crypt/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-01-21 19:01:07 +03:00
Code Activity
4,097 Commits 845 Branches 151 Tags
e2e2a29dee805b3f0cd5164aebff74e445f8cf29
Commit Graph

148 Commits

Author SHA1 Message Date
Peter Eckersley
c48ee677df Merge Augeas lens fix for backslashes in regexps 
https://github.com/hercules-team/augeas/issues/307
155746c72f
 2015-11-26 16:59:06 -08:00
Peter Eckersley
33aff08c36 Merge pull request #1395 from sagi/hsts 
apache: add general http-header enhacement [needs revision]
 2015-11-26 12:30:23 -08:00
bmw
8cf63c493f Merge pull request #1568 from erikrose/kill-dvsni 
Remove remaining "DVSNI" wording, changing it to reference TLS-SNI-01, which it changed into.
 2015-11-25 15:30:02 -05:00
Erik Rose
e75dc96559 Stop calling things that don't implement IAuthenticator authenticators. 2015-11-25 12:44:17 -05:00
sagi
090a9a0e46 add PluginEnhancementAlreadyPresent and use it 2015-11-25 01:56:49 +00:00
sagi
7467496984 change enhancement http-header to ensure-http-header 2015-11-24 23:33:21 +00:00
Peter Eckersley
b3054356cd Merge pull request #1603 from letsencrypt/reload 
Use reload in Apache (fixes #954) [needs minor extension]
 2015-11-24 08:20:01 -08:00
Patrick Figel
f908e8bdaf Detect SSL vhosts by port 
SSLEngine on can be set outside of <VirtualHost>. Treat any vhost
using port 443 as a SSL vhost.

fixes #1602
 2015-11-24 06:23:07 +01:00
Peter Eckersley
0c80fac35b Merge pull request #1423 from ArchimedesPi/apache-chainfile 
Appropriately set and update Apache certificate directives
 2015-11-23 19:52:21 -08:00
Brad Warren
f5c3532177 Improve error message 2015-11-23 19:44:00 -05:00
Brad Warren
9e52b8200d Sleeping is easier than polling 2015-11-23 18:34:42 -05:00
Brad Warren
0c283b39ef s/restart/reload 2015-11-23 18:29:41 -05:00
sagi
7df7228a53 add regex to detect header_substring in header directive definition 2015-11-23 22:41:02 +00:00
sagi
b75354add0 change verify_no_http_header to verify_no_matching_http_header 2015-11-23 20:13:08 +00:00
sagi
f8a3216082 change header_name to header_substring 2015-11-23 20:11:47 +00:00
Liam Marshall
f2ccc228a3 Remove code path that will never get hit 2015-11-23 13:17:24 -06:00
sagi
eb5e345c3e change vhost to ssl_vhost, add header_name explanation in comments. 2015-11-22 18:40:19 +00:00
sagi
67e9470179 Merge remote-tracking branch 'upstream/master' into hsts 2015-11-22 18:27:23 +00:00
Liam Marshall
d737546dd7 Split off cleaning into a method (fixes a subtle bug) 2015-11-20 16:43:14 -06:00
Erik Rose
9205b9c987 Remove remaining "DVSNI" wording, changing it to reference TLS-SNI-01, which it changed into. Close #1417. 
Also make _get_addrs() private, since it's called only internally.
 2015-11-19 13:23:07 -05:00
Liam Marshall
ca6a77bb1d Fix tests 
Remove debugging print from tests

