From 4b49419c07738ff3f218322049ef9e1d2952ad9b Mon Sep 17 00:00:00 2001
From: Peter Eckersley <pde@eff.org>
Date: Wed, 10 Feb 2016 14:27:14 -0800
Subject: [PATCH 1/4] Allow renew to handle --webroot-path on the commandline

 - and generally clarify how renew handles webroot options
---
 letsencrypt/cli.py | 43 +++++++++++++++++++++++++++----------------
 1 file changed, 27 insertions(+), 16 deletions(-)

diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py
index 8f34a6e81..7aecb550c 100644
--- a/letsencrypt/cli.py
+++ b/letsencrypt/cli.py
@@ -834,10 +834,15 @@ def _restore_plugin_configs(config, renewalparams):
     #      longer defined, stored copies of that parameter will be
     #      deserialized as strings by this logic even if they were
     #      originally meant to be some other type.
-    plugin_prefixes = [renewalparams["authenticator"]]
+    if renewalparams["authenticator"] == "webroot":
+        _restore_webroot_config(config, renewalparams)
+        plugin_prefixes = []
+    else:
+        plugin_prefixes = [renewalparams["authenticator"]]
+
     if renewalparams.get("installer", None) is not None:
         plugin_prefixes.append(renewalparams["installer"])
-    for plugin_prefix in set(plugin_prefixes):
+    for plugin_prefix in set(plugin_prefixes) - set("webroot"): # webroot is special
         for config_item, config_value in renewalparams.iteritems():
             if config_item.startswith(plugin_prefix + "_") and not _set_by_cli(config_item):
                 # Avoid confusion when, for example, "csr = None" (avoid
@@ -855,6 +860,22 @@ def _restore_plugin_configs(config, renewalparams):
                 else:
                     setattr(config.namespace, config_item, str(config_value))
 
+def _restore_webroot_config(config, renewalparams)
+    """
+    webroot_map is, uniquely, a dict, and the general-purpose configuration
+    restoring logic is not able to correctly parse it from the serialized
+    form.
+    """
+    if "webroot_map" in renewalparams:
+        # if the user does anything that would create a new webroot map on the
+        # CLI, don't use the old one
+        if not (_set_by_cli("webroot_map") or _set_by_cli("webroot_path")):
+            wrm = renewalparams["webroot_map"]
+            setattr(config.namespace, "webroot_map", renewalparams["webroot_map"])
+    elif "webroot_path" in renewalparams:
+        logger.info("Ancient renewal conf file without webroot-map, restoring webroot-path")
+        setattr(config.namespace, "webroot_path", renewalparams["webroot_path"])
+
 
 def _reconstitute(config, full_path):
     """Try to instantiate a RenewableCert, updating config with relevant items.
@@ -901,24 +922,15 @@ def _reconstitute(config, full_path):
         logger.debug("Traceback was:\n%s", traceback.format_exc())
         return None
 
-    # webroot_map is, uniquely, a dict, and the general-purpose
-    # configuration restoring logic is not able to correctly parse it
-    # from the serialized form.
-    if "webroot_map" in renewalparams and not _set_by_cli("webroot_map"):
-        setattr(config.namespace, "webroot_map", renewalparams["webroot_map"])
-
     try:
-        domains = [le_util.enforce_domain_sanity(x) for x in
-                   renewal_candidate.names()]
+        for d in renewal_candidate.names():
+            _process_domain(config, d)
     except errors.ConfigurationError as error:
         logger.warning("Renewal configuration file %s references a cert "
                        "that contains an invalid domain name. The problem "
                        "was: %s. Skipping.", full_path, error)
         return None
 
-    if not _set_by_cli("domains"):
-        config.namespace.domains = domains
-
     return renewal_candidate
 
 def _renewal_conf_files(config):
@@ -1738,7 +1750,7 @@ def _plugins_parsing(helpful, plugins):
     # they are parsed in conjunction with --domains, they live here for
     # legibility. helpful.add_plugin_ags must be called first to add the
     # "webroot" topic
-    helpful.add("webroot", "-w", "--webroot-path", action=WebrootPathProcessor,
+    helpful.add("webroot", "-w", "--webroot-path", default=[], action=WebrootPathProcessor,
                 help="public_html / webroot path. This can be specified multiple times to "
                      "handle different domains; each domain will have the webroot path that"
                      " preceded it.  For instance: `-w /var/www/example -d example.com -d "
@@ -1765,8 +1777,7 @@ class WebrootPathProcessor(argparse.Action):  # pylint: disable=missing-docstrin
         Keep a record of --webroot-path / -w flags during processing, so that
         we know which apply to which -d flags
         """
-        if args.webroot_path is None:      # first -w flag encountered
-            args.webroot_path = []
+        if not args.webroot_path:      # first -w flag encountered
             # if any --domain flags preceded the first --webroot-path flag,
             # apply that webroot path to those; subsequent entries in
             # args.webroot_map are filled in by cli.DomainFlagProcessor

From 7c7a07ceb2ccac11d55942bc9325ea82c1542108 Mon Sep 17 00:00:00 2001
From: Peter Eckersley <pde@eff.org>
Date: Wed, 10 Feb 2016 14:30:35 -0800
Subject: [PATCH 2/4] rm redundancy

---
 letsencrypt/cli.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py
index 7aecb550c..ba5ee4c73 100644
--- a/letsencrypt/cli.py
+++ b/letsencrypt/cli.py
@@ -842,7 +842,7 @@ def _restore_plugin_configs(config, renewalparams):
 
     if renewalparams.get("installer", None) is not None:
         plugin_prefixes.append(renewalparams["installer"])
-    for plugin_prefix in set(plugin_prefixes) - set("webroot"): # webroot is special
+    for plugin_prefix in set(plugin_prefixes):
         for config_item, config_value in renewalparams.iteritems():
             if config_item.startswith(plugin_prefix + "_") and not _set_by_cli(config_item):
                 # Avoid confusion when, for example, "csr = None" (avoid

From 86bddfa9b4e8cbefad956cdbe1b1510332af17cd Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Wed, 10 Feb 2016 14:50:10 -0800
Subject: [PATCH 3/4] Fix syntax error (missing colon in function definition)

---
 letsencrypt/cli.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py
index ba5ee4c73..c31f3b7c3 100644
--- a/letsencrypt/cli.py
+++ b/letsencrypt/cli.py
@@ -860,7 +860,7 @@ def _restore_plugin_configs(config, renewalparams):
                 else:
                     setattr(config.namespace, config_item, str(config_value))
 
-def _restore_webroot_config(config, renewalparams)
+def _restore_webroot_config(config, renewalparams):
     """
     webroot_map is, uniquely, a dict, and the general-purpose configuration
     restoring logic is not able to correctly parse it from the serialized

From 6abcfddfe7d757d49f1c456a7e8a6237598e39c9 Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Wed, 10 Feb 2016 15:05:18 -0800
Subject: [PATCH 4/4] Remove unused variable "wrm"

---
 letsencrypt/cli.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py
index c31f3b7c3..4170f31cc 100644
--- a/letsencrypt/cli.py
+++ b/letsencrypt/cli.py
@@ -870,7 +870,6 @@ def _restore_webroot_config(config, renewalparams):
         # if the user does anything that would create a new webroot map on the
         # CLI, don't use the old one
         if not (_set_by_cli("webroot_map") or _set_by_cli("webroot_path")):
-            wrm = renewalparams["webroot_map"]
             setattr(config.namespace, "webroot_map", renewalparams["webroot_map"])
     elif "webroot_path" in renewalparams:
         logger.info("Ancient renewal conf file without webroot-map, restoring webroot-path")