The following issues were found
certbot-apache/tests/centos_test.py
13 issues
Line: 9
Column: 1
except ImportError: # pragma: no cover
from unittest import mock # type: ignore
from certbot import errors
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_centos
import util
Reported by Pylint.
Line: 10
Column: 1
from unittest import mock # type: ignore
from certbot import errors
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_centos
import util
Reported by Pylint.
Line: 11
Column: 1
from certbot import errors
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_centos
import util
Reported by Pylint.
Line: 12
Column: 1
from certbot import errors
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_centos
import util
def get_vh_truth(temp_dir, config_name):
Reported by Pylint.
Line: 13
Column: 1
from certbot.compat import filesystem
from certbot.compat import os
from certbot_apache._internal import obj
from certbot_apache._internal import override_centos
import util
def get_vh_truth(temp_dir, config_name):
"""Return the ground truth for the specified directory."""
Reported by Pylint.
Line: 59
Column: 5
mock_info.return_value = ["fedora", "28"]
self.config.config_test()
def test_non_fedora_error(self):
c_test = "certbot_apache._internal.configurator.ApacheConfigurator.config_test"
with mock.patch(c_test) as mock_test:
mock_test.side_effect = errors.MisconfigurationError
with mock.patch("certbot.util.get_os_info") as mock_info:
mock_info.return_value = ["not_fedora"]
Reported by Pylint.
Line: 68
Column: 5
self.assertRaises(errors.MisconfigurationError,
self.config.config_test)
def test_fedora_restart_error(self):
c_test = "certbot_apache._internal.configurator.ApacheConfigurator.config_test"
with mock.patch(c_test) as mock_test:
# First call raises error, second doesn't
mock_test.side_effect = [errors.MisconfigurationError, '']
with mock.patch("certbot.util.run_script") as mock_run:
Reported by Pylint.
Line: 78
Column: 5
self.assertRaises(errors.MisconfigurationError,
self._run_fedora_test)
def test_fedora_restart(self):
c_test = "certbot_apache._internal.configurator.ApacheConfigurator.config_test"
with mock.patch(c_test) as mock_test:
with mock.patch("certbot.util.run_script") as mock_run:
# First call raises error, second doesn't
mock_test.side_effect = [errors.MisconfigurationError, '']
Reported by Pylint.
Line: 109
Column: 5
self.vh_truth = get_vh_truth(
self.temp_dir, "centos7_apache/apache")
def test_get_parser(self):
self.assertIsInstance(self.config.parser, override_centos.CentOSParser)
@mock.patch("certbot_apache._internal.apache_util._get_runtime_cfg")
def test_opportunistic_httpd_runtime_parsing(self, mock_get):
define_val = (
Reported by Pylint.
Line: 113
Column: 5
self.assertIsInstance(self.config.parser, override_centos.CentOSParser)
@mock.patch("certbot_apache._internal.apache_util._get_runtime_cfg")
def test_opportunistic_httpd_runtime_parsing(self, mock_get):
define_val = (
'Define: TEST1\n'
'Define: TEST2\n'
'Define: DUMP_RUN_CFG\n'
)
Reported by Pylint.
certbot-apache/certbot_apache/_internal/parser.py
13 issues
Line: 10
Column: 1
from typing import List
from typing import Optional
from certbot import errors
from certbot.compat import os
from certbot_apache._internal import apache_util
from certbot_apache._internal import constants
try:
Reported by Pylint.
Line: 11
Column: 1
from typing import Optional
from certbot import errors
from certbot.compat import os
from certbot_apache._internal import apache_util
from certbot_apache._internal import constants
try:
from augeas import Augeas
Reported by Pylint.
Line: 154
Column: 13
self._log_save_errors(ex_errs)
# Erase Save Notes
self.configurator.save_notes = ""
raise errors.PluginError(
"Error saving files, check logs for more info.")
# Return the original save method
self.aug.set("/augeas/save", save_state)
Reported by Pylint.
