upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-05-04 17:25:37 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
174 commits 868 branches 155 tags 127 MiB
Commit graph

69 commits

Author SHA1 Message Date
Seth Schoen
ecfc275a1e continue with request after displaying it :-) 2012-07-14 14:42:07 -07:00
Seth Schoen
064148df29 use hashcash in protocol 2012-07-14 14:34:24 -07:00
Seth Schoen
bb272f16ca currently we can't suppress display of choc_cert_extensions.cnf 
Maybe this file could be generated from scratch each time and not
be in version control; then we could .gitignore it successfully.
 2012-07-14 13:51:44 -07:00
Seth Schoen
d18c7f6eee some .gitignore files to suppress display of generated files in git 2012-07-14 13:49:58 -07:00
Seth Schoen
f82c259b1a actually check request recipient 2012-07-14 13:35:52 -07:00
Seth Schoen
8036fcbb01 update comments 2012-07-13 23:09:59 -07:00
Seth Schoen
17aa133774 Merge branch 'master' of ssh://github.com/research/chocolate 2012-07-13 18:57:51 -07:00
Seth Schoen
7b615c295e don't SHA256 twice! 2012-07-13 18:57:10 -07:00
Peter Eckersley
7f6f3e785e Merge branch 'master' of github.com:research/chocolate 2012-07-13 18:55:27 -07:00
Seth Schoen
9930ae8875 make sure to use "M3Crypto" 2012-07-13 18:55:09 -07:00
Peter Eckersley
95347b3d17 Make client.py executable 2012-07-13 18:55:08 -07:00
Peter Eckersley
8c94570319 Embed CSR from the other side 2012-07-13 18:43:20 -07:00
Seth Schoen
2901fa1c81 note about expected symlink to CSR.py 2012-07-13 14:51:59 -07:00
Seth Schoen
5407be4df6 exit when failures are reported 2012-07-12 16:49:28 -07:00
Seth Schoen
e12d7f8fea report failures 2012-07-12 16:49:19 -07:00
Seth Schoen
dd2dc32a96 report failure after attempted issuance 2012-07-12 16:48:20 -07:00
Seth Schoen
34b61f68fa save certificate after it gets issued 2012-07-12 16:47:40 -07:00
Seth Schoen
30622a436a fix indentation 2012-07-12 16:45:41 -07:00
Seth Schoen
f40f372b88 I really like this looking from /etc better because it's faster 
(I realize that on some systems httpd.conf is somewhere other than /etc!)
 2012-07-12 16:44:44 -07:00
Seth Schoen
7699bf8583 key is also in CHOC_DIR 2012-07-12 16:43:07 -07:00
Seth Schoen
7bef1f50b9 actually do the challenge and wait for the results 2012-07-12 16:38:33 -07:00
Seth Schoen
344602edb6 actually the challenge code decrypts y for us to get r 2012-07-12 16:37:53 -07:00
Seth Schoen
b8a814a13f make client use M2Crypto also 2012-07-12 14:36:39 -07:00
Seth Schoen
9c499c06f3 show all challenges 2012-07-11 19:40:09 -07:00
Seth Schoen
0d6b85a9b5 this client won't wait more than 60 seconds even if the server asks it to 2012-07-11 19:10:50 -07:00
Seth Schoen
2e49fbaa5e implement polldelay in client 2012-07-11 19:09:54 -07:00
Eric Wustrow
1cb25dd143 oops, commited over the c6ac5858e4 server-param changes... 2012-07-11 02:26:04 -04:00
Eric Wustrow
2399b46354 use M2Crypto.RSA instead of Crypto.Public key (which was using an unpadded RSA\!\!\!) 2012-07-11 02:23:44 -04:00
Ubuntu
5bc2eee4b0 using chocolate server (ec2)'s parameters in sni_challenge (these are just as good as any hardcoded value, and this way we don't have uncommited changes on our test server) 2012-07-11 06:14:25 +00:00
James Kasten
e1bbcd04b7 changed format for perform_sni_challenge to [(addr, y, nonce, ext)], csr, key 2012-07-10 17:27:26 -04:00
James Kasten
cd7b849366 Fixed conference call bug, made challenge servers only accessible by SNI name 2012-07-10 16:17:10 -04:00
James Kasten
b8c3856dfd Changed extension conf to critical 2012-07-10 15:43:49 -04:00
James Kasten
a3435b7982 added ability for concurrent sni challenges, made choc ext critical, allows variable oid 2012-07-09 07:59:30 -04:00
Seth Schoen
bd578f9796 moving everything server-side to server-ca directory 2012-07-06 14:45:26 -07:00
Seth Schoen
97e7b1a7b2 I forgot, I have a stub in CSR.py that already pretends to issue certs :-) 2012-07-04 22:05:41 -07:00
Seth Schoen
6df1976070 get subject public key and use it to encrypt dvsni parameter r as y 2012-07-03 18:03:30 -07:00
Seth Schoen
0fa6fb49c4 specific python-crypto version dependency 2012-07-03 18:03:11 -07:00
Seth Schoen
f0605fd65e hopefully the right RSA encryption operation for computing y = E(r) 2012-07-03 01:56:26 -07:00
Seth Schoen
2e91aafa86 now successfully gets challenge data from server 2012-07-03 01:45:14 -07:00
Seth Schoen
800f255db6 fix several bugs to allow sending challenges from server correctly 2012-07-03 01:44:58 -07:00
Seth Schoen
4136f32091 expressions in Python function definition default values are evaluated only once, when the functions are defined 2012-07-03 00:55:53 -07:00
Seth Schoen
721f28068f better document wire protocol 2012-07-02 19:53:34 -07:00
Seth Schoen
28f25b7dc1 remarks on timeouts and session states 2012-07-02 18:13:09 -07:00
Seth Schoen
14689bf2f4 documentation; never advance dead sessions' state 2012-07-02 18:10:54 -07:00
Seth Schoen
388f7577d0 deploy daemon.py 2012-07-02 17:57:44 -07:00
Seth Schoen
6667fb837b use blank session ID for error if client-supplied session is unsafe 2012-07-02 17:52:00 -07:00
Seth Schoen
fce64442ec deploy pkcs10.py to server 2012-07-02 17:47:44 -07:00
Seth Schoen
bca9360449 comments on protocol compliance enforcement 2012-07-02 17:46:06 -07:00
Seth Schoen
5e44ccba90 keep subject names in original requested order 2012-07-02 12:04:32 -07:00
Seth Schoen
c196bef0ab infrastructure for actually issuing cert 2012-07-02 12:03:28 -07:00