e8edbf5f21
Making capitalization consistent with Go standards
2015-06-01 02:08:47 -04:00
eaa3a8b65d
Use a more proper algorithm for testing validation completeness
2015-06-01 02:08:46 -04:00
ca74b08040
Aesthetic fixes to ra.go
2015-06-01 02:08:46 -04:00
e30d3594f8
Put registration checks together
2015-06-01 02:07:40 -04:00
9917ca17f6
Clean up TODOs
2015-06-01 02:05:17 -04:00
f1b2730c1b
Fixing JCJ nits
2015-06-01 02:03:09 -04:00
535798883b
Reclothe the naked commits.
2015-05-31 22:10:58 -07:00
645ed0d1b6
Making capitalization consistent with Go standards
2015-05-31 23:48:00 -04:00
8ea6de26b9
Use a more proper algorithm for testing validation completeness
2015-05-31 23:17:05 -04:00
6b20a0a489
Aesthetic fixes to ra.go
2015-05-31 23:04:35 -04:00
774b3fc7c1
Put registration checks together
2015-05-31 23:02:57 -04:00
e3d9b2cc76
Clean up TODOs
2015-05-31 22:28:00 -04:00
c0bacc3fb6
Add more detailed error code reporting
2015-05-31 15:58:08 -04:00
2419559f5c
Add validity interval checking
2015-05-31 14:23:09 -04:00
3e593d73c9
Merge pull request #262 from letsencrypt/ra-tests
...
Miscellaneous Fixes
2015-05-30 22:08:49 -07:00
e2fa826c40
Issue #211 (partial)
2015-05-30 18:01:38 -04:00
441ce328c7
Merge pull request #255 from letsencrypt/202-ocsp-responder
...
Issue #202 : Initial OCSP Responder
2015-05-30 13:10:50 -04:00
138c946bd6
Issue #43 and Issue #205
2015-05-30 11:11:33 -04:00
92967f03b6
go fmt
2015-05-29 13:11:57 -07:00
b3b64fd10e
Fix tests for goodkey branch.
2015-05-29 13:09:34 -07:00
6a6a8aa72d
Merge branch 'master' into goodkey
...
Conflicts:
ca/certificate-authority.go
ra/registration-authority.go
ra/registration-authority_test.go
2015-05-29 12:26:24 -07:00
69967524cb
Merge pull request #256 from letsencrypt/misc-fixes
...
Misc fixes
2015-05-29 07:15:13 -07:00
8846fd2c90
Merge upstream/master
2015-05-29 09:36:46 +01:00
601136059c
audit fixes
2015-05-29 09:35:56 +01:00
ee57874d03
Misc fixes
...
Actually return error from NewCertificate in RA.
Export BOULDER_CONFIG in start.sh so it gets used.
Print error properly in test.js.
2015-05-29 00:09:55 -07:00
4518f0bf17
Migrate CADB to using GORP.
2015-05-28 23:11:03 -07:00
d1321f2d78
More RPC fixes for Issue #202
...
- NewPendingAuthorization now uses a core.Authorization object, so
that foreign key constraints are followed
- core.Authorization now serializes RegistrationID to JSON, so it has to get
blanked out in WFE before transmission to client.
- Remove ParsedCertificate from core.Certificate, as type x509.Certificate cannot
be marshaled.
- Added AssertDeepEquals and AssertMarhsaledEquals to test-tools.go
- Caught several overloaded and misleadingly named errors in WFE
2015-05-28 11:05:55 -07:00
81c7466e97
add rpc-wrapper and interface code
2015-05-28 09:58:16 +01:00
343920cfe3
Fix integration test while running with MySQL
...
- Add SQL configuration options
- Increase the width of the authz and pending_authz tables' challenges field
- Make it configurable whether CREATE TABLE commands should run
2015-05-27 13:39:18 -07:00
8886e74bb1
Issue #230 : Fix breakage from MergeUpdate being selective.
...
- Go fmt
2015-05-26 16:29:28 -07:00
6c6199023d
Merge pull request #231 from letsencrypt/230-unknown-key-type
...
Resolved Issue #230
2015-05-26 15:05:34 -07:00
bc3acca096
Resolved Issue #230
...
- Move setting the core.Registration.Key field from RA.NewRegistration to
WFE.NewRegistration to avoid a chicken-and-egg problem.
- Note: I kept the RPC wrapper object even though it now only has one field.
Seems like it's a good practice to use wrapper objects, even though we don't
everywhere.
2015-05-26 14:44:15 -07:00
19fd285859
Merge pull request #223 from rolandshoemaker/revoker
...
admin-revoker tool
2015-05-26 14:37:33 -07:00
e1eeebce52
Only run validations against updated challenges (instead of everything)
2015-05-26 17:08:49 +01:00
d184862427
gofmt and move deniedCSR table creation back to SA
2015-05-25 01:17:28 +01:00
4a94dbf8b9
remove debug statements and make validity period a config var for CA
2015-05-21 23:30:29 -07:00
0271cebd7a
don't issue certs that expire after the CA intermediate
2015-05-21 23:02:58 -07:00
1c9837ddf8
Audit all Challenges (success/failure) in VA for Issue #204
...