Line: 352
Column: 3
:type args: list
"""
# TODO: Add error checking code... does the path given even exist?
# Does it throw exceptions?
if_mod_path = self.get_ifmod(aug_conf_path, "mod_ssl.c")
# IfModule can have only one valid argument, so append after
self.aug.insert(if_mod_path + "arg", "directive", False)
nvh_path = if_mod_path + "directive[1]"
Reported by Pylint.
Line: 547
Column: 3
ordered_matches: List[str] = []
# TODO: Wildcards should be included in alphabetical order
# https://httpd.apache.org/docs/2.4/mod/core.html#include
for match in matches:
dir_ = self.aug.get(match).lower()
if dir_ in ("include", "includeoptional"):
ordered_matches.extend(self.find_dir(
Reported by Pylint.
Line: 600
Column: 17
try:
value = value.replace(var, self.variables[var[2:-1]])
except KeyError:
raise errors.PluginError("Error Parsing variable: %s" % var)
return value
def get_root_augpath(self):
"""
Reported by Pylint.
Line: 707
Column: 3
for idx, split in enumerate(split_arg):
if any(char in ApacheParser.fnmatch_chars for char in split):
# Turn it into an augeas regex
# TODO: Can this instead be an augeas glob instead of regex
split_arg[idx] = ("* [label()=~regexp('%s')]" %
self.fnmatch_to_re(split))
# Reassemble the argument
# Note: This also normalizes the argument /serverroot/ -> /serverroot
arg = "/".join(split_arg)
Reported by Pylint.
Line: 23
Column: 1
logger = logging.getLogger(__name__)
class ApacheParser:
"""Class handles the fine details of parsing the Apache Configuration.
.. todo:: Make parsing general... remove sites-available etc...
:ivar str root: Normalized absolute path to the server root
Reported by Pylint.
Line: 23
Column: 1
logger = logging.getLogger(__name__)
class ApacheParser:
"""Class handles the fine details of parsing the Apache Configuration.
.. todo:: Make parsing general... remove sites-available etc...
:ivar str root: Normalized absolute path to the server root
Reported by Pylint.
Line: 196
Column: 17
# Force reload if files were modified
# This is needed to recalculate augeas directive span
if save_files:
for sf in save_files:
self.aug.remove("/files/"+sf)
self.aug.load()
def _log_save_errors(self, ex_errs):
"""Log errors due to bad Augeas save.
Reported by Pylint.
certbot-dns-ovh/certbot_dns_ovh/_internal/dns_ovh.py
13 issues
Line: 5
Column: 1
import logging
from typing import Optional
from lexicon.providers import ovh
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
Reported by Pylint.
Line: 7
Column: 1
from lexicon.providers import ovh
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 8
Column: 1
from lexicon.providers import ovh
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 9
Column: 1
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
TOKEN_URL = 'https://eu.api.ovh.com/createToken/ or https://ca.api.ovh.com/createToken/'
Reported by Pylint.
Line: 10
Column: 1
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
TOKEN_URL = 'https://eu.api.ovh.com/createToken/ or https://ca.api.ovh.com/createToken/'
Reported by Pylint.
Line: 14
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
logger = logging.getLogger(__name__)
TOKEN_URL = 'https://eu.api.ovh.com/createToken/ or https://ca.api.ovh.com/createToken/'
class Authenticator(dns_common.DNSAuthenticator):
"""DNS Authenticator for OVH
Reported by Bandit.
Line: 31
Column: 5
self.credentials: Optional[CredentialsConfiguration] = None
@classmethod
def add_parser_arguments(cls, add): # pylint: disable=arguments-differ
super().add_parser_arguments(add, default_propagation_seconds=30)
add('credentials', help='OVH credentials INI file.')
def more_info(self): # pylint: disable=missing-function-docstring
return 'This plugin configures a DNS TXT record to respond to a dns-01 challenge using ' + \
Reported by Pylint.
