From 8d5c945470c22e1aaf4aa8c62c22315c50bab233 Mon Sep 17 00:00:00 2001 From: Peter Eckersley Date: Wed, 10 Feb 2016 20:04:28 -0800 Subject: [PATCH 01/37] release.sh: autopin letsencrypt-auto autopeep autohashes --- tools/release.sh | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/tools/release.sh b/tools/release.sh index 83b57657f..ee9c30704 100755 --- a/tools/release.sh +++ b/tools/release.sh @@ -161,6 +161,23 @@ for module in letsencrypt $subpkgs_modules ; do done deactivate +# pin peep hashes of the things we just built +for pkg in acme letsencrypt letsencrypt-apache ; do + echo + peep hash dist."$version/$pkg"/*.{whl,gz} + echo $pkg==$version +done > /tmp/hashes.$$ + +if ! wc -l /tmp/hashes.$$ | grep -qE "^12 " ; then + echo Unexpected peep hash output + exit 1 +fi + +# perform hideous surgery on requirements.txt... +head -n -12 letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt > /tmp/req.$$ +cat /tmp/hashes.$$ >> /tmp/req.$$ +cp /tmp/req.$$ letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt + # ensure we have the latest built version of leauto letsencrypt-auto-source/build.py From 805e85dd64fe907217ae4c1ed99cd33aa5b89ae7 Mon Sep 17 00:00:00 2001 From: Peter Eckersley Date: Tue, 16 Feb 2016 12:34:35 -0800 Subject: [PATCH 02/37] Make requirements.txt safe for editing --- .../pieces/letsencrypt-auto-requirements.txt | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index c83396de2..111a4abb6 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -201,6 +201,13 @@ zope.event==4.1.0 # sha256: sJyMHUezUxxADgGVaX8UFKYyId5u9HhZik8UYPfZo5I zope.interface==4.1.3 +# sha256: uDndLZwRfHAUMMFJlWkYpCOphjtIsJyQ4wpgE-fS9E8 +# sha256: j4MIDaoknQNsvM-4rlzG_wB7iNbZN1ITca-r57Gbrbw +mock==1.0.1 + +# THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT, +# ADD ALL DEPENDENCIES ABOVE + # sha256: QMIkIvGF3mcJhGLAKRX7n5EVIPjOrfLtklN6ePjbJes # sha256: fNFWiij6VxfG5o7u3oNbtrYKQ4q9vhzOLATfxNlozvQ acme==0.3.0 @@ -212,7 +219,3 @@ letsencrypt==0.3.0 # sha256: EypLpEw3-Tr8unw4aSFsHXgRiU8ZYLrJKOJohP2tC9M # sha256: HYvP13GzA-DDJYwlfOoaraJO0zuYO48TCSAyTUAGCqA letsencrypt-apache==0.3.0 - -# sha256: uDndLZwRfHAUMMFJlWkYpCOphjtIsJyQ4wpgE-fS9E8 -# sha256: j4MIDaoknQNsvM-4rlzG_wB7iNbZN1ITca-r57Gbrbw -mock==1.0.1 From 3a303dbf40107855f18d05ccc492cf6efc616972 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roy=20Wellington=20=E2=85=A3?= Date: Sat, 20 Feb 2016 00:29:04 -0800 Subject: [PATCH 03/37] Use six to make this list + list work in Python 3. The RHS here in Python 3 is a set-like object over keys; it's essentially the same as .iterkeys() in Python 2. Unfortunately, + is not defined for list + .keys(). In Python 3, it's idiomatic to simply list(VERBS.keys()) here; basically, take that and use six to make it Python 2 compatible. --- letsencrypt/cli.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py index 3551d5a10..d7dcb92c0 100644 --- a/letsencrypt/cli.py +++ b/letsencrypt/cli.py @@ -19,6 +19,7 @@ import traceback import configargparse import OpenSSL +import six import zope.component import zope.interface.exceptions import zope.interface.verify @@ -1159,7 +1160,7 @@ class HelpfulArgumentParser(object): # List of topics for which additional help can be provided HELP_TOPICS = ["all", "security", - "paths", "automation", "testing"] + VERBS.keys() + "paths", "automation", "testing"] + list(six.iterkeys(VERBS)) def __init__(self, args, plugins, detect_defaults=False): plugin_names = [name for name, _p in plugins.iteritems()] From b965e8349e10d0aeebd6be84f1c3b49444a0c856 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roy=20Wellington=20=E2=85=A3?= Date: Sat, 20 Feb 2016 01:01:33 -0800 Subject: [PATCH 04/37] Use six.iteritems instead of .iteritems for Python 3. And in one place, `list(six.iterkeys())`, as the values didn't appear to be used. --- letsencrypt/cli.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py index d7dcb92c0..d8b1a6039 100644 --- a/letsencrypt/cli.py +++ b/letsencrypt/cli.py @@ -843,7 +843,7 @@ def _restore_plugin_configs(config, renewalparams): if renewalparams.get("installer", None) is not None: plugin_prefixes.append(renewalparams["installer"]) for plugin_prefix in set(plugin_prefixes): - for config_item, config_value in renewalparams.iteritems(): + for config_item, config_value in six.iteritems(renewalparams): if config_item.startswith(plugin_prefix + "_") and not _set_by_cli(config_item): # Values None, True, and False need to be treated specially, # As they don't get parsed correctly based on type @@ -1163,7 +1163,7 @@ class HelpfulArgumentParser(object): "paths", "automation", "testing"] + list(six.iterkeys(VERBS)) def __init__(self, args, plugins, detect_defaults=False): - plugin_names = [name for name, _p in plugins.iteritems()] + plugin_names = list(six.iterkeys(plugins)) self.help_topics = self.HELP_TOPICS + plugin_names + [None] usage, short_usage = usage_strings(plugins) self.parser = configargparse.ArgParser( @@ -1433,7 +1433,7 @@ class HelpfulArgumentParser(object): may or may not be displayed as help topics. """ - for name, plugin_ep in plugins.iteritems(): + for name, plugin_ep in six.iteritems(plugins): parser_or_group = self.add_group(name, description=plugin_ep.description) #print(parser_or_group) plugin_ep.plugin_cls.inject_parser_options(parser_or_group, name) @@ -1828,7 +1828,7 @@ def _process_domain(args_or_config, domain_arg, webroot_path=None): class WebrootMapProcessor(argparse.Action): # pylint: disable=missing-docstring def __call__(self, parser, args, webroot_map_arg, option_string=None): webroot_map = json.loads(webroot_map_arg) - for domains, webroot_path in webroot_map.iteritems(): + for domains, webroot_path in six.iteritems(webroot_map): _process_domain(args, domains, [webroot_path]) From 19b93ec0256fad96b9387238420b21936abb2887 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roy=20Wellington=20=E2=85=A3?= Date: Sat, 20 Feb 2016 00:20:57 -0800 Subject: [PATCH 05/37] Update this octal literal to be Python3 compatible. The `"0" 1*digits` syntax is gone in Python 3. This syntax replaced it. It was ported into Python 2 at 2.6[1]. [1]: https://docs.python.org/2/whatsnew/2.6.html --- letsencrypt/storage.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/letsencrypt/storage.py b/letsencrypt/storage.py index 6786ac745..cff2d53e1 100644 --- a/letsencrypt/storage.py +++ b/letsencrypt/storage.py @@ -694,7 +694,7 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes for i in (cli_config.renewal_configs_dir, cli_config.archive_dir, cli_config.live_dir): if not os.path.exists(i): - os.makedirs(i, 0700) + os.makedirs(i, 0o700) logger.debug("Creating directory %s.", i) config_file, config_filename = le_util.unique_lineage_name( cli_config.renewal_configs_dir, lineagename) From af22467e07ddb916d58fa3b671401a00ab4aa4cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roy=20Wellington=20=E2=85=A3?= Date: Fri, 26 Feb 2016 21:15:21 -0800 Subject: [PATCH 06/37] Newline at end of tox.ini. --- tox.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index 57359cd86..6af9610e3 100644 --- a/tox.ini +++ b/tox.ini @@ -91,4 +91,4 @@ commands = docker run --rm -t -i lea whitelist_externals = docker -passenv = DOCKER_* \ No newline at end of file +passenv = DOCKER_* From edf6d2db241d8b45f0848f43390f586bd5b8ecd5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roy=20Wellington=20=E2=85=A3?= Date: Sat, 20 Feb 2016 00:45:09 -0800 Subject: [PATCH 07/37] Make these print statements Python 3 compatible. --- letsencrypt/plugins/webroot_test.py | 5 ++++- letsencrypt/tests/cli_test.py | 9 ++++++--- .../letshelp_letsencrypt/apache.py | 15 +++++++++------ 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/letsencrypt/plugins/webroot_test.py b/letsencrypt/plugins/webroot_test.py index 7a34b3fcc..8c1427340 100644 --- a/letsencrypt/plugins/webroot_test.py +++ b/letsencrypt/plugins/webroot_test.py @@ -1,4 +1,7 @@ """Tests for letsencrypt.plugins.webroot.""" + +from __future__ import print_function + import errno import os import shutil @@ -74,7 +77,7 @@ class AuthenticatorTest(unittest.TestCase): os.chmod(self.path, 0o000) try: open(permission_canary, "r") - print "Warning, running tests as root skips permissions tests..." + print("Warning, running tests as root skips permissions tests...") except IOError: # ok, permissions work, test away... self.assertRaises(errors.PluginError, self.auth.prepare) diff --git a/letsencrypt/tests/cli_test.py b/letsencrypt/tests/cli_test.py index aef3447c3..0afebc9f1 100644 --- a/letsencrypt/tests/cli_test.py +++ b/letsencrypt/tests/cli_test.py @@ -1,4 +1,7 @@ """Tests for letsencrypt.cli.""" + +from __future__ import print_function + import argparse import functools import itertools @@ -580,7 +583,7 @@ class CLITest(unittest.TestCase): # pylint: disable=too-many-public-methods try: ret, _, _, _ = self._call(args) if ret: - print "Returned", ret + print("Returned", ret) raise AssertionError(ret) assert not error_expected, "renewal should have errored" except: # pylint: disable=bare-except @@ -628,8 +631,8 @@ class CLITest(unittest.TestCase): # pylint: disable=too-many-public-methods def _dump_log(self): with open(os.path.join(self.logs_dir, "letsencrypt.log")) as lf: - print "Logs:" - print lf.read() + print("Logs:") + print(lf.read()) def _make_test_renewal_conf(self, testfile): diff --git a/letshelp-letsencrypt/letshelp_letsencrypt/apache.py b/letshelp-letsencrypt/letshelp_letsencrypt/apache.py index ac4e9b831..d7cb05b70 100755 --- a/letshelp-letsencrypt/letshelp_letsencrypt/apache.py +++ b/letshelp-letsencrypt/letshelp_letsencrypt/apache.py @@ -1,5 +1,8 @@ #!