3214245240
log nonce to and from client
...
Also, log when a nonce service error occurs.
Updates #1217
2016-01-21 11:54:15 -08:00
5c9be5385b
ECDSA account key support
2016-01-14 06:56:35 +00:00
f218e314f8
Add good key testing for ECDSA.
2016-01-07 22:48:38 +00:00
de14c9274c
s/our/out/ in wfe HEAD comment
2016-01-04 17:06:32 -08:00
35e8489bd0
Merge branch 'master' into correct_head_content_length
2016-01-04 16:35:16 -08:00
cbeffe96a6
Fixed a bunch of typos
2016-01-04 18:39:34 -05:00
426ec155aa
correct Content-Length/Transfer-Encoding on HEAD
...
Fixes #1320
2016-01-04 15:03:14 -08:00
6b0e53b8e0
use ProblemDetails inside of wfe
...
This uses ProblemDetails throughout the wfe. This is the last step in
allowing the backend services to pass ProblemDetails from RPCs through
to the user.
Updates #1153 .
Fixes #1161 .
2015-12-15 11:44:33 -08:00
1dc5e53c5a
add HTTPStatus to ProblemDetails
...
For #1161
2015-11-24 23:14:51 -08:00
2114f5d5cc
move ProblemDetails into its own package
...
Part of #1161
2015-11-24 23:14:38 -08:00
c0318399df
Merge branch 'master' into send_error_use_error
2015-11-23 12:16:31 -08:00
680c21c1b1
Decimal sentinel
2015-11-23 10:55:59 -08:00
15ae242cfe
Add tests for new error
2015-11-22 17:19:43 -08:00
1b9e858681
Merge branch 'master' into send_error_use_error
2015-11-20 16:39:11 -08:00
49978dc289
narrow wfe.sendError's signature
...
And statusCodeFromError, as well.
This makes what was an `interface{}` into a `error`.
This change is the first step towards #1161
2015-11-20 16:28:11 -08:00
458c7e2b4a
Add badNonce error as described in the specification
2015-11-20 15:57:22 -08:00
0835ee8db3
Update VA and WFE to use revised nonce mechanisms in go-jose
2015-11-17 13:50:17 -08:00
8b2c50bc65
Return pointer from NewNonceService.
2015-11-11 12:47:38 -08:00
e8e1456b9d
Merge branch 'master' into gsb
2015-11-06 16:39:04 -08:00
13cab5c257
add Google Safe Browsing API calls
...
This allows us to call the Google Safe Browsing calls through the VA.
If the RA config's boolean UseIsSafeDomain is true, the RA will make the RPC
call to the VA during its NewAuthorization.
If the VA config's GoogleSafeBrowsingConfig struct is not nil, the VA
will check the Google Safe Browsing API in
VA.IsSafeDomain. If the GoogleSafeBrowsingConfig struct is nil, it will
always return true.
In order to actually make requests, the VA's GoogleSafeBrowsingConfig
will need to have a directory on disk it can store the local GSB hashes
it will check first and a working Google API key for the GSB API.
Fixes #1058
2015-11-06 16:37:34 -08:00
45f1e2958c
Move new code to a different file.
2015-11-06 15:18:14 -08:00
3d3b508ad3
Check for correct algorithms in verifyPOST
...
Fixes https://github.com/letsencrypt/boulder/issues/259
2015-11-06 14:17:24 -08:00
c62d4a0828
Spelling fix
2015-10-22 13:59:18 -04:00
2ebba2a466
Re-add descriptive errors
2015-10-21 22:45:54 -04:00
ded5fa6f20
Back out field name changes
2015-10-21 21:55:45 -04:00
d61d09bb61
Minor beautification
2015-10-21 09:25:27 -04:00
dc58017032
Remove repetition by passing logEvent to sendError
2015-10-21 09:23:17 -04:00
cddf1d27ef
RealIP->clientAddr and fix nits
2015-10-21 09:07:35 -04:00
fdc0e2cce9
Merge branch 'master' to wfe_context
2015-10-21 08:47:07 -04:00
0fd89d3048
Use a fake clock for the WFE and mock SA
2015-10-20 17:12:59 -04:00
bd1dee5bbc
StatusGone -> StatusNotFound
2015-10-20 11:01:24 -04:00
7d04ea98cf
add context to WFE errors
...
