diff --git a/.travis.yml b/.travis.yml index c4bef391b..b4a9d3220 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,13 +1,18 @@ language: python +go: + - 1.5 + services: - rabbitmq - mysql # http://docs.travis-ci.com/user/ci-environment/#CI-environment-OS +# gimme has to be kept in sync with Boulder's Go version setting in .travis.yml before_install: - travis_retry sudo ./bootstrap/ubuntu.sh - travis_retry sudo apt-get install --no-install-recommends nginx-light openssl + - '[ "xxx$BOULDER_INTEGRATION" = "xxx" ] || eval "$(gimme 1.5)"' # using separate envs with different TOXENVs creates 4x1 Travis build # matrix, which allows us to clearly distinguish which component under diff --git a/acme/acme/challenges.py b/acme/acme/challenges.py index cfd6f8533..a2235b61e 100644 --- a/acme/acme/challenges.py +++ b/acme/acme/challenges.py @@ -116,7 +116,7 @@ class SimpleHTTPResponse(ChallengeResponse): def gen_resource(self, chall): """Generate provisioned resource. - :param .SimpleHTTP chall: + :param challenges.SimpleHTTP chall: :rtype: SimpleHTTPProvisionedResource """ @@ -125,7 +125,7 @@ class SimpleHTTPResponse(ChallengeResponse): def gen_validation(self, chall, account_key, alg=jose.RS256, **kwargs): """Generate validation. - :param .SimpleHTTP chall: + :param challenges.SimpleHTTP chall: :param .JWK account_key: Private account key. :param .JWA alg: @@ -142,14 +142,14 @@ class SimpleHTTPResponse(ChallengeResponse): """Check validation. :param .JWS validation: - :param .SimpleHTTP chall: + :param challenges.SimpleHTTP chall: :type account_public_key: `~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` or `~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or `~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` - wrapped in `.ComparableKey + wrapped in `.ComparableKey` :rtype: bool @@ -173,7 +173,7 @@ class SimpleHTTPResponse(ChallengeResponse): ignore the certificate provided by the HTTPS server", so ``requests.get`` is called with ``verify=False``. - :param .SimpleHTTP chall: Corresponding challenge. + :param challenges.SimpleHTTP chall: Corresponding challenge. :param unicode domain: Domain name being verified. :param account_public_key: Public key for the key pair being authorized. If ``None`` key verification is not @@ -184,7 +184,7 @@ class SimpleHTTPResponse(ChallengeResponse): `~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or `~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` - wrapped in `.ComparableKey + wrapped in `.ComparableKey` :param int port: Port used in the validation. :returns: ``True`` iff validation is successful, ``False`` @@ -306,7 +306,7 @@ class DVSNIResponse(ChallengeResponse): def chall(self): """Get challenge encoded in the `validation` payload. - :rtype: DVSNI + :rtype: challenges.DVSNI """ # pylint: disable=no-member @@ -370,7 +370,7 @@ class DVSNIResponse(ChallengeResponse): `~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or `~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` - wrapped in `.ComparableKey + wrapped in `.ComparableKey` :param OpenSSL.crypto.X509 cert: Optional certificate. If not provided (``None``) certificate will be retrieved using `probe_cert`. diff --git a/acme/acme/client.py b/acme/acme/client.py index 8e2426b96..690630876 100644 --- a/acme/acme/client.py +++ b/acme/acme/client.py @@ -534,7 +534,8 @@ class ClientNetwork(object): """ - logging.debug('Sending %s request to %s', method, url) + logging.debug('Sending %s request to %s. args: %r, kwargs: %r', + method, url, args, kwargs) kwargs['verify'] = self.verify_ssl response = requests.request(method, url, *args, **kwargs) logging.debug('Received %s. Headers: %s. Content: %r', diff --git a/acme/acme/jose/jws.py b/acme/acme/jose/jws.py index 7ecc87bf2..392a2f074 100644 --- a/acme/acme/jose/jws.py +++ b/acme/acme/jose/jws.py @@ -54,7 +54,7 @@ class Header(json_util.JSONObjectWithFields): the "crit" (Critical) Header Parameter (4.1.11) and as a conforming implementation, :meth:`from_json` treats its occurence as an error. Please subclass if you seek for - a diferent behaviour. + a different behaviour. :ivar x5tS256: "x5t#S256" :ivar str typ: MIME Media Type, inc. :const:`MediaType.PREFIX`. diff --git a/acme/acme/messages.py b/acme/acme/messages.py index 33157899e..0855ae008 100644 --- a/acme/acme/messages.py +++ b/acme/acme/messages.py @@ -231,7 +231,7 @@ class ChallengeBody(ResourceBody): call ``challb.x`` to get ``challb.chall.x`` contents. :ivar acme.messages.Status status: :ivar datetime.datetime validated: - :ivar Error error: + :ivar messages.Error error: """ __slots__ = ('chall',) diff --git a/docs/contributing.rst b/docs/contributing.rst index 5aa6e3e76..e4d7da1f9 100644 --- a/docs/contributing.rst +++ b/docs/contributing.rst @@ -67,7 +67,7 @@ The following tools are there to help you: Integration ~~~~~~~~~~~ -First, install `Go`_ 1.4 and start Boulder_, an ACME CA server:: +First, install `Go`_ 1.5 and start Boulder_, an ACME CA server:: ./tests/boulder-start.sh @@ -82,7 +82,7 @@ If you would like to test `letsencrypt_nginx` plugin (highly encouraged) make sure to install prerequisites as listed in ``tests/integration/nginx.sh``: -.. include:: ../tests/integration/nginx.sh +.. include:: ../letsencrypt-nginx/tests/boulder-integration.sh :start-line: 1 :end-line: 2 :code: shell diff --git a/examples/generate-csr.sh b/examples/generate-csr.sh index fa9327095..c4a3af016 100755 --- a/examples/generate-csr.sh +++ b/examples/generate-csr.sh @@ -1,7 +1,7 @@ #!/bin/sh # This script generates a simple SAN CSR to be used with Let's Encrypt -# CA. Mostly intedened for "auth --csr" testing, but, since its easily -# auditable, feel free to adjust it and use on you production web +# CA. Mostly intended for "auth --csr" testing, but, since it's easily +# auditable, feel free to adjust it and use it on your production web # server. if [ "$#" -lt 1 ] diff --git a/letsencrypt-apache/letsencrypt_apache/configurator.py b/letsencrypt-apache/letsencrypt_apache/configurator.py index 01c9d4f30..8403b974c 100644 --- a/letsencrypt-apache/letsencrypt_apache/configurator.py +++ b/letsencrypt-apache/letsencrypt_apache/configurator.py @@ -953,9 +953,10 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): """Enables an available site, Apache restart required. .. note:: Does not make sure that the site correctly works or that all - modules are enabled appropriately. + modules are enabled appropriately. .. todo:: This function should number subdomains before the domain vhost + .. todo:: Make sure link is not broken... :param vhost: vhost to enable @@ -1034,8 +1035,9 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): .. todo:: This function will be converted to using reload - :raises .errors.MisconfigurationError: If unable to restart due to a - configuration problem, or if the restart subprocess cannot be run. + :raises .errors.MisconfigurationError: If unable to restart due + to a configuration problem, or if the restart subprocess + cannot be run. """ return apache_restart(self.conf("init-script")) diff --git a/letsencrypt-apache/letsencrypt_apache/obj.py b/letsencrypt-apache/letsencrypt_apache/obj.py index c0dcc6c43..8cd2378a4 100644 --- a/letsencrypt-apache/letsencrypt_apache/obj.py +++ b/letsencrypt-apache/letsencrypt_apache/obj.py @@ -41,21 +41,24 @@ class Addr(common.Addr): return 2 def conflicts(self, addr): - """Returns if address could conflict with correct function of self. + r"""Returns if address could conflict with correct function of self. Could addr take away service provided by self within Apache? .. note::IP Address is more important than wildcard. Connection from 127.0.0.1:80 with choices of *:80 and 127.0.0.1:* - chooses 127.0.0.1:* + chooses 127.0.0.1:\* .. todo:: Handle domain name addrs... Examples: - 127.0.0.1:*.conflicts(127.0.0.1:443) - True - 127.0.0.1:443.conflicts(127.0.0.1:*) - False - *:443.conflicts(*:80) - False - _default_:443.conflicts(*:443) - True + + ========================================= ===== + ``127.0.0.1:\*.conflicts(127.0.0.1:443)`` True + ``127.0.0.1:443.conflicts(127.0.0.1:\*)`` False + ``\*:443.conflicts(\*:80)`` False + ``_default_:443.conflicts(\*:443)`` True + ========================================= ===== """ if self._addr_less_specific(addr): @@ -72,9 +75,10 @@ class Addr(common.Addr): def get_sni_addr(self, port): """Returns the least specific address that resolves on the port. - Example: - 1.2.3.4:443 -> 1.2.3.4: - 1.2.3.4:* -> 1.2.3.4:* + Examples: + + - ``1.2.3.4:443`` -> ``1.2.3.4:`` + - ``1.2.3.4:*`` -> ``1.2.3.4:*`` :param str port: Desired port @@ -100,8 +104,9 @@ class VirtualHost(object): # pylint: disable=too-few-public-methods :ivar bool enabled: Virtual host is enabled https://httpd.apache.org/docs/2.4/vhosts/details.html + .. todo:: Any vhost that includes the magic _default_ wildcard is given the - same ServerName as the main server. + same ServerName as the main server. """ # ?: is used for not returning enclosed characters diff --git a/letsencrypt/crypto_util.py b/letsencrypt/crypto_util.py index b7d9987fc..279330f0c 100644 --- a/letsencrypt/crypto_util.py +++ b/letsencrypt/crypto_util.py @@ -267,5 +267,5 @@ def asn1_generalizedtime_to_dt(timestamp): def pyopenssl_x509_name_as_text(x509name): - """Convert `OpenSSL.crypto.X509Name to text.""" + """Convert `OpenSSL.crypto.X509Name` to text.""" return "/".join("{0}={1}" for key, value in x509name.get_components())