- Don't ignore entropy underruns in challenges.go
- Correct identity crisis in Policy Authority; hopefully it will remember.
- Add a method `AuditObject` in audit-logger and convert RA/VA to use it
- Fix json typo in registration-authority that caused empty audit logs
- Fix vet issue in WFE where RegID was being printed as a 32-bit int instead of 64-bit
- Unfix the issue in WFE where RegID isn't right, per PR #215
2015-05-21 13:58:40 -07:00
97ff1c8423
merge upstream/master
2015-05-18 19:07:04 -07:00
1c7d0d5411
gofmt touched files
2015-05-18 19:03:25 -07:00
cf7f6f5db3
add RA regID checks
2015-05-18 18:53:48 -07:00
42302541bd
Run `go fmt` for PR #186
2015-05-18 18:44:38 -07:00
d2be0dcb95
Review updates
2015-05-18 18:24:37 -07:00
894703ae67
Follow-on work for Issue #62
...
- Documentation correction
- Don't lose the problemDoc failback (merge issue, I guess?)
- Add the start of an ack script to find methods implementing the audit UUIDs
- Documentation fix (RA calls VA, not WFE)
- Audit log revocations
- Audit log unauthorized domains
- Include all SANs in issuance audit log
- Add a script to locate all audit markers
2015-05-18 18:23:09 -07:00
c3b312118e
Add audit logging
...
- Auditing for general errors in executables
- Auditing for improper messages received by WFE
- Automatic audit wlogging of software errors
- Audit logging for mis-routed messages
- Audit logging for certificate requests
- Auditing for improper messages received by WFE
- Add audit events table
- Expect more details in TestRegistration in web-front-end_test.go
- Remove "extra" debug details from web-front-end.go per Issue #174
- Improve test coverage of web-front-end.go
- WFE audit updates for revocation support rebase
- Add audit messages to RPC for Improper Messages and Error Conditions
- Also note misrouted messages
2015-05-18 18:23:08 -07:00
af01cb0cf9
Cleanup RA.NewAuthorization and add SA tests for GetRegistration and GetRegistrationByKey with invalid arguments
2015-05-18 18:02:06 -07:00
61be79e51d
Check that cert key != account key.
2015-05-18 15:20:02 -07:00
4cda5e11f3
Merge pull request #201 from rolandshoemaker/remkey
...
Switch Authorization object from key to registration ID as association
2015-05-18 11:24:51 -07:00
e1ba291019
Store registration ID with certificate
2015-05-16 13:47:51 -07:00
faa1d5ac45
review cleanups
2015-05-16 13:25:36 -07:00
b43d647fa2
Call RevokeCertificate through RA.
2015-05-14 15:54:12 -07:00
e233fdaa61
switch authz and pending_authz to store registration ID instead of key (and update all the random stuff they touched)
2015-05-14 14:14:36 -07:00
6be5c4910e
Merge pull request #185 from rolandshoemaker/deny-store
...
Store and check previously denied CSRs
2015-05-14 09:03:06 -07:00
aa8c20f84a
Fixes in response to review feedback.
2015-05-13 17:36:39 -07:00
3eed9e3f7c
Move to Square's go-jose library.
2015-05-13 17:36:38 -07:00
07e6f100fd
don't add to the denied list
2015-05-13 13:07:28 -07:00
5d5eea7071
switch to only store dns names
2015-05-13 12:08:50 -07:00
07182500eb
add missing rpc methods
2015-05-12 00:08:48 -07:00
6daa838520
add already denied check to ra.NewCertificate
2015-05-11 23:05:24 -07:00
d95c552ab4
add denied csr table and AddDeniedCSR + AlreadyDeniedCSR methods for checking, added AddDeniedCSR to ra.NewCertificate
2015-05-11 23:02:39 -07:00
cb00816e48
Merge branch 'goodkey' of github.com:letsencrypt/boulder into goodkey
...
Conflicts:
ca/certificate-authority.go
core/good_key.go
core/good_key_test.go
2015-05-09 11:48:32 -07:00
14fde00182
Merge pull request #162 from rolandshoemaker/enrobe
...
Reduce use of naked returns
2015-05-08 08:59:52 -07:00
b47d402533
Merge pull request #154 from rolandshoemaker/sanity
...
Challenge sanity check
2015-05-08 08:48:04 -07:00
ee47c84838
enrobe longer functions + various return semantics cleanups
2015-05-07 18:15:41 -07:00
ae62792d52
actually use them
2015-05-06 16:47:27 -07:00
02421fefd9
Add tests.
2015-05-06 16:10:00 -07:00
07310b5fa1
hook sanity check into VA and RA
2015-05-06 15:19:21 -07:00
f778ba12de
Implement key checking in RA and CA.
2015-05-06 10:25:30 -07:00
ac78f333f8
Merge branch 'master' into ocsp-table
...