Line: 35
Column: 5
super().add_parser_arguments(add, default_propagation_seconds=30)
add('credentials', help='OVH credentials INI file.')
def more_info(self): # pylint: disable=missing-function-docstring
return 'This plugin configures a DNS TXT record to respond to a dns-01 challenge using ' + \
'the OVH API.'
def _setup_credentials(self):
self.credentials = self._configure_credentials(
Reported by Pylint.
Line: 72
Column: 1
)
class _OVHLexiconClient(dns_common_lexicon.LexiconClient):
"""
Encapsulates all communication with the OVH API via Lexicon.
"""
def __init__(self, endpoint, application_key, application_secret, consumer_key, ttl):
Reported by Pylint.
Line: 77
Column: 5
Encapsulates all communication with the OVH API via Lexicon.
"""
def __init__(self, endpoint, application_key, application_secret, consumer_key, ttl):
super().__init__()
config = dns_common_lexicon.build_lexicon_config('ovh', {
'ttl': ttl,
}, {
Reported by Pylint.
acme/tests/jws_test.py
13 issues
Line: 4
Column: 1
"""Tests for acme.jws."""
import unittest
import josepy as jose
import test_util
KEY = jose.JWKRSA.load(test_util.load_vector('rsa512_key.pem'))
Reported by Pylint.
Line: 25
Column: 9
assert False # pragma: no cover
def test_nonce_decoder(self):
from acme.jws import Header
nonce_field = Header._fields['nonce']
self.assertRaises(
jose.DeserializationError, nonce_field.decode, self.wrong_nonce)
self.assertEqual(b'foo', nonce_field.decode(self.good_nonce))
Reported by Pylint.
Line: 44
Column: 9
self.kid = 'baaaaa'
def test_kid_serialize(self):
from acme.jws import JWS
jws = JWS.sign(payload=b'foo', key=self.privkey,
alg=jose.RS256, nonce=self.nonce,
url=self.url, kid=self.kid)
self.assertEqual(jws.signature.combined.nonce, self.nonce)
self.assertEqual(jws.signature.combined.url, self.url)
Reported by Pylint.
Line: 57
Column: 9
self.assertEqual(jws, JWS.from_json(jws.to_json()))
def test_jwk_serialize(self):
from acme.jws import JWS
jws = JWS.sign(payload=b'foo', key=self.privkey,
alg=jose.RS256, nonce=self.nonce,
url=self.url)
self.assertIsNone(jws.signature.combined.kid)
self.assertEqual(jws.signature.combined.jwk, self.pubkey)
Reported by Pylint.
Line: 52
Column: 3
self.assertEqual(jws.signature.combined.url, self.url)
self.assertEqual(jws.signature.combined.kid, self.kid)
self.assertIsNone(jws.signature.combined.jwk)
# TODO: check that nonce is in protected header
self.assertEqual(jws, JWS.from_json(jws.to_json()))
def test_jwk_serialize(self):
from acme.jws import JWS
Reported by Pylint.
Line: 20
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
try:
jose.b64decode(wrong_nonce)
except (ValueError, TypeError):
assert True
else:
assert False # pragma: no cover
def test_nonce_decoder(self):
from acme.jws import Header
Reported by Bandit.
Line: 22
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
except (ValueError, TypeError):
assert True
else:
assert False # pragma: no cover
def test_nonce_decoder(self):
from acme.jws import Header
nonce_field = Header._fields['nonce']
Reported by Bandit.
Line: 24
Column: 5
else:
assert False # pragma: no cover
def test_nonce_decoder(self):
from acme.jws import Header
nonce_field = Header._fields['nonce']
self.assertRaises(
jose.DeserializationError, nonce_field.decode, self.wrong_nonce)
Reported by Pylint.
Line: 25
Column: 9
assert False # pragma: no cover
def test_nonce_decoder(self):
from acme.jws import Header
nonce_field = Header._fields['nonce']
self.assertRaises(
jose.DeserializationError, nonce_field.decode, self.wrong_nonce)
self.assertEqual(b'foo', nonce_field.decode(self.good_nonce))
Reported by Pylint.
