From ca8b4751adbb1edefa6880133ee849a147d44e5d Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Wed, 3 Feb 2016 15:13:17 -0800 Subject: [PATCH] Update config in save_successor --- letsencrypt/storage.py | 36 ++++++++++++++++++++++++++++++- letsencrypt/tests/storage_test.py | 25 ++++++++++++--------- 2 files changed, 50 insertions(+), 11 deletions(-) diff --git a/letsencrypt/storage.py b/letsencrypt/storage.py index 8cc26d5b5..70a4ea302 100644 --- a/letsencrypt/storage.py +++ b/letsencrypt/storage.py @@ -87,6 +87,31 @@ def write_renewal_config(filename, target, cli_config): return config +def update_configuration(lineagename, target, cli_config): + """Modifies lineagename's config to contain the specified values. + + :param str lineagename: Name of the lineage being modified + :param dict target: Maps ALL_FOUR to their symlink paths + :param .RenewerConfiguration cli_config: parsed command line + arguments + + :returns: Configuration object for the updated config file + :rtype: configobj.ConfigObj + + """ + config_filename = os.path.join( + cli_config.renewal_configs_dir, lineagename) + ".conf" + temp_filename = config_filename + ".new" + + # If an existing tempfile exists, delete it + if os.path.exists(temp_filename): + os.unlink(temp_filename) + write_renewal_config(temp_filename, target, cli_config) + os.rename(temp_filename, config_filename) + + return configobj.ConfigObj(config_filename) + + class RenewableCert(object): # pylint: disable=too-many-instance-attributes """Renewable certificate. @@ -711,7 +736,8 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes new_config = write_renewal_config(config_filename, target, cli_config) return cls(new_config.filename, cli_config) - def save_successor(self, prior_version, new_cert, new_privkey, new_chain): + def save_successor(self, prior_version, new_cert, + new_privkey, new_chain, cli_config): """Save new cert and chain as a successor of a prior version. Returns the new version number that was created. @@ -727,6 +753,8 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes :param str new_privkey: the new private key, in PEM format, or ``None``, if the private key has not changed :param str new_chain: the new chain, in PEM format + :param .RenewerConfiguration cli_config: parsed command line + arguments :returns: the new version number that was created :rtype: int @@ -775,4 +803,10 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes with open(target["fullchain"], "w") as f: logger.debug("Writing full chain to %s.", target["fullchain"]) f.write(new_cert + new_chain) + + # Update renewal config file + self.configfile = update_configuration( + self.lineagename, target, cli_config) + self.configuration = config_with_defaults(self.configfile) + return target_version diff --git a/letsencrypt/tests/storage_test.py b/letsencrypt/tests/storage_test.py index e8ef28932..963df60c2 100644 --- a/letsencrypt/tests/storage_test.py +++ b/letsencrypt/tests/storage_test.py @@ -504,8 +504,9 @@ class RenewableCertTests(BaseRenewableCertTest): with open(where, "w") as f: f.write(kind) self.test_rc.update_all_links_to(3) - self.assertEqual(6, self.test_rc.save_successor(3, "new cert", None, - "new chain")) + self.assertEqual( + 6, self.test_rc.save_successor(3, "new cert", None, + "new chain", self.cli_config)) with open(self.test_rc.version("cert", 6)) as f: self.assertEqual(f.read(), "new cert") with open(self.test_rc.version("chain", 6)) as f: @@ -516,10 +517,12 @@ class RenewableCertTests(BaseRenewableCertTest): self.assertFalse(os.path.islink(self.test_rc.version("privkey", 3))) self.assertTrue(os.path.islink(self.test_rc.version("privkey", 6))) # Let's try two more updates - self.assertEqual(7, self.test_rc.save_successor(6, "again", None, - "newer chain")) - self.assertEqual(8, self.test_rc.save_successor(7, "hello", None, - "other chain")) + self.assertEqual( + 7, self.test_rc.save_successor(6, "again", None, + "newer chain", self.cli_config)) + self.assertEqual( + 8, self.test_rc.save_successor(7, "hello", None, + "other chain", self.cli_config)) # All of the subsequent versions should link directly to the original # privkey. for i in (6, 7, 8): @@ -532,8 +535,9 @@ class RenewableCertTests(BaseRenewableCertTest): self.assertEqual(self.test_rc.current_version(kind), 3) # Test updating from latest version rather than old version self.test_rc.update_all_links_to(8) - self.assertEqual(9, self.test_rc.save_successor(8, "last", None, - "attempt")) + self.assertEqual( + 9, self.test_rc.save_successor(8, "last", None, + "attempt", self.cli_config)) for kind in ALL_FOUR: self.assertEqual(self.test_rc.available_versions(kind), range(1, 10)) @@ -542,8 +546,9 @@ class RenewableCertTests(BaseRenewableCertTest): self.assertEqual(f.read(), "last" + "attempt") # Test updating when providing a new privkey. The key should # be saved in a new file rather than creating a new symlink. - self.assertEqual(10, self.test_rc.save_successor(9, "with", "a", - "key")) + self.assertEqual( + 10, self.test_rc.save_successor(9, "with", "a", + "key", self.cli_config)) self.assertTrue(os.path.exists(self.test_rc.version("privkey", 10))) self.assertFalse(os.path.islink(self.test_rc.version("privkey", 10)))