Conflicts:
ca/certificate-authority.go
ca/certificate-authority_test.go
cmd/boulder-ca/main.go
cmd/boulder/main.go
sa/storage-authority.go
sa/storage-authority_test.go
2015-05-02 11:10:05 -07:00
a77152e828
Rework Authority "New" methods to obtain AuditLogger from Singleton
...
- Also ran `go fmt` against these files I was touching anyway:
sa/storage-authority.go
va/validation-authority.go
wfe/web-front-end.go
2015-05-01 21:50:07 -07:00
e828c61818
Add singleton semantics to Audit Logger, per Issue #135
...
- Update tests to use the singleton logger
- Update commands to set the audit logger singleton
- Formatting updates to the tests (go fmt)
2015-05-01 21:48:24 -07:00
1d2c6a5d7c
Split out GetCertificate / GetCertificateByShortSerial.
...
Also stub out some initial revocation code.
2015-04-29 11:48:08 -07:00
0bd39daab5
Fix tests that relied on mis-formatted serial.
2015-04-27 17:00:53 -07:00
32e159d320
Always use %016x when formatting shortSerial.
2015-04-23 16:09:46 -07:00
7d8ef9a019
Fix tests and tidy up for review.
2015-04-18 23:44:42 -04:00
431ad092eb
Query certs by sequential part of serial number.
...
Also refactor WFE for better initialization and change StorageAuthority to
support this type of query.
2015-04-18 00:48:19 -04:00
cb615e86c6
Merge pull request #90 from letsencrypt/85-relational_db_in_ca
...
Add Relational DB support to CA (Issue #85 )
2015-04-15 16:31:52 -04:00
96aee3184a
Fix crash in registration-authority_test.go
2015-04-13 16:24:35 -07:00
4967e9486d
hook in everywhere, add Noop client in tests
2015-04-12 21:50:07 -07:00
a0b06f3edd
Rewrite paths again.
2015-03-26 17:01:01 -07:00
2940bb3c7c
Merge branch 'vendorize' into vendorize2
...
Conflicts:
analysis/analysis-engine.go
analysis/analysis-engine_test.go
ca/certificate-authority.go
ca/certificate-authority_test.go
cmd/activity-monitor/main.go
cmd/boulder-sa/main.go
cmd/boulder/main.go
cmd/mkcrl/main.go
cmd/mkroot/main.go
cmd/shell.go
ra/registration-authority_test.go
rpc/amqp-rpc.go
rpc/rpc-wrappers.go
2015-03-26 14:21:48 -07:00
99bf61c0ac
Add Godeps.
2015-03-26 14:20:34 -07:00
0435e0feb6
Merge branch 'master' into vendorize
...
Conflicts:
analysis/analysis-engine.go
analysis/analysis-engine_test.go
cmd/activity-monitor/main.go
cmd/boulder-start/main.go
2015-03-25 15:18:20 -07:00
ddc0d7dcf5
Vendorize all dependencies with `nut`.
...
Nut, https://github.com/jingweno/nut , is a tool to manage Go dependencies and
versioning by vendorizing them, i.e. including them in your own repo.
This makes version management easier, as well as authenticating the contents of
this repository.
Also inthis change: Factor out the testing commands from .travis.yml to make it
easier to run them by hand. Add Vim swap files to .gitignore.
2015-03-25 15:11:40 -07:00
33ac212b70
Add logging infrastructure to all authorities and commands
2015-03-24 19:06:11 -07:00
4e0aa900c9
Rebase 'lint-errcheck-fixes' of git://github.com/mvdan/boulder to letsencrypt/master
...
Conflicts:
cmd/boulder-start/main.go
core/interfaces.go
core/objects.go
core/util.go
ra/registration-authority.go
ra/registration-authority_test.go
rpc/rpc-wrappers.go
va/validation-authority.go
wfe/web-front-end.go
2015-03-20 18:01:03 -07:00
2d12038860
Removing extraneous print statements
2015-03-16 22:24:57 -04:00
cd7c21a96b
Resolving travis failures
2015-03-16 22:07:45 -04:00
752e91d8eb
Initial policy authority
2015-03-16 12:55:05 -04:00
f5546ad407
Miscellaneous fixes to get e2e working
2015-03-15 22:42:35 -04:00
96bd7e215a
Further plumbing of registrations
2015-03-15 15:33:05 -04:00
d938deb3fd
Separate resources for challenges [initial]
2015-03-14 19:07:16 -04:00
8f4ea0efd8
Adapting to point to mainlined JOSE
2015-03-13 13:11:04 -07:00
a4a368613a
Use regexp.MustCompile instead of Compile ignoring err
2015-03-13 08:46:43 +01:00
830fe1ba8f
Explicitly ignore or treat more errors
2015-03-13 08:46:41 +01:00
91b12a2e1a
Simplify if err != nil structure when applicable
2015-03-12 12:46:18 +01:00
d66e581736
Replace Https by HTTPS as per golint
2015-03-12 12:21:40 +01:00
dcdf9954ae
Pulling out sa module
2015-03-10 15:21:50 -07:00
b545ad6956
Pulling out ra module
2015-03-10 14:22:37 -07:00
Richard Barnes