def _check_certificate_and_key(config): if not os.path.isfile(filesystem.realpath(config.cert_path)): raise errors.ConfigurationError("Error while reading certificate from path " "{0}".format(config.cert_path)) if not os.path.isfile(filesystem.realpath(config.key_path)): raise errors.ConfigurationError("Error while reading private key from path " "{0}".format(config.key_path))
def test_update_live_symlinks(self): """Test update_live_symlinks""" # create files with incorrect symlinks from certbot._internal import cert_manager archive_paths = {} for domain in self.domains: custom_archive = self.domains[domain] if custom_archive is not None: archive_dir_path = custom_archive else: archive_dir_path = os.path.join(self.config.default_archive_dir, domain) archive_paths[domain] = {kind: os.path.join(archive_dir_path, kind + "1.pem") for kind in ALL_FOUR} for kind in ALL_FOUR: live_path = self.config_files[domain][kind] archive_path = archive_paths[domain][kind] open(archive_path, 'a').close() # path is incorrect but base must be correct os.symlink(os.path.join(self.config.config_dir, kind + "1.pem"), live_path) # run update symlinks cert_manager.update_live_symlinks(self.config) # check that symlinks go where they should prev_dir = os.getcwd() try: for domain in self.domains: for kind in ALL_FOUR: os.chdir(os.path.dirname(self.config_files[domain][kind])) self.assertEqual( filesystem.realpath(filesystem.readlink(self.config_files[domain][kind])), filesystem.realpath(archive_paths[domain][kind])) finally: os.chdir(prev_dir)
def test_symlink_loop_mitigation(self): link1_path = os.path.join(self.tempdir, 'link1') link2_path = os.path.join(self.tempdir, 'link2') link3_path = os.path.join(self.tempdir, 'link3') os.symlink(link1_path, link2_path) os.symlink(link2_path, link3_path) os.symlink(link3_path, link1_path) with self.assertRaises(RuntimeError) as error: filesystem.realpath(link1_path) self.assertTrue('link1 is a loop!' in str(error.exception))
def restart(self): # type: ignore """Restart or refresh the server content. :raises .PluginError: when server cannot be restarted """ print("*********** ReStart Initiated ********* ") try: if self.conf("service-name"): logger.debug("Restarting tomcat as a service") if platform.system() in ('Windows'): value = subprocess.call('''sc stop ''' + self.conf("service-name"), shell=True) time.sleep(10) value = subprocess.call('''sc start ''' + self.conf("service-name"), shell=True) else: value = subprocess.call('''service ''' + self.conf("service-name") + ''' stop ''', shell=True) time.sleep(10) value = subprocess.call('''service ''' + self.conf("service-name") + ''' start ''', shell=True) else: os.environ["CATALINA_HOME"] = (os.path.dirname( os.path.dirname(filesystem.realpath(self.conf("ctl"))))) os.environ["CATALINA_BASE"] = (os.path.dirname( filesystem.realpath(self.conf("server-root")))) logger.debug("Restarting tomcat as a process") if platform.system() in ('Windows'): value = subprocess.call(self.conf("ctl"), shell=True) time.sleep(5) with open(os.devnull, 'w') as FNULL: value = subprocess.call(self.conf("ctl").replace( "shutdown.bat", "startup.bat"), stdout=FNULL, stderr=FNULL, shell=True) else: value = subprocess.call(self.conf("ctl"), shell=True) time.sleep(5) value = subprocess.call(self.conf("ctl").replace( "shutdown.sh", "startup.sh"), shell=True) except (OSError, ValueError): raise errors.MisconfigurationError("Tomcat restart failed")
def test_read_file(self): curr_dir = os.getcwd() try: # On Windows current directory may be on a different drive than self.tempdir. # However a relative path between two different drives is invalid. So we move to # self.tempdir to ensure that we stay on the same drive. os.chdir(self.tempdir) # The read-only filesystem introduced with macOS Catalina can break # code using relative paths below. See # https://bugs.python.org/issue38295 for another example of this. # Eliminating any possible symlinks in self.tempdir before passing # it to os.path.relpath solves the problem. This is done by calling # filesystem.realpath which removes any symlinks in the path on # POSIX systems. real_path = filesystem.realpath(os.path.join(self.tempdir, 'foo')) relative_path = os.path.relpath(real_path) self.assertRaises(argparse.ArgumentTypeError, cli.read_file, relative_path) test_contents = b'bar\n' with open(relative_path, 'wb') as f: f.write(test_contents) path, contents = cli.read_file(relative_path) self.assertEqual(path, os.path.abspath(path)) self.assertEqual(contents, test_contents) finally: os.chdir(curr_dir)