/usr/bin/env python """Let's Encrypt Apache configuration submission script""" + +from __future__ import print_function + import argparse import atexit import contextlib @@ -48,20 +51,20 @@ def make_and_verify_selection(server_root, temp_dir): """ copied_files, copied_dirs = copy_config(server_root, temp_dir) - print textwrap.fill("A secure copy of the files that have been selected " + print(textwrap.fill("A secure copy of the files that have been selected " "for submission has been created under {0}. All " "comments have been removed and the files are only " "accessible by the current user. A list of the files " "that have been included is shown below. Please make " "sure that this selection does not contain private " "keys, passwords, or any other sensitive " - "information.".format(temp_dir)) - print "\nFiles:" + "information.".format(temp_dir))) + print("\nFiles:") for copied_file in copied_files: - print copied_file - print "Directories (including all contained files):" + print(copied_file) + print("Directories (including all contained files):") for copied_dir in copied_dirs: - print copied_dir + print(copied_dir) sys.stdout.write("\nIs it safe to submit these files? ") while True: From 74a31c737cd441ff09e4623e108d09310ec5b161 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roy=20Wellington=20=E2=85=A3?= Date: Sat, 20 Feb 2016 00:24:33 -0800 Subject: [PATCH 08/37] The Queue module moved to queue in Python 3. Use six.moves.queue to import the right module regardless. --- letsencrypt/reporter.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/letsencrypt/reporter.py b/letsencrypt/reporter.py index 81106be34..147928e3c 100644 --- a/letsencrypt/reporter.py +++ b/letsencrypt/reporter.py @@ -4,10 +4,10 @@ from __future__ import print_function import collections import logging import os -import Queue import sys import textwrap +from six.moves import queue # pylint: disable=import-error import zope.interface from letsencrypt import interfaces @@ -21,7 +21,7 @@ logger = logging.getLogger(__name__) class Reporter(object): """Collects and displays information to the user. - :ivar `Queue.PriorityQueue` messages: Messages to be displayed to + :ivar `queue.PriorityQueue` messages: Messages to be displayed to the user. """ @@ -36,7 +36,7 @@ class Reporter(object): _msg_type = collections.namedtuple('ReporterMsg', 'priority text on_crash') def __init__(self): - self.messages = Queue.PriorityQueue() + self.messages = queue.PriorityQueue() def add_message(self, msg, priority, on_crash=True): """Adds msg to the list of messages to be printed. From 8046cdc26a131b1260a63daf1764b45d8de62761 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roy=20Wellington=20=E2=85=A3?= Date: Sat, 20 Feb 2016 00:53:58 -0800 Subject: [PATCH 09/37] Make uses of StringIO.StringIO Python 3 compatible. --- letsencrypt/tests/cli_test.py | 4 ++-- letsencrypt/tests/colored_logging_test.py | 5 +++-- letsencrypt/tests/le_util_test.py | 6 +++--- letsencrypt/tests/reporter_test.py | 5 +++-- 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/letsencrypt/tests/cli_test.py b/letsencrypt/tests/cli_test.py index 0afebc9f1..64d6beaae 100644 --- a/letsencrypt/tests/cli_test.py +++ b/letsencrypt/tests/cli_test.py @@ -7,12 +7,12 @@ import functools import itertools import os import shutil -import StringIO import traceback import tempfile import unittest import mock +import six from acme import jose @@ -84,7 +84,7 @@ class CLITest(unittest.TestCase): # pylint: disable=too-many-public-methods def _help_output(self, args): "Run a command, and return the ouput string for scrutiny" - output = StringIO.StringIO() + output = six.StringIO() with mock.patch('letsencrypt.cli.sys.stdout', new=output): self.assertRaises(SystemExit, self._call_stdout, args) out = output.getvalue() diff --git a/letsencrypt/tests/colored_logging_test.py b/letsencrypt/tests/colored_logging_test.py index 5b49ec820..4080157fc 100644 --- a/letsencrypt/tests/colored_logging_test.py +++ b/letsencrypt/tests/colored_logging_test.py @@ -1,8 +1,9 @@ """Tests for letsencrypt.colored_logging.""" import logging -import StringIO import unittest +import six + from letsencrypt import le_util @@ -12,7 +13,7 @@ class StreamHandlerTest(unittest.TestCase): def setUp(self): from letsencrypt import colored_logging - self.stream = StringIO.StringIO() + self.stream = six.StringIO() self.stream.isatty = lambda: True self.handler = colored_logging.StreamHandler(self.stream) diff --git a/letsencrypt/tests/le_util_test.py b/letsencrypt/tests/le_util_test.py index 87894f837..191b70801 100644 --- a/letsencrypt/tests/le_util_test.py +++ b/letsencrypt/tests/le_util_test.py @@ -4,11 +4,11 @@ import errno import os import shutil import stat -import StringIO import tempfile import unittest import mock +import six from letsencrypt import errors @@ -307,14 +307,14 @@ class AddDeprecatedArgumentTest(unittest.TestCase): self.assertTrue("--old-option is deprecated" in stderr) def _get_argparse_warnings(self, args): - stderr = StringIO.StringIO() + stderr = six.StringIO() with mock.patch("letsencrypt.le_util.sys.stderr", new=stderr): self.parser.parse_args(args) return stderr.getvalue() def test_help(self): self._call("--old-option", 2) - stdout = StringIO.StringIO() + stdout = six.StringIO() with mock.patch("letsencrypt.le_util.sys.stdout", new=stdout): try: self.parser.parse_args(["-h"]) diff --git a/letsencrypt/tests/reporter_test.py b/letsencrypt/tests/reporter_test.py index c848b1cab..26a1105c8 100644 --- a/letsencrypt/tests/reporter_test.py +++ b/letsencrypt/tests/reporter_test.py @@ -1,8 +1,9 @@ """Tests for letsencrypt.reporter.""" -import StringIO import sys import unittest +import six + class ReporterTest(unittest.TestCase): """Tests for letsencrypt.reporter.Reporter.""" @@ -12,7 +13,7 @@ class ReporterTest(unittest.TestCase): self.reporter = reporter.Reporter() self.old_stdout = sys.stdout - sys.stdout = StringIO.StringIO() + sys.stdout = six.StringIO() def tearDown(self): sys.stdout = self.old_stdout From 902ab9afdf6306868252fffc9d67be6664c68a0c Mon Sep 17 00:00:00 2001 From: Kane York Date: Mon, 29 Feb 2016 10:58:14 -0800 Subject: [PATCH 10/37] Work around leap day bug in parsedatetime --- tests/boulder-integration.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/boulder-integration.sh b/tests/boulder-integration.sh index 32c292e90..77e866b52 100755 --- a/tests/boulder-integration.sh +++ b/tests/boulder-integration.sh @@ -68,7 +68,7 @@ common renew CheckCertCount 2 # This will renew because the expiry is less than 10 years from now -sed -i "4arenew_before_expiry = 10 years" "$root/conf/renewal/le.wtf.conf" +sed -i "4arenew_before_expiry = 4 years" "$root/conf/renewal/le.wtf.conf" common_no_force_renew renew --rsa-key-size 2048 CheckCertCount 3 From 1f254f5330956d6756d740ae237798c5a95ab195 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Mon, 29 Feb 2016 11:34:17 -0800 Subject: [PATCH 11/37] Change renewal period to fix leap year problems --- letsencrypt/tests/testdata/sample-renewal.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/letsencrypt/tests/testdata/sample-renewal.conf b/letsencrypt/tests/testdata/sample-renewal.conf index 16778303a..d6ebbd845 100755 --- a/letsencrypt/tests/testdata/sample-renewal.conf +++ b/letsencrypt/tests/testdata/sample-renewal.conf @@ -2,7 +2,7 @@ cert = MAGICDIR/live/sample-renewal/cert.pem privkey = MAGICDIR/live/sample-renewal/privkey.pem chain = MAGICDIR/live/sample-renewal/chain.pem fullchain = MAGICDIR/live/sample-renewal/fullchain.pem -renew_before_expiry = 1 year +renew_before_expiry = 4 years # Options and defaults used in the renewal process [renewalparams] From a8089a43da05e3de527e07d50b144345fab751a2 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Mon, 29 Feb 2016 12:56:34 -0800 Subject: [PATCH 12/37] Use local peep --- tools/release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/release.sh b/tools/release.sh index fcb8d13c6..bc61db85d 100755 --- a/tools/release.sh +++ b/tools/release.sh @@ -164,7 +164,7 @@ deactivate # pin peep hashes of the things we just built for pkg in acme letsencrypt letsencrypt-apache ; do echo - peep hash dist."$version/$pkg"/*.{whl,gz} + letsencrypt-auto-source/pieces/peep.py hash dist."$version/$pkg"/*.{whl,gz} echo $pkg==$version done > /tmp/hashes.$$ From bbea71760c26a3045ba028f106063f0247210b5c Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Mon, 29 Feb 2016 13:24:12 -0800 Subject: [PATCH 13/37] grammar --- .../pieces/letsencrypt-auto-requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index b38b941b3..32896b8f4 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -201,7 +201,7 @@ zope.interface==4.1.3 # sha256: j4MIDaoknQNsvM-4rlzG_wB7iNbZN1ITca-r57Gbrbw mock==1.0.1 -# THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT, +# THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; # ADD ALL DEPENDENCIES ABOVE # sha256: ilvjjTWOS86xchl0WBZ0YOAw_0rmqdnjNsxb1hq2RD8 From 3b0a95ff97f18c6f2ad484184b85d719ce362484 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Mon, 29 Feb 2016 13:26:48 -0800 Subject: [PATCH 14/37] compatibility++ --- tools/release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/release.sh b/tools/release.sh index bc61db85d..78babcff2 100755 --- a/tools/release.sh +++ b/tools/release.sh @@ -168,7 +168,7 @@ for pkg in acme letsencrypt letsencrypt-apache ; do echo $pkg==$version done > /tmp/hashes.