Coverage for certbot/plugins/common.py : 100%
Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
|
"""Plugin common functions."""
"""ArgumentParser options namespace (prefix of all options)."""
"""ArgumentParser dest namespace (prefix of all destinations)."""
r"(^127\.0\.0\.1)|(^10\.)|(^172\.1[6-9]\.)|" r"(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^192\.168\.)") r"^(([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*[a-z]+$", re.IGNORECASE)
"""Generic plugin.""" # provider is not inherited, subclasses must define it on their own # @zope.interface.provider(interfaces.IPluginFactory)
def add_parser_arguments(cls, add): """Add plugin arguments to the CLI argument parser.
NOTE: If some of your flags interact with others, you can use cli.report_config_interaction to register this to ensure values are correctly saved/overridable during renewal.
:param callable add: Function that proxies calls to `argparse.ArgumentParser.add_argument` prepending options with unique plugin name prefix.
"""
def inject_parser_options(cls, parser, name): """Inject parser options.
See `~.IPlugin.inject_parser_options` for docs.
""" # dummy function, doesn't check if dest.startswith(self.dest_namespace) # pylint: disable=missing-docstring "--{0}{1}".format(option_namespace(name), arg_name_no_prefix), *args, **kwargs)
def option_namespace(self): """ArgumentParser options namespace (prefix of all options)."""
"""Option name (include plugin namespace)."""
def dest_namespace(self): """ArgumentParser dest namespace (prefix of all destinations)."""
"""Find a destination for given variable ``var``.""" # this should do exactly the same what ArgumentParser(arg), # does to "arg" to compute "dest"
"""Find a configuration value for variable ``var``."""
"""An installer base class with reverter and ssl_dhparam methods defined.
Installer plugins do not have to inherit from this class.
"""
"""Add files to a checkpoint.
:param set save_files: set of filepaths to save :param str save_notes: notes about changes during the save :param bool temporary: True if the files should be added to a temporary checkpoint rather than a permanent one. This is usually used for changes that will soon be reverted.
:raises .errors.PluginError: when unable to add to checkpoint
""" else:
"""Timestamp and save changes made through the reverter.
:param str title: Title describing checkpoint
:raises .errors.PluginError: when an error occurs
"""
"""Revert all previously modified files.
Reverts all modified files that have not been saved as a checkpoint
:raises .errors.PluginError: If unable to recover the configuration
"""
"""Rollback temporary checkpoint.
:raises .errors.PluginError: when unable to revert config
"""
"""Rollback saved checkpoints.
:param int rollback: Number of checkpoints to revert
:raises .errors.PluginError: If there is a problem with the input or the function is unable to correctly revert the configuration
"""
"""Show all of the configuration changes that have taken place.
:raises .errors.PluginError: If there is a problem while processing the checkpoints directories.
"""
def ssl_dhparams(self): """Full absolute path to ssl_dhparams file."""
def updated_ssl_dhparams_digest(self): """Full absolute path to digest of updated ssl_dhparams file."""
"""Copy Certbot's ssl_dhparams file into the system's config dir if required.""" self.ssl_dhparams, self.updated_ssl_dhparams_digest, constants.SSL_DHPARAMS_SRC, constants.ALL_SSL_DHPARAMS_HASHES)
r"""Represents an virtual host address.
:param str addr: addr part of vhost address :param str port: port number or \*, or ""
"""
def fromstring(cls, str_addr): """Initialize Addr from string.""" # ipv6 addresses starts with [ else:
"""Normalized representation of addr/port tuple """
# compare normalized to take different # styles of representation into account
"""Return addr part of Addr object."""
"""Return port."""
"""Return new address object with same addr and new port."""
"""Return IPv6 address in normalized form, helper function"""
"""Return IPv6 in normalized form"""
"""Explode IPv6 address for comparison""" # too long, truncate # encountered ::, so rest of the blocks should be # appended to the end # remove leading zeros else: # count the location from the end using negative indices
"""Abstract base for challenge performers.
:ivar configurator: Authenticator and installer plugin :ivar achalls: Annotated challenges :vartype achalls: `list` of `.KeyAuthorizationAnnotatedChallenge` :ivar indices: Holds the indices of challenges from a larger array so the user of the class doesn't have to. :vartype indices: `list` of `int`
"""
"""Store challenge to be performed when perform() is called.
:param .KeyAuthorizationAnnotatedChallenge achall: Annotated challenge. :param int idx: index to challenge in a larger array
"""
"""Perform all added challenges.
:returns: challenge respones :rtype: `list` of `acme.challenges.KeyAuthorizationChallengeResponse`
"""
# pylint: disable=abstract-method """Abstract base for TLS-SNI-01 challenge performers"""
configurator.config.config_dir, "le_tls_sni_01_cert_challenge.conf") # self.completed = 0
"""Returns standardized name for challenge certificate.
:param .KeyAuthorizationAnnotatedChallenge achall: Annotated tls-sni-01 challenge.
:returns: certificate file name :rtype: str
""" achall.chall.encode("token") + ".crt")
"""Get standardized path to challenge key.""" achall.chall.encode("token") + '.pem')
"""Returns z_domain (SNI) name for the challenge."""
"""Generate and write out challenge certificate.""" # Register the path before you write out the file
cert_key=cert_key) OpenSSL.crypto.FILETYPE_PEM, cert) OpenSSL.crypto.FILETYPE_PEM, key)
# Write out challenge cert and key
"""Copy a file into an active location (likely the system's config dir) if required.
:param str dest_path: destination path for version controlled file :param str digest_path: path to save a digest of the file in :param str src_path: path to version controlled file found in distribution :param list all_hashes: hashes of every released version of the file """
# Check to make sure options-ssl.conf is installed # there's already a file there. if it's up to date, do nothing. if it's not but # it matches a known file hash, we can update it. # otherwise, print a warning once per new version. else: # has been manually modified, not safe to update # did they modify the current version or an old version? # they modified it after we either installed or told them about this version, so return # there's a new version but we couldn't update the file, or they deleted the digest. # save the current digest so we only print this once, and print a warning "saved to %s. We recommend updating %s for security purposes.", dest_path, src_path, dest_path)
# test utils used by certbot_apache/certbot_nginx (hence # "pragma: no cover") TODO: this might quickly lead to dead code (also # c.f. #383)
def dir_setup(test_dir, pkg): # pragma: no cover """Setup the directories necessary for the configurator.""" def expanded_tempdir(prefix): """Return the real path of a temp directory with the specified prefix
Some plugins rely on real paths of symlinks for working correctly. For example, certbot-apache uses real paths of configuration files to tell a virtual host from another. On systems where TMP itself is a symbolic link, (ex: OS X) such plugins will be confused. This function prevents such a case. """ return os.path.realpath(tempfile.mkdtemp(prefix))
temp_dir = expanded_tempdir("temp") config_dir = expanded_tempdir("config") work_dir = expanded_tempdir("work")
os.chmod(temp_dir, constants.CONFIG_DIRS_MODE) os.chmod(config_dir, constants.CONFIG_DIRS_MODE) os.chmod(work_dir, constants.CONFIG_DIRS_MODE)
test_configs = pkg_resources.resource_filename( pkg, os.path.join("testdata", test_dir))
shutil.copytree( test_configs, os.path.join(temp_dir, test_dir), symlinks=True)
return temp_dir, config_dir, work_dir |