This change makes the use of requestEvent more prominent and provides
some nice handler types to make that better.
In order to avoid stomping on Error, requestEvent gains an Errors string
slice.
Fixes #552
2015-10-16 22:40:51 -07:00
8e64139ac2
Merge branch 'master' into shorter-expiry-for-pending
2015-10-13 15:55:38 -07:00
22ef139419
Merge branch 'master' into challenge-head
2015-10-09 19:54:45 -07:00
c3dacf5dae
Make expired authz URLs inaccessible.
2015-10-09 17:45:34 -04:00
109f7cf75e
Limit the number of contacts per registration
2015-10-09 16:35:19 -04:00
487d08ec2e
Add rate limiting by registration IP.
2015-10-08 15:47:08 -07:00
1bf8cfb4fd
Handle HEAD correctly in Challenge
2015-10-07 23:37:41 -07:00
f32c26c1de
Merge branch 'master' into log-actual-ip
...
Conflicts:
wfe/web-front-end_test.go
2015-10-07 11:58:23 -07:00
75bc949985
Merge branch 'master' into log-actual-ip
2015-10-07 08:20:38 -07:00
b01e99ea04
Merge branch 'master' into golint
2015-10-07 10:42:36 -04:00
01b40466a4
Log actual remote IP, in addition to X-Forwarded-For header, in request log and csrLog
2015-10-05 23:30:58 -07:00
f064c6d5c7
Merge branch 'master' to 'sig-reuse'
2015-10-05 23:16:16 -04:00
90050e91f5
Merge branch 'master' into golint
2015-10-05 19:23:24 -04:00
5217af94b0
allow whitelisting by a specific reg id
...
Currently, the whitelisted registration ID is one that is impossible for the
database to return. Once the partner's registration is in place, we can
deploy a change to it.
Fixes #810
2015-10-05 14:11:38 -07:00
f70441113b
Fix brokenness introduced from merge of master
2015-10-05 00:18:22 -04:00
e7f47d4f09
Merge branch 'master' into golint
2015-10-05 00:14:29 -04:00
961e392521
Merge branch 'master' into sig-reuse
2015-10-04 23:25:54 -04:00
2616567953
Fix golint in ./wfe
2015-10-04 21:12:14 -04:00
498deeb518
Fix golint in ./mocks
2015-10-04 20:37:06 -04:00
6906e395a4
Pass RateLimitedError properly through RPC layer.
2015-10-03 22:59:28 -07:00
31ae51129a
Merge branch 'master' into sig-reuse
2015-10-03 14:01:34 -04:00
87dd8a4c44
Merge branch 'master' into 469-fix-cors-headers
2015-10-02 01:37:59 -07:00
4c20bfe310
Merge master to sig-reuse
2015-10-01 18:58:35 -07:00
6963811ab5
Merge remote-tracking branch 'le/master' into paranoid-key
...
Conflicts:
core/util.go
2015-10-01 14:13:05 -07:00
a9db85adf2
Merge branch 'master' into paranoid-key
2015-10-01 14:12:38 -07:00
c24ced260e
Merge branch 'master' into cert-limit
2015-10-01 11:11:55 -07:00
72538dcd76
Update comment. A-C-A-Headers is never sent at all any more.
2015-10-01 10:29:08 -07:00
41fcec2db5
Remove unneeded Access-Control-Allow-Headers header.
2015-09-30 18:23:02 -07:00
65f10a5f9f
Review fixes
2015-09-30 15:34:24 -07:00
05a142c6b7
Fix accidentally sending preflight headers with "actual" responses.
2015-09-30 13:34:36 -07:00
9898aec7e7
Test status==405 and body=="" on disallowed HEAD.
