mirror of
https://github.com/certbot/certbot.git
synced 2026-06-07 07:42:08 -04:00
2acc1dcc89
Fixes #7988. As described there, the steps involved are: 1. Update our tests so they fail due to this problem. 2. Update the keys used in the tests so they pass with the new changes. For 1, see a [failing travis run](https://travis-ci.com/github/certbot/certbot/jobs/340710511) with the included change. And for the full output to confirm that this is what is failing, see a [run on debian 10](https://github.com/certbot/certbot/files/4692350/debian_run_log.txt). This PR adds `rsa4096_key.pem` and `rsa4096_cert.pem`, updates the `TLS-ALPN` test to use those keys in place of the 1024-bit versions, and fixes the README in that `testdata` folder with correct instructions to generate these files. * export PIP_NO_BINARY in pip install subshell in test_sdists.sh * set environment variable on the line that installs most packages * Generate 4096-bit rsa key and cert, and fix README instructions to do so. * Update TLS_ALPN test to use 4096-bit key instead of 1024-bit key. * Update changelog * Older versions of Python have an error when both VIRTUAL_NO_DOWNLOAD and PIP_NO_BINARY are set, so only apply the latter at the install phase. * Add enum34 constraint manually, since rebuild_dependencies.py seems to be broken. * only delete key if it exists * Check OpenSSL version before trying to set PIP_NO_BINARY * Add comment explaining why we only set PIP_NO_BINARY at the install step
61 lines
1.8 KiB
Bash
Executable file
61 lines
1.8 KiB
Bash
Executable file
#!/bin/sh -xe
|
|
|
|
cd letsencrypt
|
|
|
|
# If we're on a RHEL 6 based system, we can be confident Python is already
|
|
# installed because the package manager is written in Python.
|
|
if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') -eq 26 ]; then
|
|
# RHEL/CentOS 6 will need a special treatment, so we need to detect that environment
|
|
RUN_RHEL6_TESTS=1
|
|
fi
|
|
|
|
letsencrypt-auto-source/letsencrypt-auto --install-only -n --debug
|
|
|
|
if [ "$RUN_RHEL6_TESTS" = 1 ]; then
|
|
# Enable the SCL Python 3.6 installed by letsencrypt-auto bootstrap
|
|
PATH="/opt/rh/rh-python36/root/usr/bin:$PATH"
|
|
fi
|
|
|
|
PLUGINS="certbot-apache certbot-nginx"
|
|
PYTHON_MAJOR_VERSION=$(/opt/eff.org/certbot/venv/bin/python --version 2>&1 | cut -d" " -f 2 | cut -d. -f1)
|
|
TEMP_DIR=$(mktemp -d)
|
|
|
|
if [ "$PYTHON_MAJOR_VERSION" = "3" ]; then
|
|
# Some distros like Fedora may only have an executable named python3 installed.
|
|
PYTHON_NAME="python3"
|
|
VENV_PATH="venv3"
|
|
VENV_SCRIPT="tools/venv3.py"
|
|
else
|
|
PYTHON_NAME="python"
|
|
VENV_SCRIPT="tools/venv.py"
|
|
VENV_PATH="venv"
|
|
fi
|
|
|
|
VERSION=$("$PYTHON_NAME" letsencrypt-auto-source/version.py)
|
|
|
|
# setup venv
|
|
CERTBOT_PIP_NO_BINARY=":all:" "$VENV_SCRIPT" --requirement letsencrypt-auto-source/pieces/dependency-requirements.txt
|
|
. "$VENV_PATH/bin/activate"
|
|
# pytest is needed to run tests on some of our packages so we install a pinned version here.
|
|
tools/pip_install.py pytest
|
|
|
|
# build sdists
|
|
for pkg_dir in acme certbot $PLUGINS; do
|
|
cd $pkg_dir
|
|
python setup.py clean
|
|
rm -rf build dist
|
|
python setup.py sdist
|
|
mv dist/* $TEMP_DIR
|
|
cd -
|
|
done
|
|
|
|
# test sdists
|
|
cd $TEMP_DIR
|
|
for pkg in acme certbot $PLUGINS; do
|
|
tar -xvf "$pkg-$VERSION.tar.gz"
|
|
cd "$pkg-$VERSION"
|
|
python setup.py build
|
|
python setup.py test
|
|
python setup.py install
|
|
cd -
|
|
done
|