fix merge

.coveragerc

@@ -0,0 +1,3 @@
+[report]
+# show lines missing coverage in output
+show_missing = True

.gitattributes

@@ -1,7 +1,16 @@
-* text=auto eol=lf
+#Default, normalize CRLF into LF in non-binary files
+# Files identified as binary by Git are not changed
+* crlf=auto
 
 # special files
+*.sh crlf=input
+*.py crlf=input
+
 *.bat text eol=crlf
+
+*.der binary
+*.gz binary
 *.jpeg binary
 *.jpg binary
 *.png binary
+*.gz binary

.travis.yml

@@ -4,26 +4,18 @@ cache:
     directories:
         - $HOME/.cache/pip
 
-services:
-  - rabbitmq
-  - mariadb
-  # apacheconftest
-  #- apache2
+# This makes sure we get a host with docker-compose present.
+dist: trusty
 
-# http://docs.travis-ci.com/user/ci-environment/#CI-environment-OS
-# gimme has to be kept in sync with Boulder's Go version setting in .travis.yml
 before_install:
   - 'dpkg -s libaugeas0'
-  - '[ "xxx$BOULDER_INTEGRATION" = "xxx" ] || eval "$(gimme 1.5.1)"'
 
 # using separate envs with different TOXENVs creates 4x1 Travis build
 # matrix, which allows us to clearly distinguish which component under
 # test has failed
 env:
   global:
-    - GOPATH=/tmp/go
-    - PATH=$GOPATH/bin:$PATH
-    - GO15VENDOREXPERIMENT=1  # Fixes problems with vendor directories
+    - BOULDERPATH=$PWD/boulder/
 
 matrix:
   include:
@@ -93,7 +85,6 @@ addons:
     - boulder
     - boulder-mysql
     - boulder-rabbitmq
-  mariadb: "10.0"
   apt:
     sources:
     - augeas
@@ -109,13 +100,11 @@ addons:
     # For certbot-nginx integration testing
     - nginx-light
     - openssl
-    # For Boulder integration testing
-    - rsyslog
     # for apacheconftest
-    #- apache2
-    #- libapache2-mod-wsgi
-    #- libapache2-mod-macro
-    #- sudo
+    - apache2
+    - libapache2-mod-wsgi
+    - libapache2-mod-macro
+    - sudo
 
 install: "travis_retry pip install tox coveralls"
 script: 'travis_retry tox && ([ "xxx$BOULDER_INTEGRATION" = "xxx" ] || ./tests/travis-integration.sh)'

CHANGES.rst

@@ -3,9 +3,9 @@ ChangeLog
 
 Please note:
 the change log will only get updated after first release - for now please use the
-`commit log <https://github.com/letsencrypt/letsencrypt/commits/master>`_.
+`commit log <https://github.com/certbot/certbot/commits/master>`_.
 
 To see the changes in a given release, inspect the github milestone for the
 release.  For instance:
 
-https://github.com/letsencrypt/letsencrypt/issues?utf8=%E2%9C%93&q=milestone%3A0.3.0
+https://github.com/certbot/certbot/issues?utf8=%E2%9C%93&q=milestone%3A0.3.0

CONTRIBUTING.md

@@ -15,4 +15,4 @@ to the Sphinx generated docs is provided below.
 
 -->
 
-https://letsencrypt.readthedocs.org/en/latest/contributing.html
+https://certbot.eff.org/docs/contributing.html

Dockerfile

@@ -21,6 +21,7 @@ WORKDIR /opt/certbot
 # If <dest> doesn't exist, it is created along with all missing
 # directories in its path.
 
+ENV DEBIAN_FRONTEND=noninteractive
 
 COPY letsencrypt-auto-source/letsencrypt-auto /opt/certbot/src/letsencrypt-auto-source/letsencrypt-auto
 RUN /opt/certbot/src/letsencrypt-auto-source/letsencrypt-auto --os-packages-only && \

README.rst

@@ -11,43 +11,63 @@ For more information regarding the status of the project, please see
 https://letsencrypt.org. Be sure to checkout the
 `Frequently Asked Questions (FAQ) <https://community.letsencrypt.org/t/frequently-asked-questions-faq/26#topic-title>`_.
 
-About the Let's Encrypt Client
+About Certbot
 ==============================
 
-The Let's Encrypt Client is a fully-featured, extensible client for the Let's
+Certbot is a fully-featured, extensible client for the Let's
 Encrypt CA (or any other CA that speaks the `ACME
 <https://github.com/ietf-wg-acme/acme/blob/master/draft-ietf-acme-acme.md>`_
 protocol) that can automate the tasks of obtaining certificates and
 configuring webservers to use them. This client runs on Unix-based operating
 systems.
 
