Without this change, the Route53 plugin is listed twice when running
Certbot interactively (once under the old name, once under the new name).
This change ensures only the new name is shown, while maintaining hidden
backwards compatibility with the old name.
* add TLSSNI01DualNetworkedServers
* use DualNetworkedServers in certbot/plugins/standalone.py
also, make both servers run on the same port.
* make probe_sni connect on ipv6 and ipv4 using None
* mimic BSD-like conditions to get test coverage
* test ServerManager taking into account BSD systems
* pass tests even if python is compiled without ipv6 support
This change renames certbot-route53 to certbot-dns-route53 and updates
the package's setup.py file to maintain backwards compatibility.
Testing Done:
* Run `certbot` with `-a certbot-route53:auth`, verify the plugin runs.
* Run `certbot` with `--dns-route53`, verify the plugin runs.
* Remove dependency on git from pip_install.sh.
Using git allowed this file to continue to work even if it was moved to another
directory. This slight increase in robustness wasn't worth it though as it
broke our development Dockerfile (see #4703), the certbot website's Dockerfile
(see certbot/website#226), and our test farm tests (see
certbot/tests/letstest/scripts/test_apache2.sh for an example that calls
tools/venv.sh without installing git). Rather than continuing to find and patch
these things, let's just allow this script to fail if it's moved rather than
propagating the git dependency all over the place.
* Add readlink.py.
This is the equivalent of `readlink -f` on many Linux systems. This is useful
as there are often differences in readlink on different platforms.
* Use readlink.py in pip_install.sh.
This allows us to work around differences in readlink on macOS.
The program readlink used to be used in integration tests so an environment
variable was used to handle differences in the executable on different systems.
This command is no longer used though so the variable can be removed.
Using ArgumentTypeError causes Certbot to report an unexpected error occurred
while using ArgumentError causes argparse to print more usage information and
call sys.exit().
* move install_ssl_options_conf functionality to common
* add no cover
* compute current hash instead of saving
* make current hash be computed; switch to list of all canonical hashes
* put message directly into assertion
* don't pass logger
* add docstring
* Add unit tests for certbot.plugins.common.install_ssl_options_conf
* Add OS X test
* Fix apache tests
* Use absolute path first so that certbot works with non-standard $PATH
Some tests use a fake $PATH, which prevents invoking `sw_vers`
* Also test Python 3 on Mac
* Set ulimit to fix "Too many open files"
This change refactors the release script to handle subpackages which are
not bundled as a part of cerbot-auto.
The script now allows developers to define subpackages as either being
included in certbot-auto, or not.
The script then uses one of three sets of subpackages for each operation:
* The version number is updated for all non-certbot subpackages
(and certbot itself is handled separately)
* sdists and wheels are created for all non-certbot subpackages
(and certbot itself is handled separately)
* Testing is performed for all subpackages
* Hashes are pinned for certbot-auto subpackages (including certbot)
* cert signature validation for certificates subcommand + a test
* refactoring validation + adding in a check for making sure that the private key matches the certificate
* adding testing certs
* assertIsNone(x) -> assertEqual(None,x) to unbreak the py2.6 tests
* modifying test_verifu_renewable_cert_failure to hopefully appease python 3 test timeouts
* updating cryptography to be >=1.2 so that we can use verify
* removing unused, old testing certificate
* adding better error handling/logging
* adding test for IOError
* switching to a 2048 bit rsa key
This change updates the setup script for the route53 plugin to more
closely match conventions from other packages in the repository.
Notable changes:
* The version number is bumped to match the rest of Certbot.
* The package now requires a matching version of ACME and core Certbot.
* Contact information is updated.
* Additional versions of Python are listed.
Implement an Authenticator which can fulfill a dns-01 challenge using
the NS1 DNS API. Applicable only for domains using NS1 DNS.
Testing Done:
* `tox -e py27`
* `tox -e lint`
* Manual testing:
* Used `certbot certonly --dns-nsone -d`, specifying a
credentials file as a command line argument. Verified that a
certificate was successfully obtained without user interaction.
* Used `certbot certonly --dns-nsone -d`, without specifying a
credentials file as a command line argument. Verified that the
user was prompted and that a certificate was successfully
obtained.
* Used `certbot certonly -d`. Verified that the user was prompted for
a credentials file after selecting dnsimple interactively and that
a certificate was successfully obtained.
* Used `certbot renew --force-renewal`. Verified that certificates
were renewed without user interaction.
* Negative testing:
* Path to non-existent credentials file.
* Credentials file with unsafe permissions (644).
* Path to credentials file with an invalid token.
* Path to credentials file without a token.
* Domain name not registered to NS1 account.
* Automatically delete temp log file when not used.
This allows close() calls in logging.shutdown() to cause the file to be
deleted when no logging output has been written to the file.
* Make certbot.log.MemoryHandler.flush() a noop.
This causes MemoryHandler.flush() calls in logging.shutdown to be a noop,
allowing us to control when the handler is actually flushed. This prevents log
records from being sent to a temporary file handler for things like
`certbot --version`.
* Keep reference to certbot.log.MemoryHandler.target
In Python 2.7+, the logging module only keeps weak references to created
logging handlers. Because of this, the MemoryHandler's target will not be
properly flushed and closed when logging.shutdown() is called on program exit
unless we keep a reference to it in the MemoryHandler.
* Fixes#4719.
This completes the changes necessary to fix#4719. Now temporary log files are
not created if sys.exit() is called before logging is fully set up. These files
are still created if Certbot crashes for any other reason.
* Document pre_arg_parse_except_hook args.
