Documentation and naming fixes

2026-06-04 14:26:10 -04:00 · 2018-02-15 15:11:13 +02:00 · 2018-02-15 15:11:13 +02:00 · d5b6ee4c75
commit d5b6ee4c75
parent 2c077d49d3
6 changed files with 38 additions and 25 deletions
--- a/certbot/cli.py
+++ b/certbot/cli.py
@ -1117,9 +1117,10 @@ def prepare_and_parse_args(plugins, args, detect_defaults=False):  # pylint: dis
        help="Require that all configuration files are owned by the current "
             "user; only needed if your config is somewhere unsafe like /tmp/")
    helpful.add(
-        "security", "--dangerously-disable-server-tls-updates", action="store_true",
-        default=flag_default("disable_server_tls_updates"),
-        dest="disable_server_tls_updates",
+        "security", "--dangerously-disable-tls-configuration-updates",
+        action="store_true",
+        default=flag_default("disable_tls_configuration_updates"),
+        dest="disable_tls_configuration_updates",
        help="Disable any updates to your server's TLS configuration"
        " other than setting the certificate and key to be used when"
        " Certbot installs a new certificate. Using this flag is"
@ -1187,9 +1188,10 @@ def prepare_and_parse_args(plugins, args, detect_defaults=False):  # pylint: dis
        "renew", "--disable-renew-updates", action="store_true",
        default=flag_default("disable_renew_updates"), dest="disable_renew_updates",
        help="Disable automatic updates to your server configuration that"
-        " would otherwise be done by the selected installer plugin, and"
-        " triggered by the \"renew\" verb. This setting does not apply to"
-        " important TLS configuration updates.")
+        " would otherwise be done by the selected installer plugin, and triggered"
+        " when the user executes \"certbot renew\", regardless of if the certificate"
+        " is renewed. This setting does not apply to important TLS configuration"
+        " updates.")

    helpful.add_deprecated_argument("--agree-dev-preview", 0)
    helpful.add_deprecated_argument("--dialog", 0)
--- a/certbot/constants.py
+++ b/certbot/constants.py
@ -64,7 +64,7 @@ CLI_DEFAULTS = dict(
    pref_challs=[],
    validate_hooks=True,
    directory_hooks=True,
-    disable_server_tls_updates=False,
+    disable_tls_configuration_updates=False,
    disable_renew_updates=False,

    # Subparsers
--- a/certbot/interfaces.py
+++ b/certbot/interfaces.py
@ -256,7 +256,7 @@ class IConfig(zope.interface.Interface):
        "user; only needed if your config is somewhere unsafe like /tmp/."
        "This is a boolean")

-    disable_server_tls_updates = zope.interface.Attribute(
+    disable_tls_configuration_updates = zope.interface.Attribute(
        "If updates to the server's TLS configuration performed by the installer"
        " should be disabled.")

@ -617,6 +617,10 @@ class GenericUpdater(object):
    This class allows plugins to perform types of updates that Certbot hasn't
    defined (yet).

+    To make use of this interface, the installer should implement the interface
+    methods, and interfaces.GenericUpdater.register(InstallerClass) should
+    be called from the installer code.
+
    """

    __metaclass__ = abc.ABCMeta
@ -643,6 +647,9 @@ class RenewDeployer(object):
    This class allows plugins to perform types of updates that need to run at
    lineage renewal that Certbot hasn't defined (yet).

+    To make use of this interface, the installer should implement the interface
+    methods, and interfaces.RenewDeployer.register(InstallerClass) should
+    be called from the installer code.
    """

    __metaclass__ = abc.ABCMeta
@ -665,7 +672,7 @@ class RenewDeployer(object):
        """


-class ServerTLSUpdater(object):
+class ServerTLSConfigurationUpdater(object):
    """Interface for updating a server's TLS configuration.

    An installer that wants to perform TLS configuration updates according to this
@ -677,15 +684,19 @@ class ServerTLSUpdater(object):
    existing TLS configuration in any way other than changing the certificates
    and keys used by the server.

+    To make use of this interface, the installer should implement the interface
+    methods, and interfaces.ServerTLSConfigurationUpdater.register(InstallerClass)
+    should be called from the installer code.
+
    An installer can determine if TLS configuration updates are enabled by checking
-    :attr:`IConfig.disable_server_tls_updates`.
+    :attr:`IConfig.disable_tls_configuration_updates`.

    """

    __metaclass__ = abc.ABCMeta

    @abc.abstractmethod
-    def server_tls_updates(self, domain, *args, **kwargs):
+    def tls_configuration_updates(self, domain, *args, **kwargs):
        """Set the server's TLS config to latest recommended version.

