upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-03-27 21:03:04 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
172 commits 858 branches 154 tags 125 MiB
Commit graph

62 commits

Author SHA1 Message Date
Seth Schoen
d18c7f6eee some .gitignore files to suppress display of generated files in git 2012-07-14 13:49:58 -07:00
Seth Schoen
f82c259b1a actually check request recipient 2012-07-14 13:35:52 -07:00
Seth Schoen
3b624c40a7 remove debug print 2012-07-13 22:58:00 -07:00
Seth Schoen
2f21a92e82 more appropriate verbosity 2012-07-13 22:55:38 -07:00
Seth Schoen
32c2ba8e71 correctly emit subject alternative names and remove most user-supplied data from cert 2012-07-13 22:50:58 -07:00
Seth Schoen
34e3663399 passing type unicode instead of str to M2Crypto causes failures (!) 2012-07-13 19:30:58 -07:00
Seth Schoen
5b43540452 crazy M2Crypto bug: you have to get_pubkey().get_rsa() not just get_pubkey() 2012-07-13 19:29:36 -07:00
Seth Schoen
0da690afb2 make sure we use our own modified M2Crypto everywhere 2012-07-13 19:28:52 -07:00
Seth Schoen
722aaab568 update description of dependencies and deployment 2012-07-13 16:03:21 -07:00
Seth Schoen
764b2783a7 explicitly require m3crypto inside ../m3/lib/python 2012-07-13 14:49:34 -07:00
Seth Schoen
e2b798fe26 implement session timeouts inside daemon 2012-07-12 18:19:14 -07:00
Eric Wustrow
956ea28b95 use M2Crypto in CSR verify/sign/encrypt 2012-07-12 20:30:46 -04:00
Eric Wustrow
0a85d8154f Merge branch 'master' of github.com:research/chocolate 2012-07-12 19:38:44 -04:00
Eric Wustrow
9ccd7d2e1e use M2Crypto (patched to support X509.Request.get_extensions) to read the SANs from the CSR; remove pkcs10.py 2012-07-12 19:38:37 -04:00
Seth Schoen
d58e2901fa script for clearing out Redis databae 2012-07-12 16:29:54 -07:00
Eric Wustrow
94b6e593fb A bit less annoying - you can init a BIO with a string 2012-07-12 19:16:48 -04:00
Eric Wustrow
1c129ea1d7 use M2Crypto for parse function 2012-07-12 19:10:54 -04:00
Eric Wustrow
1bb0fc7286 Merge branch 'master' of github.com:research/chocolate 2012-07-12 18:07:22 -04:00
Eric Wustrow
19df04c516 use M2Crypto instead of openssl command line/subprocess for CSR parsing 2012-07-12 18:07:13 -04:00
Seth Schoen
6d64bab45e wow, but M2Crypto is annoying! - make a BIO for the public key 
It turns out that M2Crypto.RSA.load_key_string() requires a keypair,
not a public key.  There is no M2Crypto.RSA.load_pub_key_string(),
only M2Crypto.RSA.load_pub_key_bio(), which requires an OpenSSL BIO
object.
 2012-07-12 14:48:32 -07:00
Seth Schoen
d441355715 make daemon exit cleanly after interrupt signals 2012-07-12 14:30:56 -07:00
Seth Schoen
49d70c0966 it's fine to use M2Crypto, but you must import it :-) 2012-07-12 12:39:54 -07:00
Seth Schoen
f907899358 slight tolerance for requests timestamped in the future 2012-07-12 12:38:13 -07:00
Eric Wustrow
d54858689a Merge branch 'master' of github.com:research/chocolate 2012-07-12 14:55:06 -04:00
Eric Wustrow
42999f7bb9 use M2Crypto for getting public key length 2012-07-12 14:55:00 -04:00
Eric Wustrow
a6f244ec76 use M2Crypto for encrypting (Crypto.PublicKey uses unpaded RSA\!) 2012-07-12 14:54:39 -04:00
Seth Schoen
c538876c35 add newline to GET error message output 2012-07-11 16:44:52 -07:00
James Kasten
e8f90a631a Added a fetch OID TODO 2012-07-11 15:10:44 -04:00
Ubuntu
de459195e5 Merge branch 'master' of github.com:research/chocolate 2012-07-11 06:15:21 +00:00
Ubuntu
c6ac5858e4 use example.com instead of 127.0.0.1 and localhost for the sni_challenge 2012-07-11 06:15:08 +00:00
Eric Wustrow
e336d2cb0e use hashlib/hmac instead of Crypto 2012-07-10 23:36:23 -04:00
Seth Schoen
83d246bc7f correctly interpret challtime and challtype as ints 2012-07-10 18:51:58 -07:00
Seth Schoen
0a56d7fd60 add debug prints; actually check whether issuance succeeded 2012-07-10 18:34:32 -07:00
Seth Schoen
b1bc65b082 also deploy demoCA to server 2012-07-10 18:34:23 -07:00
Seth Schoen
07792d6fd0 rename verify_sni_challenge.py for shorter import 2012-07-10 18:33:38 -07:00
Seth Schoen
2f35f39797 deploy and build sni_challenge code on Chocolate server 2012-07-10 17:01:32 -07:00
Seth Schoen
2a514f5166 adjust daemon to use sni_challenge package 2012-07-10 16:59:04 -07:00
Seth Schoen
208ded9d02 make this a Python package that can be imported 2012-07-10 16:48:36 -07:00
James Kasten
87918f6124 added in code to catch SSL connection failures 2012-07-10 17:06:26 -04:00
James Kasten
6ac9d358af minor postConnectionCheck fix 2012-07-10 17:00:59 -04:00
James Kasten
662e935bdf removed postConnectionCheck 2012-07-10 16:46:38 -04:00
James Kasten
ec33d2be6e Merge branch 'master' of github.com:research/chocolate 2012-07-10 16:20:18 -04:00
James Kasten
cd7b849366 Fixed conference call bug, made challenge servers only accessible by SNI name 2012-07-10 16:17:10 -04:00
Seth Schoen
3f03dc4e5c implement dvsni challenge checking 2012-07-10 00:25:11 -07:00
Seth Schoen
cfc4cbaae3 remove disused debug flag in protocol 2012-07-09 22:33:02 -07:00
Seth Schoen
ee9343469f more explicit clarification about concurrency 2012-07-09 22:23:44 -07:00
Seth Schoen
1f45a4cfe5 enforce some protocol sanity checks 2012-07-09 22:22:20 -07:00
James Kasten
a3435b7982 added ability for concurrent sni challenges, made choc ext critical, allows variable oid 2012-07-09 07:59:30 -04:00
Seth Schoen
ac3441a972 changes to make CSR.issue() successfully issue certs 2012-07-09 00:01:19 -07:00
Peter Eckersley
93cec72f7a Merge branch 'master' of github.com:research/chocolate 2012-07-07 13:13:13 -07:00