Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fast-foward to upstream #1

Merged
merged 59 commits into from
Dec 16, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
59 commits
Select commit Hold shift + click to select a range
47c1045
Implements support for ECDSA keys. Fixes #2163.
atombrella Aug 31, 2020
198f5a9
Merge pull request #8431 from atombrella/ec_dsa_2163
adferrand Nov 4, 2020
8f57870
Handle unexpected key type migration. (#8435)
adferrand Nov 11, 2020
f15f4f9
Add certbot renew --key-type test (#8447)
bmw Nov 11, 2020
b742b60
Use better asserts. Added notes to style guide. (#8451)
atombrella Nov 12, 2020
553d327
Add --dns-server option in run_acme_server (#7722)
adferrand Nov 12, 2020
78edb28
cli: improve Obtaining/Renewing wording (#8395)
alexzorin Nov 13, 2020
9055792
Add certbot-dns-rfc2136 integration testing (#8448)
alexzorin Nov 17, 2020
7ba35b4
import print_function
bmw Nov 17, 2020
e8139e8
certbot-ci: fix py2 crash in dns_server
alexzorin Nov 17, 2020
5a85825
Merge pull request #8458 from certbot/fix-py2-integration
bmw Nov 17, 2020
be3d0d8
Read files as binary in crypto_util for crypto.load_certificate. (#8371)
atombrella Nov 18, 2020
a8cede6
Flesh out ECDSA documentation (#8464)
bmw Nov 19, 2020
9ca7f76
Merge pull request #8444 from certbot/ecdsa
bmw Nov 19, 2020
9a4e95e
Add Python 3.9 support and tests (#8460)
bmw Nov 19, 2020
aea416f
Fix link typo in README (#8476)
atombrella Nov 25, 2020
f5a88ad
nginx: fix Unicode crash on Python 2 (#8480)
alexzorin Nov 27, 2020
43ee299
Update changelog for 1.10.0 release
bmw Dec 1, 2020
adacc4a
Release 1.10.0
bmw Dec 1, 2020
7b68761
Add contents to certbot/CHANGELOG.md for next version
bmw Dec 1, 2020
baab69e
Bump version to 1.11.0
bmw Dec 1, 2020
faa8d23
Merge pull request #8487 from certbot/candidate-1.10.0
ohemorange Dec 1, 2020
31b5f13
Fix changelog typo (#8488)
bmw Dec 1, 2020
ff3a07d
Deprecate certbot-auto and remove tests
adferrand Dec 1, 2020
e5113d5
Undo certbot-auto changes and remove centos6 tests
bmw Dec 2, 2020
d1e7404
Merge pull request #8498 from certbot/remove-centos6-tests
bmw Dec 2, 2020
1a3c96a
Deprecate certbot-auto and remove tests
adferrand Dec 1, 2020
7497c51
Undo certbot-auto changes and remove centos6 tests
bmw Dec 2, 2020
8738676
Merge pull request #8499 from certbot/remove-centos6-tests-1.10.x
bmw Dec 2, 2020
5f73274
Fix add deprecated argument (#8500)
bmw Dec 2, 2020
45e48b5
Fix changelog typo (#8497)
atombrella Dec 2, 2020
a71e226
Fix add deprecated argument (#8500) (#8501)
bmw Dec 3, 2020
4c896fd
Update changelog for 1.10.1 release
bmw Dec 3, 2020
64543d4
Release 1.10.1
bmw Dec 3, 2020
38f3d3d
Add contents to certbot/CHANGELOG.md for next version
bmw Dec 3, 2020
1dfac95
Bump version to 1.11.0
bmw Dec 3, 2020
67fecbe
Merge branch 'master' into candidate-1.10.1
bmw Dec 3, 2020
d3166d7
Merge pull request #8505 from certbot/candidate-1.10.1
ohemorange Dec 3, 2020
22cf94f
cli: clean up `certbot renew` summary (#8503)
alexzorin Dec 4, 2020
d476aa4
Update both main VA and remote VA to use the provided DNS server (#8467)
adferrand Dec 4, 2020
356e8d8
dns-google: improve credentials error message (#8482)
alexzorin Dec 4, 2020
5871de0
Removed some unused imports. (#8424)
atombrella Dec 4, 2020
dc3ac13
snap: disable the "user site-packages directory" (#8509)
alexzorin Dec 6, 2020
3801747
add coverage testing to dns-rfc2136 integration (#8469)
alexzorin Dec 6, 2020
447b6ff
Completely deprecate certbot-auto (#8489)
adferrand Dec 7, 2020
9045c03
Deprecate support for Python 2 (#8491)
adferrand Dec 8, 2020
148246b
Add reminders to update documentation (#8518)
bmw Dec 9, 2020
878c3e3
Avoid --system-site-packages during the snap build by preparing a ven…
adferrand Dec 10, 2020
e9a96f5
Deprecate support of Apache 2.2 in certbot-apache (#8516)
adferrand Dec 10, 2020
6d71378
Add finish_release flags and CLI parsing (#8522)
bmw Dec 10, 2020
3889311
Setup a timeout to the remote snap build process (#8484)
adferrand Dec 11, 2020
5151e2a
add OS package warning (#8533)
bmw Dec 14, 2020
7febc18
Make our test farm tests instances self-destruct (#8536)
bmw Dec 15, 2020
fcc8b38
remove CentOS 6 cruft from test farm tests (#8534)
