Compare commits
16 Commits
master
...
reduce-def
| Author | SHA1 | Date | |
|---|---|---|---|
|
06773ae3d5 | ||
|
|
c75beb0116 | ||
|
|
803a4b0988 | ||
|
|
17fa7f3d37 | ||
|
|
442dd25cb3 | ||
|
|
73dfffeb33 | ||
|
|
dd539c5142 | ||
|
|
6c1447bb99 | ||
|
|
9a610ee1c8 | ||
|
|
0ec54b01cf | ||
|
|
2851f54713 | ||
|
|
f1b8911919 | ||
|
|
473684e866 | ||
|
|
54370c3822 | ||
|
|
1d7856eceb | ||
|
|
18d38e5256 |
@@ -1866,13 +1866,13 @@ class ApacheConfigurator(common.Installer):
|
||||
if options:
|
||||
msg_enhancement += ": " + options
|
||||
msg = msg_tmpl.format(domain, msg_enhancement)
|
||||
logger.warning(msg)
|
||||
logger.error(msg)
|
||||
raise errors.PluginError(msg)
|
||||
try:
|
||||
for vhost in vhosts:
|
||||
func(vhost, options)
|
||||
except errors.PluginError:
|
||||
logger.warning("Failed %s for %s", enhancement, domain)
|
||||
logger.error("Failed %s for %s", enhancement, domain)
|
||||
raise
|
||||
|
||||
def _autohsts_increase(self, vhost, id_str, nextstep):
|
||||
@@ -2436,7 +2436,7 @@ class ApacheConfigurator(common.Installer):
|
||||
try:
|
||||
util.run_script(self.options.restart_cmd)
|
||||
except errors.SubprocessError as err:
|
||||
logger.info("Unable to restart apache using %s",
|
||||
logger.warning("Unable to restart apache using %s",
|
||||
self.options.restart_cmd)
|
||||
alt_restart = self.options.restart_cmd_alt
|
||||
if alt_restart:
|
||||
@@ -2593,7 +2593,7 @@ class ApacheConfigurator(common.Installer):
|
||||
msg_tmpl = ("Certbot was not able to find SSL VirtualHost for a "
|
||||
"domain {0} for enabling AutoHSTS enhancement.")
|
||||
msg = msg_tmpl.format(d)
|
||||
logger.warning(msg)
|
||||
logger.error(msg)
|
||||
raise errors.PluginError(msg)
|
||||
for vh in vhosts:
|
||||
try:
|
||||
@@ -2679,7 +2679,7 @@ class ApacheConfigurator(common.Installer):
|
||||
except errors.PluginError:
|
||||
msg = ("Could not find VirtualHost with ID {0}, disabling "
|
||||
"AutoHSTS for this VirtualHost").format(id_str)
|
||||
logger.warning(msg)
|
||||
logger.error(msg)
|
||||
# Remove the orphaned AutoHSTS entry from pluginstorage
|
||||
self._autohsts.pop(id_str)
|
||||
continue
|
||||
@@ -2719,7 +2719,7 @@ class ApacheConfigurator(common.Installer):
|
||||
except errors.PluginError:
|
||||
msg = ("VirtualHost with id {} was not found, unable to "
|
||||
"make HSTS max-age permanent.").format(id_str)
|
||||
logger.warning(msg)
|
||||
logger.error(msg)
|
||||
self._autohsts.pop(id_str)
|
||||
continue
|
||||
if self._autohsts_vhost_in_lineage(vhost, lineage):
|
||||
|
||||
@@ -119,7 +119,7 @@ def _vhost_menu(domain, vhosts):
|
||||
"guidance in non-interactive mode. Certbot may need "
|
||||
"vhosts to be explicitly labelled with ServerName or "
|
||||
"ServerAlias directives.".format(domain))
|
||||
logger.warning(msg)
|
||||
logger.error(msg)
|
||||
raise errors.MissingCommandlineFlag(msg)
|
||||
|
||||
return code, tag
|
||||
|
||||
@@ -58,7 +58,7 @@ class DebianConfigurator(configurator.ApacheConfigurator):
|
||||
# Already in shape
|
||||
vhost.enabled = True
|
||||
return None
|
||||
logger.warning(
|
||||
logger.error(
|
||||
"Could not symlink %s to %s, got error: %s", enabled_path,
|
||||
vhost.filep, err.strerror)
|
||||
errstring = ("Encountered error while trying to enable a " +
|
||||
|
||||
@@ -146,7 +146,7 @@ class AutoHSTSTest(util.ApacheTest):
|
||||
@mock.patch("certbot_apache._internal.display_ops.select_vhost")
|
||||
def test_autohsts_no_ssl_vhost(self, mock_select):
|
||||
mock_select.return_value = self.vh_truth[0]
|
||||
with mock.patch("certbot_apache._internal.configurator.logger.warning") as mock_log:
|
||||
with mock.patch("certbot_apache._internal.configurator.logger.error") as mock_log:
|
||||
self.assertRaises(errors.PluginError,
|
||||
self.config.enable_autohsts,
|
||||
mock.MagicMock(), "invalid.example.com")
|
||||
@@ -179,7 +179,7 @@ class AutoHSTSTest(util.ApacheTest):
|
||||
self.config._autohsts_fetch_state()
|
||||
self.config._autohsts["orphan_id"] = {"laststep": 999, "timestamp": 0}
|
||||
self.config._autohsts_save_state()
|
||||
with mock.patch("certbot_apache._internal.configurator.logger.warning") as mock_log:
|
||||
