letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,916 Commits 89 Branches 416 Tags 101 MiB
Commit Graph

1749 Commits

Author SHA1 Message Date
Jacob Hoffman-Andrews 8dd4c650bd Disallow GETs for Registration. 
Per the spec, authenticated requests must be signed by an account key, and
GET requests can't be signed under the current protocol. If the account holder
wishes to fetch their current registration, they can do so by posting a signed,
empty update to their registration resource.

Also fix a bug in generating registration URLs.
 2015-05-19 12:44:04 -07:00
Roland Shoemaker 870f02917c check subscriber agreement in new/updated registrations 2015-05-18 20:56:51 -07:00
Richard Barnes c3b312118e Add audit logging 
- Auditing for general errors in executables
- Auditing for improper messages received by WFE
- Automatic audit wlogging of software errors
- Audit logging for mis-routed messages
- Audit logging for certificate requests
- Auditing for improper messages received by WFE
- Add audit events table
- Expect more details in TestRegistration in web-front-end_test.go
- Remove "extra" debug details from web-front-end.go per Issue #174
- Improve test coverage of web-front-end.go
- WFE audit updates for revocation support rebase
- Add audit messages to RPC for Improper Messages and Error Conditions
- Also note misrouted messages
 2015-05-18 18:23:08 -07:00
Jacob Hoffman-Andrews 61be79e51d Check that cert key != account key. 2015-05-18 15:20:02 -07:00
Jacob Hoffman-Andrews d4b0719d78 Add revoke.js to test revocation. 2015-05-14 15:54:12 -07:00
Jacob Hoffman-Andrews aa8c20f84a Fixes in response to review feedback. 2015-05-13 17:36:39 -07:00
Jacob Hoffman-Andrews 3eed9e3f7c Move to Square's go-jose library. 2015-05-13 17:36:38 -07:00
Roland Shoemaker 771d6d9b6d add serial conv. functions and basic tests 2015-05-06 16:07:19 -07:00
Jacob Hoffman-Andrews ac78f333f8 Merge branch 'master' into ocsp-table 
Conflicts:
	ca/certificate-authority.go
	ca/certificate-authority_test.go
	cmd/boulder-ca/main.go
	cmd/boulder/main.go
	sa/storage-authority.go
	sa/storage-authority_test.go
 2015-05-02 11:10:05 -07:00
Peter Eckersley d609aebc3f Some NewToken tests 2015-05-01 22:03:59 -07:00
J.C. Jones e828c61818 Add singleton semantics to Audit Logger, per Issue #135 
- Update tests to use the singleton logger
- Update commands to set the audit logger singleton
- Formatting updates to the tests (go fmt)
 2015-05-01 21:48:24 -07:00
Jacob Hoffman-Andrews 7733793bb6 Fix test mode boulder instances. 
Update initialization stanza.
Revert to inmemory sqlite storage for now.
Remove NOT NULL constraint from some fields.
 2015-05-01 19:28:10 -07:00
Jacob Hoffman-Andrews 8162c5eca8 Add comma to boulder test config. 2015-05-01 19:08:00 -07:00
Jacob Hoffman-Andrews 53b991f204 Incorporate JC changes to test-tools.go. 2015-05-01 16:09:35 -07:00
Jacob Hoffman-Andrews 8e30ff81fb Partly done implementation of revoke. 2015-04-29 18:36:26 -07:00
Jacob Hoffman-Andrews dd58bdcaa1 Merge branch 'master' into schema-updates 
Conflicts:
	sa/storage-authority.go
 2015-04-27 17:21:31 -07:00
Jacob Hoffman-Andrews eecf4b305e Add instructions and clarify openssl command line. 2015-04-27 15:50:44 -07:00
Jacob Hoffman-Andrews f81b531abb Fix incorrect request.post invocation. 
Also tidy up some error cases and variable names.
 2015-04-27 14:47:34 -07:00
Jacob Hoffman-Andrews a59323bfaa Fix key generation in test.js. 
Also be more lenient about validating inbound challenge requests when talking to
a localhost Boulder.
 2015-04-27 11:43:28 -07:00
Jacob Hoffman-Andrews 6fc9ed5b80 Use openssl to generate test.js key, for speed. 2015-04-24 19:11:51 -07:00
