* Rename plugins.common.install_ssl_options_conf to plugins.common.install_version_controlled_file
* Install ssl_dhparams file
* Add installation test
* Add ssl_dhparam option when making a server block ssl
* add install_ssl_dhparams to Installer common plugin class
* Remove redundant code and tests
* update MANIFEST.in
* Add installer class
* Add wrapped reverter methods to common.Installer.
* Use Installer class in Apache plugin
* Use Installer class in Nginx plugin
* Don't create reverter in Apache and Nginx plugins
* Be careful with new interaction from enabling nginx
* Fix py3 compataibility & better docs
* Make minor changes to @pde's PR to unhide nginx
* unhide nginx plugin
* Only protect against nginx interaction in cb-auto
* Change add_server_directives replace=True behavior to attempt to replace, but append on failure to find.
* Remove try/except around add_server_directives
* Revert "Don't save keys/csr on dry run (#4380)"
This reverts commit e034b50363.
* Don't save CSRs and keys during dry run
* Factor out _test_obtain_certificate_common
* Add test_obtain_certificate_dry_run
* Wrap key from make_key in util.Key
* Wrap result from make_csr in util.CSR
* move install_ssl_options_conf functionality to common
* add no cover
* compute current hash instead of saving
* make current hash be computed; switch to list of all canonical hashes
* put message directly into assertion
* don't pass logger
* add docstring
* Add unit tests for certbot.plugins.common.install_ssl_options_conf
Fixes#4559.
* Update options-ssl-nginx.conf in prepare, if it hasn't been modified.
* add previous options-ssl-nginx.conf hashes
* InstallSslOptionsConfTest
* remove .new file and only print warning once
* save digest to /etc/letsencrypt
* add comment reminding devs to update hashes
* add comment and test for sha256sum
* treat hash file as text file because python3
* move constants and rename hidden digest file
* Switch to using include directive for Nginx constants
* remove deprecated comment
* give better error message when attempting to insert an existing directive
* make code more readable
* add docstrings
* allow a duplicated directive if it's identical
* comment out precisely repeated directives
* add comments
* increases server_names_hash_bucket_size if it's too low in your nginx conf
* switching from k,v pairwise indices -> inner_line
* simply using bucket_directive
* rewrite nginx parser to allow everything that nginx does
* also make changes in tls_sni_01.py
* add test case with
* allow embedded variables
* allow empty ${} variable
* fix quotes
* un-special case if
* update all tests to reflect current parsing
* escape in QuotedString after merge
* add test cases for variable weirdness that are almost certainly nginx bugs
* update regex for correct variable rules
* close paren doesn't invoke last_space
* Make test file valid Nginx syntax
* Parallalelise nosetests from tox
* Parallelise even more things, break even more things
* Now unbreak all the tests that aren't ready for ||ism
* Try to pass tests!
- Remove non-working hack in reporter_test
- also be selective about ||ism in the cover environment
* Try again
* certbot-apache tests also work, given enough time
* Nginx may need more time in Travis's cloud
* Unbreak reporter_test under ||ism
* More timeout
* Working again?
* This goes way faster
* Another big win
* Split a couple more large test suites
* A last improvement
* More ||ism!
* ||ise lint too
* Allow nosetests to figure out how many cores to use
* simplify merge
* Mark the new CLI tests as ||izable
* Simplify reporter_test changes
* Rationalise ||ism flags
* Re-up coverage
* Clean up reporter tests
* Stop modifying testdata during tests
* remove unused os
* Move parse_server to be a method of NginxParser
* add super equal method to more correctly check addr equality in nginx should we support ipv6 in nginx in the future
* add addr:normalized_tuple method
* mark addresses listening sslishly due to another server block listening sslishly on that address
* test turning on ssl globally
* add docstring
* lint and remove extra file
* Begin breaking out cli_test.py
* simplify main
* refactor porse tests
* move determine account tests to main_test.py
* move duplicate cert test to main_test.py
* move cli stuff out of the way
* add test_renewal.py
* move error test into error_handler_test.py
* move test_read_file
* move test_no_gui out of MainTest
* move test_install_abspath to parsetest
* Move main tests into main_test.py
* move cli tests back into cli_test.py
* clean up cli_test.py
* move punycode test to util_test.py
* Fix NameError from missing plugins_disco
* Fix linting errors
* test_renewal.py -> renewal_test.py
* rm not_cli_test.py
* Move main._handle_exception test to main_test.py
* Move renewal import in renewal_test.py
from @ohemorange comments
* certbot.tests.test_util -> certbot.tests.util
* Fix issues from rebasing.
* Fix testing issue with option_was_set
* fix linting issue
* Standardize arguments name for mode and chmod in the util API
* Handle OpenSSL pem as bytes objects only for Python3 compatibility
* Handle OpenSSL pem as bytes objects only (remaining bits)
* Manipulate bytes objects only when testing PEM-related functions
* Fix argument order when calling util.unique_file
* Cache the vhost we find during nginx deployment for OCSP enhancement.
* Refactor to pass domain into enhancement functions
* Add https redirect to most name-matching block listening non-sslishly.
* Redirect enhancement chooses the vhost most closely matching target_name that is listening to port 80 without using ssl.
* Add default listen 80 directive when it is implicitly defined
* Restructure add_server_directives to take a vhost as argument. This is the first step towards fixing vhost selection in nginx.
* Save path to vhost in file while parsing in get_vhosts().
* Disable creating a new server block when no names match.
* Make parser select vhost based on information in the vhost it found previously, rather than searching again for a match.
* Make add_server_directives update the passed vhost
* Update boulder config to pass test
* Add testing code for the _do_for_subarray function
* documentation and formatting updates