with mock.patch("certbot_apache._internal.configurator.logger.error") as mock_log:
|
||||
self.config.deploy_autohsts(mock.MagicMock())
|
||||
self.assertTrue(mock_log.called)
|
||||
self.assertTrue(
|
||||
|
||||
@@ -891,7 +891,7 @@ class MultipleVhostsTest(util.ApacheTest):
|
||||
self.config.enhance, "certbot.demo", "unknown_enhancement")
|
||||
|
||||
def test_enhance_no_ssl_vhost(self):
|
||||
with mock.patch("certbot_apache._internal.configurator.logger.warning") as mock_log:
|
||||
with mock.patch("certbot_apache._internal.configurator.logger.error") as mock_log:
|
||||
self.assertRaises(errors.PluginError, self.config.enhance,
|
||||
"certbot.demo", "redirect")
|
||||
# Check that correct logger.warning was printed
|
||||
|
||||
@@ -41,7 +41,8 @@ class AuthenticatorTest(test_util.TempDirTestCase, dns_test_common.BaseAuthentic
|
||||
# _get_cloudflare_client | pylint: disable=protected-access
|
||||
self.auth._get_cloudflare_client = mock.MagicMock(return_value=self.mock_client)
|
||||
|
||||
def test_perform(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_perform(self, unused_mock_get_utility):
|
||||
self.auth.perform([self.achall])
|
||||
|
||||
expected = [mock.call.add_txt_record(DOMAIN, '_acme-challenge.'+DOMAIN, mock.ANY, mock.ANY)]
|
||||
@@ -55,7 +56,8 @@ class AuthenticatorTest(test_util.TempDirTestCase, dns_test_common.BaseAuthentic
|
||||
expected = [mock.call.del_txt_record(DOMAIN, '_acme-challenge.'+DOMAIN, mock.ANY)]
|
||||
self.assertEqual(expected, self.mock_client.mock_calls)
|
||||
|
||||
def test_api_token(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_api_token(self, unused_mock_get_utility):
|
||||
dns_test_common.write({"cloudflare_api_token": API_TOKEN},
|
||||
self.config.cloudflare_credentials)
|
||||
self.auth.perform([self.achall])
|
||||
|
||||
@@ -37,7 +37,8 @@ class AuthenticatorTest(test_util.TempDirTestCase, dns_test_common.BaseAuthentic
|
||||
# _get_digitalocean_client | pylint: disable=protected-access
|
||||
self.auth._get_digitalocean_client = mock.MagicMock(return_value=self.mock_client)
|
||||
|
||||
def test_perform(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_perform(self, unused_mock_get_utility):
|
||||
self.auth.perform([self.achall])
|
||||
|
||||
expected = [mock.call.add_txt_record(DOMAIN, '_acme-challenge.'+DOMAIN, mock.ANY, 30)]
|
||||
|
||||
@@ -43,7 +43,8 @@ class AuthenticatorTest(test_util.TempDirTestCase, dns_test_common.BaseAuthentic
|
||||
# _get_google_client | pylint: disable=protected-access
|
||||
self.auth._get_google_client = mock.MagicMock(return_value=self.mock_client)
|
||||
|
||||
def test_perform(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_perform(self, unused_mock_get_utility):
|
||||
self.auth.perform([self.achall])
|
||||
|
||||
expected = [mock.call.add_txt_record(DOMAIN, '_acme-challenge.'+DOMAIN, mock.ANY, mock.ANY)]
|
||||
@@ -58,7 +59,8 @@ class AuthenticatorTest(test_util.TempDirTestCase, dns_test_common.BaseAuthentic
|
||||
self.assertEqual(expected, self.mock_client.mock_calls)
|
||||
|
||||
@mock.patch('httplib2.Http.request', side_effect=ServerNotFoundError)
|
||||
def test_without_auth(self, unused_mock):
|
||||
@test_util.patch_get_utility()
|
||||
def test_without_auth(self, unused_mock_get_utility, unused_mock):
|
||||
self.config.google_credentials = None
|
||||
self.assertRaises(PluginError, self.auth.perform, [self.achall])
|
||||
|
||||
|
||||
@@ -42,7 +42,8 @@ class AuthenticatorTest(test_util.TempDirTestCase, dns_test_common.BaseAuthentic
|
||||
# _get_rfc2136_client | pylint: disable=protected-access
|
||||
self.auth._get_rfc2136_client = mock.MagicMock(return_value=self.mock_client)
|
||||
|
||||
def test_perform(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_perform(self, unused_mock_get_utility):
|
||||
self.auth.perform([self.achall])
|
||||
|
||||
expected = [mock.call.add_txt_record('_acme-challenge.'+DOMAIN, mock.ANY, mock.ANY)]
|
||||
@@ -65,7 +66,8 @@ class AuthenticatorTest(test_util.TempDirTestCase, dns_test_common.BaseAuthentic
|
||||
self.auth.perform,
|
||||
[self.achall])
|
||||
|
||||
def test_valid_algorithm_passes(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_valid_algorithm_passes(self, unused_mock_get_utility):
