`certbot_apache.parser`¶

ApacheParser is a member object of the ApacheConfigurator class.

class certbot_apache.parser.ApacheParser(aug, root, vhostroot=None, version=(2, 4), configurator=None)[source]¶

Bases: object

Class handles the fine details of parsing the Apache Configuration.

Todo

Make parsing general… remove sites-available etc…

Variables:	root (str) – Normalized absolute path to the server root directory. Without trailing slash. modules (set) – All module names that are currently enabled. loc (dict) – Location to place directives, root - configuration origin, default - user config file, name - NameVirtualHost,

add_include(main_config, inc_path)[source]¶

Add Include for a new configuration file if one does not exist

Parameters:	main_config (str) – file path to main Apache config file inc_path (str) – path of file to include

add_mod(mod_name)[source]¶: Shortcut for updating parser modules.

reset_modules()[source]¶: Reset the loaded modules list. This is called from cleanup to clear temporarily loaded modules.

parse_modules()[source]¶

Iterates on the configuration until no new modules are loaded.

..todo:: This should be attempted to be done with a binary to avoid: the iteration issue. Else… parse and enable mods at same time.

update_runtime_variables()[source]¶: Update Includes, Defines and Includes from httpd config dump data

update_defines()[source]¶: Get Defines from httpd process

update_includes()[source]¶: Get includes from httpd process, and add them to DOM if needed

update_modules()[source]¶: Get loaded modules from httpd process, and add them to DOM

parse_from_subprocess(command, regexp)[source]¶

Get values from stdout of subprocess command

Parameters:	command (list) – Command to run regexp (str) – Regexp for parsing
Returns:	list parsed from command output
Return type:	list

_get_runtime_cfg(command)[source]¶

Get runtime configuration info. :param command: Command to run

Returns:	stdout from command

filter_args_num(matches, args)[source]¶

Filter out directives with specific number of arguments.

This function makes the assumption that all related arguments are given in order. Thus /files/apache/directive[5]/arg[2] must come immediately after /files/apache/directive[5]/arg[1]. Runs in 1 linear pass.

Parameters:	matches (string) – Matches of all directives with arg nodes args (int) – Number of args you would like to filter
Returns:	List of directives that contain # of arguments. (arg is stripped off)

add_dir_to_ifmodssl(aug_conf_path, directive, args)[source]¶

Adds directive and value to IfMod ssl block.

Adds given directive and value along configuration path within an IfMod mod_ssl.c block. If the IfMod block does not exist in the file, it is created.

Parameters:	aug_conf_path (str) – Desired Augeas config path to add directive directive (str) – Directive you would like to add, e.g. Listen args (list) – Values of the directive; str “443” or list of str

_get_ifmod(aug_conf_path, mod)[source]¶

Returns the path to <IfMod mod> and creates one if it doesn’t exist.

Parameters:	aug_conf_path (str) – Augeas configuration path mod (str) – module ie. mod_ssl.c

add_dir(aug_conf_path, directive, args)[source]¶

Appends directive to the end fo the file given by aug_conf_path.

Note

Not added to AugeasConfigurator because it may depend on the lens

Parameters:	aug_conf_path (str) – Augeas configuration path to add directive directive (str) – Directive to add args (list or str) – Value of the directive. ie. Listen 443, 443 is arg

add_dir_beginning(aug_conf_path, dirname, args)[source]¶

Adds the directive to the beginning of defined aug_conf_path.

Parameters:	aug_conf_path (str) – Augeas configuration path to add directive dirname (str) – Directive to add args (list or str) – Value of the directive. ie. Listen 443, 443 is arg

add_comment(aug_conf_path, comment)[source]¶

Adds the comment to the augeas path

Parameters:	aug_conf_path (str) – Augeas configuration path to add directive comment (str) – Comment content

find_comments(arg, start=None)[source]¶

Finds a comment with specified content from the provided DOM path

Parameters:	arg (str) – Comment content to search start (str) – Beginning Augeas path to begin looking
Returns:	List of augeas paths containing the comment content
Return type:	list

find_dir(directive, arg=None, start=None, exclude=True)[source]¶

Finds directive in the configuration.

Recursively searches through config files to find directives Directives should be in the form of a case insensitive regex currently

Todo

arg should probably be a list

Todo

arg search currently only supports direct matching. It does not handle the case of variables or quoted arguments. This should be adapted to use a generic search for the directive and then do a case-insensitive self.get_arg filter

Note: Augeas is inherently case sensitive while Apache is case insensitive. Augeas 1.0 allows case insensitive regexes like regexp(/Listen/, “i”), however the version currently supported by Ubuntu 0.10 does not. Thus I have included my own case insensitive transformation by calling case_i() on everything to maintain compatibility.