+Until May 2016, Certbot was named simply ``letsencrypt`` or ``letsencrypt-auto``,
+depending on install method. Instructions on the Internet, and some pieces of the
+software, may still refer to this older name.
+
+Contributing
+------------
+
+If you'd like to contribute to this project please read `Developer Guide
+<https://certbot.eff.org/docs/contributing.html>`_.
+
+.. _installation:
+
 Installation
 ------------
 
-If ``letsencrypt`` is packaged for your Unix OS, you can install it from
-there, and run it by typing ``letsencrypt``.  Because not all operating
-systems have packages yet, we provide a temporary solution via the
-``letsencrypt-auto`` wrapper script, which obtains some dependencies
-from your OS and puts others in a python virtual environment::
+If ``certbot`` (or ``letsencrypt``) is packaged for your Unix OS (visit
+certbot.eff.org_ to find out), you can install it
+from there, and run it by typing ``certbot`` (or ``letsencrypt``).  Because
+not all operating systems have packages yet, we provide a temporary solution
+via the ``certbot-auto`` wrapper script, which obtains some dependencies from
+your OS and puts others in a python virtual environment::
+
+  user@webserver:~$ wget https://dl.eff.org/certbot-auto
+  user@webserver:~$ chmod a+x ./certbot-auto
+  user@webserver:~$ ./certbot-auto --help
+
+.. hint:: The certbot-auto download is protected by HTTPS, which is pretty good, but if you'd like to
+          double check the integrity of the ``certbot-auto`` script, you can use these steps for verification before running it::
 
-  user@webserver:~$ git clone https://github.com/letsencrypt/letsencrypt
-  user@webserver:~$ cd letsencrypt
-  user@webserver:~/letsencrypt$ ./letsencrypt-auto --help
+            user@server:~$ wget -N https://dl.eff.org/certbot-auto.asc
+            user@server:~$ gpg2 --recv-key A2CFB51FA275A7286234E7B24D17C995CD9775F2
+            user@server:~$ gpg2 --trusted-key 4D17C995CD9775F2 --verify certbot-auto.asc certbot-auto
 
-Or for full command line help, type::
+And for full command line help, you can type::
 
-  ./letsencrypt-auto --help all
+  ./certbot-auto --help all
 
-``letsencrypt-auto`` updates to the latest client release automatically.  And
-since ``letsencrypt-auto`` is a wrapper to ``letsencrypt``, it accepts exactly
+``certbot-auto`` updates to the latest client release automatically.  And
+since ``certbot-auto`` is a wrapper to ``certbot``, it accepts exactly
 the same command line flags and arguments.  More details about this script and
 other installation methods can be found `in the User Guide
-<https://letsencrypt.readthedocs.org/en/latest/using.html#installation>`_.
+<https://certbot.eff.org/docs/using.html#installation>`_.
 
 How to run the client
 ---------------------
 
-In many cases, you can just run ``letsencrypt-auto`` or ``letsencrypt``, and the
+In many cases, you can just run ``certbot-auto`` or ``certbot``, and the
 client will guide you through the process of obtaining and installing certs
 interactively.
 
@@ -56,7 +76,7 @@ For instance, if you want to obtain a cert for ``example.com``,
 ``www.example.com``, and ``other.example.net``, using the Apache plugin to both
 obtain and install the certs, you could do this::
 
-  ./letsencrypt-auto --apache -d example.com -d www.example.com -d other.example.net
+  ./certbot-auto --apache -d example.com -d www.example.com -d other.example.net
 
 (The first time you run the command, it will make an account, and ask for an
 email and agreement to the Let's Encrypt Subscriber Agreement; you can
@@ -65,29 +85,29 @@ automate those with ``--email`` and ``--agree-tos``)
 If you want to use a webserver that doesn't have full plugin support yet, you
 can still use "standalone" or "webroot" plugins to obtain a certificate::
 
-  ./letsencrypt-auto certonly --standalone --email [email protected] -d example.com -d www.example.com -d other.example.net
+  ./certbot-auto certonly --standalone --email [email protected] -d example.com -d www.example.com -d other.example.net
 
 
 Understanding the client in more depth
 --------------------------------------
 
 To understand what the client is doing in detail, it's important to
 understand the way it uses plugins.  Please see the `explanation of
-plugins <https://letsencrypt.readthedocs.org/en/latest/using.html#plugins>`_ in
+plugins <https://certbot.eff.org/docs/using.html#plugins>`_ in
 the User Guide.
 
