upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-03-27 12:53:05 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
215 commits 858 branches 154 tags 125 MiB
Commit graph

87 commits

Author SHA1 Message Date
James Kasten
8cd2b1e66d initial commit for configurator with basic functionality 2012-07-20 00:11:11 -04:00
Seth Schoen
b1b7257c2a what kind of getopt is the upstream hashcash using, anyway? 2012-07-18 22:36:22 -07:00
Seth Schoen
c89a0e8f8e mint hashcash with expiry stated down to the second 2012-07-18 22:31:54 -07:00
Seth Schoen
c117582ece drop privileges and use external hashcash binary again 2012-07-18 22:25:23 -07:00
Seth Schoen
df97026c72 Python hashcash minting is slow, so only generate 20 bits for now 2012-07-18 15:07:17 -07:00
Eric Wustrow
702b9ca394 Use hashcash python library directly, instead of subprocess. 
We should really try to avoid calling out to potentially untrusted
binaries, especially as we are running as root
 2012-07-17 21:27:00 -04:00
Eric Wustrow
9f1df2b704 fix hashcash bug - if check_validation is set, check function will not verify the stamp (elif to be cosnidered harmful) 2012-07-17 21:10:03 -04:00
James Kasten
6de8e31bfe Added documentation for functions 2012-07-17 13:41:28 -04:00
Seth Schoen
93f7afbf82 no longer use Python hashcash library 2012-07-16 19:26:42 -07:00
Seth Schoen
4352ff0e13 need to import subprocess 2012-07-16 19:25:41 -07:00
Seth Schoen
1b88b67544 use C language hashcash program to generate cash from client 2012-07-16 19:25:27 -07:00
Seth Schoen
bc7b55d0d6 client supports servername as command-line argument 2012-07-16 15:13:50 -07:00
Seth Schoen
62c2f5fa49 function name collision 2012-07-16 15:13:06 -07:00
Seth Schoen
ac0defac00 remove client-side dependency on CSR.py 2012-07-16 15:11:10 -07:00
Seth Schoen
a5c70283e8 wait after performing challenge, in the hope the server notices the first time 2012-07-14 23:34:39 -07:00
Seth Schoen
1756a29a6a forgot an underscore 2012-07-14 17:32:26 -07:00
Seth Schoen
19bcb8486c make some things more general; allow command line arguments 2012-07-14 17:31:43 -07:00
Seth Schoen
0b1b8e42d5 switch to hashlib 2012-07-14 15:08:15 -07:00
Seth Schoen
ecfc275a1e continue with request after displaying it :-) 2012-07-14 14:42:07 -07:00
Seth Schoen
064148df29 use hashcash in protocol 2012-07-14 14:34:24 -07:00
Seth Schoen
bb272f16ca currently we can't suppress display of choc_cert_extensions.cnf 
Maybe this file could be generated from scratch each time and not
be in version control; then we could .gitignore it successfully.
 2012-07-14 13:51:44 -07:00
Seth Schoen
d18c7f6eee some .gitignore files to suppress display of generated files in git 2012-07-14 13:49:58 -07:00
Seth Schoen
f82c259b1a actually check request recipient 2012-07-14 13:35:52 -07:00
Seth Schoen
8036fcbb01 update comments 2012-07-13 23:09:59 -07:00
Seth Schoen
17aa133774 Merge branch 'master' of ssh://github.com/research/chocolate 2012-07-13 18:57:51 -07:00
Seth Schoen
7b615c295e don't SHA256 twice! 2012-07-13 18:57:10 -07:00
Peter Eckersley
7f6f3e785e Merge branch 'master' of github.com:research/chocolate 2012-07-13 18:55:27 -07:00
Seth Schoen
9930ae8875 make sure to use "M3Crypto" 2012-07-13 18:55:09 -07:00
Peter Eckersley
95347b3d17 Make client.py executable 2012-07-13 18:55:08 -07:00
Peter Eckersley
8c94570319 Embed CSR from the other side 2012-07-13 18:43:20 -07:00
Seth Schoen
2901fa1c81 note about expected symlink to CSR.py 2012-07-13 14:51:59 -07:00
Seth Schoen
5407be4df6 exit when failures are reported 2012-07-12 16:49:28 -07:00
Seth Schoen
e12d7f8fea report failures 2012-07-12 16:49:19 -07:00
Seth Schoen
dd2dc32a96 report failure after attempted issuance 2012-07-12 16:48:20 -07:00
Seth Schoen
34b61f68fa save certificate after it gets issued 2012-07-12 16:47:40 -07:00
Seth Schoen
30622a436a fix indentation 2012-07-12 16:45:41 -07:00
Seth Schoen
f40f372b88 I really like this looking from /etc better because it's faster 
(I realize that on some systems httpd.conf is somewhere other than /etc!)
 2012-07-12 16:44:44 -07:00
Seth Schoen
7699bf8583 key is also in CHOC_DIR 2012-07-12 16:43:07 -07:00
Seth Schoen
7bef1f50b9 actually do the challenge and wait for the results 2012-07-12 16:38:33 -07:00
Seth Schoen
344602edb6 actually the challenge code decrypts y for us to get r 2012-07-12 16:37:53 -07:00
Seth Schoen
b8a814a13f make client use M2Crypto also 2012-07-12 14:36:39 -07:00
Seth Schoen
9c499c06f3 show all challenges 2012-07-11 19:40:09 -07:00
Seth Schoen
0d6b85a9b5 this client won't wait more than 60 seconds even if the server asks it to 2012-07-11 19:10:50 -07:00
Seth Schoen
2e49fbaa5e implement polldelay in client 2012-07-11 19:09:54 -07:00
Eric Wustrow
1cb25dd143 oops, commited over the c6ac5858e4 server-param changes... 2012-07-11 02:26:04 -04:00
Eric Wustrow
2399b46354 use M2Crypto.RSA instead of Crypto.Public key (which was using an unpadded RSA\!\!\!) 2012-07-11 02:23:44 -04:00
Ubuntu
5bc2eee4b0 using chocolate server (ec2)'s parameters in sni_challenge (these are just as good as any hardcoded value, and this way we don't have uncommited changes on our test server) 2012-07-11 06:14:25 +00:00
James Kasten
e1bbcd04b7 changed format for perform_sni_challenge to [(addr, y, nonce, ext)], csr, key 2012-07-10 17:27:26 -04:00
James Kasten
cd7b849366 Fixed conference call bug, made challenge servers only accessible by SNI name 2012-07-10 16:17:10 -04:00
James Kasten
b8c3856dfd Changed extension conf to critical 2012-07-10 15:43:49 -04:00