Parameters:	directive (str) – Directive to look for arg (str or None) – Specific value directive must have, None if all should be considered start (str) – Beginning Augeas path to begin looking exclude (bool) – Whether or not to exclude directives based on variables and enabled modules

get_arg(match)[source]¶

Uses augeas.get to get argument value and interprets result.

This also converts all variables and parameters appropriately.

_exclude_dirs(matches)[source]¶: Exclude directives that are not loaded into the configuration.

_pass_filter(match, filter_)[source]¶

Determine if directive passes a filter.

Parameters:	match (str) – Augeas path filter (list) – list of tuples of form [(“lowercase if directive”, set of relevant parameters)]

_get_include_path(arg)[source]¶

Converts an Apache Include directive into Augeas path.

Converts an Apache Include directive argument into an Augeas searchable path

Todo

convert to use os.path.join()

Parameters:	arg (str) – Argument of Include directive
Returns:	Augeas path string
Return type:	str

fnmatch_to_re(clean_fn_match)[source]¶

Method converts Apache’s basic fnmatch to regular expression.

Assumption - Configs are assumed to be well-formed and only writable by privileged users.

https://apr.apache.org/docs/apr/2.0/apr__fnmatch_8h_source.html http://apache2.sourcearchive.com/documentation/2.2.16-6/apr__fnmatch_8h_source.html

Parameters:	clean_fn_match (str) – Apache style filename match, like globs
Returns:	regex suitable for augeas
Return type:	str

parse_file(filepath)[source]¶

Parse file with Augeas

Checks to see if file_path is parsed by Augeas If filepath isn’t parsed, the file is added and Augeas is reloaded

Parameters:	filepath (str) – Apache config file path

parsed_in_current(filep)[source]¶

Checks if the file path is parsed by current Augeas parser config ie. returns True if the file is found on a path that’s found in live Augeas configuration.

Parameters:	filep (str) – Path to match
Returns:	True if file is parsed in existing configuration tree
Return type:	bool

parsed_in_original(filep)[source]¶

Checks if the file path is parsed by existing Apache config. ie. returns True if the file is found on a path that matches Include or IncludeOptional statement in the Apache configuration.

Parameters:	filep (str) – Path to match
Returns:	True if file is parsed in existing configuration tree
Return type:	bool

_parsed_by_parser_paths(filep, paths)[source]¶: Helper function that searches through provided paths and returns True if file path is found in the set

_check_path_actions(filepath)[source]¶

Determine actions to take with a new augeas path

This helper function will return a tuple that defines if we should try to append the new filepath to augeas parser paths, and / or remove the old one with more narrow matching.

Parameters:	filepath (str) – filepath to check the actions for

_remove_httpd_transform(filepath)[source]¶

Remove path from Augeas transform

Parameters:	filepath (str) – filepath to remove

_add_httpd_transform(incl)[source]¶

Add a transform to Augeas.

This function will correctly add a transform to augeas The existing augeas.add_transform in python doesn’t seem to work for Travis CI as it loads in libaugeas.so.0.10.0

Parameters:	incl (str) – filepath to include for transform

standardize_excl()[source]¶

Standardize the excl arguments for the Httpd lens in Augeas.

Note: Hack! Standardize the excl arguments for the Httpd lens in Augeas Servers sometimes give incorrect defaults Note: This problem should be fixed in Augeas 1.0. Unfortunately, Augeas 0.10 appears to be the most popular version currently.

_set_locations()[source]¶

Set default location for directives.

Locations are given as file_paths .. todo:: Make sure that files are included

_find_config_root()[source]¶: Find the Apache Configuration Root file.

certbot_apache.parser.case_i(string)[source]¶

Returns case insensitive regex.

Returns a sloppy, but necessary version of a case insensitive regex. Any string should be able to be submitted and the string is escaped and then made case insensitive. May be replaced by a more proper /i once augeas 1.0 is widely supported.

Parameters:	string (str) – string to make case i regex

certbot_apache.parser.get_aug_path(file_path)[source]¶

Return augeas path for full filepath.

Parameters:	file_path (str) – Full filepath

certbot_apache.parser¶

`certbot_apache.parser`¶