* get http01 challenge working
* support multiple challenge types in configurator.py
* update existing nginx tests
* lint
* refactor NginxHttp01 and NginxTlsSni01 to both now inherit from NginxChallengePerformer
* remove TODO
* challenges_test tests with both tlssni01 and http01
* Make challenges.py more abstract to make lint happier
* add pylint disables to the tests to make pylint happier about the inheritance and abstraction situation
* no need to cover raise NotImplementedError() lines
* python3 compatibility
* test that http01 perform is called
* only remove ssl from addresses during http01
* Initialize addrs_to_add
* Change Nginx http01 to modify server block so the site doesn't stop serving while getting a cert
* pass existing unit tests
* rename sni --> http01 in unit tests
* lint
* fix configurator test
* select an http block instead of https
* properly test for port number
* use domains that have matching addresses
* remove debugger
* remove access_log and error_log cruft that wasn't being executed
* continue to return None from choose_redirect_vhost when create_if_no_match is False
* add nginx integration test
* create_new_vhost_from_default --> duplicate_vhost
* add source_path property
* set source path for duplicated vhost
* change around logic of where making ssl happens
* don't add listen 80 to newly created ssl block
* cache vhosts list
* remove source path
* add redirect block if we created a new server block
* Remove listen directives when making server block ssl
* Reset vhost cache on parser load
* flip connected pointer direction for finding newly made server block to match previous redirect search constraints
* also test for new redirect block styles
* fix contains_list and test redirect blocks
* update lint, parser, and obj tests
* reset new vhost (fixing previous bug) and move removing default from addrs under if statement
* reuse and update newly created ssl server block when appropriate, and update unit tests
* append newly created server blocks to file instead of inserting directly after, so we don't have to update other vhosts' paths
* add coverage for NO_IF_REDIRECT_COMMENT_BLOCK
* add coverage for parser load calls
* replace some double quotes with single quotes
* replace backslash continuations with parentheses
* update docstrings
* switch to only creating a new block on redirect enhancement, including removing the get_vhosts cache
* update configurator tests
* update obj test
* switch delete_default default for duplicate_vhost
The reason for this PR is many bug fixes in the nginx plugin for changes we haven't released yet are included in #5220 which may not make our next release. If it doesn't, we will (mostly) revert the nginx plugin back to its previous state to avoid releasing these bugs and will revert this PR after the release.
* Revert "Nginx IPv6 support (#5178)"
This reverts commit 68e37b03c8.
* Revert "Fix bug that stopped nginx from finding new server block for redirect (#5198)"
This reverts commit e2ab940ac0.
* Revert "Nginx creates a vhost block if no matching block is found (#5153)"
This reverts commit 95a7d45856.
* Allow authentication if there's no appropriate vhost
* Update test
* add flag to suppress raising error if no match is found
* Allow installation if there's no appropriate vhost
* remove traceback
* make new vhost ssl
* Fix existing bugs in nginxparser.py and obj.py
* Switch isinstance(x, str) to isinstance(x, six.string_types) in the Nginx plugin
* remove unused import
* remove unneeded custom copy from Addr
* Add docstring for create_new_vhost_from_default
* add test for create_new_vhost_from_default
* add configurator tests and leave finding the first server block for another PR
* don't assume order from a set
* address multiple default_server problem
* don't add vhosts twice
* update unit tests
* update docstring
* Add logger.info message for using default address in tlssni01 auth
* Change add_server_directives replace=True behavior to attempt to replace, but append on failure to find.
* Remove try/except around add_server_directives
* Switch to using include directive for Nginx constants
* remove deprecated comment
* give better error message when attempting to insert an existing directive
* make code more readable
* add docstrings
* allow a duplicated directive if it's identical
* comment out precisely repeated directives
* add comments
* rewrite nginx parser to allow everything that nginx does
* also make changes in tls_sni_01.py
* add test case with
* allow embedded variables
* allow empty ${} variable
* fix quotes
* un-special case if
* update all tests to reflect current parsing
* escape in QuotedString after merge
* add test cases for variable weirdness that are almost certainly nginx bugs
* update regex for correct variable rules
* close paren doesn't invoke last_space
* Make test file valid Nginx syntax
* Move parse_server to be a method of NginxParser
* add super equal method to more correctly check addr equality in nginx should we support ipv6 in nginx in the future
* add addr:normalized_tuple method
* mark addresses listening sslishly due to another server block listening sslishly on that address
* test turning on ssl globally
* add docstring
* lint and remove extra file
* Cache the vhost we find during nginx deployment for OCSP enhancement.
* Refactor to pass domain into enhancement functions
* Add https redirect to most name-matching block listening non-sslishly.
* Redirect enhancement chooses the vhost most closely matching target_name that is listening to port 80 without using ssl.
* Add default listen 80 directive when it is implicitly defined
* Restructure add_server_directives to take a vhost as argument. This is the first step towards fixing vhost selection in nginx.
* Save path to vhost in file while parsing in get_vhosts().
* Disable creating a new server block when no names match.
* Make parser select vhost based on information in the vhost it found previously, rather than searching again for a match.
* Make add_server_directives update the passed vhost
* Update boulder config to pass test
* Add testing code for the _do_for_subarray function
* documentation and formatting updates