|
||||
config = VALID_CONFIG.copy()
|
||||
config["rfc2136_algorithm"] = "HMAC-sha512"
|
||||
dns_test_common.write(config, self.config.rfc2136_credentials)
|
||||
|
||||
@@ -766,7 +766,7 @@ class NginxConfigurator(common.Installer):
|
||||
raise errors.PluginError(
|
||||
"Unsupported enhancement: {0}".format(enhancement))
|
||||
except errors.PluginError:
|
||||
logger.warning("Failed %s for %s", enhancement, domain)
|
||||
logger.error("Failed %s for %s", enhancement, domain)
|
||||
raise
|
||||
|
||||
def _has_certbot_redirect(self, vhost, domain):
|
||||
|
||||
@@ -128,12 +128,12 @@ class NginxHttp01(common.ChallengePerformer):
|
||||
ipv6_addr = ipv6_addr + " ipv6only=on"
|
||||
addresses = [obj.Addr.fromstring(default_addr),
|
||||
obj.Addr.fromstring(ipv6_addr)]
|
||||
logger.info(("Using default addresses %s and %s for authentication."),
|
||||
logger.debug(("Using default addresses %s and %s for authentication."),
|
||||
default_addr,
|
||||
ipv6_addr)
|
||||
else:
|
||||
addresses = [obj.Addr.fromstring(default_addr)]
|
||||
logger.info("Using default address %s for authentication.",
|
||||
logger.debug("Using default address %s for authentication.",
|
||||
default_addr)
|
||||
return addresses
|
||||
|
||||
|
||||
@@ -217,7 +217,7 @@ class NginxParser:
|
||||
"character. Only UTF-8 encoding is "
|
||||
"supported.", item)
|
||||
except pyparsing.ParseException as err:
|
||||
logger.debug("Could not parse file: %s due to %s", item, err)
|
||||
logger.warning("Could not parse file: %s due to %s", item, err)
|
||||
return trees
|
||||
|
||||
def _find_config_root(self):
|
||||
@@ -430,7 +430,7 @@ def _parse_ssl_options(ssl_options):
|
||||
logger.warning("Could not read file: %s due to invalid character. "
|
||||
"Only UTF-8 encoding is supported.", ssl_options)
|
||||
except pyparsing.ParseBaseException as err:
|
||||
logger.debug("Could not parse file: %s due to %s", ssl_options, err)
|
||||
logger.warning("Could not parse file: %s due to %s", ssl_options, err)
|
||||
return []
|
||||
|
||||
def _do_for_subarray(entry, condition, func, path=None):
|
||||
|
||||
@@ -70,7 +70,6 @@ class AuthHandler:
|
||||
resps = self.auth.perform(achalls)
|
||||
|
||||
# If debug is on, wait for user input before starting the verification process.
|
||||
logger.info('Waiting for verification...')
|
||||
config = zope.component.getUtility(interfaces.IConfig)
|
||||
if config.debug_challenges:
|
||||
notify = zope.component.getUtility(interfaces.IDisplay).notification
|
||||
@@ -88,6 +87,7 @@ class AuthHandler:
|
||||
self.acme.answer_challenge(achall.challb, resp)
|
||||
|
||||
# Wait for authorizations to be checked.
|
||||
logger.info('Waiting for verification...')
|
||||
self._poll_authorizations(authzrs, max_retries, best_effort)
|
||||
|
||||
# Keep validated authorizations only. If there is none, no certificate can be issued.
|
||||
@@ -148,7 +148,7 @@ class AuthHandler:
|
||||
authzrs_failed = [authzr for authzr, _ in authzrs_to_check.values()
|
||||
if authzr.body.status == messages.STATUS_INVALID]
|
||||
for authzr_failed in authzrs_failed:
|
||||
logger.warning('Challenge failed for domain %s',
|
||||
logger.info('Challenge failed for domain %s',
|
||||
authzr_failed.body.identifier.value)
|
||||
# Accumulating all failed authzrs to build a consolidated report
|
||||
# on them at the end of the polling.
|
||||
|
||||
@@ -154,7 +154,7 @@ def register(config, account_storage, tos_cb=None):
|
||||
if not config.register_unsafely_without_email:
|
||||
msg = ("No email was provided and "
|
||||
"--register-unsafely-without-email was not present.")
|
||||
logger.warning(msg)
|
||||
logger.error(msg)
|
||||
raise errors.Error(msg)
|
||||
if not config.dry_run:
|
||||
logger.debug("Registering without email!")
|
||||
@@ -276,7 +276,7 @@ class Client:
|
||||
if self.auth_handler is None:
|
||||
msg = ("Unable to obtain certificate because authenticator is "
|
||||
"not set.")
|
||||
logger.warning(msg)
|
||||
logger.error(msg)
|
||||
raise errors.Error(msg)
|
||||
if self.account.regr is None:
|
||||
raise errors.Error("Please register with the ACME server first.")