Line: 43
Column: 5
self.url = 'hi'
self.kid = 'baaaaa'
def test_kid_serialize(self):
from acme.jws import JWS
jws = JWS.sign(payload=b'foo', key=self.privkey,
alg=jose.RS256, nonce=self.nonce,
url=self.url, kid=self.kid)
self.assertEqual(jws.signature.combined.nonce, self.nonce)
Reported by Pylint.
certbot/certbot/_internal/display/obj.py
13 issues
Line: 7
Column: 1
from typing import Optional
from typing import Union
import zope.component
import zope.interface
from certbot import errors
from certbot import interfaces
from certbot._internal import constants
Reported by Pylint.
Line: 7
Column: 1
from typing import Optional
from typing import Union
import zope.component
import zope.interface
from certbot import errors
from certbot import interfaces
from certbot._internal import constants
Reported by Pylint.
Line: 554
Column: 5
"""
# This call is done only for retro-compatibility purposes.
# TODO: Remove this call once zope dependencies are removed from Certbot.
zope.component.provideUtility(display, interfaces.IDisplay)
_SERVICE.display = display
Reported by Pylint.
Line: 553
Column: 3
"""
# This call is done only for retro-compatibility purposes.
# TODO: Remove this call once zope dependencies are removed from Certbot.
zope.component.provideUtility(display, interfaces.IDisplay)
_SERVICE.display = display
Reported by Pylint.
Line: 37
Column: 1
# local variable unless the programmer remembered to use the `global` keyword.
# Adding a level of indirection causes the lookup of the global _DisplayService
# object to happen first avoiding this potential bug.
class _DisplayService:
def __init__(self):
self.display: Optional[Union[FileDisplay, NoninteractiveDisplay]] = None
_SERVICE = _DisplayService()
Reported by Pylint.
Line: 58
Column: 5
self.force_interactive = force_interactive
self.skipped_interaction = False
def notification(self, message, pause=True,
wrap=True, force_interactive=False,
decorate=True):
"""Displays a notification and waits for user acceptance.
:param str message: Message to display
Reported by Pylint.
Line: 92
Column: 5
else:
logger.debug("Not pausing for user confirmation")
def menu(self, message, choices, ok_label=None, cancel_label=None, # pylint: disable=unused-argument
help_label=None, default=None, # pylint: disable=unused-argument
cli_flag=None, force_interactive=False, **unused_kwargs):
"""Display a menu.
.. todo:: This doesn't enable the help label/button (I wasn't sold on
Reported by Pylint.
Line: 153
Column: 5
return CANCEL, "-1"
return OK, ans
def yesno(self, message, yes_label="Yes", no_label="No", default=None,
cli_flag=None, force_interactive=False, **unused_kwargs):
"""Query the user with a yes/no question.
Yes and No label must begin with different letters, and must contain at
least one letter each.
Reported by Pylint.
Line: 195
Column: 5
ans.startswith(no_label[0].upper())):
return False
def checklist(self, message, tags, default=None,
cli_flag=None, force_interactive=False, **unused_kwargs):
"""Display a checklist.
:param str message: Message to display to user
:param list tags: `str` tags to select, len(tags) > 0
Reported by Pylint.
Line: 303
Column: 5
with completer.Completer():
return self.input(message, default, cli_flag, force_interactive)
def _scrub_checklist_input(self, indices, tags):
"""Validate input and transform indices to appropriate tags.
:param list indices: input
:param list tags: Original tags of the checklist
Reported by Pylint.
certbot/certbot/util.py
12 issues
Line: 22
Column: 1
from typing import Union
import warnings
import configargparse
from certbot import errors
from certbot._internal import constants
from certbot._internal import lock
from certbot.compat import filesystem
Reported by Pylint.
