letsencrypt_apache.parser

ApacheParser is a member object of the ApacheConfigurator class.

class letsencrypt_apache.parser.ApacheParser(aug, root, vhostroot, version=(2, 4))[source]

Bases: object

Class handles the fine details of parsing the Apache Configuration.

Todo

Make parsing general... remove sites-available etc...

Variables:
  • root (str) – Normalized absolute path to the server root directory. Without trailing slash.
  • modules (set) – All module names that are currently enabled.
  • loc (dict) – Location to place directives, root - configuration origin, default - user config file, name - NameVirtualHost,
init_modules()[source]

Iterates on the configuration until no new modules are loaded.

..todo:: This should be attempted to be done with a binary to avoid
the iteration issue. Else... parse and enable mods at same time.
update_runtime_variables()[source]

Note

Compile time variables (apache2ctl -V) are not used within the dynamic configuration files. These should not be parsed or interpreted.

Todo

Create separate compile time variables... simply for arg_get()

_get_runtime_cfg()[source]

Get runtime configuration info.

Returns:stdout from DUMP_RUN_CFG
filter_args_num(matches, args)[source]

Filter out directives with specific number of arguments.

This function makes the assumption that all related arguments are given in order. Thus /files/apache/directive[5]/arg[2] must come immediately after /files/apache/directive[5]/arg[1]. Runs in 1 linear pass.

Parameters:
  • matches (string) – Matches of all directives with arg nodes
  • args (int) – Number of args you would like to filter
Returns:

List of directives that contain # of arguments. (arg is stripped off)

add_dir_to_ifmodssl(aug_conf_path, directive, args)[source]

Adds directive and value to IfMod ssl block.

Adds given directive and value along configuration path within an IfMod mod_ssl.c block. If the IfMod block does not exist in the file, it is created.

Parameters:
  • aug_conf_path (str) – Desired Augeas config path to add directive
  • directive (str) – Directive you would like to add, e.g. Listen
  • args (list) – Values of the directive; str “443” or list of str
_get_ifmod(aug_conf_path, mod)[source]

Returns the path to <IfMod mod> and creates one if it doesn’t exist.

Parameters:
  • aug_conf_path (str) – Augeas configuration path
  • mod (str) – module ie. mod_ssl.c
add_dir(aug_conf_path, directive, args)[source]

Appends directive to the end fo the file given by aug_conf_path.

Note

Not added to AugeasConfigurator because it may depend on the lens

Parameters:
  • aug_conf_path (str) – Augeas configuration path to add directive
  • directive (str) – Directive to add
  • args (list or str) – Value of the directive. ie. Listen 443, 443 is arg
find_dir(directive, arg=None, start=None, exclude=True)[source]

Finds directive in the configuration.

Recursively searches through config files to find directives Directives should be in the form of a case insensitive regex currently

Todo

arg should probably be a list

Todo

arg search currently only supports direct matching. It does not handle the case of variables or quoted arguments. This should be adapted to use a generic search for the directive and then do a case-insensitive self.get_arg filter

Note: Augeas is inherently case sensitive while Apache is case insensitive. Augeas 1.0 allows case insensitive regexes like regexp(/Listen/, “i”), however the version currently supported by Ubuntu 0.10 does not. Thus I have included my own case insensitive transformation by calling case_i() on everything to maintain compatibility.

Parameters:
  • directive (str) – Directive to look for
  • arg (str or None) – Specific value directive must have, None if all should be considered
  • start (str) – Beginning Augeas path to begin looking
  • exclude (bool) – Whether or not to exclude directives based on variables and enabled modules
get_arg(match)[source]

Uses augeas.get to get argument value and interprets result.

This also converts all variables and parameters appropriately.

_exclude_dirs(matches)[source]

Exclude directives that are not loaded into the configuration.

_pass_filter(match, filter_)[source]

Determine if directive passes a filter.

Parameters:
  • match (str) – Augeas path
  • filter (list) – list of tuples of form [(“lowercase if directive”, set of relevant parameters)]
_get_include_path(arg)[source]

Converts an Apache Include directive into Augeas path.

Converts an Apache Include directive argument into an Augeas searchable path

Todo

convert to use os.path.join()

Parameters:arg (str) – Argument of Include directive
Returns:Augeas path string
Return type:str
fnmatch_to_re(clean_fn_match)[source]

Method converts Apache’s basic fnmatch to regular expression.

Assumption - Configs are assumed to be well-formed and only writable by privileged users.

https://apr.apache.org/docs/apr/2.0/apr__fnmatch_8h_source.html http://apache2.sourcearchive.com/documentation/2.2.16-6/apr__fnmatch_8h_source.html

Parameters:clean_fn_match (str) – Apache style filename match, like globs
Returns:regex suitable for augeas
Return type:str
_parse_file(filepath)[source]

Parse file with Augeas

Checks to see if file_path is parsed by Augeas If filepath isn’t parsed, the file is added and Augeas is reloaded

Parameters:filepath (str) – Apache config file path
_check_path_actions(filepath)[source]

Determine actions to take with a new augeas path

This helper function will return a tuple that defines if we should try to append the new filepath to augeas parser paths, and / or remove the old one with more narrow matching.

Parameters:filepath (str) – filepath to check the actions for
_remove_httpd_transform(filepath)[source]

Remove path from Augeas transform

Parameters:filepath (str) – filepath to remove
_add_httpd_transform(incl)[source]

Add a transform to Augeas.

This function will correctly add a transform to augeas The existing augeas.add_transform in python doesn’t seem to work for Travis CI as it loads in libaugeas.so.0.10.0

Parameters:incl (str) – filepath to include for transform
standardize_excl()[source]

Standardize the excl arguments for the Httpd lens in Augeas.

Note: Hack! Standardize the excl arguments for the Httpd lens in Augeas Servers sometimes give incorrect defaults Note: This problem should be fixed in Augeas 1.0. Unfortunately, Augeas 0.10 appears to be the most popular version currently.

_set_locations()[source]

Set default location for directives.

Locations are given as file_paths .. todo:: Make sure that files are included

_find_config_root()[source]

Find the Apache Configuration Root file.

letsencrypt_apache.parser.case_i(string)[source]

Returns case insensitive regex.

Returns a sloppy, but necessary version of a case insensitive regex. Any string should be able to be submitted and the string is escaped and then made case insensitive. May be replaced by a more proper /i once augeas 1.0 is widely supported.

Parameters:string (str) – string to make case i regex
letsencrypt_apache.parser.get_aug_path(file_path)[source]

Return augeas path for full filepath.

Parameters:file_path (str) – Full filepath