|
||||
@@ -530,7 +530,7 @@ class Client:
|
||||
|
||||
"""
|
||||
if self.installer is None:
|
||||
logger.warning("No installer specified, client is unable to deploy"
|
||||
logger.error("No installer specified, client is unable to deploy"
|
||||
"the certificate")
|
||||
raise errors.Error("No installer available")
|
||||
|
||||
@@ -568,7 +568,7 @@ class Client:
|
||||
|
||||
"""
|
||||
if self.installer is None:
|
||||
logger.warning("No installer is specified, there isn't any "
|
||||
logger.error("No installer is specified, there isn't any "
|
||||
"configuration to enhance.")
|
||||
raise errors.Error("No installer available")
|
||||
|
||||
@@ -589,7 +589,7 @@ class Client:
|
||||
self.apply_enhancement(domains, enhancement_name, option)
|
||||
enhanced = True
|
||||
elif config_value:
|
||||
logger.warning(
|
||||
logger.error(
|
||||
"Option %s is not supported by the selected installer. "
|
||||
"Skipping enhancement.", config_name)
|
||||
|
||||
@@ -621,10 +621,10 @@ class Client:
|
||||
self.installer.enhance(dom, enhancement, options)
|
||||
except errors.PluginEnhancementAlreadyPresent:
|
||||
if enhancement == "ensure-http-header":
|
||||
logger.warning("Enhancement %s was already set.",
|
||||
logger.info("Enhancement %s was already set.",
|
||||
options)
|
||||
else:
|
||||
logger.warning("Enhancement %s was already set.",
|
||||
logger.info("Enhancement %s was already set.",
|
||||
enhancement)
|
||||
except errors.PluginError:
|
||||
logger.warning("Unable to set enhancement %s for %s",
|
||||
@@ -649,7 +649,7 @@ class Client:
|
||||
:param str success_msg: message to show on successful rollback
|
||||
|
||||
"""
|
||||
logger.critical("Rolling back to previous server configuration...")
|
||||
logger.info("Rolling back to previous server configuration...")
|
||||
reporter = zope.component.getUtility(interfaces.IReporter)
|
||||
try:
|
||||
self.installer.rollback_checkpoints()
|
||||
|
||||
@@ -22,7 +22,7 @@ CLI_DEFAULTS = dict(
|
||||
],
|
||||
|
||||
# Main parser
|
||||
verbose_count=-int(logging.INFO / 10),
|
||||
verbose_count=-int(logging.WARNING / 10),
|
||||
text_mode=False,
|
||||
max_log_backups=1000,
|
||||
preconfigured_renewal=False,
|
||||
@@ -139,7 +139,7 @@ REVOCATION_REASONS = {
|
||||
|
||||
"""Defaults for CLI flags and `.IConfig` attributes."""
|
||||
|
||||
QUIET_LOGGING_LEVEL = logging.WARNING
|
||||
QUIET_LOGGING_LEVEL = logging.ERROR
|
||||
"""Logging level to use in quiet mode."""
|
||||
|
||||
RENEWER_DEFAULTS = dict(
|
||||
|
||||
@@ -210,7 +210,7 @@ def _run_deploy_hook(command, domains, lineage_path, dry_run):
|
||||
|
||||
"""
|
||||
if dry_run:
|
||||
logger.warning("Dry run: skipping deploy hook command: %s",
|
||||
logger.info("Dry run: skipping deploy hook command: %s",
|
||||
command)
|
||||
return
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@ and properly flushed before program exit.
|
||||
|
||||
The `logging` module is useful for recording messages about about what
|
||||
Certbot is doing under the hood, but do not necessarily need to be shown
|
||||
to the user on the terminal. The default verbosity is INFO.
|
||||
to the user on the terminal. The default verbosity is WARNING.
|
||||
|
||||
The preferred method to display important information to the user is to
|
||||
use `certbot.display.util` and `certbot.display.ops`.
|
||||
|
||||
@@ -951,7 +951,7 @@ def enhance(config, plugins):
|
||||
if not enhancements.are_requested(config) and not oldstyle_enh:
|
||||
msg = ("Please specify one or more enhancement types to configure. To list "
|
||||
"the available enhancement types, run:\n\n%s --help enhance\n")
|
||||
logger.warning(msg, sys.argv[0])
|
||||
logger.error(msg, sys.argv[0])
|
||||
raise errors.MisconfigurationError("No enhancements requested, exiting.")
|
||||
|
||||
try:
|
||||
|
||||
@@ -183,7 +183,7 @@ to serve all files under specified web root ({0})."""