$$ -if ! wc -l /tmp/hashes.$$ | grep -qE "^12 " ; then +if ! wc -l /tmp/hashes.$$ | grep -qE "^\s*12 " ; then echo Unexpected peep hash output exit 1 fi From 564d37c0fdd7033be64b2ab1a10236f12024d194 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Mon, 29 Feb 2016 15:39:19 -0800 Subject: [PATCH 15/37] version < 2.0 --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index cbf0ff89d..d07582e2b 100644 --- a/setup.py +++ b/setup.py @@ -39,7 +39,7 @@ install_requires = [ 'ConfigArgParse>=0.9.3', 'configobj', 'cryptography>=0.7', # load_pem_x509_certificate - 'parsedatetime', + 'parsedatetime<2.0', # parsedatetime 2.0 doesn't work on py26 'psutil>=2.1.0', # net_connections introduced in 2.1.0 'PyOpenSSL', 'pyrfc3339', From 49d8fd7d61ceba091f7afde4a194a74dd2d3ca8a Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Mon, 29 Feb 2016 16:30:24 -0800 Subject: [PATCH 16/37] Release 0.4.1 --- acme/setup.py | 2 +- letsencrypt-apache/setup.py | 2 +- letsencrypt-auto | 206 ++++++++++-------- letsencrypt-auto-source/letsencrypt-auto | 29 +-- letsencrypt-auto-source/letsencrypt-auto.sig | Bin 256 -> 256 bytes .../letsencrypt-auto.sig.lzma.base64 | 6 + .../pieces/letsencrypt-auto-requirements.txt | 18 +- letsencrypt-compatibility-test/setup.py | 2 +- letsencrypt-nginx/setup.py | 2 +- letsencrypt/__init__.py | 2 +- letshelp-letsencrypt/setup.py | 2 +- 11 files changed, 157 insertions(+), 114 deletions(-) create mode 100644 letsencrypt-auto-source/letsencrypt-auto.sig.lzma.base64 diff --git a/acme/setup.py b/acme/setup.py index 5a77f8a67..a621b7634 100644 --- a/acme/setup.py +++ b/acme/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.5.0.dev0' +version = '0.4.1' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/letsencrypt-apache/setup.py b/letsencrypt-apache/setup.py index a8e010f0e..96a01548a 100644 --- a/letsencrypt-apache/setup.py +++ b/letsencrypt-apache/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.5.0.dev0' +version = '0.4.1' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/letsencrypt-auto b/letsencrypt-auto index 9218bdc52..86367a5c0 100755 --- a/letsencrypt-auto +++ b/letsencrypt-auto @@ -18,25 +18,31 @@ set -e # Work even if somebody does "sh thisscript.sh". XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share} VENV_NAME="letsencrypt" VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"} -VENV_BIN=${VENV_PATH}/bin -LE_AUTO_VERSION="0.4.0" +VENV_BIN="$VENV_PATH/bin" +LE_AUTO_VERSION="0.4.1" # This script takes the same arguments as the main letsencrypt program, but it # additionally responds to --verbose (more output) and --debug (allow support # for experimental platforms) for arg in "$@" ; do - # This first clause is redundant with the third, but hedging on portability - if [ "$arg" = "-v" ] || [ "$arg" = "--verbose" ] || echo "$arg" | grep -E -- "-v+$" ; then - VERBOSE=1 - elif [ "$arg" = "--no-self-upgrade" ] ; then - # Do not upgrade this script (also prevents client upgrades, because each - # copy of the script pins a hash of the python client) - NO_SELF_UPGRADE=1 - elif [ "$arg" = "--os-packages-only" ] ; then - OS_PACKAGES_ONLY=1 - elif [ "$arg" = "--debug" ]; then - DEBUG=1 - fi + case "$arg" in + --debug) + DEBUG=1;; + --os-packages-only) + OS_PACKAGES_ONLY=1;; + --no-self-upgrade) + # Do not upgrade this script (also prevents client upgrades, because each + # copy of the script pins a hash of the python client) + NO_SELF_UPGRADE=1;; + --verbose) + VERBOSE=1;; + [!-]*|-*[!v]*|-) + # Anything that isn't -v, -vv, etc.: that is, anything that does not + # start with a -, contains anything that's not a v, or is just "-" + ;; + *) # -v+ remains. + VERBOSE=1;; + esac done # letsencrypt-auto needs root access to bootstrap OS dependencies, and @@ -91,21 +97,18 @@ ExperimentalBootstrap() { } DeterminePythonVersion() { - if command -v python2.7 > /dev/null ; then - export LE_PYTHON=${LE_PYTHON:-python2.7} - elif command -v python27 > /dev/null ; then - export LE_PYTHON=${LE_PYTHON:-python27} - elif command -v python2 > /dev/null ; then - export LE_PYTHON=${LE_PYTHON:-python2} - elif command -v python > /dev/null ; then - export LE_PYTHON=${LE_PYTHON:-python} - else - echo "Cannot find any Pythons... please install one!" + for LE_PYTHON in "$LE_PYTHON" python2.7 python27 python2 python; do + # Break (while keeping the LE_PYTHON value) if found. + command -v "$LE_PYTHON" > /dev/null && break + done + if [ "$?" != "0" ]; then + echo "Cannot find any Pythons; please install one!" exit 1 fi + export LE_PYTHON - PYVER=`"$LE_PYTHON" --version 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//'` - if [ $PYVER -lt 26 ]; then + PYVER=`"$LE_PYTHON" -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//'` + if [ "$PYVER" -lt 26 ]; then echo "You have an ancient version of Python entombed in your operating system..." echo "This isn't going to work; you'll need at least version 2.6." exit 1 @@ -165,7 +168,7 @@ BootstrapDebCommon() { /bin/echo '(Backports are only installed if explicitly requested via "apt-get install -t wheezy-backports")' fi - sudo sh -c "echo $BACKPORT_SOURCELINE >> /etc/apt/sources.list.d/$BACKPORT_NAME.list" + $SUDO sh -c "echo $BACKPORT_SOURCELINE >> /etc/apt/sources.list.d/$BACKPORT_NAME.list" $SUDO apt-get update fi fi @@ -304,10 +307,11 @@ BootstrapArchCommon() { pkg-config " - missing=$("$SUDO" pacman -T $deps) + # pacman -T exits with 127 if there are missing dependencies + missing=$($SUDO pacman -T $deps) || true if [ "$missing" ]; then - "$SUDO" pacman -S --needed $missing + $SUDO pacman -S --needed $missing fi } @@ -324,19 +328,19 @@ BootstrapGentooCommon() { case "$PACKAGE_MANAGER" in (paludis) - "$SUDO" cave resolve --keep-targets if-possible $PACKAGES -x + $SUDO cave resolve --preserve-world --keep-targets if-possible $PACKAGES -x ;; (pkgcore) - "$SUDO" pmerge --noreplace $PACKAGES + $SUDO pmerge --noreplace --oneshot $PACKAGES ;; (portage|*) - "$SUDO" emerge --noreplace $PACKAGES + $SUDO emerge --noreplace --oneshot $PACKAGES ;; esac } BootstrapFreeBsd() { - "$SUDO" pkg install -Ay \ + $SUDO pkg install -Ay \ python \ py27-virtualenv \ augeas \ @@ -345,20 +349,27 @@ BootstrapFreeBsd() { BootstrapMac() { if ! hash brew 2>/dev/null; then - echo "Homebrew Not Installed\nDownloading..." + echo "Homebrew not installed.\nDownloading..." ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" fi - brew install augeas - brew install dialog + if [ -z "$(brew list --versions augeas)" ]; then + echo "augeas not installed.\nInstalling augeas from Homebrew..." + brew install augeas + fi - if ! hash pip 2>/dev/null; then - echo "pip Not Installed\nInstalling python from Homebrew..." + if [ -z "$(brew list --versions dialog)" ]; then + echo "dialog not installed.\nInstalling dialog from Homebrew..." + brew install dialog + fi + + if [ -z "$(brew list --versions python)" ]; then + echo "python not installed.\nInstalling python from Homebrew..." brew install python fi if ! hash virtualenv 2>/dev/null; then - echo "virtualenv Not Installed\nInstalling with pip" + echo "virtualenv not installed.\nInstalling with pip..." pip install virtualenv fi } @@ -412,9 +423,10 @@ TempDir() { -if [ "$NO_SELF_UPGRADE" = 1 ]; then +if [ "$1" = "--le-auto-phase2" ]; then # Phase 2: Create venv, install LE, and run. + shift 1 # the --le-auto-phase2 arg if [ -f "$VENV_BIN/letsencrypt" ]; then INSTALLED_VERSION=$("$VENV_BIN/letsencrypt" --version 2>&1 | cut -d " " -f 2) else @@ -609,10 +621,6 @@ traceback2==1.4.0 # sha256: IogqDkGMKE4fcYqCKzsCKUTVPS2QjhaQsxmp0-ssBXk unittest2==1.1.0 -# sha256: aUkbUwUVfDxuDwSnAZhNaud_1yn8HJrNJQd_HfOFMms -# sha256: 619wCpv8lkILBVY1r5AC02YuQ9gMP_0x8iTCW8DV9GI -Werkzeug==0.11.3 - # sha256: KCwRK1XdjjyGmjVx-GdnwVCrEoSprOK97CJsWSrK-Bo zope.component==4.2.2 @@ -638,22 +646,25 @@ zope.event==4.1.0 # sha256: sJyMHUezUxxADgGVaX8UFKYyId5u9HhZik8UYPfZo5I zope.interface==4.1.3 -# sha256: ilvjjTWOS86xchl0WBZ0YOAw_0rmqdnjNsxb1hq2RD8 -# sha256: T37KMj0TnsuvHIzCCmoww2fpfpOBTj7cd4NAqucXcpw -acme==0.4.0 - -# sha256: 33BQiANlNLGqGpirTfdCEElTF9YbpaKiYpTbK4zeGD8 -# sha256: lwsV1OdEzzlMeb08C_PRxaCXZ2vOk_1AI2755rZHmPM -letsencrypt==0.4.0 - -# sha256: D3YDaVFjLsMSEfjI5B5D5tn5FeWUtNHYXCObw3ih2tg -# sha256: VTgvsePYGRmI4IOSAnxoYFHd8KciD73bxIuIHtbVFd8 -letsencrypt-apache==0.4.0 - # sha256: uDndLZwRfHAUMMFJlWkYpCOphjtIsJyQ4wpgE-fS9E8 # sha256: j4MIDaoknQNsvM-4rlzG_wB7iNbZN1ITca-r57Gbrbw mock==1.0.1 +# THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; +# ADD ALL DEPENDENCIES ABOVE + +# sha256: zd_qpRKPaFs00y5hex5Rbu5CVLWzed7pBGL28juxoHM +# sha256: 18Gfo85AbZXE46GyTkyePthTNiUeoGTQNcXlSvmRQvM +acme==0.4.1 + +# sha256: wIuGh8yh1TeOClXW0qLz70bKeM9Ax4bfFNrkKSDjbbo +# sha256: 7TeAUt8cZ0IZQuQNuUm8MoH8vPWlKaCrwWAkdCEs_5s +letsencrypt==0.4.1 + +# sha256: bnpKXJTXy9cFSktJLtvTCTovJJybc__Ivqs6XaXxk9U +# sha256: bcvJ6j5UB8sOJ_M88DAsqvmaLxD2UnAP9ys-_J6Bdcc +letsencrypt-apache==0.4.1 + UNLIKELY_EOF # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/peep.py" @@ -745,6 +756,7 @@ except ImportError: from pip.util import url_to_path # 0.7.0 except ImportError: from pip.util import url_to_filename as url_to_path # 0.6.2 +from pip.exceptions import InstallationError from pip.index import PackageFinder, Link try: from pip.log import logger @@ -763,7 +775,7 @@ except ImportError: DownloadProgressBar = DownloadProgressSpinner = NullProgressBar -__version__ = 3, 0, 0 +__version__ = 3, 1, 1 try: from pip.index import FormatControl # noqa @@ -781,6 +793,7 @@ ITS_FINE_ITS_FINE = 0 SOMETHING_WENT_WRONG = 1 # "Traditional" for command-line errors according to optparse docs: COMMAND_LINE_ERROR = 2 +UNHANDLED_EXCEPTION = 3 ARCHIVE_EXTENSIONS = ('.tar.bz2', '.tar.gz', '.tgz', '.tar', '.zip') @@ -1543,7 +1556,7 @@ def peep_install(argv): first_every_last(buckets[SatisfiedReq], *printers) return ITS_FINE_ITS_FINE - except (UnsupportedRequirementError, DownloadError) as exc: + except (UnsupportedRequirementError, InstallationError, DownloadError) as exc: out(str(exc)) return SOMETHING_WENT_WRONG finally: @@ -1563,16 +1576,23 @@ def peep_port(paths): print('Please specify one or more requirements files so I have ' 'something to port.