upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-03-28 05:13:05 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
149 commits 858 branches 154 tags 125 MiB
Commit graph

50 commits

Author SHA1 Message Date
Eric Wustrow
0a85d8154f Merge branch 'master' of github.com:research/chocolate 2012-07-12 19:38:44 -04:00
Eric Wustrow
9ccd7d2e1e use M2Crypto (patched to support X509.Request.get_extensions) to read the SANs from the CSR; remove pkcs10.py 2012-07-12 19:38:37 -04:00
Seth Schoen
d58e2901fa script for clearing out Redis databae 2012-07-12 16:29:54 -07:00
Eric Wustrow
94b6e593fb A bit less annoying - you can init a BIO with a string 2012-07-12 19:16:48 -04:00
Eric Wustrow
1c129ea1d7 use M2Crypto for parse function 2012-07-12 19:10:54 -04:00
Eric Wustrow
1bb0fc7286 Merge branch 'master' of github.com:research/chocolate 2012-07-12 18:07:22 -04:00
Eric Wustrow
19df04c516 use M2Crypto instead of openssl command line/subprocess for CSR parsing 2012-07-12 18:07:13 -04:00
Seth Schoen
6d64bab45e wow, but M2Crypto is annoying! - make a BIO for the public key 
It turns out that M2Crypto.RSA.load_key_string() requires a keypair,
not a public key.  There is no M2Crypto.RSA.load_pub_key_string(),
only M2Crypto.RSA.load_pub_key_bio(), which requires an OpenSSL BIO
object.
 2012-07-12 14:48:32 -07:00
Seth Schoen
d441355715 make daemon exit cleanly after interrupt signals 2012-07-12 14:30:56 -07:00
Seth Schoen
49d70c0966 it's fine to use M2Crypto, but you must import it :-) 2012-07-12 12:39:54 -07:00
Seth Schoen
f907899358 slight tolerance for requests timestamped in the future 2012-07-12 12:38:13 -07:00
Eric Wustrow
d54858689a Merge branch 'master' of github.com:research/chocolate 2012-07-12 14:55:06 -04:00
Eric Wustrow
42999f7bb9 use M2Crypto for getting public key length 2012-07-12 14:55:00 -04:00
Eric Wustrow
a6f244ec76 use M2Crypto for encrypting (Crypto.PublicKey uses unpaded RSA\!) 2012-07-12 14:54:39 -04:00
Seth Schoen
c538876c35 add newline to GET error message output 2012-07-11 16:44:52 -07:00
James Kasten
e8f90a631a Added a fetch OID TODO 2012-07-11 15:10:44 -04:00
Ubuntu
de459195e5 Merge branch 'master' of github.com:research/chocolate 2012-07-11 06:15:21 +00:00
Ubuntu
c6ac5858e4 use example.com instead of 127.0.0.1 and localhost for the sni_challenge 2012-07-11 06:15:08 +00:00
Eric Wustrow
e336d2cb0e use hashlib/hmac instead of Crypto 2012-07-10 23:36:23 -04:00
Seth Schoen
83d246bc7f correctly interpret challtime and challtype as ints 2012-07-10 18:51:58 -07:00
Seth Schoen
0a56d7fd60 add debug prints; actually check whether issuance succeeded 2012-07-10 18:34:32 -07:00
Seth Schoen
b1bc65b082 also deploy demoCA to server 2012-07-10 18:34:23 -07:00
Seth Schoen
07792d6fd0 rename verify_sni_challenge.py for shorter import 2012-07-10 18:33:38 -07:00
Seth Schoen
2f35f39797 deploy and build sni_challenge code on Chocolate server 2012-07-10 17:01:32 -07:00
Seth Schoen
2a514f5166 adjust daemon to use sni_challenge package 2012-07-10 16:59:04 -07:00
Seth Schoen
208ded9d02 make this a Python package that can be imported 2012-07-10 16:48:36 -07:00
James Kasten
87918f6124 added in code to catch SSL connection failures 2012-07-10 17:06:26 -04:00
James Kasten
6ac9d358af minor postConnectionCheck fix 2012-07-10 17:00:59 -04:00
James Kasten
662e935bdf removed postConnectionCheck 2012-07-10 16:46:38 -04:00
James Kasten
ec33d2be6e Merge branch 'master' of github.com:research/chocolate 2012-07-10 16:20:18 -04:00
James Kasten
cd7b849366 Fixed conference call bug, made challenge servers only accessible by SNI name 2012-07-10 16:17:10 -04:00
Seth Schoen
3f03dc4e5c implement dvsni challenge checking 2012-07-10 00:25:11 -07:00
Seth Schoen
cfc4cbaae3 remove disused debug flag in protocol 2012-07-09 22:33:02 -07:00
Seth Schoen
ee9343469f more explicit clarification about concurrency 2012-07-09 22:23:44 -07:00
Seth Schoen
1f45a4cfe5 enforce some protocol sanity checks 2012-07-09 22:22:20 -07:00
James Kasten
a3435b7982 added ability for concurrent sni challenges, made choc ext critical, allows variable oid 2012-07-09 07:59:30 -04:00
Seth Schoen
ac3441a972 changes to make CSR.issue() successfully issue certs 2012-07-09 00:01:19 -07:00
Peter Eckersley
93cec72f7a Merge branch 'master' of github.com:research/chocolate 2012-07-07 13:13:13 -07:00
Peter Eckersley
9bfc24c279 The demoCA is usable now 2012-07-07 13:12:00 -07:00
Seth Schoen
bd578f9796 moving everything server-side to server-ca directory 2012-07-06 14:45:26 -07:00
Eric Wustrow
28c9f8fdf2 add comments to verify_sni_challenge, make nonce be an ascii string 2012-07-06 15:28:17 -04:00
James Kasten
e689c033a0 Formatted SNI README 2012-06-28 22:46:59 -04:00
James Kasten
4ccaf0e275 Modified README to reflect Makefile changes 2012-06-28 22:29:17 -04:00
Eric Wustrow
7fd249071f make clean removes all generated cruft now 2012-06-28 22:23:35 -04:00
Eric Wustrow
1f02acf1b3 remove old shell script; replaced by Makefile 2012-06-28 22:22:24 -04:00
Eric Wustrow
b6eea87587 Merge branch 'master' of github.com:research/chocolate 2012-06-28 22:21:00 -04:00
Eric Wustrow
c7e15999ce need to use _ for swig to be happy 2012-06-28 22:20:50 -04:00
James Kasten
68f85d9f1a Added READMEs for SNI Challenge, renamed variables, added options-ssl-conf 2012-06-28 22:15:17 -04:00
Eric Wustrow
b98900d3e8 using gnumake instead of shell script to build sni_support.so 2012-06-28 22:00:37 -04:00
Peter Eckersley
9da7a473dc Make this change to match 2012-06-28 15:17:57 -07:00