|
||||
filesystem.copy_ownership_and_apply_mode(
|
||||
path, prefix, 0o755, copy_user=True, copy_group=True)
|
||||
except (OSError, AttributeError) as exception:
|
||||
logger.info("Unable to change owner and uid of webroot directory")
|
||||
logger.warning("Unable to change owner and uid of webroot directory")
|
||||
logger.debug("Error was: %s", exception)
|
||||
except OSError as exception:
|
||||
raise errors.PluginError(
|
||||
|
||||
@@ -68,18 +68,18 @@ def _reconstitute(config, full_path):
|
||||
"""
|
||||
try:
|
||||
renewal_candidate = storage.RenewableCert(full_path, config)
|
||||
except (errors.CertStorageError, IOError):
|
||||
logger.warning("", exc_info=True)
|
||||
logger.warning("Renewal configuration file %s is broken. Skipping.", full_path)
|
||||
except (errors.CertStorageError, IOError) as error:
|
||||
logger.error("Renewal configuration file %s is broken.", full_path)
|
||||
logger.error("The error was: %s\nSkipping.", str(error))
|
||||
logger.debug("Traceback was:\n%s", traceback.format_exc())
|
||||
return None
|
||||
if "renewalparams" not in renewal_candidate.configuration:
|
||||
logger.warning("Renewal configuration file %s lacks "
|
||||
logger.error("Renewal configuration file %s lacks "
|
||||
"renewalparams. Skipping.", full_path)
|
||||
return None
|
||||
renewalparams = renewal_candidate.configuration["renewalparams"]
|
||||
if "authenticator" not in renewalparams:
|
||||
logger.warning("Renewal configuration file %s does not specify "
|
||||
logger.error("Renewal configuration file %s does not specify "
|
||||
"an authenticator. Skipping.", full_path)
|
||||
return None
|
||||
# Now restore specific values along with their data types, if
|
||||
@@ -89,7 +89,7 @@ def _reconstitute(config, full_path):
|
||||
restore_required_config_elements(config, renewalparams)
|
||||
_restore_plugin_configs(config, renewalparams)
|
||||
except (ValueError, errors.Error) as error:
|
||||
logger.warning(
|
||||
logger.error(
|
||||
"An error occurred while parsing %s. The error was %s. "
|
||||
"Skipping the file.", full_path, str(error))
|
||||
logger.debug("Traceback was:\n%s", traceback.format_exc())
|
||||
@@ -99,7 +99,7 @@ def _reconstitute(config, full_path):
|
||||
config.domains = [util.enforce_domain_sanity(d)
|
||||
for d in renewal_candidate.names()]
|
||||
except errors.ConfigurationError as error:
|
||||
logger.warning("Renewal configuration file %s references a certificate "
|
||||
logger.error("Renewal configuration file %s references a certificate "
|
||||
"that contains an invalid domain name. The problem "
|
||||
"was: %s. Skipping.", full_path, error)
|
||||
return None
|
||||
@@ -295,12 +295,12 @@ def should_renew(config, lineage):
|
||||
logger.debug("Auto-renewal forced with --force-renewal...")
|
||||
return True
|
||||
if lineage.should_autorenew():
|
||||
logger.info("Cert is due for renewal, auto-renewing...")
|
||||
logger.info("Certificate is due for renewal, auto-renewing...")
|
||||
return True
|
||||
if config.dry_run:
|
||||
logger.info("Cert not due for renewal, but simulating renewal for dry run")
|
||||
logger.info("Certificate not due for renewal, but simulating renewal for dry run")
|
||||
return True
|
||||
logger.info("Cert not yet due for renewal")
|
||||
display_util.notify("Certificate not yet due for renewal")
|
||||
return False
|
||||
|
||||
|
||||
@@ -447,7 +447,7 @@ def handle_renewal_request(config):
|
||||
try:
|
||||
renewal_candidate = _reconstitute(lineage_config, renewal_file)
|
||||
except Exception as e: # pylint: disable=broad-except
|
||||
logger.warning("Renewal configuration file %s (cert: %s) "
|
||||
logger.error("Renewal configuration file %s (cert: %s) "
|
||||
"produced an unexpected error: %s. Skipping.",
|
||||
renewal_file, lineagename, e)
|
||||
logger.debug("Traceback was:\n%s", traceback.format_exc())
|
||||
|
||||
@@ -331,7 +331,7 @@ def delete_files(config, certname):
|
||||
renewal_filename, encoding='utf-8', default_encoding='utf-8')
|
||||
except configobj.ConfigObjError:
|
||||
# config is corrupted
|
||||
logger.warning("Could not parse %s. You may wish to manually "
|
||||
logger.error("Could not parse %s. You may wish to manually "
|
||||
"delete the contents of %s and %s.", renewal_filename,
|
||||
full_default_live_dir, full_default_archive_dir)
|
||||
raise errors.CertStorageError(
|
||||
@@ -340,7 +340,7 @@ def delete_files(config, certname):