bmw Dec 15, 2020
c5a0b1a
Add path to certbot executable in debug log (#8538)
osirisinferi Dec 16, 2020
d38766e
Enable again build isolation with proper pinning of build dependencie…
adferrand Dec 16, 2020
96a05d9
Added certbot-ci to lint section. Silenced and fixed linting warnings…
atombrella Dec 16, 2020
fcdfed9
remove reference to letsencrypt(-auto) (#8531)
bmw Dec 16, 2020
cbf42ff
Clean up certbot-auto docs (#8532)
bmw Dec 16, 2020
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 16 additions & 3 deletions .azure-pipelines/templates/jobs/extended-tests-jobs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ jobs:
- name: IMAGE_NAME
value: ubuntu-18.04
- name: PYTHON_VERSION
value: 3.8
value: 3.9
- group: certbot-common
strategy:
matrix:
Expand All @@ -14,6 +14,9 @@ jobs:
linux-py37:
PYTHON_VERSION: 3.7
TOXENV: py37
linux-py38:
PYTHON_VERSION: 3.8
TOXENV: py38
linux-py37-nopin:
PYTHON_VERSION: 3.7
TOXENV: py37
Expand Down Expand Up @@ -62,10 +65,20 @@ jobs:
PYTHON_VERSION: 3.8
TOXENV: integration
ACME_SERVER: boulder-v2
linux-boulder-v1-py39-integration:
PYTHON_VERSION: 3.9
TOXENV: integration
ACME_SERVER: boulder-v1
linux-boulder-v2-py39-integration:
PYTHON_VERSION: 3.9
TOXENV: integration
ACME_SERVER: boulder-v2
nginx-compat:
TOXENV: nginx_compat
le-auto-oraclelinux6:
TOXENV: le_auto_oraclelinux6
linux-integration-rfc2136:
IMAGE_NAME: ubuntu-18.04
PYTHON_VERSION: 3.8
TOXENV: integration-dns-rfc2136
docker-dev:
TOXENV: docker_dev
macos-farmtest-apache2:
Expand Down
2 changes: 1 addition & 1 deletion .azure-pipelines/templates/jobs/packaging-jobs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ jobs:
git config --global user.name "$(Build.RequestedFor)"
mkdir -p ~/.local/share/snapcraft/provider/launchpad
cp $(credentials.secureFilePath) ~/.local/share/snapcraft/provider/launchpad/credentials
python3 tools/snap/build_remote.py ALL --archs ${ARCHS}
python3 tools/snap/build_remote.py ALL --archs ${ARCHS} --timeout 19800
displayName: Build snaps
- script: |
set -e
Expand Down
18 changes: 9 additions & 9 deletions .azure-pipelines/templates/jobs/standard-tests-jobs.yml
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
jobs:
- job: test
variables:
PYTHON_VERSION: 3.8
PYTHON_VERSION: 3.9
strategy:
matrix:
macos-py27:
IMAGE_NAME: macOS-10.15
PYTHON_VERSION: 2.7
TOXENV: py27
macos-py38:
macos-py39:
IMAGE_NAME: macOS-10.15
PYTHON_VERSION: 3.8
TOXENV: py38
PYTHON_VERSION: 3.9
TOXENV: py39
windows-py36:
IMAGE_NAME: vs2017-win2016
PYTHON_VERSION: 3.6
Expand All @@ -38,10 +38,10 @@ jobs:
IMAGE_NAME: ubuntu-18.04
PYTHON_VERSION: 3.6
TOXENV: py36
linux-py38-cover:
linux-py39-cover:
IMAGE_NAME: ubuntu-18.04
PYTHON_VERSION: 3.8
TOXENV: py38-cover
PYTHON_VERSION: 3.9
TOXENV: py39-cover
linux-py37-lint:
IMAGE_NAME: ubuntu-18.04
PYTHON_VERSION: 3.7
Expand All @@ -58,9 +58,9 @@ jobs:
apache-compat:
IMAGE_NAME: ubuntu-18.04
TOXENV: apache_compat
le-auto-centos6:
le-modification:
IMAGE_NAME: ubuntu-18.04
TOXENV: le_auto_centos6
TOXENV: modification
apacheconftest:
IMAGE_NAME: ubuntu-18.04
PYTHON_VERSION: 2.7
Expand Down
2 changes: 2 additions & 0 deletions AUTHORS.md
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,7 @@ Authors
* [Luca Olivetti](https://github.com/olivluca)
* [Luke Rogers](https://github.com/lukeroge)
* [Maarten](https://github.com/mrtndwrd)
* [Mads Jensen](https://github.com/atombrella)
* [Maikel Martens](https://github.com/krukas)
* [Malte Janduda](https://github.com/MalteJ)
* [Mantas Mikulėnas](https://github.com/grawity)
Expand Down Expand Up @@ -213,6 +214,7 @@ Authors
* [Richard Barnes](https://github.com/r-barnes)
* [Richard Panek](https://github.com/kernelpanek)
* [Robert Buchholz](https://github.com/rbu)
* [Robert Dailey](https://github.com/pahrohfit)
* [Robert Habermann](https://github.com/frennkie)
* [Robert Xiao](https://github.com/nneonneo)
* [Roland Shoemaker](https://github.com/rolandshoemaker)
Expand Down
7 changes: 7 additions & 0 deletions acme/acme/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,3 +20,10 @@
# preserved (acme.jose.* is josepy.*)
if mod == 'josepy' or mod.startswith('josepy.'):
sys.modules['acme.' + mod.replace('josepy', 'jose', 1)] = sys.modules[mod]

