From a7ebeddb7803be0ebaf39721a2de402463ddfded Mon Sep 17 00:00:00 2001
From: sagi <sagi@users.noreply.github.com>
Date: Wed, 2 Dec 2015 01:37:07 +0000
Subject: [PATCH] add check for apache 2.3.9, warn of possible conflicting
 rewrite rules

---
 .../letsencrypt_apache/configurator.py         | 18 ++++++++++++++----
 .../letsencrypt_apache/constants.py            |  2 +-
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/letsencrypt-apache/letsencrypt_apache/configurator.py b/letsencrypt-apache/letsencrypt_apache/configurator.py
index e4ba19e3d..90f1ed850 100644
--- a/letsencrypt-apache/letsencrypt_apache/configurator.py
+++ b/letsencrypt-apache/letsencrypt_apache/configurator.py
@@ -884,8 +884,19 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
             # Note: These are not immediately searchable in sites-enabled
             #     even with save() and load()
             self.parser.add_dir(general_vh.path, "RewriteEngine", "on")
-            self.parser.add_dir(general_vh.path, "RewriteRule",
+
+            if self.get_version >= (2.3.9):
+                self.parser.add_dir(general_vh.path, "RewriteRule",
+                                constants.REWRITE_HTTPS_ARGS_WITH_END)
+           else:
+                self.parser.add_dir(general_vh.path, "RewriteRule",
                                 constants.REWRITE_HTTPS_ARGS)
+
+            if _is_rewrite_exists(vhost):
+                logger.warn("Preexisting rewrite rules were detected. "
+                            "Please verify that the newly installed "
+                            "redirection rewrite rule doesn't break anything.")
+ 
             self.save_notes += ("Redirecting host in %s to ssl vhost in %s\n" %
                                 (general_vh.filep, ssl_vhost.filep))
             self.save()
@@ -915,9 +926,8 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
                 raise errors.PluginEnhancementAlreadyPresent(
                     "Let's Encrypt has already enabled redirection")
 
-
-    def _is_rewrite_exists(self, host):
-        """Checks if there exists a rewriterule directive
+    def _is_rewrite_exists(self, vhost):
+        """Checks if there exists a rewriterule directive in vhost
 
         :param vhost: vhost to check
         :type vhost: :class:`~letsencrypt_apache.obj.VirtualHost`
diff --git a/letsencrypt-apache/letsencrypt_apache/constants.py b/letsencrypt-apache/letsencrypt_apache/constants.py
index 448eb6f66..72b4dab24 100644
--- a/letsencrypt-apache/letsencrypt_apache/constants.py
+++ b/letsencrypt-apache/letsencrypt_apache/constants.py
@@ -29,7 +29,7 @@ REWRITE_HTTPS_ARGS = [
 """Apache version<2.3.9 rewrite rule arguments used for redirections to https vhost"""
 
 REWRITE_HTTPS_ARGS_WITH_END = [
-    "^", "https://%{SERVER_NAME}%{REQUEST_URI}", "[L,QSA,R=permanent]"]
+    "^", "https://%{SERVER_NAME}%{REQUEST_URI}", "[END,QSA,R=permanent]"]
 """Apache version >= 2.3.9 rewrite rule arguments used for redirections to
     https vhost"""