2015-09-30 11:10:18 -07:00
c56f035cff
Merge branch 'master' into 469-fix-cors-headers
...
Conflicts:
wfe/web-front-end.go
wfe/web-front-end_test.go
2015-09-30 07:13:12 -07:00
685c6e4206
Use stored key to verify JWS POSTs
...
instead of submitted key. This minimizes the chances of unexpected JWK fields in
the submitted key altering its interpretation without altering the lookup in the
registrations table.
In the process, fix handling of NoSuchRegistration responses.
Fixes https://github.com/letsencrypt/boulder/issues/865 .
2015-09-29 23:37:16 -07:00
fa30debe15
De-duplicate uses of strings.Join()
2015-09-29 00:49:41 -07:00
a49e54cfc3
Merge branch 'master' into 469-fix-cors-headers
...
Conflicts:
wfe/web-front-end.go
2015-09-28 20:02:44 -07:00
1a9fd9b455
Update to latest ACME spec
2015-09-28 10:10:06 -04:00
1fbf2d4990
Fix HEAD to work only for GET resources.
2015-09-27 23:49:59 -07:00
ecd08c0798
Allow HEAD for all GET resources.
2015-09-27 12:36:18 -07:00
96afd94e88
Review fixes
...
* Rewrite JSONDuration as ConfigDuration that can handle both JSON and YAML unmarshaling
* Factor out RPC certificate count request struct
* Return 429 to WFE on rate limit exceeded
* Fix wonky RateLimitPolicy comment
2015-09-25 14:39:53 -07:00
6f41cc9e39
Add issuance rate limiting based on total number of certificates issued in a window
...
Since the issuance count requires a full table scan a RA process local cache of the
count is kept and expired after 30 minutes.
2015-09-24 12:54:38 -07:00
954004fafb
Merge branch 'longserial' of github.com:letsencrypt/boulder into longserial
2015-09-22 16:18:07 -07:00
3c5ffdea49
Restore full test for certificate location.
2015-09-22 16:17:22 -07:00
a645430a23
Merge branch 'master' into longserial
2015-09-22 15:01:47 -07:00
4a47aaed51
Merge master
2015-09-22 14:07:07 -07:00
668ccc2d97
Merge github.com:letsencrypt/boulder into longserial
2015-09-22 14:04:19 -07:00
c858b4d430
Consolidate serial number validity checking.
...
Also, set the requirement to be hexadecimal and <36 characters, rather than
exactly 36 characters.
2015-09-22 14:03:29 -07:00
91724296a8
Use facebooks gracefully shutting down HTTP server for WFE & OCSP-Responder
2015-09-21 20:43:38 -07:00
f430280884
Fix review comments.
2015-09-21 18:18:08 -07:00
02314f4041
Implement the new 144-bit mostly-random serial.
...
To keep the change small, I have not yet completely removed the
GetCertificateByShortSerial method from interfaces and the RPC. I will do taht
in a follow up change.
2015-09-21 13:10:16 -07:00
42958d1aab
Merge branch 'master' into 469-fix-cors-headers
2015-09-17 19:19:55 -07:00
536de0249d
Merge master
2015-09-16 18:08:26 -07:00
f7910753b5
Move MockSA from WFE to mocks.
2015-09-16 12:57:06 -07:00
cc65beef3f
Merge master
2015-09-15 14:52:40 -07:00
7648e452b9
Merge branch 'master' into earliest-expiry
2015-09-15 13:26:44 -07:00
38b7bbee97
Merge branch 'master' into 469-fix-cors-headers
2015-09-15 15:49:37 -04:00
acf2999d5f
Merge branch 'master' into clean_up_new_reg_test
2015-09-15 12:22:19 -07:00
f35643bcaf
Merge master
2015-09-15 12:05:58 -07:00
9eca9f0805
golint
2015-09-12 17:09:07 -04:00
62f7e6e530
Add config entry for allowed origins.
2015-09-12 01:39:55 -04:00
b6a4b66899
Fix CORS headers, support OPTIONS requests.