if sys.version_info[0] == 2:
warnings.warn(
"Python 2 support will be dropped in the next release of acme. "
"Please upgrade your Python version.",
PendingDeprecationWarning,
) # pragma: no cover
4 changes: 4 additions & 0 deletions acme/acme/crypto_util.py
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,7 @@ def probe_sni(name, host, port=443, timeout=300, # pylint: disable=too-many-argu
raise errors.Error(error)
return client_ssl.get_peer_certificate()


def make_csr(private_key_pem, domains, must_staple=False):
"""Generate a CSR containing a list of domains as subjectAltNames.

Expand Down Expand Up @@ -217,6 +218,7 @@ def make_csr(private_key_pem, domains, must_staple=False):
return crypto.dump_certificate_request(
crypto.FILETYPE_PEM, csr)


def _pyopenssl_cert_or_req_all_names(loaded_cert_or_req):
common_name = loaded_cert_or_req.get_subject().CN
sans = _pyopenssl_cert_or_req_san(loaded_cert_or_req)
Expand All @@ -225,6 +227,7 @@ def _pyopenssl_cert_or_req_all_names(loaded_cert_or_req):
return sans
return [common_name] + [d for d in sans if d != common_name]


def _pyopenssl_cert_or_req_san(cert_or_req):
"""Get Subject Alternative Names from certificate or CSR using pyOpenSSL.

Expand Down Expand Up @@ -317,6 +320,7 @@ def gen_ss_cert(key, domains, not_before=None,
cert.sign(key, "sha256")
return cert


def dump_pyopenssl_chain(chain, filetype=crypto.FILETYPE_PEM):
"""Dump certificate chain into a bundle.

Expand Down
3 changes: 2 additions & 1 deletion acme/setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
from setuptools import find_packages
from setuptools import setup

version = '1.10.0.dev0'
version = '1.11.0.dev0'

# Please update tox.ini when modifying dependency version requirements
install_requires = [
Expand Down Expand Up @@ -66,6 +66,7 @@
'Programming Language :: Python :: 3.6',
'Programming Language :: Python :: 3.7',
'Programming Language :: Python :: 3.8',
'Programming Language :: Python :: 3.9',
'Topic :: Internet :: WWW/HTTP',
'Topic :: Security',
],
Expand Down
8 changes: 4 additions & 4 deletions acme/tests/messages_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -108,11 +108,11 @@ def test_repr(self):

def test_equality(self):
const_a_prime = self.MockConstant('a')
self.assertFalse(self.const_a == self.const_b)
self.assertTrue(self.const_a == const_a_prime)
self.assertNotEqual(self.const_a, self.const_b)
self.assertEqual(self.const_a, const_a_prime)

self.assertTrue(self.const_a != self.const_b)
self.assertFalse(self.const_a != const_a_prime)
self.assertNotEqual(self.const_a, self.const_b)
self.assertEqual(self.const_a, const_a_prime)


class DirectoryTest(unittest.TestCase):
Expand Down
3 changes: 3 additions & 0 deletions certbot-apache/certbot_apache/_internal/configurator.py
Original file line number Diff line number Diff line change
Expand Up @@ -327,6 +327,9 @@ def prepare(self):
if self.version < (2, 2):
raise errors.NotSupportedError(
"Apache Version {0} not supported.".format(str(self.version)))
elif self.version < (2, 4):
logger.warning('Support for Apache 2.2 is deprecated and will be removed in a '
'future release.')

