certbot

mirror of https://github.com/certbot/certbot.git synced 2026-03-25 11:53:14 -04:00

History

Seth Schoen 91c36318d7 make hostname lowercase before checking		2012-11-18 20:22:42 -08:00
..
blacklisting	script to hash factorable moduli and store them in the blacklist	2012-08-20 15:40:54 -07:00
data	Issue payment challenges for top 10,000 domains	2012-11-18 20:06:43 -08:00
demoCA	some .gitignore files to suppress display of generated files in git	2012-07-14 13:49:58 -07:00
sni_challenge	note AllowDotExit requirement for exit geography	2012-11-09 11:57:57 -08:00
.gitignore	some .gitignore files to suppress display of generated files in git	2012-07-14 13:49:58 -07:00
blacklists.py	updated modulus blacklisting stuff	2012-07-17 00:33:45 -07:00
CA.sh	correctly emit subject alternative names and remove most user-supplied data from cert	2012-07-13 22:50:58 -07:00
chocolate.py	send abbreviated URL for payments, not using session ID	2012-11-18 16:43:07 -08:00
clear-db.py	script for clearing out Redis databae	2012-07-12 16:29:54 -07:00
CONFIG.py	tell the client when payment is required by sending payment challenge	2012-11-15 21:52:56 -08:00
CSR.py	move docstring to the right place	2012-10-18 17:20:59 -07:00
daemon_common.py	and we've moved ancient out of daemon_common into policy	2012-11-09 11:54:53 -08:00
index.html	make font monospaced for credit card number	2012-11-18 19:31:23 -08:00
issue-daemon.py	daemons can no longer use "ancient" (I'll need to make them call the new thing!)	2012-11-09 11:55:05 -08:00
logging-daemon.py	whoops, forgot to add these in this directory after deleting the subdirectory	2012-11-09 11:36:37 -08:00
makechallenge-daemon.py	daemons can no longer use "ancient" (I'll need to make them call the new thing!)	2012-11-09 11:55:05 -08:00
Makefile	Move protocol and client into Python modules	2012-08-12 07:49:45 +03:00
payment-daemon.py	here, the attempt to log the fact that the session succeeded caused the daemon to crash (!)	2012-11-17 00:58:45 -08:00
payment.py	names_list, not names	2012-11-18 19:49:40 -08:00
policy.py	make hostname lowercase before checking	2012-11-18 20:22:42 -08:00
README	reorganize daemons!	2012-10-17 18:36:24 -07:00
REDIS	moving everything server-side to server-ca directory	2012-07-06 14:45:26 -07:00
redis_lock.py	more detailed comment	2012-10-08 18:05:02 -07:00
start_daemons	add $@ to pass command line arguments through to daemons	2012-11-16 14:45:31 -08:00
stop_daemons	reorganize daemons!	2012-10-17 18:36:24 -07:00
testchallenge-daemon.py	this is a simple key, not a hash	2012-11-18 16:47:58 -08:00
thanks.html	say what names this request applied to	2012-11-18 19:49:12 -08:00
TODO	reorganize daemons!	2012-10-17 18:36:24 -07:00

README

In this directory is a reference CA implementation of the Chocolate protocol,
DV and signing mechanism.

Instead of using "make deploy", we're currently using git pull to deploy this.
This requires restarting lighttpd on the server and ensuring that Redis and
a copy of daemon.py are running there.  If the .proto definition has
changed, it also needs to be recompiled on both the server and the client.



chocolate.py - server-side, requires web.py (python-webpy),
        PyCrypto (python-crypto) 2.3 (not 2.1!!), redis, python-redis,
        python-protobuf, "M3Crypto" (from our own tree) (hence also
	build-essential, python-dev, and swig)
	probably wants to run under a web server like lighttpd with fastcgi

daemons/{makechallenge,testchallenge,issue,logging}-daemon.py -
        daemons to handle back-end implementation of protocol state transitions

chocolate_protocol.proto - protocol definition; needs protobuf-compiler

sni_challenge -
	Assumes Apache server with name based virtual hosts is running 
	(for intended address).
	Call perform_sni_cert_challenge(address, r, nonce) to verify the 
	server.
	Example code is given in main method
	Right now requires full path specification of CSR/KEY in the Global 
	Variables (how should this be specified?)
        requires python-socksipy, tor