +3,17 @@ import socket
 import threading
 import unittest
 
-from six.moves import http_client  # pylint: disable=import-error
-from six.moves import socketserver  # type: ignore  # pylint: disable=import-error
-
 import josepy as jose
 import mock
 import requests
+from six.moves import http_client  # pylint: disable=import-error
+from six.moves import socketserver  # type: ignore  # pylint: disable=import-error
 
 from acme import challenges
-from acme.magic_typing import Set # pylint: disable=unused-import, no-name-in-module
-
+from acme.magic_typing import Set  # pylint: disable=unused-import, no-name-in-module
 import test_util
 
+
 class TLSServerTest(unittest.TestCase):
     """Tests for acme.standalone.TLSServer."""
 

acme/tests/test_util.py

@@ -4,12 +4,12 @@
 
 """
 import os
-import pkg_resources
 
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import serialization
 import josepy as jose
 from OpenSSL import crypto
+import pkg_resources
 
 
 def load_vector(*names):
@@ -25,8 +25,7 @@ def _guess_loader(filename, loader_pem, loader_der):
         return loader_pem
     elif ext.lower() == '.der':
         return loader_der
-    else:  # pragma: no cover
-        raise ValueError("Loader could not be recognized based on extension")
+    raise ValueError("Loader could not be recognized based on extension")  # pragma: no cover
 
 
 def load_cert(*names):

certbot-apache/MANIFEST.in

@@ -1,6 +1,8 @@
 include LICENSE.txt
 include README.rst
-recursive-include certbot_apache/tests/testdata *
+recursive-include tests *
 include certbot_apache/_internal/centos-options-ssl-apache.conf
 include certbot_apache/_internal/options-ssl-apache.conf
 recursive-include certbot_apache/_internal/augeas_lens *.aug
+global-exclude __pycache__
+global-exclude *.py[cod]

certbot-apache/certbot_apache/_internal/configurator.py

@@ -1,5 +1,6 @@
 """Apache Configurator."""
 # pylint: disable=too-many-lines
+from collections import defaultdict
 import copy
 import fnmatch
 import logging
@@ -8,30 +9,28 @@ import shutil
 import socket
 import time
 
-from collections import defaultdict
-
 import pkg_resources
 import six
-
 import zope.component
 import zope.interface
 
 from acme import challenges
-from acme.magic_typing import DefaultDict, Dict, List, Set, Union  # pylint: disable=unused-import, no-name-in-module
-
+from acme.magic_typing import DefaultDict  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Dict  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import List  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Set  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Union  # pylint: disable=unused-import, no-name-in-module
 from certbot import errors
 from certbot import interfaces
 from certbot import util
-
 from certbot._internal import ocsp
 
 from certbot.achallenges import KeyAuthorizationAnnotatedChallenge  # pylint: disable=unused-import
 from certbot.compat import filesystem
 from certbot.compat import os
 from certbot.plugins import common
-from certbot.plugins.util import path_surgery
 from certbot.plugins.enhancements import AutoHSTSEnhancement
-
+from certbot.plugins.util import path_surgery
 from certbot_apache._internal import apache_util
 from certbot_apache._internal import constants
 from certbot_apache._internal import display_ops
@@ -455,7 +454,7 @@ class ApacheConfigurator(common.Installer):
                     filtered_vhosts[name] = vhost
 
         # Only unique VHost objects
-        dialog_input = set([vhost for vhost in filtered_vhosts.values()])
+        dialog_input = set(filtered_vhosts.values())
 
         # Ask the user which of names to enable, expect list of names back
         dialog_output = display_ops.select_vhost_multiple(list(dialog_input))
@@ -606,9 +605,9 @@ class ApacheConfigurator(common.Installer):
                 "in the Apache config.",
                 target_name)
             raise errors.PluginError("No vhost selected")
-        elif temp:
+        if temp:
             return vhost
-        elif not vhost.ssl:
+        if not vhost.ssl:
             addrs = self._get_proposed_addrs(vhost, "443")
             # TODO: Conflicts is too conservative
             if not any(vhost.enabled and vhost.conflicts(addrs) for
@@ -957,13 +956,12 @@ class ApacheConfigurator(common.Installer):
 
         loc = parser.get_aug_path(self.parser.loc["name"])
         if addr.get_port() == "443":
-            path = self.parser.add_dir_to_ifmodssl(
+            self.parser.add_dir_to_ifmodssl(
                 loc, "NameVirtualHost", [str(addr)])
         else:
-            path = self.parser.add_dir(loc, "NameVirtualHost", [str(addr)])
+            self.parser.add_dir(loc, "NameVirtualHost", [str(addr)])
 