\n') return COMMAND_LINE_ERROR + + comes_from = None for req in chain.from_iterable( _parse_requirements(path, package_finder(argv)) for path in paths): + req_path, req_line = path_and_line(req) hashes = [hexlify(urlsafe_b64decode((hash + '=').encode('ascii'))).decode('ascii') - for hash in hashes_above(*path_and_line(req))] + for hash in hashes_above(req_path, req_line)] + if req_path != comes_from: + print() + print('# from %s' % req_path) + print() + comes_from = req_path + if not hashes: print(req.req) - elif len(hashes) == 1: - print('%s --hash=sha256:%s' % (req.req, hashes[0])) else: - print('%s' % req.req, end='') + print('%s' % (req.link if getattr(req, 'link', None) else req.req), end='') for hash in hashes: print(' \\') print(' --hash=sha256:%s' % hash, end='') @@ -1617,7 +1637,7 @@ if __name__ == '__main__': exit(main()) except Exception: exception_handler(*sys.exc_info()) - exit(SOMETHING_WENT_WRONG) + exit(UNHANDLED_EXCEPTION) UNLIKELY_EOF # ------------------------------------------------------------------------- @@ -1630,8 +1650,10 @@ UNLIKELY_EOF # Report error. (Otherwise, be quiet.) echo "Had a problem while downloading and verifying Python packages:" echo "$PEEP_OUT" + rm -rf "$VENV_PATH" exit 1 fi + echo "Installation succeeded." fi echo "Requesting root privileges to run letsencrypt..." echo " " $SUDO "$VENV_BIN/letsencrypt" "$@" @@ -1653,10 +1675,11 @@ else exit 0 fi - echo "Checking for new version..." - TEMP_DIR=$(TempDir) - # --------------------------------------------------------------------------- - cat << "UNLIKELY_EOF" > "$TEMP_DIR/fetch.py" + if [ "$NO_SELF_UPGRADE" != 1 ]; then + echo "Checking for new version..." + TEMP_DIR=$(TempDir) + # --------------------------------------------------------------------------- + cat << "UNLIKELY_EOF" > "$TEMP_DIR/fetch.py" """Do downloading and JSON parsing without additional dependencies. :: # Print latest released version of LE to stdout: @@ -1785,25 +1808,36 @@ if __name__ == '__main__': exit(main()) UNLIKELY_EOF - # --------------------------------------------------------------------------- - DeterminePythonVersion - REMOTE_VERSION=`"$LE_PYTHON" "$TEMP_DIR/fetch.py" --latest-version` - if [ "$LE_AUTO_VERSION" != "$REMOTE_VERSION" ]; then - echo "Upgrading letsencrypt-auto $LE_AUTO_VERSION to $REMOTE_VERSION..." + # --------------------------------------------------------------------------- + DeterminePythonVersion + REMOTE_VERSION=`"$LE_PYTHON" "$TEMP_DIR/fetch.py" --latest-version` + if [ "$LE_AUTO_VERSION" != "$REMOTE_VERSION" ]; then + echo "Upgrading letsencrypt-auto $LE_AUTO_VERSION to $REMOTE_VERSION..." - # Now we drop into Python so we don't have to install even more - # dependencies (curl, etc.), for better flow control, and for the option of - # future Windows compatibility. - "$LE_PYTHON" "$TEMP_DIR/fetch.py" --le-auto-script "v$REMOTE_VERSION" + # Now we drop into Python so we don't have to install even more + # dependencies (curl, etc.), for better flow control, and for the option of + # future Windows compatibility. + "$LE_PYTHON" "$TEMP_DIR/fetch.py" --le-auto-script "v$REMOTE_VERSION" - # Install new copy of letsencrypt-auto. This preserves permissions and - # ownership from the old copy. - # TODO: Deal with quotes in pathnames. - echo "Replacing letsencrypt-auto..." - echo " " $SUDO cp "$TEMP_DIR/letsencrypt-auto" "$0" - $SUDO cp "$TEMP_DIR/letsencrypt-auto" "$0" - # TODO: Clean up temp dir safely, even if it has quotes in its path. - rm -rf "$TEMP_DIR" - fi # should upgrade - "$0" --no-self-upgrade "$@" + # Install new copy of letsencrypt-auto. + # TODO: Deal with quotes in pathnames. + echo "Replacing letsencrypt-auto..." + # Clone permissions with cp. chmod and chown don't have a --reference + # option on OS X or BSD, and stat -c on Linux is stat -f on OS X and BSD: + echo " " $SUDO cp -p "$0" "$TEMP_DIR/letsencrypt-auto.permission-clone" + $SUDO cp -p "$0" "$TEMP_DIR/letsencrypt-auto.permission-clone" + echo " " $SUDO cp "$TEMP_DIR/letsencrypt-auto" "$TEMP_DIR/letsencrypt-auto.permission-clone" + $SUDO cp "$TEMP_DIR/letsencrypt-auto" "$TEMP_DIR/letsencrypt-auto.permission-clone" + # Using mv rather than cp leaves the old file descriptor pointing to the + # original copy so the shell can continue to read it unmolested. mv across + # filesystems is non-atomic, doing `rm dest, cp src dest, rm src`, but the + # cp is unlikely to fail (esp. under sudo) if the rm doesn't. + echo " " $SUDO mv -f "$TEMP_DIR/letsencrypt-auto.permission-clone" "$0" + $SUDO mv -f "$TEMP_DIR/letsencrypt-auto.permission-clone" "$0" + # TODO: Clean up temp dir safely, even if it has quotes in its path. + rm -rf "$TEMP_DIR" + fi # A newer version is available. + fi # Self-upgrading is allowed. + + "$0" --le-auto-phase2 "$@" fi diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 8e9882ffe..86367a5c0 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -19,7 +19,7 @@ XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share} VENV_NAME="letsencrypt" VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"} VENV_BIN="$VENV_PATH/bin" -LE_AUTO_VERSION="0.5.0.dev0" +LE_AUTO_VERSION="0.4.1" # This script takes the same arguments as the main letsencrypt program, but it # additionally responds to --verbose (more output) and --debug (allow support @@ -646,22 +646,25 @@ zope.event==4.1.0 # sha256: sJyMHUezUxxADgGVaX8UFKYyId5u9HhZik8UYPfZo5I zope.interface==4.1.3 -# sha256: ilvjjTWOS86xchl0WBZ0YOAw_0rmqdnjNsxb1hq2RD8 -# sha256: T37KMj0TnsuvHIzCCmoww2fpfpOBTj7cd4NAqucXcpw -acme==0.4.0 - -# sha256: 33BQiANlNLGqGpirTfdCEElTF9YbpaKiYpTbK4zeGD8 -# sha256: lwsV1OdEzzlMeb08C_PRxaCXZ2vOk_1AI2755rZHmPM -letsencrypt==0.4.0 - -# sha256: D3YDaVFjLsMSEfjI5B5D5tn5FeWUtNHYXCObw3ih2tg -# sha256: VTgvsePYGRmI4IOSAnxoYFHd8KciD73bxIuIHtbVFd8 -letsencrypt-apache==0.4.0 - # sha256: uDndLZwRfHAUMMFJlWkYpCOphjtIsJyQ4wpgE-fS9E8 # sha256: j4MIDaoknQNsvM-4rlzG_wB7iNbZN1ITca-r57Gbrbw mock==1.0.1 +# THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; +# ADD ALL DEPENDENCIES ABOVE + +# sha256: zd_qpRKPaFs00y5hex5Rbu5CVLWzed7pBGL28juxoHM +# sha256: 18Gfo85AbZXE46GyTkyePthTNiUeoGTQNcXlSvmRQvM +acme==0.4.1 + +# sha256: wIuGh8yh1TeOClXW0qLz70bKeM9Ax4bfFNrkKSDjbbo +# sha256: 7TeAUt8cZ0IZQuQNuUm8MoH8vPWlKaCrwWAkdCEs_5s +letsencrypt==0.4.1 + +# sha256: bnpKXJTXy9cFSktJLtvTCTovJJybc__Ivqs6XaXxk9U +# sha256: bcvJ6j5UB8sOJ_M88DAsqvmaLxD2UnAP9ys-_J6Bdcc +letsencrypt-apache==0.4.1 + UNLIKELY_EOF # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/peep.py" diff --git a/letsencrypt-auto-source/letsencrypt-auto.sig b/letsencrypt-auto-source/letsencrypt-auto.sig index 532a482073932f4be88c1e25642d18ad947e7e64..e6d597298e36a27751d37e8597fc307eb545ed0e 100644 GIT binary patch literal 256 zcmV+b0ssDm2(4;MO!SpH(*$3SK8|wzRMAE~aPdF#65x@BGT_+k1EIub9pYY65;t@LH9e~%PVPGp?@lhX zUcG)QB0e$yQogJex_KK=DFx0Q?~h#$ZiK8LqF z9UK0?`*Aq5PynjWNy*-8JZ$G>+S9o<8P@27c@y3`uBda8X`#O+CjMrKVzMiqiCsyS zbqYMkAp~3&FJG3hply|GI7?14!p?ySpSW8X9EZ1FWtJRi4)+#lw>8^eI!3 G_s+-+c7oaf diff --git a/letsencrypt-auto-source/letsencrypt-auto.sig.lzma.base64 b/letsencrypt-auto-source/letsencrypt-auto.sig.lzma.base64 new file mode 100644 index 000000000..829e274f0 --- /dev/null +++ b/letsencrypt-auto-source/letsencrypt-auto.sig.lzma.base64 @@ -0,0 +1,6 @@ +XQAAAAT//////////wBCghGWcdbIc2Jwx9eNx/8BCz2bNPFlhMANgkl2y9DXQ35eeVwpAz1hka/X +mbAtebf8wyUrVCYJ295X4aa52T2/hffWukE1K2mV5ZNV2IstEohx5ghX536mksyW2pLB5K6pttTs +Zg4DW17p/vWM/VczjT5yhIlR+ZAKcSKGSiMhJXLnvF0UKcQ6RJ2CFdfQhPkEEtjHlWPPlLRc8K9/ +DyPI1KeAoER9MMl/sZELr7gRJh8vpDV9XtVwQ0RhH59/Xze6s/WvaMf2C08IWysSW/BulLu9YbEs +oOiW7OKECzryCNcg4+QISNcoiKUEDGUYbQWMfcB1I0hYjl5HZ332R1ljr9UbdGGdUAF0zby+LvrT +///9TmAA diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index 32896b8f4..7ec4db444 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -204,14 +204,14 @@ mock==1.0.1 # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; # ADD ALL DEPENDENCIES ABOVE -# sha256: ilvjjTWOS86xchl0WBZ0YOAw_0rmqdnjNsxb1hq2RD8 -# sha256: T37KMj0TnsuvHIzCCmoww2fpfpOBTj7cd4NAqucXcpw -acme==0.4.0 +# sha256: zd_qpRKPaFs00y5hex5Rbu5CVLWzed7pBGL28juxoHM +# sha256: 18Gfo85AbZXE46GyTkyePthTNiUeoGTQNcXlSvmRQvM +acme==0.4.1 -# sha256: 33BQiANlNLGqGpirTfdCEElTF9YbpaKiYpTbK4zeGD8 -# sha256: lwsV1OdEzzlMeb08C_PRxaCXZ2vOk_1AI2755rZHmPM -letsencrypt==0.4.0 +# sha256: wIuGh8yh1TeOClXW0qLz70bKeM9Ax4bfFNrkKSDjbbo +# sha256: 7TeAUt8cZ0IZQuQNuUm8MoH8vPWlKaCrwWAkdCEs_5s +letsencrypt==0.4.1 -# sha256: D3YDaVFjLsMSEfjI5B5D5tn5FeWUtNHYXCObw3ih2tg -# sha256: VTgvsePYGRmI4IOSAnxoYFHd8KciD73bxIuIHtbVFd8 -letsencrypt-apache==0.4.0 +# sha256: bnpKXJTXy9cFSktJLtvTCTovJJybc__Ivqs6XaXxk9U +# sha256: bcvJ6j5UB8sOJ_M88DAsqvmaLxD2UnAP9ys-_J6Bdcc +letsencrypt-apache==0.4.1 diff --git a/letsencrypt-compatibility-test/setup.py b/letsencrypt-compatibility-test/setup.py index 67262ba72..3290e86ec 100644 --- a/letsencrypt-compatibility-test/setup.py +++ b/letsencrypt-compatibility-test/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.5.0.dev0' +version = '0.4.1' install_requires = [ 'letsencrypt=={0}'.format(version), diff --git a/letsencrypt-nginx/setup.py b/letsencrypt-nginx/setup.py index 656d6e04f..25f4ca2c1 100644 --- a/letsencrypt-nginx/setup.py +++ b/letsencrypt-nginx/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.5.0.dev0' +version = '0.4.1' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/letsencrypt/__init__.py b/letsencrypt/__init__.py index 0dbeb1567..979ee3684 100644 --- a/letsencrypt/__init__.py +++ b/letsencrypt/__init__.py @@ -1,4 +1,4 @@ """Let's Encrypt client.""" # version number like 1.2.3a0, must have at least 2 parts, like 1.2 -__version__ = '0.5.0.dev0' +__version__ = '0.4.1' diff --git a/letshelp-letsencrypt/setup.py b/letshelp-letsencrypt/setup.py index fff8dcfc3..b361cf508 100644 --- a/letshelp-letsencrypt/setup.py +++ b/letshelp-letsencrypt/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.5.0.dev0' +version = '0.4.1' install_requires = [ 'setuptools', # pkg_resources From 32d350c16fd8027a1180fafffb3491fa015fdd9b Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Mon, 29 Feb 2016 16:30:37 -0800 Subject: [PATCH 17/37] Bump version to 0.5.0 --- acme/setup.py | 2 +- letsencrypt-apache/setup.py | 2 +- letsencrypt-compatibility-test/setup.py | 2 +- letsencrypt-nginx/setup.py | 2 +- letsencrypt/__init__.py | 2 +- letshelp-letsencrypt/setup.py | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/acme/setup.py b/acme/setup.py index a621b7634..5a77f8a67 100644 --- a/acme/setup.py +++ b/acme/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.4.1' +version = '0.5.0.dev0' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/letsencrypt-apache/setup.py b/letsencrypt-apache/setup.py index 96a01548a..a8e010f0e 100644 --- a/letsencrypt-apache/setup.py +++ b/letsencrypt-apache/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.4.1' +version = '0.5.0.dev0' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/letsencrypt-compatibility-test/setup.py b/letsencrypt-compatibility-test/setup.py index 3290e86ec..67262ba72 100644 --- a/letsencrypt-compatibility-test/setup.py +++ b/letsencrypt-compatibility-test/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.4.1' +version = '0.5.0.dev0' install_requires = [ 'letsencrypt=={0}'.format(version), diff --git a/letsencrypt-nginx/setup.py b/letsencrypt-nginx/setup.py index 25f4ca2c1..656d6e04f 100644 --- a/letsencrypt-nginx/setup.py +++ b/letsencrypt-nginx/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.4.1' +version = '0.5.0.dev0' # Please update tox.ini when modifying dependency version requirements install_requires = [ diff --git a/letsencrypt/__init__.py b/letsencrypt/__init__.py index 979ee3684..0dbeb1567 100644 --- a/letsencrypt/__init__.py +++ b/letsencrypt/__init__.py @@ -1,4 +1,4 @@ """Let's Encrypt client.""" # version number like 1.2.3a0, must have at least 2 parts, like 1.2 -__version__ = '0.4.1' +__version__ = '0.5.0.dev0' diff --git a/letshelp-letsencrypt/setup.py b/letshelp-letsencrypt/setup.py index b361cf508..fff8dcfc3 100644 --- a/letshelp-letsencrypt/setup.py +++ b/letshelp-letsencrypt/setup.py @@ -4,7 +4,7 @@ from setuptools import setup from setuptools import find_packages -version = '0.4.1' +version = '0.5.0.dev0' install_requires = [ 'setuptools', # pkg_resources From f1bfbadbdbd5cd7bf853d09a062a44020f2ddaf5 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Tue, 1 Mar 2016 11:21:40 -0800 Subject: [PATCH 18/37] Don't track releases folder --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 341843f98..38c95986c 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,7 @@ dist*/ /venv*/ /kgs/ /.tox/ +/releases/ letsencrypt.log # coverage From 465c1bd2629fd4c9ef41aadc74b85c6c5889d620 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Tue, 1 Mar 2016 11:21:51 -0800 Subject: [PATCH 19/37] Add pubkey to tree --- tools/eff-pubkey.pem | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 tools/eff-pubkey.pem diff --git a/tools/eff-pubkey.pem b/tools/eff-pubkey.pem new file mode 100644 index 000000000..fe6c2f5bb --- /dev/null +++ b/tools/eff-pubkey.pem @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MR8W/galdxnpGqBsYbq +OzQb2eyW15YFjDDEMI0ZOzt8f504obNs920lDnpPD2/KqgsfjOgw2K7xWDJIj/18 +xUvWPk3LDkrnokNiRkA3KOx3W6fHycKL+zID7zy+xZYBuh2fLyQtWV1VGQ45iNRp +9+Zo7rH86cdfgkdnWTlNSHyTLW9NbXvyv/E12bppPcEvgCTAQXgnDVJ0/sqmeiij +n9tTFh03aM+R2V/21h8aTraAS24qiPCz6gkmYGC8yr6mglcnNoYbsLNYZ69zF1XH +cXPduCPdPdfLlzVlKK1/U7hkA28eG3BIAMh6uJYBRJTpiGgaGdPd7YekUB8S6cy+ +CQIDAQAB +-----END PUBLIC KEY----- From d0a461b26a9bec6742bdddf670ff0b83738903e3 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Tue, 1 Mar 2016 11:25:38 -0800 Subject: [PATCH 20/37] fix permissions on renewal conf files --- letsencrypt/tests/testdata/sample-renewal-ancient.conf | 0 letsencrypt/tests/testdata/sample-renewal.conf | 0 2 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 letsencrypt/tests/testdata/sample-renewal-ancient.conf mode change 100755 => 100644 letsencrypt/tests/testdata/sample-renewal.conf diff --git a/letsencrypt/tests/testdata/sample-renewal-ancient.conf b/letsencrypt/tests/testdata/sample-renewal-ancient.conf old mode 100755 new mode 100644 diff --git a/letsencrypt/tests/testdata/sample-renewal.conf b/letsencrypt/tests/testdata/sample-renewal.conf old mode 100755 new mode 100644 From ce2d307f54c73e27911ea7934957b8a5ec543b1c Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Tue, 1 Mar 2016 11:39:52 -0800 Subject: [PATCH 21/37] handle legacy http01_port value --- letsencrypt/cli.py | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py index 3551d5a10..9aa79cfa9 100644 --- a/letsencrypt/cli.py +++ b/letsencrypt/cli.py @@ -806,12 +806,17 @@ def _restore_required_config_elements(config, renewalparams): # int-valued items to add if they're present for config_item in INT_CONFIG_ITEMS: if config_item in renewalparams and not _set_by_cli(config_item): - try: - value = int(renewalparams[config_item]) - setattr(config.namespace, config_item, value) - except ValueError: - raise errors.Error( - "Expected a numeric value for {0}".format(config_item)) + config_value = renewalparams[config_item] + if config_item == "http01_port" and config_value == "None": + logger.info("updating legacy http01_port value") + int_value = flag_default("http01_port") + else: + try: + int_value = int(config_value) + except ValueError: + raise errors.Error( + "Expected a numeric value for {0}".format(config_item)) + setattr(config.namespace, config_item, int_value) def _restore_plugin_configs(config, renewalparams): From c531c4477dc8f13f3f36e37874cd72918e278a25 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Tue, 1 Mar 2016 11:43:31 -0800 Subject: [PATCH 22/37] add test coverage to nonetype http01_port --- letsencrypt/tests/cli_test.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/letsencrypt/tests/cli_test.py b/letsencrypt/tests/cli_test.py index aef3447c3..46c09e23c 100644 --- a/letsencrypt/tests/cli_test.py +++ b/letsencrypt/tests/cli_test.py @@ -710,6 +710,12 @@ class CLITest(unittest.TestCase): # pylint: disable=too-many-public-methods self._test_renew_common(renewalparams=renewalparams, error_expected=True, assert_oc_called=False) + def test_renew_with_nonetype_http01(self): + renewalparams = {'authenticator': 'webroot', + 'http01_port': 'None'} + self._test_renew_common(renewalparams=renewalparams, error_expected=False, + assert_oc_called=True) + def test_renew_with_bad_domain(self): renewalparams = {'authenticator': 'webroot'} names = ['*.example.com'] From 94930a48c55aed065aa869151f882593d844a77f Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Tue, 1 Mar 2016 12:49:25 -0800 Subject: [PATCH 23/37] Bump source le-auto version --- letsencrypt-auto-source/letsencrypt-auto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 86367a5c0..415bcbbc7 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -19,7 +19,7 @@ XDG_DATA_HOME=${XDG_DATA_HOME:-~/.local/share} VENV_NAME="letsencrypt" VENV_PATH=${VENV_PATH:-"$XDG_DATA_HOME/$VENV_NAME"} VENV_BIN="$VENV_PATH/bin" -LE_AUTO_VERSION="0.4.1" +LE_AUTO_VERSION="0.5.0.dev0" # This script takes the same arguments as the main letsencrypt program, but it # additionally responds to --verbose (more output) and --debug (allow support From 06bf983604c29ae35cd4900ddb93aa4466dc2cd9 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Tue, 1 Mar 2016 13:03:02 -0800 Subject: [PATCH 24/37] Autobuild le-auto with dev version --- tools/release.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/release.sh b/tools/release.sh index 78babcff2..00c986534 100755 --- a/tools/release.sh +++ b/tools/release.sh @@ -216,6 +216,8 @@ echo twine upload "$root/dist.