|
||||
# we couldn't read it, but let's at least delete it
|
||||
# if this was going to fail, it already would have.
|
||||
os.remove(renewal_filename)
|
||||
logger.debug("Removed %s", renewal_filename)
|
||||
logger.info("Removed %s", renewal_filename)
|
||||
|
||||
# cert files and (hopefully) live directory
|
||||
# it's not guaranteed that the files are in our default storage
|
||||
|
||||
@@ -29,7 +29,7 @@ def run_generic_updaters(config, lineage, plugins):
|
||||
try:
|
||||
installer = plug_sel.get_unprepared_installer(config, plugins)
|
||||
except errors.Error as e:
|
||||
logger.warning("Could not choose appropriate plugin for updaters: %s", e)
|
||||
logger.error("Could not choose appropriate plugin for updaters: %s", e)
|
||||
return
|
||||
if installer:
|
||||
_run_updaters(lineage, installer, config)
|
||||
|
||||
@@ -64,7 +64,8 @@ def init_save_key(
|
||||
bits=key_size, elliptic_curve=elliptic_curve or "secp256r1", key_type=key_type,
|
||||
)
|
||||
except ValueError as err:
|
||||
logger.error("", exc_info=True)
|
||||
logger.debug("", exc_info=True)
|
||||
logger.error("Encountered error while making key: %s", str(err))
|
||||
raise err
|
||||
|
||||
config = zope.component.getUtility(interfaces.IConfig)
|
||||
@@ -387,8 +388,9 @@ def _load_cert_or_req(cert_or_req_str, load_func,
|
||||
typ=crypto.FILETYPE_PEM):
|
||||
try:
|
||||
return load_func(typ, cert_or_req_str)
|
||||
except crypto.Error:
|
||||
logger.error("", exc_info=True)
|
||||
except crypto.Error as err:
|
||||
logger.debug("", exc_info=True)
|
||||
logger.error("Encountered error while loading certificate or csr: %s", str(err))
|
||||
raise
|
||||
|
||||
|
||||
@@ -589,7 +591,7 @@ def find_chain_with_issuer(fullchains, issuer_cn, warn_on_no_match=False):
|
||||
|
||||
# Nothing matched, return whatever was first in the list.
|
||||
if warn_on_no_match:
|
||||
logger.info("Certbot has been configured to prefer certificate chains with "
|
||||
logger.warning("Certbot has been configured to prefer certificate chains with "
|
||||
"issuer '%s', but no chain from the CA matched this issuer. Using "
|
||||
"the default certificate chain instead.", issuer_cn)
|
||||
return fullchains[0]
|
||||
|
||||
@@ -193,7 +193,7 @@ def _check_ocsp_cryptography(cert_path: str, chain_path: str, url: str, timeout:
|
||||
|
||||
# Check OCSP response validity
|
||||
if response_ocsp.response_status != ocsp.OCSPResponseStatus.SUCCESSFUL:
|
||||
logger.error("Invalid OCSP response status for %s: %s",
|
||||
logger.warning("Invalid OCSP response status for %s: %s",
|
||||
cert_path, response_ocsp.response_status)
|
||||
return False
|
||||
|
||||
@@ -201,13 +201,13 @@ def _check_ocsp_cryptography(cert_path: str, chain_path: str, url: str, timeout:
|
||||
try:
|
||||
_check_ocsp_response(response_ocsp, request, issuer, cert_path)
|
||||
except UnsupportedAlgorithm as e:
|
||||
logger.error(str(e))
|
||||
logger.warning(str(e))
|
||||
except errors.Error as e:
|
||||
logger.error(str(e))
|
||||
logger.warning(str(e))
|
||||
except InvalidSignature:
|
||||
logger.error('Invalid signature on OCSP response for %s', cert_path)
|
||||
logger.warning('Invalid signature on OCSP response for %s', cert_path)
|
||||
except AssertionError as error:
|
||||
logger.error('Invalid OCSP response for %s: %s.', cert_path, str(error))
|
||||
logger.warning('Invalid OCSP response for %s: %s.', cert_path, str(error))
|
||||
else:
|
||||
# Check OCSP certificate status
|
||||
logger.debug("OCSP certificate status for %s is: %s",
|
||||
|
||||
@@ -63,7 +63,7 @@ class DNSAuthenticator(common.Plugin):
|
||||
# DNS updates take time to propagate and checking to see if the update has occurred is not
|
||||
# reliable (the machine this code is running on might be able to see an update before
|
||||
# the ACME server). So: we sleep for a short amount of time we believe to be long enough.
|
||||
logger.info("Waiting %d seconds for DNS changes to propagate",
|
||||
display_util.notify("Waiting %d seconds for DNS changes to propagate" %
|
||||
self.conf('propagation-seconds'))
|
||||
sleep(self.conf('propagation-seconds'))
|
||||
|
||||
|
||||
@@ -67,7 +67,8 @@ class _LexiconAwareTestCase(Protocol):
|
||||
|
||||
class BaseLexiconAuthenticatorTest(dns_test_common.BaseAuthenticatorTest):
|
||||
|
||||
def test_perform(self: _AuthenticatorCallableLexiconTestCase):
|
||||
@test_util.patch_get_utility()
|
||||
def test_perform(self: _AuthenticatorCallableLexiconTestCase, unused_mock_get_utility):
|
||||
self.auth.perform([self.achall])
|
||||
|
||||
expected = [mock.call.add_txt_record(DOMAIN, '_acme-challenge.'+DOMAIN, mock.ANY)]
|
||||
|
||||
@@ -521,7 +521,7 @@ class Reverter:
|
||||
filesystem.replace(self.config.in_progress_dir, final_dir)
|
||||
return
|
||||
except OSError:
|
||||
logger.warning("Extreme, unexpected race condition, retrying (%s)", timestamp)
|
||||
logger.warning("Unexpected race condition, retrying (%s)", timestamp)
|
||||
|
||||
# After 10 attempts... something is probably wrong here...
|
||||
logger.error(
|
||||
|
||||
@@ -16,6 +16,7 @@ from typing import Dict
|
||||
from typing import Text
|
||||
from typing import Tuple
|
||||
from typing import Union
|
||||
import warnings
|
||||
|
||||
import configargparse
|
||||
|
||||
@@ -434,14 +435,14 @@ def safe_email(email):
|
||||
"""Scrub email address before using it."""
