From 04fabf1408165b4d7a4fa7397f900ff6ed0ae590 Mon Sep 17 00:00:00 2001 From: Eugene Kazakov Date: Wed, 16 Dec 2015 16:47:45 +0600 Subject: Check an enhancement is supported before applying (fixes #1432). --- letsencrypt/client.py | 7 ++++--- letsencrypt/tests/client_test.py | 17 +++++++++++++++++ 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/letsencrypt/client.py b/letsencrypt/client.py index f7010e09d..080ee7991 100644 --- a/letsencrypt/client.py +++ b/letsencrypt/client.py @@ -407,9 +407,10 @@ class Client(object): logger.warning("No config is specified.") raise errors.Error("No config available") - redirect = config.redirect - hsts = config.hsts - uir = config.uir # Upgrade Insecure Requests + supported = self.installer.supported_enhancements() + redirect = config.redirect if "redirect" in supported else False + hsts = config.hsts if "ensure-http-header" in supported else False + uir = config.uir if "ensure-http-header" in supported else False if redirect is None: redirect = enhancements.ask("redirect") diff --git a/letsencrypt/tests/client_test.py b/letsencrypt/tests/client_test.py index 578cd77ab..6b76f70c9 100644 --- a/letsencrypt/tests/client_test.py +++ b/letsencrypt/tests/client_test.py @@ -240,6 +240,7 @@ class ClientTest(unittest.TestCase): mock_enhancements.ask.return_value = True installer = mock.MagicMock() self.client.installer = installer + installer.supported_enhancements.return_value = ["redirect"] self.client.enhance_config(["foo.bar"], config) installer.enhance.assert_called_once_with("foo.bar", "redirect", None) @@ -255,6 +256,7 @@ class ClientTest(unittest.TestCase): mock_enhancements.ask.return_value = True installer = mock.MagicMock() self.client.installer = installer + installer.supported_enhancements.return_value = ["redirect", "ensure-http-header"] config = ConfigHelper(redirect=True, hsts=False, uir=False) self.client.enhance_config(["foo.bar"], config) @@ -273,6 +275,17 @@ class ClientTest(unittest.TestCase): self.assertEqual(installer.save.call_count, 3) self.assertEqual(installer.restart.call_count, 3) + @mock.patch("letsencrypt.client.enhancements") + def test_enhance_config_unsupported(self, mock_enhancements): + installer = mock.MagicMock() + self.client.installer = installer + installer.supported_enhancements.return_value = [] + + config = ConfigHelper(redirect=None, hsts=True, uir=True) + self.client.enhance_config(["foo.bar"], config) + installer.enhance.assert_not_called() + mock_enhancements.ask.assert_not_called() + def test_enhance_config_no_installer(self): config = ConfigHelper(redirect=True, hsts=False, uir=False) self.assertRaises(errors.Error, @@ -285,6 +298,7 @@ class ClientTest(unittest.TestCase): mock_enhancements.ask.return_value = True installer = mock.MagicMock() self.client.installer = installer + installer.supported_enhancements.return_value = ["redirect"] installer.enhance.side_effect = errors.PluginError config = ConfigHelper(redirect=True, hsts=False, uir=False) @@ -301,6 +315,7 @@ class ClientTest(unittest.TestCase): mock_enhancements.ask.return_value = True installer = mock.MagicMock() self.client.installer = installer + installer.supported_enhancements.return_value = ["redirect"] installer.save.side_effect = errors.PluginError config = ConfigHelper(redirect=True, hsts=False, uir=False) @@ -317,6 +332,7 @@ class ClientTest(unittest.TestCase): mock_enhancements.ask.return_value = True installer = mock.MagicMock() self.client.installer = installer + installer.supported_enhancements.return_value = ["redirect"] installer.restart.side_effect = [errors.PluginError, None] config = ConfigHelper(redirect=True, hsts=False, uir=False) @@ -335,6 +351,7 @@ class ClientTest(unittest.TestCase): mock_enhancements.ask.return_value = True installer = mock.MagicMock() self.client.installer = installer + installer.supported_enhancements.return_value = ["redirect"] installer.restart.side_effect = errors.PluginError installer.rollback_checkpoints.side_effect = errors.ReverterError -- cgit v1.2.3