2015-09-12 01:39:51 -04:00
e3c226a84e
Remove earliestExpiry from IssueCertificate call.
2015-09-11 15:09:11 -04:00
d55e0e0d8d
Merge branch 'master' into fix-wfe-test-better
2015-09-11 11:58:28 -07:00
52055d3190
Merge branch 'master' into clean_up_new_reg_test
2015-09-11 11:31:46 -07:00
d2b0579283
Merge branch 'master' into metrics-cleanup
2015-09-11 11:28:05 -07:00
6233c0891c
Fix typo.
2015-09-11 14:08:26 -04:00
86926dc20d
Merge branch 'master' into fix-wfe-error
2015-09-11 14:03:47 -04:00
acff35cf48
Merge branch 'master' into clean_up_new_reg_test
2015-09-11 14:03:44 -04:00
57e349ef00
Merge github.com:letsencrypt/boulder into fix-wfe-error
2015-09-11 13:54:25 -04:00
a48142e3c7
Remove testing arg.
2015-09-11 13:54:18 -04:00
875a71e53e
Fix WFE test properly.
...
The WFE test relies on a pre-generated cert. Since there are some sanity checks
on the dates in certs, we were getting errors during the test.
One quick fix is to have those sanity checks rely on RA's clock object, which
can be replaced with a fake for testing. In order to do that, I had to move the
sanity check (MatchesCSR) into the registration authority package, where it
makes more sense anyhow.
I also removed a handful of equality testing functions in objects.go that were
only used by MatchesCSR and whose purpose is better served by reflect.DeepEqual.
This was to avoid having to also move those equality testing functions into the
registration authority.
2015-09-11 13:17:18 -04:00
61198e41e2
Forward-date test certificate for WFE test.
...
The previous cert was causing a test failure because it had a NotBefore date too
far in the past.
This is a stopgap fix to fix the build. The real fix, coming soon, will be to
use a fake clock in the WFE test so we can set it to match the date in the test cert.
2015-09-11 10:52:22 -04:00
845e1261a4
Merge branch 'master' into clean_up_new_reg_test
2015-09-10 14:48:59 -07:00
bea4ca29b4
Merge branch 'master' into metrics-cleanup
2015-09-10 14:33:50 -07:00
e938969f3d
de-dupe TestNewRegistration
...
I didn't follow what was going on in it. Another test is being added in
a later PR.
2015-09-10 14:07:55 -07:00
4724bb7e80
Merge branch 'master' into index-fix
2015-09-10 16:51:38 -04:00
346a8c1a01
Merge master
2015-09-10 13:47:19 -07:00
092e0b19ef
Merge branch 'master' into challenge-display-uri
2015-09-10 13:12:46 -07:00
871a77c4b8
Merge master
2015-09-10 13:00:52 -07:00
ff0bb9a403
Pass pointer to challenge in getChallenge, rather than value.
2015-09-10 15:59:01 -04:00
253d700d06
Merge branch 'master' into challenge-display-uri
...
Conflicts:
cmd/boulder-ra/main.go
ra/registration-authority.go
ra/registration-authority_test.go
2015-09-10 15:44:21 -04:00
def66fc85d
Merge branch 'master' into index-fix
2015-09-10 12:37:03 -07:00
442e6e28e5
set /directory's content-type correctly to json
...
Fixes #769
2015-09-10 12:30:01 -07:00
998ffc79cb
Do GoodKey checking in WFE.
2015-09-09 20:30:55 -04:00
09c2a05a01
Fix index method.
...
The HTML reply pointed to the new-reg URL, when it should point to the
directory.
Also fix https://github.com/letsencrypt/boulder/issues/717 by checking first
whether the request path is exactly "/" and giving 404 otherwise.
2015-09-09 16:50:54 -04:00
ffcd1c866d
Make challenge URI a display-time property.
...
Challenge URIs should be determined by the WFE at fetch time, rather than stored
alongside the challenge in the DB. This simplifies a lot of the logic, and
allows to to remove a code path in NewAuthorization where we create an
authorization, then immediately save it with modifications to the challenges.