-        msg = ("Setting %s to be NameBasedVirtualHost\n"
-               "\tDirective added to %s\n" % (addr, path))
+        msg = "Setting {0} to be NameBasedVirtualHost\n".format(addr)
         logger.debug(msg)
         self.save_notes += msg
 
@@ -1371,12 +1369,9 @@ class ApacheConfigurator(common.Installer):
                         result.append(comment)
                         sift = True
 
-                    result.append('\n'.join(
-                        ['# ' + l for l in chunk]))
-                    continue
+                    result.append('\n'.join(['# ' + l for l in chunk]))
                 else:
                     result.append('\n'.join(chunk))
-                    continue
         return result, sift
 
     def _get_vhost_block(self, vhost):
@@ -2759,4 +2754,4 @@ class ApacheConfigurator(common.Installer):
         self._autohsts_save_state()
 
 
-AutoHSTSEnhancement.register(ApacheConfigurator)  # pylint: disable=no-member
+AutoHSTSEnhancement.register(ApacheConfigurator)

certbot-apache/certbot_apache/_internal/constants.py

@@ -3,7 +3,6 @@ import pkg_resources
 
 from certbot.compat import os
 
-
 MOD_SSL_CONF_DEST = "options-ssl-apache.conf"
 """Name of the mod_ssl config file as saved in `IConfig.config_dir`."""
 

certbot-apache/certbot_apache/_internal/display_ops.py

@@ -3,10 +3,10 @@ import logging
 
 import zope.component
 
-import certbot.display.util as display_util
 from certbot import errors
 from certbot import interfaces
 from certbot.compat import os
+import certbot.display.util as display_util
 
 logger = logging.getLogger(__name__)
 

certbot-apache/certbot_apache/_internal/entrypoint.py

@@ -4,13 +4,12 @@
 from distutils.version import LooseVersion  # pylint: disable=no-name-in-module,import-error
 
 from certbot import util
-
 from certbot_apache._internal import configurator
 from certbot_apache._internal import override_arch
-from certbot_apache._internal import override_fedora
+from certbot_apache._internal import override_centos
 from certbot_apache._internal import override_darwin
 from certbot_apache._internal import override_debian
-from certbot_apache._internal import override_centos
+from certbot_apache._internal import override_fedora
 from certbot_apache._internal import override_gentoo
 from certbot_apache._internal import override_suse
 

certbot-apache/certbot_apache/_internal/http_01.py

@@ -1,13 +1,12 @@
 """A class that performs HTTP-01 challenges for Apache"""
 import logging
 
-from acme.magic_typing import List, Set  # pylint: disable=unused-import, no-name-in-module
-
+from acme.magic_typing import List  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Set  # pylint: disable=unused-import, no-name-in-module
 from certbot import errors
-from certbot.compat import os
 from certbot.compat import filesystem
+from certbot.compat import os
 from certbot.plugins import common
-
 from certbot_apache._internal.obj import VirtualHost  # pylint: disable=unused-import
 from certbot_apache._internal.parser import get_aug_path
 
@@ -195,8 +194,8 @@ class ApacheHttp01(common.ChallengePerformer):
 
         if vhost not in self.moded_vhosts:
             logger.debug(
-                "Adding a temporary challenge validation Include for name: %s " +
-                "in: %s", vhost.name, vhost.filep)
+                "Adding a temporary challenge validation Include for name: %s in: %s",
+                vhost.name, vhost.filep)
             self.configurator.parser.add_dir_beginning(
                 vhost.path, "Include", self.challenge_conf_pre)
             self.configurator.parser.add_dir(

certbot-apache/certbot_apache/_internal/obj.py

@@ -1,7 +1,7 @@
 """Module contains classes used by the Apache Configurator."""
 import re
 