|
||||
if EMAIL_REGEX.match(email) is not None:
|
||||
return not email.startswith(".") and ".." not in email
|
||||
logger.warning("Invalid email address: %s.", email)
|
||||
logger.error("Invalid email address: %s.", email)
|
||||
return False
|
||||
|
||||
|
||||
class DeprecatedArgumentAction(argparse.Action):
|
||||
"""Action to log a warning when an argument is used."""
|
||||
def __call__(self, unused1, unused2, unused3, option_string=None):
|
||||
logger.warning("Use of %s is deprecated.", option_string)
|
||||
warnings.warn("Use of %s is deprecated." % option_string, DeprecationWarning)
|
||||
|
||||
|
||||
def add_deprecated_argument(add_argument, argument_name, nargs):
|
||||
|
||||
@@ -99,7 +99,8 @@ class RegisterTest(test_util.ConfigTestCase):
|
||||
self._call()
|
||||
self.assertIs(mock_prepare.called, True)
|
||||
|
||||
def test_it(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_it(self, unused_mock_get_utility):
|
||||
with mock.patch("certbot._internal.client.acme_client.BackwardsCompatibleClientV2") as mock_client:
|
||||
mock_client().external_account_required.side_effect = self._false_mock
|
||||
with mock.patch("certbot._internal.eff.handle_subscription"):
|
||||
@@ -159,7 +160,8 @@ class RegisterTest(test_util.ConfigTestCase):
|
||||
# check Certbot created an account with no email. Contact should return empty
|
||||
self.assertFalse(mock_client().new_account_and_tos.call_args[0][0].contact)
|
||||
|
||||
def test_with_eab_arguments(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_with_eab_arguments(self, unused_mock_get_utility):
|
||||
with mock.patch("certbot._internal.client.acme_client.BackwardsCompatibleClientV2") as mock_client:
|
||||
mock_client().client.directory.__getitem__ = mock.Mock(
|
||||
side_effect=self._new_acct_dir_mock
|
||||
@@ -174,7 +176,8 @@ class RegisterTest(test_util.ConfigTestCase):
|
||||
|
||||
self.assertIs(mock_eab_from_data.called, True)
|
||||
|
||||
def test_without_eab_arguments(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_without_eab_arguments(self, unused_mock_get_utility):
|
||||
with mock.patch("certbot._internal.client.acme_client.BackwardsCompatibleClientV2") as mock_client:
|
||||
mock_client().external_account_required.side_effect = self._false_mock
|
||||
with mock.patch("certbot._internal.eff.handle_subscription"):
|
||||
@@ -315,7 +318,7 @@ class ClientTest(ClientTestCommon):
|
||||
errors.Error,
|
||||
self.client.obtain_certificate_from_csr,
|
||||
test_csr)
|
||||
mock_logger.warning.assert_called_once_with(mock.ANY)
|
||||
mock_logger.error.assert_called_once_with(mock.ANY)
|
||||
|
||||
@mock.patch("certbot._internal.client.crypto_util")
|
||||
def test_obtain_certificate(self, mock_crypto_util):
|
||||
@@ -601,23 +604,23 @@ class EnhanceConfigTest(ClientTestCommon):
|
||||
self.config.hsts = True
|
||||
with mock.patch("certbot._internal.client.logger") as mock_logger:
|
||||
self.client.enhance_config([self.domain], None)
|
||||
self.assertEqual(mock_logger.warning.call_count, 1)
|
||||
self.assertEqual(mock_logger.error.call_count, 1)
|
||||
self.client.installer.enhance.assert_not_called()
|
||||
|
||||
@mock.patch("certbot._internal.client.logger")
|
||||
def test_already_exists_header(self, mock_log):
|
||||
self.config.hsts = True
|
||||
self._test_with_already_existing()
|
||||
self.assertIs(mock_log.warning.called, True)
|
||||
self.assertEqual(mock_log.warning.call_args[0][1],
|
||||
self.assertIs(mock_log.info.called, True)
|
||||
self.assertEqual(mock_log.info.call_args[0][1],
|
||||
'Strict-Transport-Security')
|
||||
|
||||
@mock.patch("certbot._internal.client.logger")
|
||||
def test_already_exists_redirect(self, mock_log):
|
||||
self.config.redirect = True
|
||||
self._test_with_already_existing()
|
||||
self.assertIs(mock_log.warning.called, True)
|
||||
self.assertEqual(mock_log.warning.call_args[0][1],
|
||||
self.assertIs(mock_log.info.called, True)
|
||||
self.assertEqual(mock_log.info.call_args[0][1],
|
||||
'redirect')
|
||||
|
||||
@mock.patch("certbot._internal.client.logger")
|
||||
|
||||
@@ -493,13 +493,13 @@ class FindChainWithIssuerTest(unittest.TestCase):
|
||||
self.assertEqual(matched, fullchains[0])
|
||||
mock_info.assert_not_called()
|
||||
|
||||
@mock.patch('certbot.crypto_util.logger.info')