This change also gives challenges their own endpoint, which contains the
challenge id rather than the challenge's offset within its parent authorization.
This is also a first step towards replacing UpdateAuthorization with
UpdateChallenge: https://github.com/letsencrypt/boulder/issues/760 .
2015-09-09 16:23:45 -04:00
c91f1c2549
Fix error message when revoking with wrong key.
...
Also split up revocation test case into two cases, and add a new one.
2015-09-09 16:19:35 -04:00
e44126a034
Fix path for clock import.
2015-09-09 00:24:49 -04:00
6dcba1ae49
allow NULL expires in authz on validation failure
...
The RA did not have any code to test what occurred when a challenge
failed. This let in the authz schema change in #705 .
This change sets the expires column in authz back to NULLable and fixes
the RA tests (including, using clock.Clocks in the RA).
Fixes #744 .
2015-09-04 12:14:24 -07:00
af8299d607
Merge master
2015-09-03 11:36:08 -07:00
2a8804b792
Merge branch 'master' into test-js-content-length
...
Conflicts:
wfe/web-front-end_test.go
2015-09-02 23:23:53 -04:00
d70ebf6c09
Merge master
2015-09-01 14:39:26 -07:00
fe00decc92
Merge pull request #697 from letsencrypt/revoke-split
...
Split RA revoke method
2015-09-01 14:08:33 -07:00
dedb5f96a7
clean up some pointer type conversions
...
I grepped around and only found these.
2015-08-31 23:51:43 -07:00
e54d3d322e
Merge branch 'master' into blacklist
2015-08-31 15:39:24 -07:00
1ad7bea579
Move PA construction out of other authority constructors
2015-08-31 15:33:03 -07:00
d11d1ed774
Rename admin-revoker RA call
2015-08-30 22:33:36 -07:00
0534680907
Merge master
2015-08-30 22:17:14 -07:00
a3c9f60bec
Review fixes
2015-08-30 22:15:13 -07:00
ae3e41dffb
Refactor WFE tests to pass with content-length.
...
This also factors out some of the complexity of the test into a helper function.
2015-08-30 12:59:46 -04:00
9fa1e02d7d
Require content length.
2015-08-30 12:59:43 -04:00
e370d1276b
Split up WFE Authorization function.
...
This function splits out Authorization into its three separate cases:
GET a challenge
POST a challenge
GET an authorization
This is a refactoring I needed to do on the way to
https://github.com/letsencrypt/boulder/issues/638 . I split it out to avoid
having that change grow too big and full of ancillary refactorings.
2015-08-28 19:07:28 -07:00
88c2f95179
Cleanup authority creation
2015-08-28 15:03:02 -07:00
f945bb0efb
Merge master
2015-08-28 14:41:37 -07:00
82ea4aba31
Rest of RPC layer and splitting
2015-08-28 00:00:03 -07:00
a4aa450ee6
Switch to custom revocation code type
2015-08-27 17:09:41 -07:00
d6b09c2cf9
Clean up
2015-08-27 14:50:00 -07:00
0f1efe55ae
Log information about revocation procedure
2015-08-27 13:00:55 -07:00
0e1e38011a
Review fixes pt. 2
2015-08-26 12:09:15 -07:00
be751bd948
Merge master
2015-08-25 16:52:24 -07:00
d6efd496fa
Merge master
2015-08-24 12:27:58 -07:00
4fb747ead1
Merge master
2015-08-15 16:50:57 -07:00
b9913a2b41
Review fixes
2015-08-14 17:14:02 -07:00
f15402282c
Review rework
...
