This change updates boulder-tools to use Go 1.10, and references a
newly-pushed image built using that new config.
Since boulder-tools pulls in the latest Certbot master at the time of
build, this also pulls in the latest changes to Certbot's acme module,
which now supports ACME v2. This means we no longer have to check out
the special acme-v2-integration branch in our integration tests.
This also updates chisel2.py to reflect some of the API changes that
landed in the acme module as it was merged to master.
Since we don't need additional checkouts to get the ACMEv2-compatible
version of the acme module, we can include it in the default RUN set for
local tests.
chisel had verify_ssl=False. Remove that, and set a sensible default
for REQUESTS_CA_BUNDLE to make it easier to run chisel on the command
line. Port the REQUESTS_CA_BUNDLE change into chisel2 as well.
This commit updates `chisel2.py` to support DNS-01 challenges. The code
required was already there, but not "wired in" to the `auth_and_issue`
function. Along the way a bug with `get_chall` raising a string instead
of an exception was fixed.
This commit also updates `test/integration-test-v2.py` with two new tests
1) issuing a certificate with a normal random domain name, and a random wildcard
domain name using DNS-01.
2) issuing a certificate with a random domain name, and in the same certificate,
a wildcard for that domain name. This tests that two authorizations are created
even though that base domain is the same.
Jacob Hoffman-Andrews