def expanded_tempdir(prefix): """Return the real path of a temp directory with the specified prefix Some plugins rely on real paths of symlinks for working correctly. For example, certbot-apache uses real paths of configuration files to tell a virtual host from another. On systems where TMP itself is a symbolic link, (ex: OS X) such plugins will be confused. This function prevents such a case. """ return filesystem.realpath(tempfile.mkdtemp(prefix))
def test_get_sysconfig_vars(self): """Make sure we read the Gentoo APACHE2_OPTS variable correctly""" defines = ['DEFAULT_VHOST', 'INFO', 'SSL', 'SSL_DEFAULT_VHOST', 'LANGUAGE'] self.config.parser.apacheconfig_filep = filesystem.realpath( os.path.join(self.config.parser.root, "../conf.d/apache2")) self.config.parser.variables = {} with mock.patch("certbot_apache._internal.override_gentoo.GentooParser.update_modules"): self.config.parser.update_runtime_variables() for define in defines: self.assertTrue(define in self.config.parser.variables.keys())
def test_symlink_resolution(self): # Absolute resolution link_path = os.path.join(self.tempdir, 'link_abs') os.symlink(self.probe_path, link_path) self.assertEqual(self.probe_path, filesystem.realpath(self.probe_path)) self.assertEqual(self.probe_path, filesystem.realpath(link_path)) # Relative resolution curdir = os.getcwd() link_path = os.path.join(self.tempdir, 'link_rel') probe_name = os.path.basename(self.probe_path) try: os.chdir(os.path.dirname(self.probe_path)) os.symlink(probe_name, link_path) self.assertEqual(self.probe_path, filesystem.realpath(probe_name)) self.assertEqual(self.probe_path, filesystem.realpath(link_path)) finally: os.chdir(curdir)
def enable_site(self, vhost: VirtualHost) -> None: """Enables an available site, Apache reload required. .. note:: Does not make sure that the site correctly works or that all modules are enabled appropriately. :param vhost: vhost to enable :type vhost: :class:`~certbot_apache._internal.obj.VirtualHost` :raises .errors.NotSupportedError: If filesystem layout is not supported. """ if vhost.enabled: return None enabled_path = ("%s/sites-enabled/%s" % (self.parser.root, os.path.basename(vhost.filep))) if not os.path.isdir(os.path.dirname(enabled_path)): # For some reason, sites-enabled / sites-available do not exist # Call the parent method return super().enable_site(vhost) self.reverter.register_file_creation(False, enabled_path) try: os.symlink(vhost.filep, enabled_path) except OSError as err: if os.path.islink(enabled_path) and filesystem.realpath( enabled_path) == vhost.filep: # Already in shape vhost.enabled = True return None logger.error( "Could not symlink %s to %s, got error: %s", enabled_path, vhost.filep, err.strerror) errstring = ("Encountered error while trying to enable a " + "newly created VirtualHost located at {0} by " + "linking to it from {1}") raise errors.NotSupportedError(errstring.format(vhost.filep, enabled_path)) vhost.enabled = True logger.info("Enabling available site: %s", vhost.filep) self.save_notes += "Enabled site %s\n" % vhost.filep return None
def test_get_sysconfig_vars(self, mock_cfg): """Make sure we read the sysconfig OPTIONS variable correctly""" # Return nothing for the process calls mock_cfg.return_value = "" self.config.parser.sysconfig_filep = filesystem.realpath( os.path.join(self.config.parser.root, "../sysconfig/httpd")) self.config.parser.variables = {} with mock.patch("certbot.util.get_os_info") as mock_osi: # Make sure we have the have the CentOS httpd constants mock_osi.return_value = ("centos", "7") self.config.parser.update_runtime_variables() self.assertTrue("mock_define" in self.config.parser.variables.keys()) self.assertTrue("mock_define_too" in self.config.parser.variables.keys()) self.assertTrue("mock_value" in self.config.parser.variables.keys()) self.assertEqual("TRUE", self.config.parser.variables["mock_value"]) self.assertTrue("MOCK_NOSEP" in self.config.parser.variables.keys()) self.assertEqual("NOSEP_VAL", self.config.parser.variables["NOSEP_TWO"])