Random small changes

EULA

@@ -2,4 +2,4 @@ This is a PREVIEW RELEASE of a client application for the Let's Encrypt certific
 
 Until publicly-trusted certificates can be issued by Let's Encrypt, this software CANNOT OBTAIN A PUBLICLY-TRUSTED CERTIFICATE FOR YOUR WEB SERVER.  You should only use this program if you are a developer interested in experimenting with the ACME protocol or in helping to improve this software.  If you want to configure your web site with HTTPS in the meantime, please obtain a certificate from a different authority.
 
-For updates on the status of Let's Encrypt, please visit the Let's Encrypt home page at https://www.letsencrypt.org/.
+For updates on the status of Let's Encrypt, please visit the Let's Encrypt home page at https://letsencrypt.org/.

letsencrypt/client/apache_configurator.py

@@ -370,7 +370,7 @@ def is_name_vhost(self, target_addr):
 
         Checks if addr has a NameVirtualHost directive in the Apache config
 
-        :param str addr: vhost address ie. \*:443
+        :param str addr: vhost address ie. *:443
 
         :returns: Success
         :rtype: bool
@@ -1176,26 +1176,7 @@ def restart(self, quiet=False):
         :rtype: bool
 
         """
-        # TODO: This should be written to use the process returncode
-        try:
-            proc = subprocess.Popen(['/etc/init.d/apache2', 'restart'],
-                                    stdout=subprocess.PIPE,
-                                    stderr=subprocess.PIPE)
-            text = proc.communicate()
-
-            if proc.returncode != 0:
-                # Enter recovery routine...
-                logger.error("Configtest failed")
-                logger.error(text[0])
-                logger.error(text[1])
-            return False
-
-        except (OSError, ValueError):
-            logger.fatal(("Apache Restart Failed - "
-                          "Please Check the Configuration"))
-            sys.exit(1)
-
-        return True
+        return apache_restart(quiet)
 
     def _add_httpd_transform(self, incl):
         """Add a transform to Augeas.
@@ -1240,6 +1221,9 @@ def config_test(self):
     # Challenges Section
     ###########################################################################
 
+    # TODO: Change list_sni_tuple to namedtuple. Also include key within tuple.
+    #       This allows the keys to be different for each SNI challenge
+
     def perform(self, chall_dict):
         """Perform the configuration related challenge.
 
@@ -1254,11 +1238,14 @@ def perform(self, chall_dict):
     def dvsni_perform(self, chall_dict):
         """Peform a DVSNI challenge.
 
-        Composed of
-        list_sni_tuple: List of tuples with form (addr, r, nonce)
-            addr (string), r (base64 string), nonce (hex string)
+        chall_dict composed of:
 
-        dvsni_key: namedtuple - client.Client.Key()
+        list_sni_tuple:
+            List of tuples with form `(addr, r, nonce)`
+            `addr` (`string`), `r` (base64 `str`), `nonce` (hex `str`)
+
+        dvsni_key:
+            :class:`client.Client.Key`
 
         :param dict chall_dict: dvsni challenge - see documentation
 
@@ -1327,12 +1314,12 @@ def dvsni_mod_config(self, list_sni_tuple, dvsni_key,
 
         Result: Apache config includes virtual servers for issued challs
 
-        :param list_sni_tuple: list of tuples with the form (addr, y, nonce)
-            addr (string), y (byte array), nonce (hex str)
-        :type list_sni_tuple: list
+        :param list list_sni_tuple: list of tuples with the form
+            `(addr, y, nonce)`, where `addr` is `str`, y is `byte array`,
+            `nonce` is `str`
 
         :param dvsni_key: Namedtuple with file, pem
-        :type dvsni_key: `client.Client.Key` - namedtuple
+        :type dvsni_key: :class:`client.Client.Key`
 
         :param list ll_addrs: list of list of addresses to apply
 
@@ -1447,6 +1434,29 @@ def check_ssl_loaded():
     return False
 
 
+def apache_restart(quiet=False):
+    # TODO: This should be written to use the process returncode
+    try:
+        proc = subprocess.Popen(['/etc/init.d/apache2', 'restart'],
+                                stdout=subprocess.PIPE,
+                                stderr=subprocess.PIPE)
+        text = proc.communicate()
+
+        if proc.returncode != 0:
+            # Enter recovery routine...
+            logger.error("Configtest failed")
+            logger.error(text[0])
+            logger.error(text[1])
+            return False
+
+    except (OSError, ValueError):
+        logger.fatal(("Apache Restart Failed - "
+                      "Please Check the Configuration"))
+        sys.exit(1)
+
+    return True
+
+
 def verify_setup():
     """Verify the setup to ensure safe operating environment.
 