Line: 109
Column: 9
except (OSError, ValueError):
msg = "Unable to run the command: %s" % " ".join(params)
log(msg)
raise errors.SubprocessError(msg)
if proc.returncode != 0:
msg = "Error while running %s.\n%s\n%s" % (
" ".join(params), proc.stdout, proc.stderr)
# Enter recovery routine...
Reported by Pylint.
Line: 525
Column: 9
domain = domain.decode('utf-8')
domain.encode('ascii')
except UnicodeError:
raise errors.ConfigurationError("Non-ASCII domain names not supported. "
"To issue for an Internationalized Domain Name, use Punycode.")
domain = domain.lower()
# Remove trailing dot
Reported by Pylint.
Line: 13
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import platform
import re
import socket
import subprocess
import sys
from typing import Dict
from typing import IO
from typing import Text
from typing import Tuple
Reported by Bandit.
Line: 99
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
"""
try:
proc = subprocess.run(params,
check=False,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
universal_newlines=True,
env=env_no_snap_for_external_calls())
Reported by Bandit.
Line: 224
Column: 5
if chmod is not None:
open_args = (chmod,)
fdopen_args: Union[Tuple[()], Tuple[int]] = ()
fd = filesystem.open(path, os.O_CREAT | os.O_EXCL | os.O_RDWR, *open_args)
return os.fdopen(fd, mode, *fdopen_args)
def _unique_file(path, filename_pat, count, chmod, mode):
while True:
Reported by Pylint.
Line: 360
Column: 33
var_string = varname+"="
if not os.path.isfile(filepath):
return ""
with open(filepath, 'r') as fh:
contents = fh.readlines()
for line in contents:
if line.strip().startswith(var_string):
# Return the value of var, normalized
Reported by Pylint.
Line: 404
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
os_ver = distro_version
elif os_type.startswith('darwin'):
try:
proc = subprocess.run(
["/usr/bin/sw_vers", "-productVersion"],
stdout=subprocess.PIPE, stderr=subprocess.PIPE,
check=False, universal_newlines=True,
env=env_no_snap_for_external_calls(),
)
Reported by Bandit.
Line: 411
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b607_start_process_with_partial_path.html
env=env_no_snap_for_external_calls(),
)
except OSError:
proc = subprocess.run(
["sw_vers", "-productVersion"],
stdout=subprocess.PIPE, stderr=subprocess.PIPE,
check=False, universal_newlines=True,
env=env_no_snap_for_external_calls(),
)
Reported by Bandit.
Line: 411
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
env=env_no_snap_for_external_calls(),
)
except OSError:
proc = subprocess.run(
["sw_vers", "-productVersion"],
stdout=subprocess.PIPE, stderr=subprocess.PIPE,
check=False, universal_newlines=True,
env=env_no_snap_for_external_calls(),
)
Reported by Bandit.
certbot/certbot/_internal/cli/helpful.py
12 issues
Line: 11
Column: 1
from typing import Any
from typing import Dict
import configargparse
from certbot import crypto_util
from certbot import errors
from certbot import util
from certbot._internal import constants
Reported by Pylint.
Line: 275
Column: 3
add_domains(parsed_args, domain)
if not domains:
# TODO: add CN to domains instead:
raise errors.Error(
"Unfortunately, your CSR %s needs to have a SubjectAltName for every domain"
% parsed_args.csr[0])
parsed_args.actual_csr = (csr, typ)
Reported by Pylint.
Line: 35
Column: 1
from certbot.compat import os
class HelpfulArgumentParser:
"""Argparse Wrapper.
This class wraps argparse, adding the ability to make --help less
verbose, and request help on specific subcategories at a time, eg
'certbot --help security' for security options.
Reported by Pylint.
Line: 44
Column: 9
"""
def __init__(self, args, plugins, detect_defaults=False):
from certbot._internal import main
self.VERBS = {
"auth": main.certonly,
"certonly": main.certonly,
"run": main.run,
"install": main.install,
Reported by Pylint.