-from acme.magic_typing import Set # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Set  # pylint: disable=unused-import, no-name-in-module
 from certbot.plugins import common
 
 

certbot-apache/certbot_apache/_internal/override_arch.py

@@ -1,13 +1,12 @@
 """ Distribution specific override class for Arch Linux """
 import pkg_resources
-
 import zope.interface
 
 from certbot import interfaces
 from certbot.compat import os
-
 from certbot_apache._internal import configurator
 
+
 @zope.interface.provider(interfaces.IPluginFactory)
 class ArchConfigurator(configurator.ApacheConfigurator):
     """Arch Linux specific ApacheConfigurator override class"""

certbot-apache/certbot_apache/_internal/override_centos.py

@@ -4,19 +4,16 @@ import logging
 import pkg_resources
 import zope.interface
 
+from acme.magic_typing import List  # pylint: disable=unused-import, no-name-in-module
 from certbot import errors
 from certbot import interfaces
 from certbot import util
 from certbot.compat import os
 from certbot.errors import MisconfigurationError
-
-from acme.magic_typing import List  # pylint: disable=unused-import, no-name-in-module
-
 from certbot_apache._internal import apache_util
 from certbot_apache._internal import configurator
 from certbot_apache._internal import parser
 
-
 logger = logging.getLogger(__name__)
 
 

certbot-apache/certbot_apache/_internal/override_darwin.py

@@ -1,13 +1,12 @@
 """ Distribution specific override class for macOS """
 import pkg_resources
-
 import zope.interface
 
 from certbot import interfaces
 from certbot.compat import os
-
 from certbot_apache._internal import configurator
 
+
 @zope.interface.provider(interfaces.IPluginFactory)
 class DarwinConfigurator(configurator.ApacheConfigurator):
     """macOS specific ApacheConfigurator override class"""

certbot-apache/certbot_apache/_internal/override_debian.py

@@ -72,15 +72,14 @@ class DebianConfigurator(configurator.ApacheConfigurator):
                 # Already in shape
                 vhost.enabled = True
                 return None
-            else:
-                logger.warning(
-                    "Could not symlink %s to %s, got error: %s", enabled_path,
-                    vhost.filep, err.strerror)
-                errstring = ("Encountered error while trying to enable a " +
-                             "newly created VirtualHost located at {0} by " +
-                             "linking to it from {1}")
-                raise errors.NotSupportedError(errstring.format(vhost.filep,
-                                                                enabled_path))
+            logger.warning(
+                "Could not symlink %s to %s, got error: %s", enabled_path,
+                vhost.filep, err.strerror)
+            errstring = ("Encountered error while trying to enable a " +
+                         "newly created VirtualHost located at {0} by " +
+                         "linking to it from {1}")
+            raise errors.NotSupportedError(errstring.format(vhost.filep,
+                                                            enabled_path))
         vhost.enabled = True
         logger.info("Enabling available site: %s", vhost.filep)
         self.save_notes += "Enabled site %s\n" % vhost.filep

certbot-apache/certbot_apache/_internal/override_fedora.py

@@ -6,7 +6,6 @@ from certbot import errors
 from certbot import interfaces
 from certbot import util
 from certbot.compat import os
-
 from certbot_apache._internal import apache_util
 from certbot_apache._internal import configurator
 from certbot_apache._internal import parser

certbot-apache/certbot_apache/_internal/override_gentoo.py

@@ -1,15 +1,14 @@
 """ Distribution specific override class for Gentoo Linux """
 import pkg_resources
-
 import zope.interface
 
 from certbot import interfaces
 from certbot.compat import os
-
 from certbot_apache._internal import apache_util
 from certbot_apache._internal import configurator
 from certbot_apache._internal import parser
 
+
 @zope.interface.provider(interfaces.IPluginFactory)
 class GentooConfigurator(configurator.ApacheConfigurator):
     """Gentoo specific ApacheConfigurator override class"""

certbot-apache/certbot_apache/_internal/override_suse.py

@@ -1,13 +1,12 @@
 """ Distribution specific override class for OpenSUSE """
 import pkg_resources
-
 import zope.interface
 
 from certbot import interfaces
 from certbot.compat import os
-
 from certbot_apache._internal import configurator
 