letsencrypt/client/client.py

@@ -64,10 +64,10 @@ def __init__(self, ca_server, cert_signing_request=CSR(None, None, None),
         try:
             self._validate_csr_key_cli()
 
-        except errors.LetsEncryptClientError as e:
+        except errors.LetsEncryptClientError as exc:
             # TODO: Something nice here...
             logger.fatal(("%s - until the programmers get their act together, "
-                          "we are just going to exit" % str(e)))
+                          "we are just going to exit" % str(exc)))
             sys.exit(1)
         self.server_url = "https://%s/acme/" % self.server
 
@@ -91,8 +91,6 @@ def authenticate(self, domains=None, redirect=None, eula=False):
         if not self.config.config_test():
             sys.exit(1)
 
-        self.redirect = redirect
-
         # Display preview warning
         if not eula:
             with open('EULA') as eula_file:
@@ -141,7 +139,7 @@ def authenticate(self, domains=None, redirect=None, eula=False):
         cert_file = self.install_certificate(certificate_dict, vhost)
 
         # Perform optimal config changes
-        self.optimize_config(vhost)
+        self.optimize_config(vhost, redirect)
 
         self.config.save("Completed Let's Encrypt Authentication")
 
@@ -428,11 +426,19 @@ def install_certificate(self, certificate_dict, vhost):
 
         return cert_file
 
-    def optimize_config(self, vhost):
-        if self.redirect is None:
-            self.redirect = display.redirect_by_default()
+    def optimize_config(self, vhost, redirect):
+        """Optimize the configuration.
+
+        :param vhost: vhost to optimize
+        :type vhost: :class:`apache_configurator.VH`
+
+        :param bool redirect: If traffic should be forwarded from HTTP to HTTPS
+
+        """
+        if redirect is None:
+            redirect = display.redirect_by_default()
 
-        if self.redirect:
+        if redirect:
             self.redirect_to_ssl(vhost)
             self.config.restart(quiet=self.curses)
 
@@ -447,6 +453,11 @@ def optimize_config(self, vhost):
         #    continue
 
     def cleanup_challenges(self, challenges):
+        """Cleanup configuration challenges
+
+        :param dict challenges: challenges from a challenge message
+
+        """
         logger.info("Cleaning up challenges...")
         for chall in challenges:
             if chall["type"] in CONFIG.CONFIG_CHALLENGES:
@@ -541,6 +552,12 @@ def store_cert_key(self, cert_file, encrypt=False):
         return True
 
     def redirect_to_ssl(self, vhost):
+        """Redirect all traffic from HTTP to HTTPS
+
+        :param vhost: list of ssl_vhosts
+        :type vhost: :class:`apache_configurator.VH`
+
+        """
         for ssl_vh in vhost:
             success, redirect_vhost = self.config.enable_redirect(ssl_vh)
             logger.info("\nRedirect vhost: " + redirect_vhost.file +
@@ -550,6 +567,14 @@ def redirect_to_ssl(self, vhost):
                 self.config.enable_site(redirect_vhost)
 
     def get_virtual_hosts(self, domains):
+        """Retrieve the appropriate virtual host for the domain
+
+        :param list domains: Domains to find ssl vhosts for
+
+        :returns: associated vhosts
+        :rtype: :class:`apache_configurator.VH`
+
+        """
         vhost = set()
         for name in domains:
             host = self.config.choose_virtual_host(name)

letsencrypt/client/recovery_contact_challenge.py

@@ -1,4 +1,9 @@
-"""Recovery Contact Identifier Validation Challenge."""
+"""Recovery Contact Identifier Validation Challenge.
+
+NOTE: THIS CLASS IS NOT FULLY IMPLEMENTED INTO THE PROJECT
+YET.
+
+"""
 import time
 
 import dialog
@@ -101,7 +106,6 @@ def prompt_continue(self, quiet=True):
 
         return ans.startswith('y') or ans.startswith('Y')
 
-
     def generate_response(self):
         if not self.token:
             return {"type": "recoveryContact"}

letsencrypt/client/recovery_token_challenge.py

@@ -1,4 +1,9 @@
-"""Recovery Token Identifier Validation Challenge."""
+"""Recovery Token Identifier Validation Challenge.
+
+NOTE: THIS CHALLENGE IS NOT IMPLEMENTED OR INCLUDED
+IN THE PROJECT CURRENTLY
+
+"""
 import dialog
 
 from letsencrypt.client import challenge