# Recover from previous crash before Augeas initialization to have the
# correct parse tree from the get go.
Expand Down
3 changes: 2 additions & 1 deletion certbot-apache/setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
from setuptools import find_packages
from setuptools import setup

version = '1.10.0.dev0'
version = '1.11.0.dev0'

# Remember to update local-oldest-requirements.txt when changing the minimum
# acme/certbot version.
Expand Down Expand Up @@ -53,6 +53,7 @@
'Programming Language :: Python :: 3.6',
'Programming Language :: Python :: 3.7',
'Programming Language :: Python :: 3.8',
'Programming Language :: Python :: 3.9',
'Topic :: Internet :: WWW/HTTP',
'Topic :: Security',
'Topic :: System :: Installation/Setup',
Expand Down
8 changes: 4 additions & 4 deletions certbot-apache/tests/configurator_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -1350,10 +1350,10 @@ def test_choose_vhosts_wildcard(self):

# And the actual returned values
self.assertEqual(len(vhs), 1)
self.assertTrue(vhs[0].name == "certbot.demo")
self.assertEqual(vhs[0].name, "certbot.demo")
self.assertTrue(vhs[0].ssl)

self.assertFalse(vhs[0] == self.vh_truth[3])
self.assertNotEqual(vhs[0], self.vh_truth[3])

@mock.patch("certbot_apache._internal.configurator.ApacheConfigurator.make_vhost_ssl")
def test_choose_vhosts_wildcard_no_ssl(self, mock_makessl):
Expand Down Expand Up @@ -1464,10 +1464,10 @@ def mock_match(aug_expr):
self.config.parser.aug.match = mock_match
vhs = self.config.get_virtual_hosts()
self.assertEqual(len(vhs), 2)
self.assertTrue(vhs[0] == self.vh_truth[1])
self.assertEqual(vhs[0], self.vh_truth[1])
# mock_vhost should have replaced the vh_truth[0], because its filepath
# isn't a symlink
self.assertTrue(vhs[1] == mock_vhost)
self.assertEqual(vhs[1], mock_vhost)


class AugeasVhostsTest(util.ApacheTest):
Expand Down
6 changes: 3 additions & 3 deletions certbot-apache/tests/dualnode_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -412,9 +412,9 @@ def test_parsernode_notequal(self):
ancestor=self.block,
filepath="/path/to/whatever",
metadata=self.metadata)
self.assertFalse(self.block == ne_block)
self.assertFalse(self.directive == ne_directive)
self.assertFalse(self.comment == ne_comment)
self.assertNotEqual(self.block, ne_block)
self.assertNotEqual(self.directive, ne_directive)
self.assertNotEqual(self.comment, ne_comment)

def test_parsed_paths(self):
mock_p = mock.MagicMock(return_value=['/path/file.conf',
Expand Down
20 changes: 10 additions & 10 deletions certbot-apache/tests/obj_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,14 +27,14 @@ def test_repr(self):
"certbot_apache._internal.obj.Addr(('127.0.0.1', '443'))")

def test_eq(self):
self.assertTrue(self.vhost1b == self.vhost1)
self.assertFalse(self.vhost1 == self.vhost2)
self.assertEqual(self.vhost1b, self.vhost1)
self.assertNotEqual(self.vhost1, self.vhost2)
self.assertEqual(str(self.vhost1b), str(self.vhost1))
self.assertFalse(self.vhost1b == 1234)
self.assertNotEqual(self.vhost1b, 1234)

def test_ne(self):
self.assertTrue(self.vhost1 != self.vhost2)
self.assertFalse(self.vhost1 != self.vhost1b)
self.assertNotEqual(self.vhost1, self.vhost2)
self.assertEqual(self.vhost1, self.vhost1b)

def test_conflicts(self):
from certbot_apache._internal.obj import Addr
Expand Down Expand Up @@ -128,13 +128,13 @@ def test_conflicts(self):
self.assertTrue(self.addr1.conflicts(self.addr2))

