Merge pull request #208 from letsencrypt/dead_code_removal

sanity_check - dead code removal
2026-01-24 19:22:07 +03:00 · 2015-01-29 02:11:28 -08:00
parent c5db07cf0a f6f6b79221
commit 382386159c
2 changed files with 5 additions and 53 deletions
--- a/letsencrypt/client/client.py
+++ b/letsencrypt/client/client.py
@@ -4,8 +4,6 @@ import csv
 import logging
 import os
 import shutil
-import socket
-import string
 import sys

 import M2Crypto
@@ -25,11 +23,6 @@ from letsencrypt.client import revoker

 from letsencrypt.client.apache import configurator

-# it's weird to point to ACME servers via raw IPv6 addresses, and
-# such addresses can be %SCARY in some contexts, so out of paranoia
-# let's disable them by default
-ALLOW_RAW_IPV6_SERVER = False
-

 class Client(object):
    """ACME protocol client.
@@ -96,8 +89,6 @@ class Client(object):
            logging.warning("Unable to obtain a certificate, because client "
                            "does not have a valid auth handler.")

-        sanity_check_names(domains)
-
        # Request Challenges
        for name in domains:
            self.auth_handler.add_chall_msg(
@@ -401,47 +392,6 @@ def csr_pem_to_der(csr):
    return Client.CSR(csr.file, csr_obj.as_der(), "der")


-def sanity_check_names(names):
-    """Make sure host names are valid.
-
-    :param list names: List of host names
-
-    """
-    for name in names:
-        if not is_hostname_sane(name):
-            logging.fatal("%r is an impossible hostname", name)
-            sys.exit(81)
-
-
-def is_hostname_sane(hostname):
-    """Make sure the given host name is sane.
-
-    Do enough to avoid shellcode from the environment.  There's
-    no need to do more.
-
-    :param str hostname: Host name to validate
-
-    :returns: True if hostname is valid, otherwise false.
-    :rtype: bool
-
-    """
-    # hostnames & IPv4
-    allowed = string.ascii_letters + string.digits + "-."
-    if all([c in allowed for c in hostname]):
-        return True
-
-    if not ALLOW_RAW_IPV6_SERVER:
-        return False
-
-    # ipv6 is messy and complicated, can contain %zoneindex etc.
-    try:
-        # is this a valid IPv6 address?
-        socket.getaddrinfo(hostname, 443, socket.AF_INET6)
-        return True
-    except socket.error:
-        return False
-
-
 # This should be controlled by commandline parameters
 def determine_authenticator():
    """Returns a valid IAuthenticator."""
--- a/letsencrypt/scripts/main.py
+++ b/letsencrypt/scripts/main.py
@@ -1,5 +1,9 @@
 #!/usr/bin/env python
-"""Parse command line and call the appropriate functions."""
+"""Parse command line and call the appropriate functions.
+
+..todo:: Sanity check all input.  Be sure to avoid shell code etc...
+
+"""
 import argparse
 import logging
 import os
@@ -165,7 +169,6 @@ def get_all_names(installer):

    """
    names = list(installer.get_all_names())
-    client.sanity_check_names(names)

    if not names:
        logging.fatal("No domain names were found in your installation")
@@ -177,7 +180,6 @@ def get_all_names(installer):
    return names


-
 def read_file(filename):
    """Returns the given file's contents with universal new line support.