crypt/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-01-26 07:41:33 +03:00
Code Activity
10,392 Commits 847 Branches 151 Tags
dac0b2c187fd94de9725da623587729ef356b60d
Commit Graph

10392 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
James Kasten
3b25a87667 Added is_site_enabled, added documentation 2012-08-07 18:02:05 -04:00
James Kasten
55f12a61a7 Merge branch 'master' of github.com:research/chocolate 2012-08-07 15:59:36 -04:00
James Kasten
1693414a69 Added get_all_names function for configurator 2012-08-07 15:56:05 -04:00
Peter Eckersley
84eb5058c6 Disable raw IPv6 addresses by default 
(they're scarier than I thought, and a bit dangerous in Web and maybe Windows
shell contexts)
 2012-08-06 15:27:05 -07:00
Peter Eckersley
e119f50f14 Explain the tree a bit; note some debian dependencies 2012-08-06 15:00:51 -07:00
James Kasten
498c47f2f6 Added enable_site and enable_mod_ssl 2012-08-03 15:52:07 -04:00
James Kasten
6804ccb41f Added apache/sni_challenge cleanup 2012-08-02 18:46:01 -04:00
James Kasten
6fd9d01644 Revert to EC2 testing variables 2012-08-01 19:46:34 -04:00
James Kasten
cdafed5427 Using Augeas to add Include directive for challenge vhosts 2012-08-01 19:42:18 -04:00
James Kasten
fc56a875d0 Added code to auto-configure the Apache server for SNI challenges 2012-08-01 19:31:21 -04:00
James Kasten
a0ca971c2e Updated README 2012-08-01 14:25:20 -04:00
James Kasten
91907b1264 Slight update to README 2012-08-01 14:23:25 -04:00
James Kasten
5a07d530f9 Example ec2 client auto-installs certificates upon receiving cert 2012-07-30 19:26:03 -04:00
James Kasten
2c9629046a Made quick changes to client to allow for deployment of cert on test servers 2012-07-30 18:19:40 -04:00
James Kasten
de89d1fe63 Added error handling for Augeas save files 2012-07-30 14:47:41 -04:00
James Kasten
94d1827838 Added make_server_sni_ready, fixed vhost.addrs bug, cleaned up some code 2012-07-30 14:03:06 -04:00
Seth Schoen
67da1f65dd just in case there are DOS-style EOLs in the CSR 2012-07-28 18:43:20 -07:00
James Kasten
f2e54b4df0 Added find_directive - searches for directives recursively through conf files, fixed a few bugs 2012-07-27 00:58:12 -04:00
Peter Eckersley
344f602da5 Check hostnames from the evironment before Popen()ing with them. 
This was probably safe anyway, but since we're passing things from the
environment into a subprocess call, let's be extra careful about privilege
escalations.
 2012-07-25 16:21:55 -07:00
James Kasten
2b9ee8e2cc Added functions add_name_vhost and check_ssl_loaded 2012-07-25 17:39:15 -04:00
Seth Schoen
c75f154bd6 have daemon send a pubsub message to itself to achieve prompt clean shutdowns 2012-07-20 23:54:58 -07:00
Seth Schoen
7ee2b9ef21 note priority inversion bug is now somewhat less severe 2012-07-20 18:47:29 -07:00
Seth Schoen
2ba0eae5d6 support for distributing certificate chain file 2012-07-20 18:37:47 -07:00
Seth Schoen
cb5922edd8 switch to pubsub mechanism instead of polling 2012-07-20 16:48:10 -07:00
Seth Schoen
d02883ca38 add field for certficate chain 2012-07-20 16:43:42 -07:00
Seth Schoen
8db37e5501 add cert_chain_file config option 2012-07-20 16:43:18 -07:00
Seth Schoen
06357addf0 min_key_size → min_keysize 2012-07-19 23:22:52 -07:00
Seth Schoen
90f4b4daeb move configuratoin parameters into config file; add extra sanity checks 2012-07-19 23:19:39 -07:00
James Kasten
8cd2b1e66d initial commit for configurator with basic functionality 2012-07-20 00:11:11 -04:00
Seth Schoen
b1b7257c2a what kind of getopt is the upstream hashcash using, anyway? 2012-07-18 22:36:22 -07:00
Seth Schoen
c89a0e8f8e mint hashcash with expiry stated down to the second 2012-07-18 22:31:54 -07:00
Seth Schoen
6f5d15cddf whoops, the past is the past, not the future 2012-07-18 22:28:41 -07:00
Seth Schoen
c117582ece drop privileges and use external hashcash binary again 2012-07-18 22:25:23 -07:00
Seth Schoen
1e17b222ab document priority inversion bug 2012-07-18 19:38:00 -07:00
Seth Schoen
707dedbd9b add verification probe via Tor 2012-07-18 18:43:23 -07:00
Seth Schoen
bb0c4bf316 notes on future blacklist import speedups 2012-07-18 17:08:35 -07:00
Seth Schoen
df97026c72 Python hashcash minting is slow, so only generate 20 bits for now 2012-07-18 15:07:17 -07:00
Eric Wustrow
4b5ba56a2d check expiry in hashcash 2012-07-17 22:51:53 -04:00
Eric Wustrow
702b9ca394 Use hashcash python library directly, instead of subprocess. 
We should really try to avoid calling out to potentially untrusted
binaries, especially as we are running as root
 2012-07-17 21:27:00 -04:00
Eric Wustrow
cf45b233f7 sorry, this one adds the previous commit about hashcash being dangerous...previous adds a symlink so clients can use it...grrr git is a mess within a mess 2012-07-17 21:11:38 -04:00
Eric Wustrow
9f1df2b704 fix hashcash bug - if check_validation is set, check function will not verify the stamp (elif to be cosnidered harmful) 2012-07-17 21:10:03 -04:00
James Kasten
6de8e31bfe Added documentation for functions 2012-07-17 13:41:28 -04:00
Seth Schoen
e857154682 updated modulus blacklisting stuff 2012-07-17 00:33:45 -07:00
Seth Schoen
7fbb146ba6 weak Debian keys, via http://certlogik.com/debian-weak-key-check/ 2012-07-17 00:19:08 -07:00
Seth Schoen
93f7afbf82 no longer use Python hashcash library 2012-07-16 19:26:42 -07:00
Seth Schoen
4352ff0e13 need to import subprocess 2012-07-16 19:25:41 -07:00
Seth Schoen
1b88b67544 use C language hashcash program to generate cash from client 2012-07-16 19:25:27 -07:00
Seth Schoen
bc7b55d0d6 client supports servername as command-line argument 2012-07-16 15:13:50 -07:00
Seth Schoen
62c2f5fa49 function name collision 2012-07-16 15:13:06 -07:00
Seth Schoen
ac0defac00 remove client-side dependency on CSR.py 2012-07-16 15:11:10 -07:00