        If an installer is a subclass of the class containing this method, this
--- a/certbot/plugins/selection.py
+++ b/certbot/plugins/selection.py
@ -210,7 +210,7 @@ def choose_configurator_plugins(config, plugins, verb):  # pylint: disable=too-m
 def verify_enhancements_supported(config, installer):
    """Verify the requested enhancements are supported by the installer.

-    If the discouraged --dangerously-disable-server-tls-updates flag is
+    If the discouraged --dangerously-disable-tls-configuration-updates flag is
    set, we try to verify with the user that this behavior was desired
    and not set accidentally through a copied command line or
    configuration file.
@ -226,9 +226,9 @@ def verify_enhancements_supported(config, installer):
    :raises errors.MisconfigurationError: configuration conflict

    """
-    if config.disable_server_tls_updates:
-        flag = "--dangerously-disable-server-tls-updates"
-        if isinstance(installer, interfaces.ServerTLSUpdater):
+    if config.disable_tls_configuration_updates:
+        flag = "--dangerously-disable-tls-configuration-updates"
+        if isinstance(installer, interfaces.ServerTLSConfigurationUpdater):
            verified = z_util(interfaces.IDisplay).yesno(
                "You have requested Certbot disable TLS updates by"
                " setting {0} on the command line or in a configuration"
--- a/certbot/tests/renewupdater_test.py
+++ b/certbot/tests/renewupdater_test.py
@ -13,17 +13,17 @@ import certbot.tests.util as test_util


 class RenewUpdaterTest(unittest.TestCase):
-    """Tests for interfaces.ServerTLSUpdater and
+    """Tests for interfaces.ServerTLSConfigurationUpdater and
    interfaces.GenericUpdater"""

    def setUp(self):
-        class MockInstallerTLSUpdater(interfaces.ServerTLSUpdater):
-            """Mock class that implements ServerTLSUpdater"""
+        class MockInstallerTLSUpdater(interfaces.ServerTLSConfigurationUpdater):
+            """Mock class that implements ServerTLSConfigurationUpdater"""
            def __init__(self, *args, **kwargs):
                # pylint: disable=unused-argument
                self.restart = mock.MagicMock()
                self.callcounter = mock.MagicMock()
-            def server_tls_updates(self, domain, *args, **kwargs):
+            def tls_configuration_updates(self, domain, *args, **kwargs):
                self.callcounter(*args, **kwargs)

        class MockInstallerGenericUpdater(interfaces.GenericUpdater):
@ -57,7 +57,7 @@ class RenewUpdaterTest(unittest.TestCase):
    @mock.patch('certbot.plugins.selection.z_util')
    def test_verify_enhancements_tlsupdater(self, mock_z):
        mock_z().yesno.return_value = False
-        config = self.get_config({"server_tls_updates": False})
+        config = self.get_config({"tls_configuration_updates": False})
        self.assertRaises(errors.Error,
                          selection.verify_enhancements_supported,
                          config, self.tls_installer)
@ -65,7 +65,7 @@ class RenewUpdaterTest(unittest.TestCase):
        mock_z().yesno.return_value = True
        selection.verify_enhancements_supported(config, self.tls_installer)

-        # Plugin does not implement ServerTLSUpdater
+        # Plugin does not implement ServerTLSConfigurationUpdater
        self.assertRaises(errors.PluginSelectionError,
                          selection.verify_enhancements_supported,
                          config, self.generic_updater)
@ -75,7 +75,7 @@ class RenewUpdaterTest(unittest.TestCase):
    @mock.patch('certbot.plugins.selection.choose_configurator_plugins')
    @test_util.patch_get_utility()
    def test_server_updates(self, _, mock_select, mock_getsave):
-        config = self.get_config({"disable_server_tls_updates": False,
+        config = self.get_config({"disable_tls_configuration_updates": False,
                                  "disable_renew_updates": False})

        lineage = mock.MagicMock()
--- a/certbot/updater.py
+++ b/certbot/updater.py
@ -62,9 +62,9 @@ def _run_updaters(lineage, installer, config):
    :rtype: None
    """
    for domain in lineage.names():
-        if not config.disable_server_tls_updates:
-            if isinstance(installer, interfaces.ServerTLSUpdater):
-                installer.server_tls_updates(domain)
+        if not config.disable_tls_configuration_updates:
+            if isinstance(installer, interfaces.ServerTLSConfigurationUpdater):
+                installer.tls_configuration_updates(domain)
        if not config.disable_renew_updates:
            if isinstance(installer, interfaces.GenericUpdater):
                installer.generic_updates(domain)