Refactor DNS problem details use
Actually store and log resolved addresses
Less convuluted get adresses function/usage
Store redirects, reconstruct transport on redirect, add redirect + lookup tests
Add another test
Review fixes
Initial bulk of review fixes (cleanups inc)
Comment cleanup
Add some more tests
Cleanups
Give addrFilter a type and add the config wiring
Expose filters
LookupHost cleanups
Remove Resolved Addresses and Redirect chain from replies to client without breaking RPC layer
Switch address/redirect logging method, add redirect loop checking + test
Review fixes + remove IPv6
Remove AddressFilter remnant + constant-ize the VA timeout
Review fixes pt. 1
Initialize validation record
Don't blank out validation reocrds
Add validation record sanity checking
Switch to shared struct
Check port is in valid range
Review fixes
2015-08-13 22:49:33 -07:00
bcb0ecb3ba
Revert "Resolve and store IP addresses for SimpleHTTP and DVSNI validation (also store redirect chains)"
2015-08-13 13:00:37 -07:00
6970caa0e8
Various cleans and documentation fixes
2015-08-11 18:00:47 -07:00
8789f925cc
Merge master
2015-08-11 16:39:31 -07:00
f9c78d5db2
Don't blank out validation reocrds
2015-08-07 15:28:42 -07:00
3d540cf4b4
Merge branch 'master' into store-ips
2015-08-07 15:09:43 -07:00
1a2825138d
Actually wire everything into the PADB
2015-08-06 16:57:38 -07:00
0f03494d56
use pointer to AcmeURL everywhere
...
This has the benefit of not requiring us to copy very fat url.URL
objects when we pass them to funcs or call their methods.
2015-08-05 18:23:38 -07:00
8d046a6e0d
Review fixes + remove IPv6
2015-08-05 13:47:59 -07:00
8805f7e6e9
Switch address/redirect logging method, add redirect loop checking + test
2015-08-03 20:31:32 -07:00
aeba06dcd9
Remove Resolved Addresses and Redirect chain from replies to client without breaking RPC layer
2015-08-03 11:02:23 -07:00
652702bd7f
Merge master
2015-07-30 13:47:10 -04:00
25a62374cb
A more complete refactoring
2015-07-29 16:56:02 -04:00
5ea17d980a
Merge master
2015-07-29 16:37:39 -04:00
d11195187d
A tiny struct for resource checking
2015-07-29 16:36:41 -04:00
272fbbd480
Merge pull request #541 from r0ro/remove-authz-newcert
...
Remove the need for a client to send authorizations url when requesting new certificate
2015-07-29 13:10:46 -07:00
7b5581a046
Remove recovery token in WFE test
2015-07-29 15:53:03 -04:00
9208008f66
Merge pull request #527 from letsencrypt/build_id
...
remove Go version and build host from API
2015-07-29 11:33:38 -07:00
9e87cef807
Further test fixes
2015-07-29 12:20:00 -04:00
26b140b0cc
Removing unused literals and exposing more error info
2015-07-29 11:17:26 -04:00
911827cd2d
Removing extraneous quoting
...
I know this should go in a separate PR, but it's so trivial it's not worth it.
2015-07-29 10:27:57 -04:00
f016d02365
Unit tests for 'resource'
2015-07-29 10:24:44 -04:00
965be920a6
Enforce 'resource' field
2015-07-29 10:19:14 -04:00
36cba96fb2
update tests after jwk encoding fix.
2015-07-28 16:25:30 +02:00
2b275405c1
remove authorizations member for certificate request.
2015-07-27 20:26:56 +02:00
4bbd0fdccd
Remove the need for a client to submit authorization urls when requesting a certificate.
2015-07-27 20:26:56 +02:00
713f7ea352
Merge pull request #528 from letsencrypt/remove_posts
...
remove dead POST code in wfe.Certificate
2015-07-25 16:23:25 -07:00
b0402d1880
add POST back to wfe Authz test
2015-07-25 14:16:57 -07:00
eb3ef4c98c
Merge pull request #509 from r0ro/missing-reg-link
...
Add missing link headers for registration resource update.
2015-07-24 18:26:24 -07:00
0ea7b36b6a
remove dead POST code in wfe.Certificate
...
The Certificate endpoint (a.k.a. /acme/cert) had code that took POSTs
but always returned errors when they were hit.
2015-07-24 16:46:49 -07:00
58080cc3b9
remove Go version and build host from API
...