$version/*/*" if [ "$RELEASE_BRANCH" = candidate-"$version" ] ; then SetVersion "$nextversion".dev0 + letsencrypt-auto-source/build.py + git add letsencrypt-auto-source/letsencrypt-auto git diff git commit -m "Bump version to $nextversion" fi From b1918995d1ed89fac7f1af470efca77b19b9f7a9 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Tue, 1 Mar 2016 16:26:03 -0800 Subject: [PATCH 25/37] documentation++ --- letsencrypt/cli.py | 1 + 1 file changed, 1 insertion(+) diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py index 9aa79cfa9..455b2d074 100644 --- a/letsencrypt/cli.py +++ b/letsencrypt/cli.py @@ -807,6 +807,7 @@ def _restore_required_config_elements(config, renewalparams): for config_item in INT_CONFIG_ITEMS: if config_item in renewalparams and not _set_by_cli(config_item): config_value = renewalparams[config_item] + # the default value for http01_port was None during private beta if config_item == "http01_port" and config_value == "None": logger.info("updating legacy http01_port value") int_value = flag_default("http01_port") From 96618a0608039eeb65a8eeab2921ce19fc9fb838 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Wed, 2 Mar 2016 14:49:39 -0800 Subject: [PATCH 26/37] Revert "version < 2.0" This reverts commit 564d37c0fdd7033be64b2ab1a10236f12024d194. --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index d07582e2b..cbf0ff89d 100644 --- a/setup.py +++ b/setup.py @@ -39,7 +39,7 @@ install_requires = [ 'ConfigArgParse>=0.9.3', 'configobj', 'cryptography>=0.7', # load_pem_x509_certificate - 'parsedatetime<2.0', # parsedatetime 2.0 doesn't work on py26 + 'parsedatetime', 'psutil>=2.1.0', # net_connections introduced in 2.1.0 'PyOpenSSL', 'pyrfc3339', From 0b118c6522d0d34b4d812de51771827bdd5983ac Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Wed, 2 Mar 2016 14:53:11 -0800 Subject: [PATCH 27/37] Upgrade le-auto parsedatetime pin to 2.1 --- letsencrypt-auto-source/letsencrypt-auto | 6 +++--- .../pieces/letsencrypt-auto-requirements.txt | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 415bcbbc7..5f8cbb5b6 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -528,9 +528,9 @@ ndg-httpsclient==0.4.0 # sha256: HDW0rCBs7y0kgWyJ-Jzyid09OM98RJuz-re_bUPwGx8 ordereddict==1.1 -# sha256: OnTxAPkNZZGDFf5kkHca0gi8PxOv0y01_P5OjQs7gSs -# sha256: Paa-K-UG9ZzOMuGeMOIBBT4btNB-JWaJGOAPikmtQKs -parsedatetime==1.5 +# sha256: zp1CIWXPbpY5Bc1fdPJ06_fMmMlBkWFpF475Pw5VeDg +# sha256: F8V4d1UgyZExY04Jz8paBeqeG9KgXNBpZ-vs4Q33ry0 +parsedatetime==2.1 # sha256: Rsjbda51oFa9HMB_ohc0_i5gPRGgeDPswe63TDXHLgw # sha256: 4hJ2JqkebIhduJZol22zECDwry2nKJJLVkgPx8zwlkk diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index 7ec4db444..44e1bd79c 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -79,9 +79,9 @@ ndg-httpsclient==0.4.0 # sha256: HDW0rCBs7y0kgWyJ-Jzyid09OM98RJuz-re_bUPwGx8 ordereddict==1.1 -# sha256: OnTxAPkNZZGDFf5kkHca0gi8PxOv0y01_P5OjQs7gSs -# sha256: Paa-K-UG9ZzOMuGeMOIBBT4btNB-JWaJGOAPikmtQKs -parsedatetime==1.5 +# sha256: zp1CIWXPbpY5Bc1fdPJ06_fMmMlBkWFpF475Pw5VeDg +# sha256: F8V4d1UgyZExY04Jz8paBeqeG9KgXNBpZ-vs4Q33ry0 +parsedatetime==2.1 # sha256: Rsjbda51oFa9HMB_ohc0_i5gPRGgeDPswe63TDXHLgw # sha256: 4hJ2JqkebIhduJZol22zECDwry2nKJJLVkgPx8zwlkk From 7de0fd452c44d5bb614a859c72077e45bf285139 Mon Sep 17 00:00:00 2001 From: Erik Rose Date: Wed, 2 Mar 2016 17:54:30 -0500 Subject: [PATCH 28/37] Move pycparser above cffi in the requirements file. May fix #2499. There's no particular reason this *should* fix #2499, but it changes how pycparser gets installed (to a more modern way: pip vs. setuptools), so it may. --- letsencrypt-auto-source/letsencrypt-auto | 8 +++++--- .../pieces/letsencrypt-auto-requirements.txt | 8 +++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 415bcbbc7..46e874c08 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -455,6 +455,11 @@ if [ "$1" = "--le-auto-phase2" ]; then # sha256: YrCJpVvh2JSc0rx-DfC9254Cj678jDIDjMhIYq791uQ argparse==1.4.0 +# This comes before cffi because cffi will otherwise install an unchecked +# version via setup_requires. +# sha256: eVm0p0q9wnsxL-0cIebK-TCc4LKeqGtZH9Lpns3yf3M +pycparser==2.14 + # sha256: U8HJ3bMEMVE-t_PN7wo-BrDxJSGIqqd0SvD1pM1F268 # sha256: pWj0nfyhKo2fNwGHJX78WKOBCeHu5xTZKFYdegGKZPg # sha256: gJxsqM-8ruv71DK0V2ABtA04_yRjdzy1dXfXXhoCC8M @@ -572,9 +577,6 @@ psutil==3.3.0 # sha256: hTys2W0fcB3dZ6oD7MBfUYkBNbcmLpInEBEvEqLtKn8 pyasn1==0.1.9 -# sha256: eVm0p0q9wnsxL-0cIebK-TCc4LKeqGtZH9Lpns3yf3M -pycparser==2.14 - # sha256: iORea7Jd_tJyoe8ucoRh1EtjTCzWiemJtuVqNJxaOuU # sha256: 8KJgcNbbCIHei8x4RpNLfDyTDY-cedRYg-5ImEvA1nI pyOpenSSL==0.15.1 diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index 7ec4db444..7bffc22e7 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -6,6 +6,11 @@ # sha256: YrCJpVvh2JSc0rx-DfC9254Cj678jDIDjMhIYq791uQ argparse==1.4.0 +# This comes before cffi because cffi will otherwise install an unchecked +# version via setup_requires. +# sha256: eVm0p0q9wnsxL-0cIebK-TCc4LKeqGtZH9Lpns3yf3M +pycparser==2.14 + # sha256: U8HJ3bMEMVE-t_PN7wo-BrDxJSGIqqd0SvD1pM1F268 # sha256: pWj0nfyhKo2fNwGHJX78WKOBCeHu5xTZKFYdegGKZPg # sha256: gJxsqM-8ruv71DK0V2ABtA04_yRjdzy1dXfXXhoCC8M @@ -123,9 +128,6 @@ psutil==3.3.0 # sha256: hTys2W0fcB3dZ6oD7MBfUYkBNbcmLpInEBEvEqLtKn8 pyasn1==0.1.9 -# sha256: eVm0p0q9wnsxL-0cIebK-TCc4LKeqGtZH9Lpns3yf3M -pycparser==2.14 - # sha256: iORea7Jd_tJyoe8ucoRh1EtjTCzWiemJtuVqNJxaOuU # sha256: 8KJgcNbbCIHei8x4RpNLfDyTDY-cedRYg-5ImEvA1nI pyOpenSSL==0.15.1 From 4c9bb187777b9cb4a0460be76be80a6cd1d6df49 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Wed, 2 Mar 2016 15:22:18 -0800 Subject: [PATCH 29/37] upgrade cryptography version in le-auto --- letsencrypt-auto-source/letsencrypt-auto | 44 +++++++++---------- .../pieces/letsencrypt-auto-requirements.txt | 44 +++++++++---------- 2 files changed, 44 insertions(+), 44 deletions(-) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 415bcbbc7..67ed98563 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -479,28 +479,28 @@ ConfigArgParse==0.10.0 # sha256: ovVlB3DhyH-zNa8Zqbfrc_wFzPIhROto230AzSvLCQI configobj==5.0.6 -# sha256: 1U_hszrB4J8cEj4vl0948z6V1h1PSALdISIKXD6MEX0 -# sha256: B1X2aE4RhSAFs2MTdh7ctbqEOmTNAizhrC3L1JqTYG0 -# sha256: zjhNo4lZlluh90VKJfVp737yqxRd8ueiml4pS3TgRnc -# sha256: GvQDkV3LmWHDB2iuZRr6tpKC0dpaut-mN1IhrBGHdQM -# sha256: ag08d91PH-W8ZfJ--3fsjQSjiNpesl66DiBAwJgZ30o -# sha256: KdelgcO6_wTh--IAaltHjZ7cfPmib8ijWUkkf09lA3k -# sha256: IPAWEKpAh_bVadjMIMR4uB8DhIYnWqqx3Dx12VAsZ-A -# sha256: l9hGUIulDVomml82OK4cFmWbNTFaH0B_oVF2cH2j0Jc -# sha256: djfqRMLL1NsvLKccsmtmPRczORqnafi8g2xZVilbd5g -# sha256: gR-eqJVbPquzLgQGU0XDB4Ui5rPuPZLz0n08fNcWpjM -# sha256: DXCMjYz97Qm4fCoLqHY856ZjWG4EPmrEL9eDHpKQHLY -# sha256: Efnq11YqPgATWGytM5o_em9Yg8zhw7S5jhrGnft3p_Y -# sha256: dNhnm55-0ePs-wq1NNyTUruxz3PTYsmQkJTAlyivqJY -# sha256: z1Hd-123eBaiB1OKZgEUuC4w4IAD_uhJmwILi4SA2sU -# sha256: 47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU -# sha256: dITvgYGUFB3_eUdf-74vd6-FHiw7v-Lk1ZEjEi-KTjM -# sha256: 7gLB6J7l7pUBV6VK1YTXN8Ec83putMCFPozz8n6WLcA -# sha256: pfGPaxhQpVVKV9v2YsrSUSpGBW5paHJqmFjngN1bnQo -# sha256: 26GA8xrb5xi6qdbPirY0hJSwlLK4GAL_8zvVDSfRPnM -# sha256: 5RinlLjzjoOC9_B3kUGBPOtIE6z9MRVBwNsOGJ69eN4 -# sha256: f1FFn4TWcERCdeYVg59FQsk1R6Euk4oKSQba_l994VM -cryptography==1.1.2 +# sha256: Axk49zpcXrPoCeGP98rraGU1GHFBe-YFDLjIapogK5o +# sha256: oXmjjVD41otJHXoxPbePjKvikIQs7N3dx7NNQI5Z2wo +# sha256: kGyIsqrc-Zz6uyQJgmPRv2WrDIaIrN4Q2uHwnYZZIPE +# sha256: bnBsXGCIdwsdG2NOlZ4hlj4xWwJV9fR3cSWtPVQIKXc +# sha256: 9ev44xxI-HB5Idyg6ZTed4E6nJub8DwRnF3fl73P_nM +# sha256: x7ieQiiMx_vuOBLpnvXHRPIkUuEdaCL2gHr8bWs76D4 +# sha256: hAjSmGWUcQnYto8YN6fN4apNyG4Peco7pYwMRORD1qU +# sha256: x-ds88PZJd0x-iOM-4Bs_7pxjA8IcH13pTh2hHeWmVY +# sha256: fY3jU4DzFwJ1i3dTu1xAcjgyxzAG3tsvkJm_YaN_coc +# sha256: XtvucfrlRp7oP-CjeGa5OYyM46RjJcJPzt-_CXu0ihk +# sha256: WU7a_kgBwTvcHMMF53BKkMGWF-lZNvarRX7k_-AAulA +# sha256: t_2xagp_SBvkLadEv-HqIWMCXeIfkPLGiKMW88NU2pw +# sha256: IHuL8P4JBzNt84tzO0h1Ic-eE4GJq6kjStVP5UXdDbg +# sha256: UJovBThicM94OZPJDUn_77PdYq7kW_HqjOPSzecnHCE +# sha256: rGm2XdGvAXnt5AyfFXiMiPc-Yo6mwFGd44OOJ5uziMY +# sha256: jfb61sauEv1wBOopNX8KK003dOrsp2VlMNCNLZDNQao +# sha256: C4uW3YHMFTOgTzA4LA_iHBly4Yn3lNDEJhoYzsCP2bU +# sha256: yuj8oYg_I8UOp42J3m_k_v20zqgxd3YPRxd1WUFN7ZM +# sha256: GkccpXapzc4bHNnzoisdCe5E1GhiA3VX3heRnA20RCU +# sha256: jsTo49RTs6G2O19Xc3pDTc8e5KLyb2_3xaN8P2eRBNI +# sha256: jrEcd92Oc_SN9rL3p-Fhc_4P6P3-JmIygy6IR34IRU4 +cryptography==1.2.3 # sha256: JHXX_N31lR6S_1RpcnWIAt5SYL9Akxmp8ZNOa7yLHcc # sha256: NZB977D5krdat3iPZf7cHPIP-iJojg5vbxKvwGs-pQE diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index 7ec4db444..06d4250a9 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -30,28 +30,28 @@ ConfigArgParse==0.10.0 # sha256: ovVlB3DhyH-zNa8Zqbfrc_wFzPIhROto230AzSvLCQI configobj==5.0.6 -# sha256: 1U_hszrB4J8cEj4vl0948z6V1h1PSALdISIKXD6MEX0 -# sha256: B1X2aE4RhSAFs2MTdh7ctbqEOmTNAizhrC3L1JqTYG0 -# sha256: zjhNo4lZlluh90VKJfVp737yqxRd8ueiml4pS3TgRnc -# sha256: GvQDkV3LmWHDB2iuZRr6tpKC0dpaut-mN1IhrBGHdQM -# sha256: ag08d91PH-W8ZfJ--3fsjQSjiNpesl66DiBAwJgZ30o -# sha256: KdelgcO6_wTh--IAaltHjZ7cfPmib8ijWUkkf09lA3k -# sha256: IPAWEKpAh_bVadjMIMR4uB8DhIYnWqqx3Dx12VAsZ-A -# sha256: l9hGUIulDVomml82OK4cFmWbNTFaH0B_oVF2cH2j0Jc -# sha256: djfqRMLL1NsvLKccsmtmPRczORqnafi8g2xZVilbd5g -# sha256: gR-eqJVbPquzLgQGU0XDB4Ui5rPuPZLz0n08fNcWpjM -# sha256: DXCMjYz97Qm4fCoLqHY856ZjWG4EPmrEL9eDHpKQHLY -# sha256: Efnq11YqPgATWGytM5o_em9Yg8zhw7S5jhrGnft3p_Y -# sha256: dNhnm55-0ePs-wq1NNyTUruxz3PTYsmQkJTAlyivqJY -# sha256: z1Hd-123eBaiB1OKZgEUuC4w4IAD_uhJmwILi4SA2sU -# sha256: 47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU -# sha256: dITvgYGUFB3_eUdf-74vd6-FHiw7v-Lk1ZEjEi-KTjM -# sha256: 7gLB6J7l7pUBV6VK1YTXN8Ec83putMCFPozz8n6WLcA -# sha256: pfGPaxhQpVVKV9v2YsrSUSpGBW5paHJqmFjngN1bnQo -# sha256: 26GA8xrb5xi6qdbPirY0hJSwlLK4GAL_8zvVDSfRPnM -# sha256: 5RinlLjzjoOC9_B3kUGBPOtIE6z9MRVBwNsOGJ69eN4 -# sha256: f1FFn4TWcERCdeYVg59FQsk1R6Euk4oKSQba_l994VM -cryptography==1.1.2 +# sha256: Axk49zpcXrPoCeGP98rraGU1GHFBe-YFDLjIapogK5o +# sha256: oXmjjVD41otJHXoxPbePjKvikIQs7N3dx7NNQI5Z2wo +# sha256: kGyIsqrc-Zz6uyQJgmPRv2WrDIaIrN4Q2uHwnYZZIPE +# sha256: bnBsXGCIdwsdG2NOlZ4hlj4xWwJV9fR3cSWtPVQIKXc +# sha256: 9ev44xxI-HB5Idyg6ZTed4E6nJub8DwRnF3fl73P_nM +# sha256: x7ieQiiMx_vuOBLpnvXHRPIkUuEdaCL2gHr8bWs76D4 +# sha256: hAjSmGWUcQnYto8YN6fN4apNyG4Peco7pYwMRORD1qU +# sha256: x-ds88PZJd0x-iOM-4Bs_7pxjA8IcH13pTh2hHeWmVY +# sha256: fY3jU4DzFwJ1i3dTu1xAcjgyxzAG3tsvkJm_YaN_coc +# sha256: XtvucfrlRp7oP-CjeGa5OYyM46RjJcJPzt-_CXu0ihk +# sha256: WU7a_kgBwTvcHMMF53BKkMGWF-lZNvarRX7k_-AAulA +# sha256: t_2xagp_SBvkLadEv-HqIWMCXeIfkPLGiKMW88NU2pw +# sha256: IHuL8P4JBzNt84tzO0h1Ic-eE4GJq6kjStVP5UXdDbg +# sha256: UJovBThicM94OZPJDUn_77PdYq7kW_HqjOPSzecnHCE +# sha256: rGm2XdGvAXnt5AyfFXiMiPc-Yo6mwFGd44OOJ5uziMY +# sha256: jfb61sauEv1wBOopNX8KK003dOrsp2VlMNCNLZDNQao +# sha256: C4uW3YHMFTOgTzA4LA_iHBly4Yn3lNDEJhoYzsCP2bU +# sha256: yuj8oYg_I8UOp42J3m_k_v20zqgxd3YPRxd1WUFN7ZM +# sha256: GkccpXapzc4bHNnzoisdCe5E1GhiA3VX3heRnA20RCU +# sha256: jsTo49RTs6G2O19Xc3pDTc8e5KLyb2_3xaN8P2eRBNI +# sha256: jrEcd92Oc_SN9rL3p-Fhc_4P6P3-JmIygy6IR34IRU4 +cryptography==1.2.3 # sha256: JHXX_N31lR6S_1RpcnWIAt5SYL9Akxmp8ZNOa7yLHcc # sha256: NZB977D5krdat3iPZf7cHPIP-iJojg5vbxKvwGs-pQE From dcaf600a5d9f32bd08917f8c5be78b4f0322d16f Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Wed, 2 Mar 2016 18:15:14 -0800 Subject: [PATCH 30/37] Use newest setuptools --- letsencrypt-auto-source/letsencrypt-auto | 5 +++++ .../pieces/letsencrypt-auto-requirements.txt | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 67ed98563..7adce3e6d 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -451,6 +451,11 @@ if [ "$1" = "--le-auto-phase2" ]; then # this, do `pip install --no-cache-dir -e acme -e . -e letsencrypt-apache`, and # then use `hashin` or a more secure method to gather the hashes. +# sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo +# sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo +# sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o +setuptools==20.2.2 + # sha256: wxZH7baf09RlqEfqMVfTe-0flfGXYLEaR6qRwEtmYxQ # sha256: YrCJpVvh2JSc0rx-DfC9254Cj678jDIDjMhIYq791uQ argparse==1.4.0 diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index 06d4250a9..3e4352983 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -2,6 +2,11 @@ # this, do `pip install --no-cache-dir -e acme -e . -e letsencrypt-apache`, and # then use `hashin` or a more secure method to gather the hashes. +# sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo +# sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo +# sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o +setuptools==20.2.2 + # sha256: wxZH7baf09RlqEfqMVfTe-0flfGXYLEaR6qRwEtmYxQ # sha256: YrCJpVvh2JSc0rx-DfC9254Cj678jDIDjMhIYq791uQ argparse==1.4.0 From 25cd02c75e5e5642a5032afa730c869fbdfad3ba Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Wed, 2 Mar 2016 18:18:46 -0800 Subject: [PATCH 31/37] documentation++ --- letsencrypt-auto-source/letsencrypt-auto | 1 + letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt | 1 + 2 files changed, 2 insertions(+) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 7adce3e6d..830e32d0d 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -451,6 +451,7 @@ if [ "$1" = "--le-auto-phase2" ]; then # this, do `pip install --no-cache-dir -e acme -e . -e letsencrypt-apache`, and # then use `hashin` or a more secure method to gather the hashes. +# cryptography requires a more modern version of setuptools # sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo # sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo # sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index 3e4352983..3f90a71d0 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -2,6 +2,7 @@ # this, do `pip install --no-cache-dir -e acme -e . -e letsencrypt-apache`, and # then use `hashin` or a more secure method to gather the hashes. +# cryptography requires a more modern version of setuptools # sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo # sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo # sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o From bcdce86ced2fa3e110ddd67944848bf76202dac8 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Wed, 2 Mar 2016 19:18:40 -0800 Subject: [PATCH 32/37] split setuptools into own requirements --- letsencrypt-auto-source/letsencrypt-auto | 6 ------ .../pieces/letsencrypt-auto-requirements.txt | 6 ------ letsencrypt-auto-source/pieces/setuptools-requirements.txt | 5 +++++ 3 files changed, 5 insertions(+), 12 deletions(-) create mode 100644 letsencrypt-auto-source/pieces/setuptools-requirements.txt diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 830e32d0d..67ed98563 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -451,12 +451,6 @@ if [ "$1" = "--le-auto-phase2" ]; then # this, do `pip install --no-cache-dir -e acme -e . -e letsencrypt-apache`, and # then use `hashin` or a more secure method to gather the hashes. -# cryptography requires a more modern version of setuptools -# sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo -# sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo -# sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o -setuptools==20.2.2 - # sha256: wxZH7baf09RlqEfqMVfTe-0flfGXYLEaR6qRwEtmYxQ # sha256: YrCJpVvh2JSc0rx-DfC9254Cj678jDIDjMhIYq791uQ argparse==1.4.0 diff --git a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt index 3f90a71d0..06d4250a9 100644 --- a/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt +++ b/letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt @@ -2,12 +2,6 @@ # this, do `pip install --no-cache-dir -e acme -e . -e letsencrypt-apache`, and # then use `hashin` or a more secure method to gather the hashes. -# cryptography requires a more modern version of setuptools -# sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo -# sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo -# sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o -setuptools==20.2.2 - # sha256: wxZH7baf09RlqEfqMVfTe-0flfGXYLEaR6qRwEtmYxQ # sha256: YrCJpVvh2JSc0rx-DfC9254Cj678jDIDjMhIYq791uQ argparse==1.4.0 diff --git a/letsencrypt-auto-source/pieces/setuptools-requirements.txt b/letsencrypt-auto-source/pieces/setuptools-requirements.txt new file mode 100644 index 000000000..9dcb95a4c --- /dev/null +++ b/letsencrypt-auto-source/pieces/setuptools-requirements.txt @@ -0,0 +1,5 @@ +# cryptography requires a more modern version of setuptools +# sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo +# sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo +# sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o +setuptools==20.2.2 From bd04076bad1c5addbb001855f0210ad3c0187eed Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Wed, 2 Mar 2016 19:32:06 -0800 Subject: [PATCH 33/37] Install setuptools separately... --- letsencrypt-auto-source/letsencrypt-auto | 36 +++++++++++++------ .../letsencrypt-auto.template | 31 ++++++++++------ 2 files changed, 45 insertions(+), 22 deletions(-) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 67ed98563..6663e5069 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -421,6 +421,20 @@ TempDir() { mktemp -d 2>/dev/null || mktemp -d -t 'le' # Linux || OS X } +InstallRequirements() { + set +e + PEEP_OUT=`"$VENV_BIN/python" "$TEMP_DIR/peep.py" install -r "$TEMP_DIR/$1"` + PEEP_STATUS=$? + set -e + if [ "$PEEP_STATUS" != 0 ]; then + # Report error. (Otherwise, be quiet.) + echo "Had a problem while downloading and verifying Python packages:" + echo "$PEEP_OUT" + rm -rf "$VENV_PATH" + rm -rf "$TEMP_DIR" + exit 1 + fi +} if [ "$1" = "--le-auto-phase2" ]; then @@ -445,6 +459,15 @@ if [ "$1" = "--le-auto-phase2" ]; then echo "Installing Python packages..." TEMP_DIR=$(TempDir) # There is no $ interpolation due to quotes on starting heredoc delimiter. + # ------------------------------------------------------------------------- + cat << "UNLIKELY_EOF" > "$TEMP_DIR/setuptools-requirements.txt" +# cryptography requires a more modern version of setuptools +# sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo +# sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo +# sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o +setuptools==20.2.2 + +UNLIKELY_EOF # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/letsencrypt-auto-requirements.txt" # This is the flattened list of packages letsencrypt-auto installs. To generate @@ -1641,18 +1664,9 @@ if __name__ == '__main__': UNLIKELY_EOF # ------------------------------------------------------------------------- - set +e - PEEP_OUT=`"$VENV_BIN/python" "$TEMP_DIR/peep.py" install -r "$TEMP_DIR/letsencrypt-auto-requirements.txt"` - PEEP_STATUS=$? - set -e + InstallRequirements "setuptools-requirements.txt" + InstallRequirements "letsencrypt-auto-requirements.txt" rm -rf "$TEMP_DIR" - if [ "$PEEP_STATUS" != 0 ]; then - # Report error. (Otherwise, be quiet.) - echo "Had a problem while downloading and verifying Python packages:" - echo "$PEEP_OUT" - rm -rf "$VENV_PATH" - exit 1 - fi echo "Installation succeeded." fi echo "Requesting root privileges to run letsencrypt..." diff --git a/letsencrypt-auto-source/letsencrypt-auto.template b/letsencrypt-auto-source/letsencrypt-auto.template index ea4d064b7..4b716064b 100755 --- a/letsencrypt-auto-source/letsencrypt-auto.template +++ b/letsencrypt-auto-source/letsencrypt-auto.template @@ -169,6 +169,20 @@ TempDir() { mktemp -d 2>/dev/null || mktemp -d -t 'le' # Linux || OS X } +InstallRequirements() { + set +e + PEEP_OUT=`"$VENV_BIN/python" "$TEMP_DIR/peep.py" install -r "$TEMP_DIR/$1"` + PEEP_STATUS=$? + set -e + if [ "$PEEP_STATUS" != 0 ]; then + # Report error. (Otherwise, be quiet.) + echo "Had a problem while downloading and verifying Python packages:" + echo "$PEEP_OUT" + rm -rf "$VENV_PATH" + rm -rf "$TEMP_DIR" + exit 1 + fi +} if [ "$1" = "--le-auto-phase2" ]; then @@ -193,6 +207,10 @@ if [ "$1" = "--le-auto-phase2" ]; then echo "Installing Python packages..." TEMP_DIR=$(TempDir) # There is no $ interpolation due to quotes on starting heredoc delimiter. + # ------------------------------------------------------------------------- + cat << "UNLIKELY_EOF" > "$TEMP_DIR/setuptools-requirements.txt" +{{ setuptools-requirements.txt }} +UNLIKELY_EOF # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/letsencrypt-auto-requirements.txt" {{ letsencrypt-auto-requirements.txt }} @@ -202,18 +220,9 @@ UNLIKELY_EOF {{ peep.py }} UNLIKELY_EOF # ------------------------------------------------------------------------- - set +e - PEEP_OUT=`"$VENV_BIN/python" "$TEMP_DIR/peep.py" install -r "$TEMP_DIR/letsencrypt-auto-requirements.txt"` - PEEP_STATUS=$? - set -e + InstallRequirements "setuptools-requirements.txt" + InstallRequirements "letsencrypt-auto-requirements.txt" rm -rf "$TEMP_DIR" - if [ "$PEEP_STATUS" != 0 ]; then - # Report error. (Otherwise, be quiet.) - echo "Had a problem while downloading and verifying Python packages:" - echo "$PEEP_OUT" - rm -rf "$VENV_PATH" - exit 1 - fi echo "Installation succeeded." fi echo "Requesting root privileges to run letsencrypt..." From 34eb86b2261d587f603c2482a777017983a5afdf Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Thu, 3 Mar 2016 09:44:42 -0800 Subject: [PATCH 34/37] trap magic --- letsencrypt-auto-source/letsencrypt-auto | 3 +-- letsencrypt-auto-source/letsencrypt-auto.template | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index 6663e5069..be8d50a4d 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -431,7 +431,6 @@ InstallRequirements() { echo "Had a problem while downloading and verifying Python packages:" echo "$PEEP_OUT" rm -rf "$VENV_PATH" - rm -rf "$TEMP_DIR" exit 1 fi } @@ -458,6 +457,7 @@ if [ "$1" = "--le-auto-phase2" ]; then echo "Installing Python packages..." TEMP_DIR=$(TempDir) + trap "rm -rf $TEMP_DIR" EXIT # There is no $ interpolation due to quotes on starting heredoc delimiter. # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/setuptools-requirements.txt" @@ -1666,7 +1666,6 @@ UNLIKELY_EOF # ------------------------------------------------------------------------- InstallRequirements "setuptools-requirements.txt" InstallRequirements "letsencrypt-auto-requirements.txt" - rm -rf "$TEMP_DIR" echo "Installation succeeded." fi echo "Requesting root privileges to run letsencrypt..." diff --git a/letsencrypt-auto-source/letsencrypt-auto.template b/letsencrypt-auto-source/letsencrypt-auto.template index 4b716064b..3b3cd2a2d 100755 --- a/letsencrypt-auto-source/letsencrypt-auto.template +++ b/letsencrypt-auto-source/letsencrypt-auto.template @@ -179,7 +179,6 @@ InstallRequirements() { echo "Had a problem while downloading and verifying Python packages:" echo "$PEEP_OUT" rm -rf "$VENV_PATH" - rm -rf "$TEMP_DIR" exit 1 fi } @@ -206,6 +205,7 @@ if [ "$1" = "--le-auto-phase2" ]; then echo "Installing Python packages..." TEMP_DIR=$(TempDir) + trap "rm -rf $TEMP_DIR" EXIT # There is no $ interpolation due to quotes on starting heredoc delimiter. # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/setuptools-requirements.txt" @@ -222,7 +222,6 @@ UNLIKELY_EOF # ------------------------------------------------------------------------- InstallRequirements "setuptools-requirements.txt" InstallRequirements "letsencrypt-auto-requirements.txt" - rm -rf "$TEMP_DIR" echo "Installation succeeded." fi echo "Requesting root privileges to run letsencrypt..." From 8fbb6ed819acf471044c44326a5a9904196a0b22 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Thu, 3 Mar 2016 09:46:11 -0800 Subject: [PATCH 35/37] Use consistent comment style --- letsencrypt-auto-source/letsencrypt-auto | 2 +- letsencrypt-auto-source/pieces/setuptools-requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index be8d50a4d..f66752a43 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -461,7 +461,7 @@ if [ "$1" = "--le-auto-phase2" ]; then # There is no $ interpolation due to quotes on starting heredoc delimiter. # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/setuptools-requirements.txt" -# cryptography requires a more modern version of setuptools +# cryptography requires a more modern version of setuptools. # sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo # sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo # sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o diff --git a/letsencrypt-auto-source/pieces/setuptools-requirements.txt b/letsencrypt-auto-source/pieces/setuptools-requirements.txt index 9dcb95a4c..ab9d30da2 100644 --- a/letsencrypt-auto-source/pieces/setuptools-requirements.txt +++ b/letsencrypt-auto-source/pieces/setuptools-requirements.txt @@ -1,4 +1,4 @@ -# cryptography requires a more modern version of setuptools +# cryptography requires a more modern version of setuptools. # sha256: _ANFf7h6utSdwJ-cMTOGNpPn3bbKgrtQpzmnc3nOWpo # sha256: JPz8FTZKn-CaIg830tztyEl5Xj3j5LOT7piOZqnL2Fo # sha256: gJaELiTE8ddN_xKr6Qwm0S8F0NmlbtXgb8qm-qHkC2o From bb0406ee858c4ac78ad7612c3f8f170c3483e664 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Thu, 3 Mar 2016 12:01:53 -0800 Subject: [PATCH 36/37] quote TEMP_DIR --- letsencrypt-auto-source/letsencrypt-auto | 2 +- letsencrypt-auto-source/letsencrypt-auto.template | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index f66752a43..4eb4efa9e 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -457,7 +457,7 @@ if [ "$1" = "--le-auto-phase2" ]; then echo "Installing Python packages..." TEMP_DIR=$(TempDir) - trap "rm -rf $TEMP_DIR" EXIT + trap "rm -rf '$TEMP_DIR'" EXIT # There is no $ interpolation due to quotes on starting heredoc delimiter. # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/setuptools-requirements.txt" diff --git a/letsencrypt-auto-source/letsencrypt-auto.template b/letsencrypt-auto-source/letsencrypt-auto.template index 3b3cd2a2d..291d2ee9e 100755 --- a/letsencrypt-auto-source/letsencrypt-auto.template +++ b/letsencrypt-auto-source/letsencrypt-auto.template @@ -205,7 +205,7 @@ if [ "$1" = "--le-auto-phase2" ]; then echo "Installing Python packages..." TEMP_DIR=$(TempDir) - trap "rm -rf $TEMP_DIR" EXIT + trap "rm -rf '$TEMP_DIR'" EXIT # There is no $ interpolation due to quotes on starting heredoc delimiter. # ------------------------------------------------------------------------- cat << "UNLIKELY_EOF" > "$TEMP_DIR/setuptools-requirements.txt" From 55b63fca0dad0fae439bb3e453856987e37dea81 Mon Sep 17 00:00:00 2001 From: Erik Rose Date: Thu, 3 Mar 2016 17:09:24 -0500 Subject: [PATCH 37/37] Require setuptools>=1.0 in all packages that use the cryptography lib. When pip-installing any of these packages, pip hit our permissive, any-version "setuptools" dependency first and then ignored all subsequent, more constrained ones, like cryptography's "setuptools>=1.0". See https://github.com/pypa/pip/issues/988. It thus, on a box with setuptools 0.9.8, stuck with that version. Then, at runtime, letsencrypt crashed because pkg_resources couldn't satisfy cryptography's setuptools>=1.0 requirement. This change lets us pip-install our packages and have it work. We'll need to make sure our direct requirements (all of them) satisfy the more constrained requirements of our dependencies. Yes, it is disgusting. --- acme/setup.py | 4 +++- letsencrypt-apache/setup.py | 4 +++- letsencrypt-nginx/setup.py | 4 +++- setup.py | 4 +++- 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/acme/setup.py b/acme/setup.py index 5a77f8a67..0843288e6 100644 --- a/acme/setup.py +++ b/acme/setup.py @@ -18,7 +18,9 @@ install_requires = [ 'pyrfc3339', 'pytz', 'requests', - 'setuptools', # pkg_resources + # For pkg_resources. >=1.0 so pip resolves it to a version cryptography + # will tolerate; see #2599: + 'setuptools>=1.0', 'six', ] diff --git a/letsencrypt-apache/setup.py b/letsencrypt-apache/setup.py index a8e010f0e..46f4da54c 100644 --- a/letsencrypt-apache/setup.py +++ b/letsencrypt-apache/setup.py @@ -11,7 +11,9 @@ install_requires = [ 'acme=={0}'.format(version), 'letsencrypt=={0}'.format(version), 'python-augeas', - 'setuptools', # pkg_resources + # For pkg_resources. >=1.0 so pip resolves it to a version cryptography + # will tolerate; see #2599: + 'setuptools>=1.0', 'zope.component', 'zope.interface', ] diff --git a/letsencrypt-nginx/setup.py b/letsencrypt-nginx/setup.py index 656d6e04f..e53bef059 100644 --- a/letsencrypt-nginx/setup.py +++ b/letsencrypt-nginx/setup.py @@ -12,7 +12,9 @@ install_requires = [ 'letsencrypt=={0}'.format(version), 'PyOpenSSL', 'pyparsing>=1.5.5', # Python3 support; perhaps unnecessary? - 'setuptools', # pkg_resources + # For pkg_resources. >=1.0 so pip resolves it to a version cryptography + # will tolerate; see #2599: + 'setuptools>=1.0', 'zope.interface', ] diff --git a/setup.py b/setup.py index cbf0ff89d..b187e6fdb 100644 --- a/setup.py +++ b/setup.py @@ -45,7 +45,9 @@ install_requires = [ 'pyrfc3339', 'python2-pythondialog>=3.2.2rc1', # Debian squeeze support, cf. #280 'pytz', - 'setuptools', # pkg_resources + # For pkg_resources. >=1.0 so pip resolves it to a version cryptography + # will tolerate; see #2599: + 'setuptools>=1.0', 'six', 'zope.component', 'zope.interface',