Age | Commit message (Collapse) | Author |
|
|
|
After a brief discussion in Mattermost, I shut down letsencrypt.readthedocs.io. Turns out we were linking to it in our README here so let's remove the broken link.
I didn't update the link to point to one of the readthedocs projects we still have because are main Certbot docs are self-hosted rather than being on readthedocs.
|
|
|
|
Currently if you go to https://certbot.eff.org/docs/api/certbot.crypto_util.html, there is a todo comment displayed at the top of the page. These todos were written for developers, not users, so I do not think they should be shown from our documentation.
This PR makes the quick and easy fix of configuring Sphinx not to show these todo items. I created #7752 to track removing all of these todos from our docstrings and disabling the Sphinx todo extension.
* Set todo_include_todos=False in sphinx-quickstart
* Remove todos from existing docs.
|
|
[Apache v2] Merge apache-parser-v2 feature branch back to master
|
|
[nginx] Parse $hostname in `server_name`
|
|
|
|
|
|
|
|
Don't verify certificate in HTTP01Response.simple_verify (certbot#6614)
|
|
|
|
|
|
* Configure travis-test to only run on Travis.
* Configure azure-test to only run on Azure.
* Add docs and comments to keep it up-to-date.
|
|
Fixes #7745.
|
|
As discussed in #7539, we need proper tests of the Windows installer itself in order to variety that all the logic contained in a production-grade runtime of Certbot on Windows is correctly setup by each version of the installer, and so for a variety of Windows OSes.
This PR handles this requirement. The new `windows_installer_integration_tests` module in `certbot-ci` will:
* run the given Windows installer
* check that Certbot is properly installed and working
* check that the scheduled renew task is set up
* check that the scheduled task actually launch the Certbot renew logic
The Windows nightly tests are updated accordingly, in order to have the tests run on Windows Server 2012R2, 2016 and 2019.
These tests will evolve as we add more logic on the installer.
* Configure an integration test testing the windows installer
* Write the test module
* Configurable installer path, prepare azure pipelines
* Fix option
* Update test_main.py
* Add confirmation for this destructive test
* Use regex to validate certbot --version output
* Explicit dependency on a log output
* Use an exception to ask confirmation
* Use --allow-persistent-changes
|
|
Candidate 1.2.0
|
|
Fix a typo in Nginx
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When I want to manually run the full test suite to test something, I've been manually deleting our notification setup from `.travis.yml` to avoid spamming IRC with my personal test failures.
This PR sets this behavior up to happen automatically by turning off IRC notifications in test branches. You can see this working by noticing the IRC notification section in the bottom of the config for this PR at https://travis-ci.com/certbot/certbot/builds/146827907/config and the fact that it is absent from a `test-` branch based on this one at https://travis-ci.com/certbot/certbot/jobs/282059094/config.
|
|
|
|
[Apache v2] Merge master to apache-parser-v2
|
|
|
|
|
|
Based on discussion at https://github.com/certbot/certbot/pull/7712#discussion_r371451761.
* Remove SSLCompression off line from all config options
* Update changelog
|
|
Fixes #7463.
* Add backwards compatibility docs.
* Exclude certbot-auto
|
|
A while ago Cloudflare added support for limited-scope API Tokens in place of using a global API key, but support for them in cloudflare/python-cloudflare took a while to get through.
In summary, this PR:
- Implements token functionality through the INI file parameter `dns_cloudflare_api_token` (in addition to the traditional `dns_cloudflare_email` and `dns_cloudflare_api_key`). This needed a more advanced parameter validator than the built in `required_variables` mechanism.
- Updates the docs to reflect the new option, needed token permissions, and version details of the `cloudflare` module
* Update python-cloudflare version
* Add Cloudflare API Token support to certbot-dns-cloudflare
* Add token-specific errors to certbot-dns-cloudflare
* Tidy up certbot-dns-cloudflare
* Implement Cloudflare API Tokens in testing for certbot-dns-cloudflare(needs work)
* Further tidying of certbot-dns-cloudflare
* Update CHANGELOG with Cloudflare API Tokens implementation
* Improve testing of certbot-dns-cloudflare
* Improve certbot-dns-cloudflare test formatting
* Further improve testing for certbot-dns-cloudflare
* Change needed permissions for token
* Add documentation regarding python-cloudflare version
* Fix changelog, references to python-cloudflare and docs
* Fix behaviour when domain does not match cloudflare root domain. Improve error handling.
* Improve testing
* Improve hints and error handling
|
|
|
|
* Unpin dependencies pinned back for py3.4 support.
* update pinned packages
* run build.py
* Update boto3 and deps to work with requests
|
|
in Apache (#7712)
Part of #7204.
Makes the smaller changes described at https://github.com/certbot/certbot/issues/7204#issuecomment-571838185 to disable many old ciphersuites and TLS versions < 1.2. Does not add checks for OpenSSL version or modify session tickets.
Since Apache uses TLS protocol blacklisting instead of whitelisting (as in NGINX), we additionally may not need to determine if the server supports TLS1.3 and turn it on or off based on Apache version.
* Update SSL versions and ciphersuites based on Mozilla intermediate recommendations for apache
* Update constants with hashes of new config files
* Update changelog
|
|
Fixes #7393.
* Remove Python 3.4 classifiers
* Remove unneeded typing dependency
* Exclude Python 3.4 in python_requires
* Remove Python 3.4 deprecation warning
* update changelog
|
|
As mentioned in https://github.com/certbot/certbot/pull/7712#discussion_r370419867, it's time to remove this ciphersuite now that Windows 2008 R2 and Windows 7 are EOLed.
* Remove ECDHE-RSA-AES128-SHA from NGINX ciphers list to celebrate Windows 2008 R2 deprecation
* Update changelog
|
|
* Fix collections.abc imports for Python 3.9
* Update AUTHORS.md
* No longer ignore collections.abc deprecation warning
* Update changelog
* Remove outdated comment
* Disabling no-name-in-module not needed as linting is on Python 3
|
|
|
|
* use MD5 in non-security mode to get around FIPS issue
* update CHANGELOG
* add myself to AUTHORS
* ignore hashlib params
|
|
|
|
|
|
* Do not use git diff.
* Add a warning on exit.
|
|
|
|
* Add --allow-downgrade to chocolatey command.
* Upgrade tests to use Python 3.8.1.
|
|
|
|
|
|
|
|
Fixes the problem found at https://github.com/certbot/certbot/pull/7682#discussion_r367140415.
|
|
|