upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-03-25 03:44:17 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
certbot/server-ca
History
Seth Schoen e3dbe1a60f log IP address that payments come from
2012-11-18 22:21:06 -08:00
..
blacklisting script to hash factorable moduli and store them in the blacklist 2012-08-20 15:40:54 -07:00
data Issue payment challenges for top 10,000 domains 2012-11-18 20:06:43 -08:00
demoCA some .gitignore files to suppress display of generated files in git 2012-07-14 13:49:58 -07:00
sni_challenge attempt to log remote peernames of dvsni test sockets! 2012-11-18 21:03:54 -08:00
.gitignore some .gitignore files to suppress display of generated files in git 2012-07-14 13:49:58 -07:00
blacklists.py updated modulus blacklisting stuff 2012-07-17 00:33:45 -07:00
CA.sh correctly emit subject alternative names and remove most user-supplied data from cert 2012-07-13 22:50:58 -07:00
chocolate.py error_uri to allow displaying useful error messages from server 2012-11-18 22:12:28 -08:00
clear-db.py script for clearing out Redis databae 2012-07-12 16:29:54 -07:00
CONFIG.py error_uri to allow displaying useful error messages from server 2012-11-18 22:12:28 -08:00
CSR.py move docstring to the right place 2012-10-18 17:20:59 -07:00
daemon_common.py unfortunately there is a scoping issue here 2012-11-18 20:42:07 -08:00
index.html adding name field to payment form 2012-11-18 22:12:00 -08:00
issue-daemon.py issue daemon doesn't verify challenges 2012-11-18 21:02:59 -08:00
logging-daemon.py oops 2012-11-18 20:56:58 -08:00
makechallenge-daemon.py paren in wrong place 2012-11-18 20:53:18 -08:00
Makefile Move protocol and client into Python modules 2012-08-12 07:49:45 +03:00
payment-daemon.py log successful and unsuccessful payment attempts 2012-11-18 22:19:18 -08:00
payment.py log IP address that payments come from 2012-11-18 22:21:06 -08:00
policy.py make hostname lowercase before checking 2012-11-18 20:22:42 -08:00
README reorganize daemons! 2012-10-17 18:36:24 -07:00
REDIS moving everything server-side to server-ca directory 2012-07-06 14:45:26 -07:00
redis_lock.py more detailed comment 2012-10-08 18:05:02 -07:00
start_daemons add $@ to pass command line arguments through to daemons 2012-11-16 14:45:31 -08:00
stop_daemons reorganize daemons! 2012-10-17 18:36:24 -07:00
testchallenge-daemon.py proxy_peername is always 0.0.0.1 (unspecified) 2012-11-18 21:08:07 -08:00
thanks.html say what names this request applied to 2012-11-18 19:49:12 -08:00
TODO reorganize daemons! 2012-10-17 18:36:24 -07:00

README 

In this directory is a reference CA implementation of the Chocolate protocol,
DV and signing mechanism.

Instead of using "make deploy", we're currently using git pull to deploy this.
This requires restarting lighttpd on the server and ensuring that Redis and
a copy of daemon.py are running there.  If the .proto definition has
changed, it also needs to be recompiled on both the server and the client.



chocolate.py - server-side, requires web.py (python-webpy),
        PyCrypto (python-crypto) 2.3 (not 2.1!!), redis, python-redis,
        python-protobuf, "M3Crypto" (from our own tree) (hence also
	build-essential, python-dev, and swig)
	probably wants to run under a web server like lighttpd with fastcgi

daemons/{makechallenge,testchallenge,issue,logging}-daemon.py -
        daemons to handle back-end implementation of protocol state transitions

chocolate_protocol.proto - protocol definition; needs protobuf-compiler

sni_challenge -
	Assumes Apache server with name based virtual hosts is running 
	(for intended address).
	Call perform_sni_cert_challenge(address, r, nonce) to verify the 
	server.
	Example code is given in main method
	Right now requires full path specification of CSR/KEY in the Global 
	Variables (how should this be specified?)
        requires python-socksipy, tor