certbot.plugins.common

Plugin common functions.

certbot.plugins.common.option_namespace(name)[source]

ArgumentParser options namespace (prefix of all options).

certbot.plugins.common.dest_namespace(name)[source]

ArgumentParser dest namespace (prefix of all destinations).

class certbot.plugins.common.Plugin(config, name)[source]

Bases: object

Generic plugin.

classmethod add_parser_arguments(add)[source]

Add plugin arguments to the CLI argument parser.

NOTE: If some of your flags interact with others, you can use cli.report_config_interaction to register this to ensure values are correctly saved/overridable during renewal.

Parameters:add (callable) – Function that proxies calls to argparse.ArgumentParser.add_argument prepending options with unique plugin name prefix.
classmethod inject_parser_options(parser, name)[source]

Inject parser options.

See inject_parser_options for docs.

option_namespace

ArgumentParser options namespace (prefix of all options).

option_name(name)[source]

Option name (include plugin namespace).

dest_namespace

ArgumentParser dest namespace (prefix of all destinations).

dest(var)[source]

Find a destination for given variable var.

conf(var)[source]

Find a configuration value for variable var.

class certbot.plugins.common.Installer(*args, **kwargs)[source]

Bases: certbot.plugins.common.Plugin

An installer base class with reverter and ssl_dhparam methods defined.

Installer plugins do not have to inherit from this class.

add_to_checkpoint(save_files, save_notes, temporary=False)[source]

Add files to a checkpoint.

Parameters:
  • save_files (set) – set of filepaths to save
  • save_notes (str) – notes about changes during the save
  • temporary (bool) – True if the files should be added to a temporary checkpoint rather than a permanent one. This is usually used for changes that will soon be reverted.
Raises:

errors.PluginError – when unable to add to checkpoint

finalize_checkpoint(title)[source]

Timestamp and save changes made through the reverter.

Parameters:title (str) – Title describing checkpoint
Raises:errors.PluginError – when an error occurs
recovery_routine()[source]

Revert all previously modified files.

Reverts all modified files that have not been saved as a checkpoint

Raises:errors.PluginError – If unable to recover the configuration
revert_temporary_config()[source]

Rollback temporary checkpoint.

Raises:errors.PluginError – when unable to revert config
rollback_checkpoints(rollback=1)[source]

Rollback saved checkpoints.

Parameters:rollback (int) – Number of checkpoints to revert
Raises:errors.PluginError – If there is a problem with the input or the function is unable to correctly revert the configuration
view_config_changes()[source]

Show all of the configuration changes that have taken place.

Raises:errors.PluginError – If there is a problem while processing the checkpoints directories.
ssl_dhparams

Full absolute path to ssl_dhparams file.

updated_ssl_dhparams_digest

Full absolute path to digest of updated ssl_dhparams file.

install_ssl_dhparams()[source]

Copy Certbot’s ssl_dhparams file into the system’s config dir if required.

class certbot.plugins.common.Addr(tup, ipv6=False)[source]

Bases: object

Represents an virtual host address.

Parameters:
  • addr (str) – addr part of vhost address
  • port (str) – port number or *, or “”
classmethod fromstring(str_addr)[source]

Initialize Addr from string.

normalized_tuple()[source]

Normalized representation of addr/port tuple

get_addr()[source]

Return addr part of Addr object.

get_port()[source]

Return port.

get_addr_obj(port)[source]

Return new address object with same addr and new port.

_normalize_ipv6(addr)[source]

Return IPv6 address in normalized form, helper function

get_ipv6_exploded()[source]

Return IPv6 in normalized form

_explode_ipv6(addr)[source]

Explode IPv6 address for comparison

class certbot.plugins.common.TLSSNI01(configurator)[source]

Bases: object

Abstract base for TLS-SNI-01 challenge performers

add_chall(achall, idx=None)[source]

Add challenge to TLSSNI01 object to perform at once.

Parameters:
get_cert_path(achall)[source]

Returns standardized name for challenge certificate.

Parameters:achall (KeyAuthorizationAnnotatedChallenge) – Annotated tls-sni-01 challenge.
Returns:certificate file name
Return type:str
get_key_path(achall)[source]

Get standardized path to challenge key.

get_z_domain(achall)[source]

Returns z_domain (SNI) name for the challenge.

_setup_challenge_cert(achall, cert_key=None)[source]

Generate and write out challenge certificate.

certbot.plugins.common.install_version_controlled_file(dest_path, digest_path, src_path, all_hashes)[source]

Copy a file into an active location (likely the system’s config dir) if required.

Parameters:
  • dest_path (str) – destination path for version controlled file
  • digest_path (str) – path to save a digest of the file in
  • src_path (str) – path to version controlled file found in distribution
  • all_hashes (list) – hashes of every released version of the file
certbot.plugins.common.dir_setup(test_dir, pkg)[source]

Setup the directories necessary for the configurator.