def test_equal(self):
self.assertTrue(self.addr1 == self.addr2)
self.assertFalse(self.addr == self.addr1)
self.assertFalse(self.addr == 123)
self.assertEqual(self.addr1, self.addr2)
self.assertNotEqual(self.addr, self.addr1)
self.assertNotEqual(self.addr, 123)

def test_not_equal(self):
self.assertFalse(self.addr1 != self.addr2)
self.assertTrue(self.addr != self.addr1)
self.assertEqual(self.addr1, self.addr2)
self.assertNotEqual(self.addr, self.addr1)


if __name__ == "__main__":
Expand Down
32 changes: 14 additions & 18 deletions certbot-auto
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ if [ -z "$VENV_PATH" ]; then
fi
VENV_BIN="$VENV_PATH/bin"
BOOTSTRAP_VERSION_PATH="$VENV_PATH/certbot-auto-bootstrap-version.txt"
LE_AUTO_VERSION="1.9.0"
LE_AUTO_VERSION="1.10.1"
BASENAME=$(basename $0)
USAGE="Usage: $BASENAME [OPTIONS]
A self-updating wrapper script for the Certbot ACME client. When run, updates
Expand Down Expand Up @@ -799,11 +799,7 @@ BootstrapMageiaCommon() {
# that function. If Bootstrap is set to a function that doesn't install any
# packages BOOTSTRAP_VERSION is not set.
if [ -f /etc/debian_version ]; then
Bootstrap() {
BootstrapMessage "Debian-based OSes"
BootstrapDebCommon
}
BOOTSTRAP_VERSION="BootstrapDebCommon $BOOTSTRAP_DEB_COMMON_VERSION"
DEPRECATED_OS=1
elif [ -f /etc/mageia-release ]; then
# Mageia has both /etc/mageia-release and /etc/redhat-release
DEPRECATED_OS=1
Expand Down Expand Up @@ -1497,18 +1493,18 @@ letsencrypt==0.7.0 \
--hash=sha256:105a5fb107e45bcd0722eb89696986dcf5f08a86a321d6aef25a0c7c63375ade \
--hash=sha256:c36e532c486a7e92155ee09da54b436a3c420813ec1c590b98f635d924720de9

certbot==1.9.0 \
--hash=sha256:d5a804d32e471050921f7b39ed9859e2e9de02824176ed78f57266222036b53a \
--hash=sha256:2ff9bf7d9af381c7efee22dec2dd6938d9d8fddcc9e11682b86e734164a30b57
acme==1.9.0 \
--hash=sha256:d8061b396a22b21782c9b23ff9a945b23e50fca2573909a42f845e11d5658ac5 \
--hash=sha256:38a1630c98e144136c62eec4d2c545a1bdb1a3cd4eca82214be6b83a1f5a161f
certbot-apache==1.9.0 \
--hash=sha256:09528a820d57e54984d490100644cd8a6603db97bf5776f86e95795ecfacf23d \
--hash=sha256:f47fb3f4a9bd927f4812121a0beefe56b163475a28f4db34c64dc838688d9e9e
certbot-nginx==1.9.0 \
--hash=sha256:bb2e3f7fe17f071f350a3efa48571b8ef40a8e4b6db9c6da72539206a20b70be \
--hash=sha256:ab26a4f49d53b0e8bf0f903e58e2a840cda233fe1cbbc54c36ff17f973e57d65
certbot==1.10.1 \
--hash=sha256:011ac980fa21b9f29e02c9b8d8b86e8a4bf4670b51b6ad91656e401e9d2d2231 \
--hash=sha256:0d9ee3fc09e0d03b2d1b1f1c4916e61ecfc6904b4216ddef4e6a5ca1424d9cb7
acme==1.10.1 \
--hash=sha256:752d598e54e98ad1e874de53fd50c61044f1b566d6deb790db5676ce9c573546 \
--hash=sha256:fcbb559aedc96b404edf593e78517dcd7291984d5a37036c3fc77f3c5c122fd8
certbot-apache==1.10.1 \
--hash=sha256:f077b4b7f166627ef5e0921fe7cde57700670fc86e9ad9dbdfaf2c573cc0f2fa \
--hash=sha256:97ed637b4c7b03820db6c69aa90145dc989933351d46a3d62baf6b71674f0a10
certbot-nginx==1.10.1 \
--hash=sha256:7c36459021f8a1ec3b6c062e4c4fc866bfaa1dbf26ccd29e043dd6848003be08 \
--hash=sha256:c0bbeccf85f46b728fd95e6bb8c2649d32d3383d7f47ea4b9c312d12bf04d2f0

UNLIKELY_EOF
# -------------------------------------------------------------------------
Expand Down
Loading