|
||||
def test_warning_on_no_match(self, mock_info):
|
||||
@mock.patch('certbot.crypto_util.logger.warning')
|
||||
def test_warning_on_no_match(self, mock_warning):
|
||||
fullchains = self._all_fullchains()
|
||||
matched = self._call(fullchains, "non-existent issuer",
|
||||
warn_on_no_match=True)
|
||||
self.assertEqual(matched, fullchains[0])
|
||||
mock_info.assert_called_once_with("Certbot has been configured to prefer "
|
||||
mock_warning.assert_called_once_with("Certbot has been configured to prefer "
|
||||
"certificate chains with issuer '%s', but no chain from the CA matched "
|
||||
"this issuer. Using the default certificate chain instead.",
|
||||
"non-existent issuer")
|
||||
|
||||
@@ -345,7 +345,7 @@ class DeployHookTest(RenewalHookTest):
|
||||
mock_execute = self._call_with_mock_execute(
|
||||
self.config, ["example.org"], "/foo/bar")
|
||||
self.assertIs(mock_execute.called, False)
|
||||
self.assertTrue(mock_logger.warning.called)
|
||||
self.assertTrue(mock_logger.info.called)
|
||||
|
||||
@mock.patch("certbot._internal.hooks.logger")
|
||||
def test_no_hook(self, mock_logger):
|
||||
@@ -393,7 +393,7 @@ class RenewHookTest(RenewalHookTest):
|
||||
mock_execute = self._call_with_mock_execute(
|
||||
self.config, ["example.org"], "/foo/bar")
|
||||
self.assertIs(mock_execute.called, False)
|
||||
self.assertEqual(mock_logger.warning.call_count, 2)
|
||||
self.assertEqual(mock_logger.info.call_count, 2)
|
||||
|
||||
def test_no_hooks(self):
|
||||
self.config.renew_hook = None
|
||||
|
||||
@@ -1146,8 +1146,9 @@ class MainTest(test_util.ConfigTestCase):
|
||||
log_out="Auto-renewal forced")
|
||||
self.assertEqual(get_utility().add_message.call_count, 1)
|
||||
|
||||
self._test_renewal_common(False, ['-tvv', '--debug', '--keep'],
|
||||
log_out="not yet due", should_renew=False)
|
||||
_, get_utility, _ = self._test_renewal_common(False, ['-tvv', '--debug', '--keep'],
|
||||
should_renew=False)
|
||||
self.assertIn('not yet due', get_utility().notification.call_args[0][0])
|
||||
|
||||
def _dump_log(self):
|
||||
print("Logs:")
|
||||
|
||||
@@ -42,7 +42,8 @@ class DNSAuthenticatorTest(test_util.TempDirTestCase, dns_test_common.BaseAuthen
|
||||
|
||||
self.auth = DNSAuthenticatorTest._FakeDNSAuthenticator(self.config, "fake")
|
||||
|
||||
def test_perform(self):
|
||||
@test_util.patch_get_utility()
|
||||
def test_perform(self, unused_mock_get_utility):
|
||||
self.auth.perform([self.achall])
|
||||
|
||||
self.auth._perform.assert_called_once_with(dns_test_common.DOMAIN, mock.ANY, mock.ANY)
|
||||
|
||||
@@ -346,19 +346,19 @@ class AddDeprecatedArgumentTest(unittest.TestCase):
|
||||
|
||||
def test_warning_no_arg(self):
|
||||
self._call("--old-option", 0)
|
||||
with mock.patch("certbot.util.logger.warning") as mock_warn:
|
||||
with mock.patch("warnings.warn") as mock_warn:
|
||||
self.parser.parse_args(["--old-option"])
|
||||
self.assertEqual(mock_warn.call_count, 1)
|
||||
self.assertIn("is deprecated", mock_warn.call_args[0][0])
|
||||
self.assertEqual("--old-option", mock_warn.call_args[0][1])
|
||||
self.assertIn("--old-option", mock_warn.call_args[0][0])
|
||||
|
||||
def test_warning_with_arg(self):
|
||||
self._call("--old-option", 1)
|
||||
with mock.patch("certbot.util.logger.warning") as mock_warn:
|
||||
with mock.patch("warnings.warn") as mock_warn:
|
||||
self.parser.parse_args(["--old-option", "42"])
|
||||
self.assertEqual(mock_warn.call_count, 1)
|
||||
self.assertIn("is deprecated", mock_warn.call_args[0][0])
|
||||
self.assertEqual("--old-option", mock_warn.call_args[0][1])
|
||||
self.assertIn("--old-option", mock_warn.call_args[0][0])
|
||||
|
||||
def test_help(self):
|
||||
self._call("--old-option", 2)
|
||||
|
||||
@@ -133,7 +133,7 @@ def set_up_command(config_dir, logs_dir, work_dir, nginx_dir):
|
||||
return (
|
||||
'certbot --cert-path {0} --key-path {1} --config-dir {2} '
|
||||
'--logs-dir {3} --work-dir {4} --nginx-server-root {5} --debug '
|
||||
'--force-renewal --nginx --verbose '.format(
|
||||
'--force-renewal --nginx -vv '.format(
|
||||
test_util.vector_path('cert.pem'),
|
||||
test_util.vector_path('rsa512_key.pem'),
|
||||
config_dir, logs_dir, work_dir, nginx_dir).split())
|
||||
|
||||
Reference in New Issue
Block a user