Fix lint warnings
 2015-11-18 21:38:56 -06:00
Liam Marshall
b19c9d858c Fix a few nits, coverage 2015-11-18 21:24:43 -06:00
Liam Marshall
e5e7cef6d6 Fix conditional for fullchain_path edge cases 2015-11-18 19:22:14 -06:00
Liam Marshall
76320c2d37 Test vhost cleaning 2015-11-15 23:09:44 -06:00
Liam Marshall
62f19496da Rewrite vhost cleaning logic 2015-11-15 23:09:35 -06:00
sagi
175ef4f50d merge with letsencrypt master br 2015-11-15 07:18:26 +00:00
Liam Marshall
e6113698f2 Test that no fullchain throws an error 2015-11-14 14:28:17 -06:00
Liam Marshall
a1e6db2144 Fix logic in which the --fullchain error would never be hit 2015-11-14 14:27:38 -06:00
Liam Marshall
691abdc377 Fix for py26 (it doesn't have set literals) 2015-11-14 12:00:08 -06:00
Liam Marshall
425bb98bed Fix lint warnings 2015-11-14 11:44:03 -06:00
Liam Marshall
361b67276e Rewrite certificate install logic 
Tests are being written
 2015-11-14 11:43:54 -06:00
Rémy Léone
1014cf5d9e Dict can be litteral 2015-11-14 14:06:32 +01:00
Liam Marshall
9bf1b99b5b Remove existing SSL directives for SSL vhosts 2015-11-13 17:16:50 -06:00
Liam Marshall
16659b5433 Add minus option to _remove_existing_ssl_directives() 
Add test case as well.
 2015-11-13 15:59:16 -06:00
Peter Eckersley
510da48263 Merge pull request #1439 from joohoi/modmacro_fix 
More robust way of detecting the mod_macro vhosts
 2015-11-13 00:41:14 -08:00
Liam Marshall
0af0beaeb7 Remove useless SSL removal on non-SSL vhosts 2015-11-12 22:27:05 -06:00
Liam Marshall
108757e332 Fall back to old cert method if fullchain isn't provided 2015-11-12 17:45:33 -06:00
Brad Warren
fcbff2118f Merge branch 'master' into apache_rollback 2015-11-12 14:17:56 -08:00
Liam Marshall
211c2bb33d Remove SSLCACertificatePath from removed directives 
SSLCACertificatePath is sometimes important to preserve.
 2015-11-10 19:41:30 -06:00
Brad Warren
553592b2c8 Revert "Revert all changes in cleanup, temporary or otherwise" 
This reverts commit 0c197c955e.
 2015-11-10 16:32:05 -08:00
Brad Warren
3c00afd55c Revert "Removed revert_challenge_config" 
This reverts commit 0143d77362.
 2015-11-10 16:31:52 -08:00
Brad Warren
60147eb529 Define state of checkpoints when save fails 2015-11-10 14:52:18 -08:00
Liam Marshall
1f6ef1f4b1 Add tests for existing cert removal and newcert directives 2015-11-10 16:04:23 -06:00
Joona Hoikkala
85675d709c Case insensitive matching 2015-11-10 11:20:33 +02:00
Liam Marshall
30c44ef1e2 Fix lint errors 2015-11-09 22:13:36 -06:00
Liam Marshall
e63fa279a4 Reintroduce cert_key, remove bad logging 2015-11-09 22:13:36 -06:00
Liam Marshall
b26c138938 Wire in everything, remove cert_key 
Add debug. Will be removed.

Logging
 2015-11-09 22:13:36 -06:00
Liam Marshall
1d2ba931b3 Improve the implementation of the suggestion 
Write the code to set directives

Fix logging in _remove_existing_ssl_directives

Fix logging statement
 2015-11-09 22:13:25 -06:00
Liam Marshall
18da7dfce2 Implement @pde's suggestions for Apache 
From this IRC log:
2015-11-02 16:31:29	@pdeee	for >= 2.4.8:
2015-11-02 16:32:23	@pdeee	add new SSLCertificateFile pointing to fullchain.pem
2015-11-02 16:33:10	@pdeee	remove all preexisting SSLCertificateFile, SSLCertificateChainFile, SSLCACertificatePath, and possibly other fields subject to careful research :)
2015-11-02 16:33:21	@pdeee	for < 2.4.8:
2015-11-02 16:34:03	@pdeee	add SSLCertificateFile pointing to cert.pem
2015-11-02 16:34:42	@pdeee	and SSLCertificateChainFile pointing to chain.pem
2015-11-02 16:34:50	xamnesiax	gotcha
2015-11-02 16:34:55	@pdeee	remove all preexisting/conflicting entries
2015-11-02 16:35:19	xamnesiax	Am I correct to assume that this can all be done from deploy_certs in the apache configurator?
2015-11-02 16:36:32	xamnesiax	deploy_cert *
2015-11-02 16:36:48	@pdeee	I think so
2015-11-02 16:36:59	@pdeee	again, jdkasten may wish to say more

Pull strings out for find_dir

A bit of logging

Add version logging

Logging, temporarily remove one branch

of the conditional for testing

Fix bad directive stringgrabbing code

Fix directive removal logic

Grab string from tree to be removed
 2015-11-09 22:12:39 -06:00
Joona Hoikkala
747b7ca507 More robust way of detecting the mod_macro vhosts 2015-11-10 05:34:15 +02:00