Line: 45
Column: 9
"""
def __init__(self, args, plugins, detect_defaults=False):
from certbot._internal import main
self.VERBS = {
"auth": main.certonly,
"certonly": main.certonly,
"run": main.run,
"install": main.install,
"plugins": main.plugins_cmd,
Reported by Pylint.
Line: 68
Column: 9
self.notify = display_obj.NoninteractiveDisplay(sys.stdout).notification
# List of topics for which additional help can be provided
HELP_TOPICS = ["all", "security", "paths", "automation", "testing"]
HELP_TOPICS += list(self.VERBS) + self.COMMANDS_TOPICS + ["manage"]
plugin_names = list(plugins)
self.help_topics = HELP_TOPICS + plugin_names + [None] # type: ignore
Reported by Pylint.
Line: 69
Column: 9
# List of topics for which additional help can be provided
HELP_TOPICS = ["all", "security", "paths", "automation", "testing"]
HELP_TOPICS += list(self.VERBS) + self.COMMANDS_TOPICS + ["manage"]
plugin_names = list(plugins)
self.help_topics = HELP_TOPICS + plugin_names + [None] # type: ignore
self.detect_defaults = detect_defaults
Reported by Pylint.
Line: 114
Column: 5
# Help that are synonyms for --help subcommands
COMMANDS_TOPICS = ["command", "commands", "subcommand", "subcommands", "verbs"]
def _list_subcommands(self):
longest = max(len(v) for v in VERB_HELP_MAP)
text = "The full list of available SUBCOMMANDS is:\n\n"
for verb, props in sorted(VERB_HELP):
doc = props.get("short", "")
Reported by Pylint.
Line: 256
Column: 5
parsed_args.tos = True
parsed_args.register_unsafely_without_email = True
def handle_csr(self, parsed_args):
"""Process a --csr flag."""
if parsed_args.verb != "certonly":
raise errors.Error("Currently, a CSR file may only be specified "
"when obtaining a new or replacement "
"via the certonly command. Please try the "
Reported by Pylint.
Line: 380
Column: 5
kwargs["help"] = argparse.SUPPRESS
self.parser.add_argument(*args, **kwargs)
def modify_kwargs_for_default_detection(self, **kwargs):
"""Modify an arg so we can check if it was set by the user.
Changes the parameters given to argparse when adding an argument
so we can properly detect if the value was set by the user.
Reported by Pylint.
acme/acme/challenges.py
12 issues
Line: 313
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b501_request_with_no_cert_validation.html
uri = chall.uri(domain)
logger.debug("Verifying %s at %s...", chall.typ, uri)
try:
http_response = requests.get(uri, verify=False)
except requests.exceptions.RequestException as error:
logger.error("Unable to reach %s: %s", uri, error)
return False
# By default, http_response.text will try to guess the encoding to use
# when decoding the response to Python unicode strings. This guesswork
Reported by Bandit.
Line: 11
Column: 1
from typing import Type
from cryptography.hazmat.primitives import hashes
import josepy as jose
from OpenSSL import crypto
from OpenSSL import SSL
import requests
from acme import crypto_util
Reported by Pylint.
Line: 81
Column: 3
TOKEN_SIZE = 128 / 8 # Based on the entropy value from the spec
"""Minimum size of the :attr:`token` in bytes."""
# TODO: acme-spec doesn't specify token as base64-encoded value
token = jose.Field(
"token", encoder=jose.encode_b64jose, decoder=functools.partial(
jose.decode_b64jose, size=TOKEN_SIZE, minimum=True))
# XXX: rename to ~token_good_for_url
Reported by Pylint.
Line: 86
Column: 3
"token", encoder=jose.encode_b64jose, decoder=functools.partial(
jose.decode_b64jose, size=TOKEN_SIZE, minimum=True))
# XXX: rename to ~token_good_for_url
@property
def good_token(self): # XXX: @token.decoder
"""Is `token` good?
.. todo:: acme-spec wants "It MUST NOT contain any non-ASCII
Reported by Pylint.
Line: 88
Column: 3
# XXX: rename to ~token_good_for_url
@property
def good_token(self): # XXX: @token.decoder
"""Is `token` good?
