From dd92e9529011b5f306799de68dbdb61e7609f96f Mon Sep 17 00:00:00 2001 From: Jakub Warmuz Date: Sat, 7 Nov 2015 13:59:02 +0000 Subject: [PATCH] Remove remaints of simpleHttp from standalone plugin --- letsencrypt/plugins/standalone.py | 26 ++++++++++---------------- letsencrypt/plugins/standalone_test.py | 20 ++++++++++---------- 2 files changed, 20 insertions(+), 26 deletions(-) diff --git a/letsencrypt/plugins/standalone.py b/letsencrypt/plugins/standalone.py index 5041091e4..3975e9292 100644 --- a/letsencrypt/plugins/standalone.py +++ b/letsencrypt/plugins/standalone.py @@ -28,9 +28,9 @@ class ServerManager(object): Manager for `ACMEServer` and `ACMETLSServer` instances. - `certs` and `simple_http_resources` correspond to + `certs` and `http_01_resources` correspond to `acme.crypto_util.SSLSocket.certs` and - `acme.crypto_util.SSLSocket.simple_http_resources` respectively. All + `acme.crypto_util.SSLSocket.http_01_resources` respectively. All created servers share the same certificates and resources, so if you're running both TLS and non-TLS instances, HTTP01 handlers will serve the same URLs! @@ -38,10 +38,10 @@ class ServerManager(object): """ _Instance = collections.namedtuple("_Instance", "server thread") - def __init__(self, certs, simple_http_resources): + def __init__(self, certs, http_01_resources): self._instances = {} self.certs = certs - self.simple_http_resources = simple_http_resources + self.http_01_resources = http_01_resources def run(self, port, challenge_type): """Run ACME server on specified ``port``. @@ -67,7 +67,7 @@ class ServerManager(object): server = acme_standalone.DVSNIServer(address, self.certs) else: # challenges.HTTP01 server = acme_standalone.HTTP01Server( - address, self.simple_http_resources) + address, self.http_01_resources) except socket.error as error: raise errors.StandaloneBindError(error, port) @@ -150,12 +150,9 @@ class Authenticator(common.Plugin): def __init__(self, *args, **kwargs): super(Authenticator, self).__init__(*args, **kwargs) - # one self-signed key for all DVSNI and HTTP01 certificates + # one self-signed key for all DVSNI certificates self.key = OpenSSL.crypto.PKey() self.key.generate_key(OpenSSL.crypto.TYPE_RSA, bits=2048) - # TODO: generate only when the first HTTP01 challenge is solved - self.simple_http_cert = acme_crypto_util.gen_ss_cert( - self.key, domains=["temp server"]) self.served = collections.defaultdict(set) @@ -164,9 +161,9 @@ class Authenticator(common.Plugin): # GIL, the operations are safe, c.f. # https://docs.python.org/2/faq/library.html#what-kinds-of-global-value-mutation-are-thread-safe self.certs = {} - self.simple_http_resources = set() + self.http_01_resources = set() - self.servers = ServerManager(self.certs, self.simple_http_resources) + self.servers = ServerManager(self.certs, self.http_01_resources) @classmethod def add_parser_arguments(cls, add): @@ -240,17 +237,14 @@ class Authenticator(common.Plugin): server = self.servers.run( self.config.http01_port, challenges.HTTP01) response, validation = achall.response_and_validation() - self.simple_http_resources.add( + self.http_01_resources.add( acme_standalone.HTTP01RequestHandler.HTTP01Resource( chall=achall.chall, response=response, validation=validation)) - cert = self.simple_http_cert - domain = achall.domain else: # DVSNI server = self.servers.run(self.config.dvsni_port, challenges.DVSNI) response, cert, _ = achall.gen_cert_and_response(self.key) - domain = response.z_domain - self.certs[domain] = (self.key, cert) + self.certs[response.z_domain] = (self.key, cert) self.served[server].add(achall) responses.append(response) diff --git a/letsencrypt/plugins/standalone_test.py b/letsencrypt/plugins/standalone_test.py index 15da04417..c1de52ac8 100644 --- a/letsencrypt/plugins/standalone_test.py +++ b/letsencrypt/plugins/standalone_test.py @@ -24,13 +24,13 @@ class ServerManagerTest(unittest.TestCase): def setUp(self): from letsencrypt.plugins.standalone import ServerManager self.certs = {} - self.simple_http_resources = {} - self.mgr = ServerManager(self.certs, self.simple_http_resources) + self.http_01_resources = {} + self.mgr = ServerManager(self.certs, self.http_01_resources) def test_init(self): self.assertTrue(self.mgr.certs is self.certs) self.assertTrue( - self.mgr.simple_http_resources is self.simple_http_resources) + self.mgr.http_01_resources is self.http_01_resources) def _test_run_stop(self, challenge_type): server = self.mgr.run(port=0, challenge_type=challenge_type) @@ -42,7 +42,7 @@ class ServerManagerTest(unittest.TestCase): def test_run_stop_dvsni(self): self._test_run_stop(challenges.DVSNI) - def test_run_stop_simplehttp(self): + def test_run_stop_http_01(self): self._test_run_stop(challenges.HTTP01) def test_run_idempotent(self): @@ -153,7 +153,7 @@ class AuthenticatorTest(unittest.TestCase): def test_perform2(self): domain = b'localhost' key = jose.JWK.load(test_util.load_vector('rsa512_key.pem')) - simple_http = achallenges.KeyAuthorizationAnnotatedChallenge( + http_01 = achallenges.KeyAuthorizationAnnotatedChallenge( challb=acme_util.HTTP01_P, domain=domain, account_key=key) dvsni = achallenges.DVSNI( challb=acme_util.DVSNI_P, domain=domain, account_key=key) @@ -164,7 +164,7 @@ class AuthenticatorTest(unittest.TestCase): return "server{0}".format(port) self.auth.servers.run.side_effect = _run - responses = self.auth.perform2([simple_http, dvsni]) + responses = self.auth.perform2([http_01, dvsni]) self.assertTrue(isinstance(responses, list)) self.assertEqual(2, len(responses)) @@ -177,11 +177,11 @@ class AuthenticatorTest(unittest.TestCase): ]) self.assertEqual(self.auth.served, { "server1234": set([dvsni]), - "server4321": set([simple_http]), + "server4321": set([http_01]), }) - self.assertEqual(1, len(self.auth.simple_http_resources)) - self.assertEqual(2, len(self.auth.certs)) - self.assertEqual(list(self.auth.simple_http_resources), [ + self.assertEqual(1, len(self.auth.http_01_resources)) + self.assertEqual(1, len(self.auth.certs)) + self.assertEqual(list(self.auth.http_01_resources), [ acme_standalone.HTTP01RequestHandler.HTTP01Resource( acme_util.HTTP01, responses[0], mock.ANY)])