upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-03 13:59:02 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
8119 commits 873 branches 156 tags 129 MiB
Commit graph

8119 commits

This branch
This branch
All branches
Author SHA1 Message Date
Eric Wustrow
2399b46354 use M2Crypto.RSA instead of Crypto.Public key (which was using an unpadded RSA\!\!\!) 2012-07-11 02:23:44 -04:00
Ubuntu
de459195e5 Merge branch 'master' of github.com:research/chocolate 2012-07-11 06:15:21 +00:00
Ubuntu
c6ac5858e4 use example.com instead of 127.0.0.1 and localhost for the sni_challenge 2012-07-11 06:15:08 +00:00
Ubuntu
5bc2eee4b0 using chocolate server (ec2)'s parameters in sni_challenge (these are just as good as any hardcoded value, and this way we don't have uncommited changes on our test server) 2012-07-11 06:14:25 +00:00
Eric Wustrow
e336d2cb0e use hashlib/hmac instead of Crypto 2012-07-10 23:36:23 -04:00
Seth Schoen
83d246bc7f correctly interpret challtime and challtype as ints 2012-07-10 18:51:58 -07:00
Seth Schoen
0a56d7fd60 add debug prints; actually check whether issuance succeeded 2012-07-10 18:34:32 -07:00
Seth Schoen
b1bc65b082 also deploy demoCA to server 2012-07-10 18:34:23 -07:00
Seth Schoen
07792d6fd0 rename verify_sni_challenge.py for shorter import 2012-07-10 18:33:38 -07:00
Peter Eckersley
d1c2572a03 Merge branch 'master' of github.com:research/chocolate 2012-07-10 18:04:40 -07:00
Peter Eckersley
2f8de2efab Add m3crypto as a submodule 2012-07-10 18:04:18 -07:00
Seth Schoen
2f35f39797 deploy and build sni_challenge code on Chocolate server 2012-07-10 17:01:32 -07:00
Seth Schoen
2a514f5166 adjust daemon to use sni_challenge package 2012-07-10 16:59:04 -07:00
Seth Schoen
208ded9d02 make this a Python package that can be imported 2012-07-10 16:48:36 -07:00
James Kasten
e1bbcd04b7 changed format for perform_sni_challenge to [(addr, y, nonce, ext)], csr, key 2012-07-10 17:27:26 -04:00
James Kasten
87918f6124 added in code to catch SSL connection failures 2012-07-10 17:06:26 -04:00
James Kasten
6ac9d358af minor postConnectionCheck fix 2012-07-10 17:00:59 -04:00
James Kasten
662e935bdf removed postConnectionCheck 2012-07-10 16:46:38 -04:00
James Kasten
ec33d2be6e Merge branch 'master' of github.com:research/chocolate 2012-07-10 16:20:18 -04:00
James Kasten
cd7b849366 Fixed conference call bug, made challenge servers only accessible by SNI name 2012-07-10 16:17:10 -04:00
James Kasten
b8c3856dfd Changed extension conf to critical 2012-07-10 15:43:49 -04:00
Seth Schoen
3f03dc4e5c implement dvsni challenge checking 2012-07-10 00:25:11 -07:00
Seth Schoen
cfc4cbaae3 remove disused debug flag in protocol 2012-07-09 22:33:02 -07:00
Seth Schoen
ee9343469f more explicit clarification about concurrency 2012-07-09 22:23:44 -07:00
Seth Schoen
1f45a4cfe5 enforce some protocol sanity checks 2012-07-09 22:22:20 -07:00
James Kasten
a3435b7982 added ability for concurrent sni challenges, made choc ext critical, allows variable oid 2012-07-09 07:59:30 -04:00
Seth Schoen
ac3441a972 changes to make CSR.issue() successfully issue certs 2012-07-09 00:01:19 -07:00
Peter Eckersley
93cec72f7a Merge branch 'master' of github.com:research/chocolate 2012-07-07 13:13:13 -07:00
Peter Eckersley
9bfc24c279 The demoCA is usable now 2012-07-07 13:12:00 -07:00
Seth Schoen
bd578f9796 moving everything server-side to server-ca directory 2012-07-06 14:45:26 -07:00
Eric Wustrow
28c9f8fdf2 add comments to verify_sni_challenge, make nonce be an ascii string 2012-07-06 15:28:17 -04:00
Seth Schoen
97e7b1a7b2 I forgot, I have a stub in CSR.py that already pretends to issue certs :-) 2012-07-04 22:05:41 -07:00
Seth Schoen
6df1976070 get subject public key and use it to encrypt dvsni parameter r as y 2012-07-03 18:03:30 -07:00
Seth Schoen
0fa6fb49c4 specific python-crypto version dependency 2012-07-03 18:03:11 -07:00
Seth Schoen
f0605fd65e hopefully the right RSA encryption operation for computing y = E(r) 2012-07-03 01:56:26 -07:00
Seth Schoen
2e91aafa86 now successfully gets challenge data from server 2012-07-03 01:45:14 -07:00
Seth Schoen
800f255db6 fix several bugs to allow sending challenges from server correctly 2012-07-03 01:44:58 -07:00
Seth Schoen
4136f32091 expressions in Python function definition default values are evaluated only once, when the functions are defined 2012-07-03 00:55:53 -07:00
Seth Schoen
721f28068f better document wire protocol 2012-07-02 19:53:34 -07:00
Seth Schoen
28f25b7dc1 remarks on timeouts and session states 2012-07-02 18:13:09 -07:00
Seth Schoen
14689bf2f4 documentation; never advance dead sessions' state 2012-07-02 18:10:54 -07:00
Seth Schoen
388f7577d0 deploy daemon.py 2012-07-02 17:57:44 -07:00
Seth Schoen
6667fb837b use blank session ID for error if client-supplied session is unsafe 2012-07-02 17:52:00 -07:00
Seth Schoen
fce64442ec deploy pkcs10.py to server 2012-07-02 17:47:44 -07:00
Seth Schoen
bca9360449 comments on protocol compliance enforcement 2012-07-02 17:46:06 -07:00
Seth Schoen
5e44ccba90 keep subject names in original requested order 2012-07-02 12:04:32 -07:00
Seth Schoen
c196bef0ab infrastructure for actually issuing cert 2012-07-02 12:03:28 -07:00
Seth Schoen
83a1ee779b there must be at least one subject name to sign 2012-07-01 23:14:55 -07:00
Seth Schoen
a927dae732 makechallenge functionality was moved into daemon.py 2012-07-01 23:12:29 -07:00
Seth Schoen
ffa30bf012 fix typo and logic 2012-07-01 23:11:15 -07:00