.. todo:: acme-spec wants "It MUST NOT contain any non-ASCII
characters", but it should also warrant that it doesn't
contain ".." or "/"...
Reported by Pylint.
Line: 96
Column: 3
contain ".." or "/"...
"""
# TODO: check that path combined with uri does not go above
# URI_ROOT_PATH!
# pylint: disable=unsupported-membership-test
return b'..' not in self.token and b'/' not in self.token
Reported by Pylint.
Line: 302
Column: 3
logger.debug("Verification of key authorization in response failed")
return False
# TODO: ACME specification defines URI template that doesn't
# allow to use a custom port... Make sure port is not in the
# request URI, if it's standard.
if port is not None and port != self.PORT:
logger.warning(
"Using non-standard port for http-01 verification: %s", port)
Reported by Pylint.
Line: 459
Column: 3
for i in range(cert.get_extension_count()):
ext = cert.get_extension(i)
# FIXME: assume this is the ACME extension. Currently there is no
# way to get full OID of an unknown extension from pyopenssl.
if ext.get_short_name() == b'UNDEF':
data = ext.get_data()
return data == self.h
Reported by Pylint.
Line: 25
Column: 1
logger = logging.getLogger(__name__)
class Challenge(jose.TypedJSONObjectWithFields):
# _fields_to_partial_json
"""ACME challenge."""
TYPES: dict = {}
@classmethod
Reported by Pylint.
Line: 31
Column: 5
TYPES: dict = {}
@classmethod
def from_json(cls, jobj):
try:
return super().from_json(jobj)
except jose.UnrecognizedTypeError as error:
logger.debug(error)
return UnrecognizedChallenge.from_json(jobj)
Reported by Pylint.
certbot/certbot/plugins/dns_test_common.py
12 issues
Line: 5
Column: 1
import typing
import configobj
import josepy as jose
from acme import challenges
from certbot import achallenges
from certbot.compat import filesystem
from certbot.plugins.dns_common import DNSAuthenticator
Reported by Pylint.
Line: 7
Column: 1
import configobj
import josepy as jose
from acme import challenges
from certbot import achallenges
from certbot.compat import filesystem
from certbot.plugins.dns_common import DNSAuthenticator
from certbot.tests import acme_util
from certbot.tests import util as test_util
Reported by Pylint.
Line: 15
Column: 5
from certbot.tests import util as test_util
if typing.TYPE_CHECKING:
from typing_extensions import Protocol
else:
Protocol = object # type: ignore
Reported by Pylint.
Line: 35
Column: 5
"""Protocol describing a TestCase able to call a real DNSAuthenticator instance."""
auth: DNSAuthenticator
def assertTrue(self, *unused_args) -> None:
"""
See
https://docs.python.org/3/library/unittest.html#unittest.TestCase.assertTrue
"""
...
Reported by Pylint.
Line: 35
Column: 5
"""Protocol describing a TestCase able to call a real DNSAuthenticator instance."""
auth: DNSAuthenticator
def assertTrue(self, *unused_args) -> None:
"""
See
https://docs.python.org/3/library/unittest.html#unittest.TestCase.assertTrue
"""
...
Reported by Pylint.
Line: 42
Column: 5
"""
...
def assertEqual(self, *unused_args) -> None:
"""
See
https://docs.python.org/3/library/unittest.html#unittest.TestCase.assertEqual
"""
...
Reported by Pylint.
Line: 42
Column: 5
"""
...
def assertEqual(self, *unused_args) -> None:
"""
See
https://docs.python.org/3/library/unittest.html#unittest.TestCase.assertEqual
"""
...
Reported by Pylint.
Line: 62
Column: 5
achall = achallenges.KeyAuthorizationAnnotatedChallenge(
challb=acme_util.DNS01, domain=DOMAIN, account_key=KEY)
def test_more_info(self: _AuthenticatorCallableTestCase):
self.assertTrue(isinstance(self.auth.more_info(), str)) # pylint: disable=no-member
def test_get_chall_pref(self: _AuthenticatorCallableTestCase):
self.assertEqual(self.auth.get_chall_pref(None), [challenges.DNS01]) # pylint: disable=no-member
Reported by Pylint.
