upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-04-04 08:35:12 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
certbot/certbot-apache/certbot_apache
History
Joona Hoikkala fd6702b869 Fix CentOS 6 installer issue (#6784) 
In CentOS 6 default httpd configuration, the `LoadModule ssl_module ...` is handled in `conf.d/ssl.conf`. As the `VirtualHost` configuration files in `conf.d/` are loaded in alphabetical order, this means that all files that have `<IfModule mod_ssl.c>` and are loaded before `ssl.conf` are effectively ignored. This PR moves the `LoadModule ssl_module` to the main `httpd.conf` while leaving a conditional `LoadModule` directive in `ssl.conf`.

Features
 - Reads the module configuration from `ssl.conf` in case some modifications to paths have been made by the user.
 - Falls back to default paths if the directive doesn't exist.
 - Moves the `LoadModule` directive in `ssl.conf` inside `<IfModule !mod_ssl.c>` to avoid printing warning messages of duplicate module loads.
 - Adds `LoadModule ssl_module` inside of `<IfModule !mod_ssl.c>` to the top of the main `httpd.conf`.
 - Ensures that these modifications are not made multiple times.

Fixes: #6606

* Fix CentOS6 installer issue

* Changelog entry

* Address review comments

* Do not enable mod_ssl if multiple different values were found

* Add test comment

* Address rest of the review comments

* Address review comments

* Better ifmodule argument checking

* Test fixes

* Make linter happy

* Raise an exception when differing LoadModule ssl_module statements are found

* If IfModule !mod_ssl.c with LoadModule ssl_module already exists in Augeas path, do not create new LoadModule directive

* Do not use deprecated assertion functions

* Address review comments

* Kick tests

* Revert "Kick tests"

This reverts commit 967bb574c2.

* Address review comments

* Add pydoc return value to create_ifmod
2019-04-02 09:26:58 -07:00
..
augeas_lens Update Augeas lens to fix some Apache configuration parsing issues (#6438) 2018-10-31 09:34:14 -07:00
tests Fix CentOS 6 installer issue (#6784) 2019-04-02 09:26:58 -07:00
__init__.py s/Let's Encrypt/Certbot certbot-apache 2016-04-13 16:36:53 -07:00
apache_util.py Gradually increasing HSTS max-age (#5912) 2018-06-21 07:27:19 -07:00
augeas_configurator.py Do not parse disabled configuration files from under sites-available on Debian / Ubuntu (#4104) 2017-09-25 12:03:09 -07:00
centos-options-ssl-apache.conf update Apache ciphersuites (#5383) 2018-01-09 07:46:21 -08:00
configurator.py Remove unused code in apache (#6882) 2019-03-25 13:48:36 -07:00
constants.py Gradually increasing HSTS max-age (#5912) 2018-06-21 07:27:19 -07:00
display_ops.py Files with multiple vhosts are fine. (#6273) 2018-07-31 09:56:03 -07:00
entrypoint.py Add override class for ID="ol" AKA Oracle Linux Server, a clone of CentOS/RHEL. 2018-02-18 15:45:22 -06:00
http_01.py Apache plugin: configure all matching domain names to be able to answer HTTP challenge. (#6729) 2019-02-06 10:02:35 -08:00
obj.py Issue 5951/check untyped defs apache (#5989) 2018-05-15 10:40:32 -07:00
options-ssl-apache.conf update Apache ciphersuites (#5383) 2018-01-09 07:46:21 -08:00
override_arch.py Make Apache control script and binary paths configurable on command line (#6238) 2018-08-02 08:17:38 -07:00
override_centos.py Fix CentOS 6 installer issue (#6784) 2019-04-02 09:26:58 -07:00
override_darwin.py Make Apache control script and binary paths configurable on command line (#6238) 2018-08-02 08:17:38 -07:00
override_debian.py Make Apache control script and binary paths configurable on command line (#6238) 2018-08-02 08:17:38 -07:00
override_gentoo.py Make Apache control script and binary paths configurable on command line (#6238) 2018-08-02 08:17:38 -07:00
override_suse.py fix(apache): s/handle_mods/handle_modules (#6347) 2018-09-06 15:00:20 -07:00
parser.py Fix CentOS 6 installer issue (#6784) 2019-04-02 09:26:58 -07:00