upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-04-29 18:19:51 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
162 commits 864 branches 155 tags 127 MiB
Commit graph

162 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seth Schoen
17aa133774 Merge branch 'master' of ssh://github.com/research/chocolate 2012-07-13 18:57:51 -07:00
Seth Schoen
7b615c295e don't SHA256 twice! 2012-07-13 18:57:10 -07:00
Peter Eckersley
7f6f3e785e Merge branch 'master' of github.com:research/chocolate 2012-07-13 18:55:27 -07:00
Seth Schoen
9930ae8875 make sure to use "M3Crypto" 2012-07-13 18:55:09 -07:00
Peter Eckersley
95347b3d17 Make client.py executable 2012-07-13 18:55:08 -07:00
Peter Eckersley
8c94570319 Embed CSR from the other side 2012-07-13 18:43:20 -07:00
Seth Schoen
722aaab568 update description of dependencies and deployment 2012-07-13 16:03:21 -07:00
Seth Schoen
2901fa1c81 note about expected symlink to CSR.py 2012-07-13 14:51:59 -07:00
Seth Schoen
764b2783a7 explicitly require m3crypto inside ../m3/lib/python 2012-07-13 14:49:34 -07:00
Seth Schoen
e2b798fe26 implement session timeouts inside daemon 2012-07-12 18:19:14 -07:00
Eric Wustrow
70023c5b08 Merge branch 'master' of github.com:research/chocolate 2012-07-12 20:30:52 -04:00
Eric Wustrow
956ea28b95 use M2Crypto in CSR verify/sign/encrypt 2012-07-12 20:30:46 -04:00
Seth Schoen
5407be4df6 exit when failures are reported 2012-07-12 16:49:28 -07:00
Seth Schoen
e12d7f8fea report failures 2012-07-12 16:49:19 -07:00
Seth Schoen
dd2dc32a96 report failure after attempted issuance 2012-07-12 16:48:20 -07:00
Seth Schoen
34b61f68fa save certificate after it gets issued 2012-07-12 16:47:40 -07:00
Seth Schoen
30622a436a fix indentation 2012-07-12 16:45:41 -07:00
Seth Schoen
f40f372b88 I really like this looking from /etc better because it's faster 
(I realize that on some systems httpd.conf is somewhere other than /etc!)
 2012-07-12 16:44:44 -07:00
Seth Schoen
7699bf8583 key is also in CHOC_DIR 2012-07-12 16:43:07 -07:00
Seth Schoen
b63a255496 Merge branch 'master' of ssh://github.com/research/chocolate 2012-07-12 16:39:06 -07:00
Eric Wustrow
0a85d8154f Merge branch 'master' of github.com:research/chocolate 2012-07-12 19:38:44 -04:00
Eric Wustrow
9ccd7d2e1e use M2Crypto (patched to support X509.Request.get_extensions) to read the SANs from the CSR; remove pkcs10.py 2012-07-12 19:38:37 -04:00
Seth Schoen
7bef1f50b9 actually do the challenge and wait for the results 2012-07-12 16:38:33 -07:00
Seth Schoen
344602edb6 actually the challenge code decrypts y for us to get r 2012-07-12 16:37:53 -07:00
Seth Schoen
d58e2901fa script for clearing out Redis databae 2012-07-12 16:29:54 -07:00
Eric Wustrow
94b6e593fb A bit less annoying - you can init a BIO with a string 2012-07-12 19:16:48 -04:00
Eric Wustrow
1c129ea1d7 use M2Crypto for parse function 2012-07-12 19:10:54 -04:00
Eric Wustrow
1bb0fc7286 Merge branch 'master' of github.com:research/chocolate 2012-07-12 18:07:22 -04:00
Eric Wustrow
19df04c516 use M2Crypto instead of openssl command line/subprocess for CSR parsing 2012-07-12 18:07:13 -04:00
Seth Schoen
6d64bab45e wow, but M2Crypto is annoying! - make a BIO for the public key 
It turns out that M2Crypto.RSA.load_key_string() requires a keypair,
not a public key.  There is no M2Crypto.RSA.load_pub_key_string(),
only M2Crypto.RSA.load_pub_key_bio(), which requires an OpenSSL BIO
object.
 2012-07-12 14:48:32 -07:00
Seth Schoen
b8a814a13f make client use M2Crypto also 2012-07-12 14:36:39 -07:00
Seth Schoen
d441355715 make daemon exit cleanly after interrupt signals 2012-07-12 14:30:56 -07:00
Seth Schoen
49d70c0966 it's fine to use M2Crypto, but you must import it :-) 2012-07-12 12:39:54 -07:00
Seth Schoen
f907899358 slight tolerance for requests timestamped in the future 2012-07-12 12:38:13 -07:00
Eric Wustrow
d54858689a Merge branch 'master' of github.com:research/chocolate 2012-07-12 14:55:06 -04:00
Eric Wustrow
42999f7bb9 use M2Crypto for getting public key length 2012-07-12 14:55:00 -04:00
Eric Wustrow
a6f244ec76 use M2Crypto for encrypting (Crypto.PublicKey uses unpaded RSA\!) 2012-07-12 14:54:39 -04:00
Seth Schoen
9c499c06f3 show all challenges 2012-07-11 19:40:09 -07:00
Seth Schoen
0d6b85a9b5 this client won't wait more than 60 seconds even if the server asks it to 2012-07-11 19:10:50 -07:00
Seth Schoen
2e49fbaa5e implement polldelay in client 2012-07-11 19:09:54 -07:00
Seth Schoen
c538876c35 add newline to GET error message output 2012-07-11 16:44:52 -07:00
James Kasten
e8f90a631a Added a fetch OID TODO 2012-07-11 15:10:44 -04:00
Eric Wustrow
1cb25dd143 oops, commited over the c6ac5858e4 server-param changes... 2012-07-11 02:26:04 -04:00
Eric Wustrow
2399b46354 use M2Crypto.RSA instead of Crypto.Public key (which was using an unpadded RSA\!\!\!) 2012-07-11 02:23:44 -04:00
Ubuntu
de459195e5 Merge branch 'master' of github.com:research/chocolate 2012-07-11 06:15:21 +00:00
Ubuntu
c6ac5858e4 use example.com instead of 127.0.0.1 and localhost for the sni_challenge 2012-07-11 06:15:08 +00:00
Ubuntu
5bc2eee4b0 using chocolate server (ec2)'s parameters in sni_challenge (these are just as good as any hardcoded value, and this way we don't have uncommited changes on our test server) 2012-07-11 06:14:25 +00:00
Eric Wustrow
e336d2cb0e use hashlib/hmac instead of Crypto 2012-07-10 23:36:23 -04:00
Seth Schoen
83d246bc7f correctly interpret challtime and challtype as ints 2012-07-10 18:51:58 -07:00
Seth Schoen
0a56d7fd60 add debug prints; actually check whether issuance succeeded 2012-07-10 18:34:32 -07:00