Line: 65
Column: 5
def test_more_info(self: _AuthenticatorCallableTestCase):
self.assertTrue(isinstance(self.auth.more_info(), str)) # pylint: disable=no-member
def test_get_chall_pref(self: _AuthenticatorCallableTestCase):
self.assertEqual(self.auth.get_chall_pref(None), [challenges.DNS01]) # pylint: disable=no-member
def test_parser_arguments(self: _AuthenticatorCallableTestCase):
m = mock.MagicMock()
self.auth.add_parser_arguments(m) # pylint: disable=no-member
Reported by Pylint.
Line: 68
Column: 5
def test_get_chall_pref(self: _AuthenticatorCallableTestCase):
self.assertEqual(self.auth.get_chall_pref(None), [challenges.DNS01]) # pylint: disable=no-member
def test_parser_arguments(self: _AuthenticatorCallableTestCase):
m = mock.MagicMock()
self.auth.add_parser_arguments(m) # pylint: disable=no-member
m.assert_any_call('propagation-seconds', type=int, default=mock.ANY, help=mock.ANY)
Reported by Pylint.
certbot-dns-linode/certbot_dns_linode/_internal/dns_linode.py
11 issues
Line: 6
Column: 1
import re
from typing import Optional
from lexicon.providers import linode
from lexicon.providers import linode4
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
Reported by Pylint.
Line: 7
Column: 1
from typing import Optional
from lexicon.providers import linode
from lexicon.providers import linode4
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
Reported by Pylint.
Line: 9
Column: 1
from lexicon.providers import linode
from lexicon.providers import linode4
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 10
Column: 1
from lexicon.providers import linode4
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
Reported by Pylint.
Line: 11
Column: 1
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
API_KEY_URL = 'https://manager.linode.com/profile/api'
Reported by Pylint.
Line: 12
Column: 1
from certbot import errors
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
from certbot.plugins.dns_common import CredentialsConfiguration
logger = logging.getLogger(__name__)
API_KEY_URL = 'https://manager.linode.com/profile/api'
API_KEY_URL_V4 = 'https://cloud.linode.com/profile/tokens'
Reported by Pylint.
Line: 33
Column: 5
self.credentials: Optional[CredentialsConfiguration] = None
@classmethod
def add_parser_arguments(cls, add): # pylint: disable=arguments-differ
super().add_parser_arguments(add, default_propagation_seconds=120)
add('credentials', help='Linode credentials INI file.')
def more_info(self): # pylint: disable=missing-function-docstring
return 'This plugin configures a DNS TXT record to respond to a dns-01 challenge using ' + \
Reported by Pylint.
Line: 37
Column: 5
super().add_parser_arguments(add, default_propagation_seconds=120)
add('credentials', help='Linode credentials INI file.')
def more_info(self): # pylint: disable=missing-function-docstring
return 'This plugin configures a DNS TXT record to respond to a dns-01 challenge using ' + \
'the Linode API.'
def _setup_credentials(self):
self.credentials = self._configure_credentials(
Reported by Pylint.
Line: 79
Column: 1
return _LinodeLexiconClient(api_key, api_version)
class _LinodeLexiconClient(dns_common_lexicon.LexiconClient):
"""
Encapsulates all communication with the Linode API.
"""
def __init__(self, api_key, api_version):
Reported by Pylint.
Line: 105
Column: 5
raise errors.PluginError('Invalid api version specified: {0}. (Supported: 3, 4)'
.format(api_version))
def _handle_general_error(self, e, domain_name):
if not str(e).startswith('Domain not found'):
return errors.PluginError('Unexpected error determining zone identifier for {0}: {1}'
.format(domain_name, e))
return None
Reported by Pylint.