mirror of
https://github.com/certbot/certbot.git
synced 2026-01-26 07:41:33 +03:00
de867e26c8
This splits out the single daemon into four different daemons (for makechallenge, testchallenge, and issue, and for logging), switches all but the logging daemon to no longer use pubsub (but instead use brpop, which is a blocking queue pop), and tracks the number of times that a given session has been tested (limited to 3). There are also new scripts to try to start and stop all the daemons with a single command.
31 lines
1.3 KiB
Plaintext
31 lines
1.3 KiB
Plaintext
In this directory is a reference CA implementation of the Chocolate protocol,
|
|
DV and signing mechanism.
|
|
|
|
Instead of using "make deploy", we're currently using git pull to deploy this.
|
|
This requires restarting lighttpd on the server and ensuring that Redis and
|
|
a copy of daemon.py are running there. If the .proto definition has
|
|
changed, it also needs to be recompiled on both the server and the client.
|
|
|
|
|
|
|
|
chocolate.py - server-side, requires web.py (python-webpy),
|
|
PyCrypto (python-crypto) 2.3 (not 2.1!!), redis, python-redis,
|
|
python-protobuf, "M3Crypto" (from our own tree) (hence also
|
|
build-essential, python-dev, and swig)
|
|
probably wants to run under a web server like lighttpd with fastcgi
|
|
|
|
daemons/{makechallenge,testchallenge,issue,logging}-daemon.py -
|
|
daemons to handle back-end implementation of protocol state transitions
|
|
|
|
chocolate_protocol.proto - protocol definition; needs protobuf-compiler
|
|
|
|
sni_challenge -
|
|
Assumes Apache server with name based virtual hosts is running
|
|
(for intended address).
|
|
Call perform_sni_cert_challenge(address, r, nonce) to verify the
|
|
server.
|
|
Example code is given in main method
|
|
Right now requires full path specification of CSR/KEY in the Global
|
|
Variables (how should this be specified?)
|
|
requires python-socksipy, tor
|