+
 @zope.interface.provider(interfaces.IPluginFactory)
 class OpenSUSEConfigurator(configurator.ApacheConfigurator):
     """OpenSUSE specific ApacheConfigurator override class"""

certbot-apache/certbot_apache/_internal/parser.py

@@ -8,11 +8,11 @@ import sys
 
 import six
 
-from acme.magic_typing import Dict, List, Set  # pylint: disable=unused-import, no-name-in-module
-
+from acme.magic_typing import Dict  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import List  # pylint: disable=unused-import, no-name-in-module
+from acme.magic_typing import Set  # pylint: disable=unused-import, no-name-in-module
 from certbot import errors
 from certbot.compat import os
-
 from certbot_apache._internal import constants
 
 logger = logging.getLogger(__name__)
@@ -284,8 +284,8 @@ class ApacheParser(object):
                     mods.add(mod_name)
                     mods.add(os.path.basename(mod_filename)[:-2] + "c")
                 else:
-                    logger.debug("Could not read LoadModule directive from " +
-                                 "Augeas path: %s", match_name[6:])
+                    logger.debug("Could not read LoadModule directive from Augeas path: %s",
+                                 match_name[6:])
         self.modules.update(mods)
 
     def update_runtime_variables(self):
@@ -625,7 +625,7 @@ class ApacheParser(object):
         # https://httpd.apache.org/docs/2.4/mod/core.html#include
         for match in matches:
             dir_ = self.aug.get(match).lower()
-            if dir_ == "include" or dir_ == "includeoptional":
+            if dir_ in ("include", "includeoptional"):
                 ordered_matches.extend(self.find_dir(
                     directive, arg,
                     self._get_include_path(self.get_arg(match + "/arg")),
@@ -665,8 +665,7 @@ class ApacheParser(object):
         # e.g. strip now, not later
         if not value:
             return None
-        else:
-            value = value.strip("'\"")
+        value = value.strip("'\"")
 
         variables = ApacheParser.arg_var_interpreter.findall(value)
 

certbot-apache/certbot_apache/tests/__init__.py

@@ -1 +0,0 @@
-"""Certbot Apache Tests"""

certbot-apache/local-oldest-requirements.txt

@@ -1,3 +1,3 @@
 # Remember to update setup.py to match the package versions below.
 acme[dev]==0.29.0
-certbot[dev]==0.39.0
+-e certbot[dev]

certbot-apache/setup.py

@@ -1,16 +1,16 @@
-from setuptools import setup
-from setuptools import find_packages
-from setuptools.command.test import test as TestCommand
 import sys
 
+from setuptools import find_packages
+from setuptools import setup
+from setuptools.command.test import test as TestCommand
 
-version = '1.0.0.dev0'
+version = '1.1.0.dev0'
 
 # Remember to update local-oldest-requirements.txt when changing the minimum
 # acme/certbot version.
 install_requires = [
     'acme>=0.29.0',
-    'certbot>=0.39.0',
+    'certbot>=1.0.0.dev0',
     'mock',
     'python-augeas',
     'setuptools',

certbot-apache/tests/autohsts_test.py

@@ -2,13 +2,13 @@
 """Test for certbot_apache._internal.configurator AutoHSTS functionality"""
 import re
 import unittest
+
 import mock
-# six is used in mock.patch()
-import six  # pylint: disable=unused-import
+import six  # pylint: disable=unused-import  # six is used in mock.patch()
 
 from certbot import errors
 from certbot_apache._internal import constants
-from certbot_apache.tests import util
+import util
 
 
 class AutoHSTSTest(util.ApacheTest):

certbot-apache/tests/centos6_test.py

@@ -3,11 +3,10 @@ import unittest
 
 from certbot.compat import os
 from certbot.errors import MisconfigurationError
-
 from certbot_apache._internal import obj
 from certbot_apache._internal import override_centos
 from certbot_apache._internal import parser
-from certbot_apache.tests import util
+import util
 
 
 def get_vh_truth(temp_dir, config_name):