 Links
 =====
 
-Documentation: https://letsencrypt.readthedocs.org
+Documentation: https://certbot.eff.org/docs
 
-Software project: https://github.com/letsencrypt/letsencrypt
+Software project: https://github.com/certbot/certbot
 
-Notes for developers: https://letsencrypt.readthedocs.org/en/latest/contributing.html
+Notes for developers: https://certbot.eff.org/docs/contributing.html
 
 Main Website: https://letsencrypt.org/
 
-IRC Channel: #letsencrypt on `Freenode`_
+IRC Channel: #letsencrypt on `Freenode`_ or #certbot on `OFTC`_
 
 Community: https://community.letsencrypt.org
 
@@ -103,12 +123,12 @@ email to [email protected])
 
 
 
-.. |build-status| image:: https://travis-ci.org/letsencrypt/letsencrypt.svg?branch=master
-   :target: https://travis-ci.org/letsencrypt/letsencrypt
+.. |build-status| image:: https://travis-ci.org/certbot/certbot.svg?branch=master
+   :target: https://travis-ci.org/certbot/certbot
    :alt: Travis CI status
 
-.. |coverage| image:: https://coveralls.io/repos/letsencrypt/letsencrypt/badge.svg?branch=master
-   :target: https://coveralls.io/r/letsencrypt/letsencrypt
+.. |coverage| image:: https://coveralls.io/repos/certbot/certbot/badge.svg?branch=master
+   :target: https://coveralls.io/r/certbot/certbot
    :alt: Coverage status
 
 .. |docs| image:: https://readthedocs.org/projects/letsencrypt/badge/
@@ -151,10 +171,10 @@ Current Features
   - standalone (runs its own simple webserver to prove you control a domain)
   - webroot (adds files to webroot directories in order to prove control of
     domains and obtain certs)
-  - nginx/0.8.48+ (highly experimental, not included in letsencrypt-auto)
+  - nginx/0.8.48+ (highly experimental, not included in certbot-auto)
 
 * The private key is generated locally on your system.
-* Can talk to the Let's Encrypt  CA or optionally to other ACME
+* Can talk to the Let's Encrypt CA or optionally to other ACME
   compliant services.
 * Can get domain-validated (DV) certificates.
 * Can revoke certificates.
@@ -169,4 +189,6 @@ Current Features
 
 
 .. _Freenode: https://webchat.freenode.net?channels=%23letsencrypt
+.. _OFTC: https://webchat.oftc.net?channels=%23certbot
 .. _client-dev: https://groups.google.com/a/letsencrypt.org/forum/#!forum/client-dev
+.. _certbot.eff.org: https://certbot.eff.org/

acme/.pylintrc

@@ -21,12 +21,6 @@ persistent=yes
 # usually to register additional checkers.
 load-plugins=linter_plugin
 
-# DEPRECATED
-include-ids=no
-
-# DEPRECATED
-symbols=no
-
 # Use multiple processes to speed up Pylint.
 jobs=1
 

acme/acme/challenges.py

@@ -500,7 +500,7 @@ def gen_response(self, account_key, **kwargs):
 
         """
         return DNSResponse(validation=self.gen_validation(
-            self, account_key, **kwargs))
+            account_key, **kwargs))
 
     def validation_domain_name(self, name):
         """Domain name for TXT validation record.

acme/acme/client.py

@@ -512,6 +512,10 @@ def __init__(self, key, alg=jose.RS256, verify_ssl=True,
         self.verify_ssl = verify_ssl
         self._nonces = set()
         self.user_agent = user_agent
+        self.session = requests.Session()
+
+    def __del__(self):
+        self.session.close()
 
     def _wrap_in_jws(self, obj, nonce):
         """Wrap `JSONDeSerializable` object in JWS.
@@ -606,7 +610,7 @@ def _send_request(self, method, url, *args, **kwargs):
         kwargs['verify'] = self.verify_ssl
         kwargs.setdefault('headers', {})
         kwargs['headers'].setdefault('User-Agent', self.user_agent)
-        response = requests.request(method, url, *args, **kwargs)
+        response = self.session.request(method, url, *args, **kwargs)
         logging.debug('Received %s. Headers: %s. Content: %r',
                       response, response.headers, response.content)
         return response