upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-03-27 21:03:04 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
149 commits 858 branches 154 tags 125 MiB
Commit graph

55 commits

Author SHA1 Message Date
Seth Schoen
e12d7f8fea report failures 2012-07-12 16:49:19 -07:00
Seth Schoen
dd2dc32a96 report failure after attempted issuance 2012-07-12 16:48:20 -07:00
Seth Schoen
34b61f68fa save certificate after it gets issued 2012-07-12 16:47:40 -07:00
Seth Schoen
30622a436a fix indentation 2012-07-12 16:45:41 -07:00
Seth Schoen
f40f372b88 I really like this looking from /etc better because it's faster 
(I realize that on some systems httpd.conf is somewhere other than /etc!)
 2012-07-12 16:44:44 -07:00
Seth Schoen
7699bf8583 key is also in CHOC_DIR 2012-07-12 16:43:07 -07:00
Seth Schoen
7bef1f50b9 actually do the challenge and wait for the results 2012-07-12 16:38:33 -07:00
Seth Schoen
344602edb6 actually the challenge code decrypts y for us to get r 2012-07-12 16:37:53 -07:00
Seth Schoen
b8a814a13f make client use M2Crypto also 2012-07-12 14:36:39 -07:00
Seth Schoen
9c499c06f3 show all challenges 2012-07-11 19:40:09 -07:00
Seth Schoen
0d6b85a9b5 this client won't wait more than 60 seconds even if the server asks it to 2012-07-11 19:10:50 -07:00
Seth Schoen
2e49fbaa5e implement polldelay in client 2012-07-11 19:09:54 -07:00
Eric Wustrow
1cb25dd143 oops, commited over the c6ac5858e4 server-param changes... 2012-07-11 02:26:04 -04:00
Eric Wustrow
2399b46354 use M2Crypto.RSA instead of Crypto.Public key (which was using an unpadded RSA\!\!\!) 2012-07-11 02:23:44 -04:00
Ubuntu
5bc2eee4b0 using chocolate server (ec2)'s parameters in sni_challenge (these are just as good as any hardcoded value, and this way we don't have uncommited changes on our test server) 2012-07-11 06:14:25 +00:00
James Kasten
e1bbcd04b7 changed format for perform_sni_challenge to [(addr, y, nonce, ext)], csr, key 2012-07-10 17:27:26 -04:00
James Kasten
cd7b849366 Fixed conference call bug, made challenge servers only accessible by SNI name 2012-07-10 16:17:10 -04:00
James Kasten
b8c3856dfd Changed extension conf to critical 2012-07-10 15:43:49 -04:00
James Kasten
a3435b7982 added ability for concurrent sni challenges, made choc ext critical, allows variable oid 2012-07-09 07:59:30 -04:00
Seth Schoen
bd578f9796 moving everything server-side to server-ca directory 2012-07-06 14:45:26 -07:00
Seth Schoen
97e7b1a7b2 I forgot, I have a stub in CSR.py that already pretends to issue certs :-) 2012-07-04 22:05:41 -07:00
Seth Schoen
6df1976070 get subject public key and use it to encrypt dvsni parameter r as y 2012-07-03 18:03:30 -07:00
Seth Schoen
0fa6fb49c4 specific python-crypto version dependency 2012-07-03 18:03:11 -07:00
Seth Schoen
f0605fd65e hopefully the right RSA encryption operation for computing y = E(r) 2012-07-03 01:56:26 -07:00
Seth Schoen
2e91aafa86 now successfully gets challenge data from server 2012-07-03 01:45:14 -07:00
Seth Schoen
800f255db6 fix several bugs to allow sending challenges from server correctly 2012-07-03 01:44:58 -07:00
Seth Schoen
4136f32091 expressions in Python function definition default values are evaluated only once, when the functions are defined 2012-07-03 00:55:53 -07:00
Seth Schoen
721f28068f better document wire protocol 2012-07-02 19:53:34 -07:00
Seth Schoen
28f25b7dc1 remarks on timeouts and session states 2012-07-02 18:13:09 -07:00
Seth Schoen
14689bf2f4 documentation; never advance dead sessions' state 2012-07-02 18:10:54 -07:00
Seth Schoen
388f7577d0 deploy daemon.py 2012-07-02 17:57:44 -07:00
Seth Schoen
6667fb837b use blank session ID for error if client-supplied session is unsafe 2012-07-02 17:52:00 -07:00
Seth Schoen
fce64442ec deploy pkcs10.py to server 2012-07-02 17:47:44 -07:00
Seth Schoen
bca9360449 comments on protocol compliance enforcement 2012-07-02 17:46:06 -07:00
Seth Schoen
5e44ccba90 keep subject names in original requested order 2012-07-02 12:04:32 -07:00
Seth Schoen
c196bef0ab infrastructure for actually issuing cert 2012-07-02 12:03:28 -07:00
Seth Schoen
83a1ee779b there must be at least one subject name to sign 2012-07-01 23:14:55 -07:00
Seth Schoen
a927dae732 makechallenge functionality was moved into daemon.py 2012-07-01 23:12:29 -07:00
Seth Schoen
ffa30bf012 fix typo and logic 2012-07-01 23:11:15 -07:00
Seth Schoen
03379489c6 remove typo 2012-07-01 23:01:16 -07:00
Seth Schoen
8e1aa9b70f daemon for CA to advance state of existing requests 2012-07-01 23:00:42 -07:00
Seth Schoen
bd331d3789 more concise file content search using list comprehension 2012-07-01 22:41:26 -07:00
Seth Schoen
0e8b5c053f information about CA's session database structure 2012-07-01 22:20:35 -07:00
Seth Schoen
ad0adf3a21 instead of challengeid, just use the order presented 2012-07-01 22:13:34 -07:00
Seth Schoen
272d49d2f0 start on Redis queue structure 2012-07-01 18:15:29 -07:00
Seth Schoen
64c48f36e1 challenge ID before challenge type 2012-07-01 12:20:41 -07:00
Seth Schoen
8ef5909963 mention dependency on python-libnss 2012-07-01 11:58:38 -07:00
Seth Schoen
10ba09926b check goodness of all names from request 2012-06-29 17:30:00 -07:00
Seth Schoen
93e21e9ba8 pass through subject_names request from CSR.py to pkcs10.py 2012-06-29 17:28:26 -07:00
Seth Schoen
bf74fe286e a clean subject_names() function 2012-06-29 17:25:56 -07:00