From b8a024b65b452f5375452ea91cde604eec3dd99f Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Thu, 21 May 2015 16:33:38 -0700
Subject: [PATCH] More generality for renewer config. (Still no CLI flags.)

---
 letsencrypt/renewer.py | 14 +++++++++++---
 letsencrypt/storage.py | 15 +++++++++++----
 2 files changed, 22 insertions(+), 7 deletions(-)

diff --git a/letsencrypt/renewer.py b/letsencrypt/renewer.py
index 79a489b05..c436c2ccd 100644
--- a/letsencrypt/renewer.py
+++ b/letsencrypt/renewer.py
@@ -6,6 +6,7 @@ configuration."""
 
 # TODO: call new installer API to restart servers after deployment
 
+import copy
 import os
 
 import configobj
@@ -87,7 +88,7 @@ def renew(cert, old_version):
     #       (where fewer than all names were renewed)
 
 
-def main(config=constants.RENEWER_DEFAULTS):
+def main(config=None):
     """main function for autorenewer script."""
     # TODO: Distinguish automated invocation from manual invocation,
     #       perhaps by looking at sys.argv[0] and inhibiting automated
@@ -95,10 +96,17 @@ def main(config=constants.RENEWER_DEFAULTS):
     #       turned it off. (The boolean parameter should probably be
     #       called renewer_enabled.)
 
-    # This attempts to read the renewer config file and augment or replace
+    # Merge supplied config, if provided, on top of builtin defaults
+    defaults_copy = copy.deepcopy(constants.RENEWER_DEFAULTS)
+    defaults_copy.merge(config if config is not None else configobj.ConfigObj())
+    config = defaults_copy
+    # Now attempt to read the renewer config file and augment or replace
     # the renewer defaults with any options contained in that file.  If
     # renewer_config_file is undefined or if the file is nonexistent or
-    # empty, this .merge() will have no effect.
+    # empty, this .merge() will have no effect.  TODO: when we have a more
+    # elaborate renewer command line, we will presumably also be able to
+    # specify a config file on the command line, which, if provided, should
+    # take precedence over this one.
     config.merge(configobj.ConfigObj(config.get("renewer_config_file", "")))
 
     for i in os.listdir(config["renewal_configs_dir"]):
diff --git a/letsencrypt/storage.py b/letsencrypt/storage.py
index 852ab22df..1fb17c561 100644
--- a/letsencrypt/storage.py
+++ b/letsencrypt/storage.py
@@ -78,13 +78,13 @@ class RenewableCert(object):  # pylint: disable=too-many-instance-attributes
         and/or systemwide defaults.
     :type configuration: :class:`configobj.ConfigObj`"""
 
-    def __init__(self, configfile, defaults=constants.RENEWER_DEFAULTS):
+    def __init__(self, configfile, config_opts=None):
         """Instantiate a RenewableCert object from an existing lineage.
 
         :param :class:`configobj.ConfigObj` configfile: an already-parsed
             ConfigObj object made from reading the renewal config file that
             defines this lineage.
-        :param :class:`configobj.ConfigObj` defaults: systemwide defaults
+        :param :class:`configobj.ConfigObj` config_opts: systemwide defaults
             for renewal properties not otherwise specified in the individual
             renewal config file.
 
@@ -109,7 +109,10 @@ class RenewableCert(object):  # pylint: disable=too-many-instance-attributes
         # TODO: Do we actually use anything from defaults and do we want to
         #       read further defaults from the systemwide renewal configuration
         #       file at this stage?
-        self.configuration = copy.deepcopy(defaults)
+        defaults_copy = copy.deepcopy(constants.RENEWER_DEFAULTS)
+        defaults_copy.merge(config_opts if config_opts is not None
+                            else configobj.ConfigObj())
+        self.configuration = defaults_copy
         self.configuration.merge(self.configfile)
 
         if not all(x in self.configuration for x in ALL_FOUR):
@@ -479,7 +482,7 @@ class RenewableCert(object):  # pylint: disable=too-many-instance-attributes
 
     @classmethod
     def new_lineage(cls, lineagename, cert, privkey, chain,
-                    renewalparams=None, config=constants.RENEWER_DEFAULTS):
+                    renewalparams=None, config=None):
         # pylint: disable=too-many-locals,too-many-arguments
         """Create a new certificate lineage.
 
@@ -511,6 +514,10 @@ class RenewableCert(object):  # pylint: disable=too-many-instance-attributes
         :returns: the newly-created RenewalCert object
         :rtype: :class:`storage.renewableCert`"""
 
+        defaults_copy = copy.deepcopy(constants.RENEWER_DEFAULTS)
+        defaults_copy.merge(config if config is not None
+                            else configobj.ConfigObj())
+        config = defaults_copy
         # This attempts to read the renewer config file and augment or replace
         # the renewer defaults with any options contained in that file.  If
         # renewer_config_file is undefined or if the file is nonexistent or