Jacob Hoffman-Andrews 14511361e4 Handle challenges within test.js 2015-04-24 18:39:47 -07:00
Jacob Hoffman-Andrews 2edb869086 Improve test.js. 
Use request instead of http so it works with either HTTP or HTTPS URLs.
Write DER certificate rather than PEM certificate. I was getting some bytewise
mismatches when checking the output PEM against a downloaded DER.
 2015-04-24 12:40:37 -07:00
Jacob Hoffman-Andrews ca6e349906 Fix tests. 2015-04-23 20:06:17 -07:00
Jacob Hoffman-Andrews 7145207104 Add initial certificate status in SA. 
Also improve test tools.
 2015-04-23 19:52:34 -07:00
jsha ba622d4cdb Merge pull request #105 from letsencrypt/certificate-query 
Certificate query by serial
 2015-04-21 12:06:55 -04:00
James 'J.C.' Jones 362f46c9fd Merge pull request #104 from rolandshoemaker/mailer 
Simple Mailer
 2015-04-19 22:57:06 -05:00
Jacob Hoffman-Andrews 7d8ef9a019 Fix tests and tidy up for review. 2015-04-18 23:44:42 -04:00
Jacob Hoffman-Andrews 431ad092eb Query certs by sequential part of serial number. 
Also refactor WFE for better initialization and change StorageAuthority to
support this type of query.
 2015-04-18 00:48:19 -04:00
Roland Shoemaker 3a456d8705 add config section for smtp settings 2015-04-17 18:37:13 -07:00
Jacob Hoffman-Andrews 757d8616cc Update latest CFSSL to pick up whitelisting. 2015-04-17 11:42:38 -04:00
Jacob Hoffman-Andrews 69d4ec5a50 Turn on UseSerialSeq in test config. 2015-04-16 15:50:11 -04:00
Jacob Hoffman-Andrews c982aa756c Fix cfssl-config.json 2015-04-16 14:25:51 -04:00
Jacob Hoffman-Andrews 43877197b0 Whitelist certificate fields rather than Subject 
in cfssl.
 2015-04-15 18:33:25 -04:00
jsha cb615e86c6 Merge pull request #90 from letsencrypt/85-relational_db_in_ca 
Add Relational DB support to CA (Issue #85)
 2015-04-15 16:31:52 -04:00
J.C. Jones b5377616e8 Implement serial use in CA 
- Upstream CFSSL update broke a test in certificate-authority_test.go
  See https://github.com/cloudflare/cfssl/issues/156
- Added "SerialPrefix" to config, letting you set a prefix to the generated
  serial numbers.
 2015-04-13 16:24:35 -07:00
Roland Shoemaker ed4a147737 fix conflict 2015-04-12 21:55:01 -07:00
Roland Shoemaker f64665cd1b better statsd hooks 2015-04-12 18:02:00 -07:00
J.C. Jones 97b356fcd4 Add a Certificate Authority Database stub 
* A few tests, but they don't all pass
* needs actual DB code
 2015-04-12 08:10:28 -07:00
Jacob Hoffman-Andrews ce679a55d4 Update readme for test directory. 2015-04-10 16:58:50 -07:00
Jacob Hoffman-Andrews e9302f2288 Make it easier to start a test config. 2015-04-09 18:26:40 -07:00
Jacob Hoffman-Andrews c9fbc82883 Fix encoding of errors in WFE. 
This fixes the problem Kuba reported on IRC of receiving messages like:
[123 34 100 101 116 97 105 108 34 58 34 77 101 116 104 111 100 32 110 111 116 32
97 108 108 111 119 101 100 34 125]

from Boulder.

This changelist also adds the beginning of a test to WFE, but much more is
needed.
 2015-03-27 20:49:37 -07:00
Peter Eckersley 5eac0cda09 Add a "TestMode" config option 
This makes the same change as PR #59, but allows test mode to be turned
back on with a config option.
 2015-03-25 12:58:57 -07:00
J.C. Jones 33ac212b70 Add logging infrastructure to all authorities and commands 2015-03-24 19:06:11 -07:00
J.C. Jones 151274f1b3 Rework audit logging. Issue #23. 2015-03-24 17:36:26 -07:00
Richard Barnes 5a6fdfc522 Moving example to /test/ 2015-03-21 23:20:54 -05:00
Richard Barnes b5d67c733a Addressing JCJ comments 2015-03-17 10:17:21 -04:00
Richard Barnes 19fada5b27 Support for subscriber agreement 2015-03-15 23:47:55 -04:00
Richard Barnes bc583a0df3 Simple walkthrough node.js script 2015-03-15 22:56:46 -04:00
Richard Barnes dcdf9954ae Pulling out sa module 2015-03-10 15:21:50 -07:00