certbot-apache/tests/centos_test.py

@@ -6,10 +6,9 @@ import mock
 from certbot import errors
 from certbot.compat import filesystem
 from certbot.compat import os
-
 from certbot_apache._internal import obj
 from certbot_apache._internal import override_centos
-from certbot_apache.tests import util
+import util
 
 
 def get_vh_truth(temp_dir, config_name):

certbot-apache/tests/complex_parsing_test.py

@@ -4,8 +4,7 @@ import unittest
 
 from certbot import errors
 from certbot.compat import os
-
-from certbot_apache.tests import util
+import util
 
 
 class ComplexParserTest(util.ParserTest):

certbot-apache/tests/configurator_reverter_test.py

@@ -5,8 +5,7 @@ import unittest
 import mock
 
 from certbot import errors
-
-from certbot_apache.tests import util
+import util
 
 
 class ConfiguratorReverterTest(util.ApacheTest):

certbot-apache/tests/configurator_test.py

@@ -7,24 +7,21 @@ import tempfile
 import unittest
 
 import mock
-# six is used in mock.patch()
-import six  # pylint: disable=unused-import
+import six  # pylint: disable=unused-import  # six is used in mock.patch()
 
 from acme import challenges
-
 from certbot import achallenges
 from certbot import crypto_util
 from certbot import errors
-from certbot.compat import os
 from certbot.compat import filesystem
+from certbot.compat import os
 from certbot.tests import acme_util
 from certbot.tests import util as certbot_util
-
 from certbot_apache._internal import apache_util
 from certbot_apache._internal import constants
 from certbot_apache._internal import obj
 from certbot_apache._internal import parser
-from certbot_apache.tests import util
+import util
 
 
 class MultipleVhostsTest(util.ApacheTest):

certbot-apache/tests/debian_test.py

@@ -6,10 +6,9 @@ import mock
 
 from certbot import errors
 from certbot.compat import os
-
 from certbot_apache._internal import apache_util
 from certbot_apache._internal import obj
-from certbot_apache.tests import util
+import util
 
 
 class MultipleVhostsTestDebian(util.ApacheTest):

certbot-apache/tests/display_ops_test.py

@@ -4,15 +4,11 @@ import unittest
 import mock
 
 from certbot import errors
-
 from certbot.display import util as display_util
-
 from certbot.tests import util as certbot_util
-
 from certbot_apache._internal import obj
-
 from certbot_apache._internal.display_ops import select_vhost_multiple
-from certbot_apache.tests import util
+import util
 
 
 class SelectVhostMultiTest(unittest.TestCase):

certbot-apache/tests/fedora_test.py

@@ -6,10 +6,9 @@ import mock
 from certbot import errors
 from certbot.compat import filesystem
 from certbot.compat import os
-
 from certbot_apache._internal import obj
 from certbot_apache._internal import override_fedora
-from certbot_apache.tests import util
+import util
 
 
 def get_vh_truth(temp_dir, config_name):

certbot-apache/tests/gentoo_test.py

@@ -6,10 +6,9 @@ import mock
 from certbot import errors
 from certbot.compat import filesystem
 from certbot.compat import os
-
 from certbot_apache._internal import obj
 from certbot_apache._internal import override_gentoo
-from certbot_apache.tests import util
+import util
 
 
 def get_vh_truth(temp_dir, config_name):

certbot-apache/tests/http_01_test.py

@@ -1,19 +1,17 @@
 """Test for certbot_apache._internal.http_01."""
 import unittest
+
 import mock
 
 from acme import challenges
 from acme.magic_typing import List  # pylint: disable=unused-import, no-name-in-module
-
 from certbot import achallenges
 from certbot import errors
 from certbot.compat import filesystem
 from certbot.compat import os
 from certbot.tests import acme_util
-
 from certbot_apache._internal.parser import get_aug_path
-from certbot_apache.tests import util
-
+import util
 
 NUM_ACHALLS = 3
 

certbot-apache/tests/parser_test.py

@@ -6,8 +6,7 @@ import mock
 
 from certbot import errors
 from certbot.compat import os
-
-from certbot_apache.tests import util
+import util
 
 
 class BasicParserTest(util.ParserTest):