upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-11 01:30:14 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Remove remaints of simpleHttp from standalone plugin

Browse source
This commit is contained in:
Jakub Warmuz 2015-11-07 13:59:02 +00:00
parent 3a5f7a026b
commit dd92e95290
No known key found for this signature in database
GPG key ID: 2A7BAD3A489B52EA
2 changed files with 20 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
letsencrypt/plugins/standalone.py
View file

@ -28,9 +28,9 @@ class ServerManager(object):
Manager for `ACMEServer` and `ACMETLSServer` instances.
`certs` and `simple_http_resources` correspond to
`certs` and `http_01_resources` correspond to
`acme.crypto_util.SSLSocket.certs` and
`acme.crypto_util.SSLSocket.simple_http_resources` respectively. All
`acme.crypto_util.SSLSocket.http_01_resources` respectively. All
created servers share the same certificates and resources, so if
you're running both TLS and non-TLS instances, HTTP01 handlers
will serve the same URLs!
@ -38,10 +38,10 @@ class ServerManager(object):
"""
_Instance = collections.namedtuple("_Instance", "server thread")
def __init__(self, certs, simple_http_resources):
def __init__(self, certs, http_01_resources):
self._instances = {}
self.certs = certs
self.simple_http_resources = simple_http_resources
self.http_01_resources = http_01_resources
def run(self, port, challenge_type):
"""Run ACME server on specified ``port``.
@ -67,7 +67,7 @@ class ServerManager(object):
server = acme_standalone.DVSNIServer(address, self.certs)
else: # challenges.HTTP01
server = acme_standalone.HTTP01Server(
address, self.simple_http_resources)
address, self.http_01_resources)
except socket.error as error:
raise errors.StandaloneBindError(error, port)
@ -150,12 +150,9 @@ class Authenticator(common.Plugin):
def __init__(self, *args, **kwargs):
super(Authenticator, self).__init__(*args, **kwargs)
# one self-signed key for all DVSNI and HTTP01 certificates
# one self-signed key for all DVSNI certificates
self.key = OpenSSL.crypto.PKey()
self.key.generate_key(OpenSSL.crypto.TYPE_RSA, bits=2048)
# TODO: generate only when the first HTTP01 challenge is solved
self.simple_http_cert = acme_crypto_util.gen_ss_cert(
self.key, domains=["temp server"])
self.served = collections.defaultdict(set)
@ -164,9 +161,9 @@ class Authenticator(common.Plugin):
# GIL, the operations are safe, c.f.
# https://docs.python.org/2/faq/library.html#what-kinds-of-global-value-mutation-are-thread-safe
self.certs = {}
self.simple_http_resources = set()
self.http_01_resources = set()
self.servers = ServerManager(self.certs, self.simple_http_resources)
self.servers = ServerManager(self.certs, self.http_01_resources)
@classmethod
def add_parser_arguments(cls, add):
@ -240,17 +237,14 @@ class Authenticator(common.Plugin):
server = self.servers.run(
self.config.http01_port, challenges.HTTP01)
response, validation = achall.response_and_validation()
self.simple_http_resources.add(
self.http_01_resources.add(
acme_standalone.HTTP01RequestHandler.HTTP01Resource(
chall=achall.chall, response=response,
validation=validation))
cert = self.simple_http_cert
domain = achall.domain
else: # DVSNI
server = self.servers.run(self.config.dvsni_port, challenges.DVSNI)
response, cert, _ = achall.gen_cert_and_response(self.key)
domain = response.z_domain
self.certs[domain] = (self.key, cert)
self.certs[response.z_domain] = (self.key, cert)
self.served[server].add(achall)
responses.append(response)

20
letsencrypt/plugins/standalone_test.py
View file

@ -24,13 +24,13 @@ class ServerManagerTest(unittest.TestCase):
def setUp(self):
from letsencrypt.plugins.standalone import ServerManager
self.certs = {}
self.simple_http_resources = {}
self.mgr = ServerManager(self.certs, self.simple_http_resources)
self.http_01_resources = {}
self.mgr = ServerManager(self.certs, self.http_01_resources)
def test_init(self):
self.assertTrue(self.mgr.certs is self.certs)
self.assertTrue(
self.mgr.simple_http_resources is self.simple_http_resources)
self.mgr.http_01_resources is self.http_01_resources)
def _test_run_stop(self, challenge_type):
server = self.mgr.run(port=0, challenge_type=challenge_type)
@ -42,7 +42,7 @@ class ServerManagerTest(unittest.TestCase):
def test_run_stop_dvsni(self):
self._test_run_stop(challenges.DVSNI)
def test_run_stop_simplehttp(self):
def test_run_stop_http_01(self):
self._test_run_stop(challenges.HTTP01)
def test_run_idempotent(self):
@ -153,7 +153,7 @@ class AuthenticatorTest(unittest.TestCase):
def test_perform2(self):
domain = b'localhost'
key = jose.JWK.load(test_util.load_vector('rsa512_key.pem'))
simple_http = achallenges.KeyAuthorizationAnnotatedChallenge(
http_01 = achallenges.KeyAuthorizationAnnotatedChallenge(
challb=acme_util.HTTP01_P, domain=domain, account_key=key)
dvsni = achallenges.DVSNI(
challb=acme_util.DVSNI_P, domain=domain, account_key=key)
@ -164,7 +164,7 @@ class AuthenticatorTest(unittest.TestCase):
return "server{0}".format(port)
self.auth.servers.run.side_effect = _run
responses = self.auth.perform2([simple_http, dvsni])
responses = self.auth.perform2([http_01, dvsni])
self.assertTrue(isinstance(responses, list))
self.assertEqual(2, len(responses))
@ -177,11 +177,11 @@ class AuthenticatorTest(unittest.TestCase):
])
self.assertEqual(self.auth.served, {
"server1234": set([dvsni]),
"server4321": set([simple_http]),
"server4321": set([http_01]),
})
self.assertEqual(1, len(self.auth.simple_http_resources))
self.assertEqual(2, len(self.auth.certs))
self.assertEqual(list(self.auth.simple_http_resources), [
self.assertEqual(1, len(self.auth.http_01_resources))
self.assertEqual(1, len(self.auth.certs))
self.assertEqual(list(self.auth.http_01_resources), [
acme_standalone.HTTP01RequestHandler.HTTP01Resource(
acme_util.HTTP01, responses[0], mock.ANY)])