letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,523 Commits 89 Branches 416 Tags 101 MiB
Commit Graph

378 Commits

Author SHA1 Message Date
Jeff Hodges 1dc5e53c5a add HTTPStatus to ProblemDetails 
For #1161
 2015-11-24 23:14:51 -08:00
Jeff Hodges 2114f5d5cc move ProblemDetails into its own package 
Part of #1161
 2015-11-24 23:14:38 -08:00
Jeff Hodges c0318399df Merge branch 'master' into send_error_use_error 2015-11-23 12:16:31 -08:00
Roland Shoemaker 680c21c1b1 Decimal sentinel 2015-11-23 10:55:59 -08:00
Roland Shoemaker 15ae242cfe Add tests for new error 2015-11-22 17:19:43 -08:00
Jeff Hodges 1b9e858681 Merge branch 'master' into send_error_use_error 2015-11-20 16:39:11 -08:00
Jeff Hodges 49978dc289 narrow wfe.sendError's signature 
And statusCodeFromError, as well.

This makes what was an `interface{}` into a `error`.

This change is the first step towards #1161
 2015-11-20 16:28:11 -08:00
Roland Shoemaker 458c7e2b4a Add badNonce error as described in the specification 2015-11-20 15:57:22 -08:00
Richard Barnes 0835ee8db3 Update VA and WFE to use revised nonce mechanisms in go-jose 2015-11-17 13:50:17 -08:00
Jacob Hoffman-Andrews 8b2c50bc65 Return pointer from NewNonceService. 2015-11-11 12:47:38 -08:00
Jeff Hodges e8e1456b9d Merge branch 'master' into gsb 2015-11-06 16:39:04 -08:00
Jeff Hodges 13cab5c257 add Google Safe Browsing API calls 
This allows us to call the Google Safe Browsing calls through the VA.

If the RA config's boolean UseIsSafeDomain is true, the RA will make the RPC
call to the VA during its NewAuthorization.

If the VA config's GoogleSafeBrowsingConfig struct is not nil, the VA
will check the Google Safe Browsing API in
VA.IsSafeDomain. If the GoogleSafeBrowsingConfig struct is nil, it will
always return true.

In order to actually make requests, the VA's GoogleSafeBrowsingConfig
will need to have a directory on disk it can store the local GSB hashes
it will check first and a working Google API key for the GSB API.

Fixes #1058
 2015-11-06 16:37:34 -08:00
Jacob Hoffman-Andrews 45f1e2958c Move new code to a different file. 2015-11-06 15:18:14 -08:00
Jacob Hoffman-Andrews 3d3b508ad3 Check for correct algorithms in verifyPOST 
Fixes https://github.com/letsencrypt/boulder/issues/259
 2015-11-06 14:17:24 -08:00
Richard Barnes c62d4a0828 Spelling fix 2015-10-22 13:59:18 -04:00
Richard Barnes 2ebba2a466 Re-add descriptive errors 2015-10-21 22:45:54 -04:00
Richard Barnes ded5fa6f20 Back out field name changes 2015-10-21 21:55:45 -04:00
Richard Barnes d61d09bb61 Minor beautification 2015-10-21 09:25:27 -04:00
Richard Barnes dc58017032 Remove repetition by passing logEvent to sendError 2015-10-21 09:23:17 -04:00
Richard Barnes cddf1d27ef RealIP->clientAddr and fix nits 2015-10-21 09:07:35 -04:00
Richard Barnes fdc0e2cce9 Merge branch 'master' to wfe_context 2015-10-21 08:47:07 -04:00
Richard Barnes 0fd89d3048 Use a fake clock for the WFE and mock SA 2015-10-20 17:12:59 -04:00
Richard Barnes bd1dee5bbc StatusGone -> StatusNotFound 2015-10-20 11:01:24 -04:00
Jeff Hodges 7d04ea98cf add context to WFE errors 
This change makes the use of requestEvent more prominent and provides
some nice handler types to make that better.

In order to avoid stomping on Error, requestEvent gains an Errors string
slice.

Fixes #552
 2015-10-16 22:40:51 -07:00
Richard Barnes 8e64139ac2 Merge branch 'master' into shorter-expiry-for-pending 2015-10-13 15:55:38 -07:00
Tom Clegg 22ef139419 Merge branch 'master' into challenge-head 2015-10-09 19:54:45 -07:00
Richard Barnes c3dacf5dae Make expired authz URLs inaccessible. 2015-10-09 17:45:34 -04:00
Richard Barnes 109f7cf75e Limit the number of contacts per registration 2015-10-09 16:35:19 -04:00
Jacob Hoffman-Andrews 487d08ec2e Add rate limiting by registration IP. 2015-10-08 15:47:08 -07:00
Tom Clegg 1bf8cfb4fd Handle HEAD correctly in Challenge 2015-10-07 23:37:41 -07:00
Tom Clegg f32c26c1de Merge branch 'master' into log-actual-ip 
Conflicts:
	wfe/web-front-end_test.go
 2015-10-07 11:58:23 -07:00
Tom Clegg 75bc949985 Merge branch 'master' into log-actual-ip 2015-10-07 08:20:38 -07:00
Richard Barnes b01e99ea04 Merge branch 'master' into golint 2015-10-07 10:42:36 -04:00
Tom Clegg 01b40466a4 Log actual remote IP, in addition to X-Forwarded-For header, in request log and csrLog 2015-10-05 23:30:58 -07:00
Richard Barnes f064c6d5c7 Merge branch 'master' to 'sig-reuse' 2015-10-05 23:16:16 -04:00
bifurcation 90050e91f5 Merge branch 'master' into golint 2015-10-05 19:23:24 -04:00
Jeff Hodges 5217af94b0 allow whitelisting by a specific reg id 
Currently, the whitelisted registration ID is one that is impossible for the
database to return. Once the partner's registration is in place, we can
deploy a change to it.

Fixes #810
 2015-10-05 14:11:38 -07:00
Richard Barnes f70441113b Fix brokenness introduced from merge of master 2015-10-05 00:18:22 -04:00
bifurcation e7f47d4f09 Merge branch 'master' into golint 2015-10-05 00:14:29 -04:00
Richard Barnes 961e392521 Merge branch 'master' into sig-reuse 2015-10-04 23:25:54 -04:00
Richard Barnes 2616567953 Fix golint in ./wfe 2015-10-04 21:12:14 -04:00
Richard Barnes 498deeb518 Fix golint in ./mocks 2015-10-04 20:37:06 -04:00
Jacob Hoffman-Andrews 6906e395a4 Pass RateLimitedError properly through RPC layer. 2015-10-03 22:59:28 -07:00
Richard Barnes 31ae51129a Merge branch 'master' into sig-reuse 2015-10-03 14:01:34 -04:00
Tom Clegg 87dd8a4c44 Merge branch 'master' into 469-fix-cors-headers 2015-10-02 01:37:59 -07:00
Richard Barnes 4c20bfe310 Merge master to sig-reuse 2015-10-01 18:58:35 -07:00
Jacob Hoffman-Andrews 6963811ab5 Merge remote-tracking branch 'le/master' into paranoid-key 
Conflicts:
	core/util.go
 2015-10-01 14:13:05 -07:00
Jacob Hoffman-Andrews a9db85adf2 Merge branch 'master' into paranoid-key 2015-10-01 14:12:38 -07:00
Jeff Hodges c24ced260e Merge branch 'master' into cert-limit 2015-10-01 11:11:55 -07:00
Tom Clegg 72538dcd76 Update comment. A-C-A-Headers is never sent at all any more. 2015-10-01 10:29:08 -07:00