This data would be useful to attackers attempting to exploit our
system. We have not committed to producing our binaries to the public,
so these are not exposed through other means.
2015-07-24 14:52:47 -07:00
9423467142
Switch to our own fork of go-jose.
...
This is the result of `godep save -r ./...` and
`git rm -r -f Godeps/_workspace/src/github.com/square`
Our fork is currently at the head of go-jose when Richard made the local nonce
changes, with the nonce changes added on top. In other words, the newly created
files are exactly equal to the deleted files.
In a separate commit I will bring our own go-jose fork up to the remote head,
then update our deps.
Also note: Square's go-jose repo contains a `cipher` package. Since we don't
make any changes to that package, we leave it imported as-is.
2015-07-24 14:39:00 -07:00
620a012c62
Rewrite go-jose dependencies to our fork.
2015-07-24 14:16:01 -07:00
7f5da3b8bc
Merge pull request #521 from letsencrypt/remove_v
...
remove incorrect uses of %v, use specific verbs
2015-07-24 13:00:29 -07:00
8975601d5e
correct bodyStr->body
2015-07-23 17:41:15 -07:00
d8ffa41d67
Remove backup logging in case of error.
...
AuditObject already does this for us.
2015-07-23 13:24:57 -07:00
752080871d
Instead of panic on error, log an error.
2015-07-23 09:34:04 -07:00
7a3c061576
Add new test to ensure Link headers are correctly set in Registration/NewRegistration reply.
2015-07-23 18:13:41 +02:00
9a4cd50a93
Use []byte to implicitly marshal to base64.
2015-07-22 17:50:43 -07:00
941df62ad4
Switch to AuditObject for CSR logging.
...
This allows us to log the remote address and registration object along with the
CSR.
Also, restore part of a comment on CertificateRequest that was deleted.
2015-07-22 16:32:11 -07:00
6952aebeb3
Record initial application CSR.
...
Fixes https://github.com/letsencrypt/boulder/issues/493 .
Also, modify MockSyslogWriter so that it implements the SyslogWriter interface
(no pointer receivers).
2015-07-22 15:34:59 -07:00
ce4ca429a6
Merge pull request #502 from letsencrypt/directory
...
Basic ACME directory endpoint
2015-07-22 15:32:15 -07:00
7fce01b7ce
Merge pull request #491 from letsencrypt/cache-headers
...
WFE cache headers
2015-07-22 15:09:02 -07:00
2c2075d2f0
Add missing link headers for registration resource update.
2015-07-22 20:15:21 +02:00
9f18d6fd71
Remove redudant comments
2015-07-21 19:46:20 -07:00
b093613191
Add cache helper methods and always send static cache max-age
2015-07-21 18:21:48 -07:00
0e83538b56
Merge master
2015-07-21 17:48:19 -07:00
99c339f850
Merge pull request #498 from tomclegg/490-mock-logs
...
Add mock for syslog.
2015-07-21 17:40:06 -07:00
1a3e41ee57
Review fixes
2015-07-21 17:39:16 -07:00
2d758a7ab6
Basic ACME directory endpoint
2015-07-21 16:55:57 -07:00
6e03f78ad0
Extend wfe.Certificate tests
2015-07-20 12:27:26 -07:00
249664383d
Simplify init(). Add UseMockLog(), to mock syslog for an entire test process.
2015-07-19 14:21:48 -04:00
6a2344e1bf
Add config vars and wire them into cmd/boulder and cmd/boulder-wfe
2015-07-17 17:44:03 -07:00
f08261edb5
Add cache-control headers to terms, issuer, and certificate endpoints
2015-07-17 17:14:39 -07:00
ff491962b9
Dry up "method not allowed" handling.
2015-07-16 22:07:44 -04:00
2d4f089980
say Handler returns a thing, not configures
2015-07-16 13:32:46 -07:00
5a69753b6d
correct HandlePaths to Handler in godoc
2015-07-16 13:26:34 -07:00
Jeff Hodges