66ab7f5fae
Update DNS length comment.
...
Followup from https://github.com/letsencrypt/boulder/pull/1532/files#r54189791
2016-02-25 17:02:59 -08:00
efdbd75eda
Use the maxDNSIdentifierLength constant
...
Instead of hardcoding.
2016-02-23 14:47:07 -08:00
7955e268c7
go lint fixes
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2016-02-17 11:36:06 -08:00
01cee65079
Changed return type for "ChallengesFor".
2016-02-13 23:01:28 +01:00
cecb4d08e9
Reject final "-" in DNS label.
2016-01-28 11:08:10 -08:00
c9010744b4
delete old challenge code
...
Specifically, delete the simpleHttp and dvsni.
Hooray!
Fixes #894
2015-12-10 15:41:40 -08:00
aedc674d97
Restore bytewise DNS check.
2015-11-20 15:55:52 -08:00
d22457cdc1
Add test for core.MalformedRequestError in NewAuth
...
Also wrap policy errors in a var ( ) and delete old ones.
2015-11-19 16:14:54 -08:00
662ed0730f
Fix return types of errors.
2015-11-19 15:43:39 -08:00
eb8134f0cc
Return more specific errors from WillingToIssue.
...
Fixes #1066
2015-11-19 12:00:49 -08:00
d2b6cc0e98
randomize output of PolicyAuthority.ChallengesFor
...
This shuffles both the challenges and the combinations returned while
keeping them in sync.
Fixes #1069 .
2015-11-18 11:14:11 -08:00
f61183e144
Use a map and set defaults
2015-11-07 12:39:57 -05:00
fe047a1da8
Change config to flags from strings
2015-11-03 23:17:26 +09:00
a16e98a4a4
Further copy/paste errors
2015-11-01 23:20:28 +09:00
f67405bfbc
Fix unit test failures and a copy/paste error
2015-11-01 08:28:15 -05:00
587bd8c89a
Initialize the challenge type map before using it
2015-10-31 17:08:25 +09:00
d8c67285cf
Enable configuration of supported challenges
2015-10-31 16:55:59 +09:00
6171420108
Golint fixes to builds work
2015-10-18 18:59:05 -07:00
3ab31960d3
Whitelist partner registration id.
2015-10-15 09:15:45 -07:00
310343a061
Fix error name and tests.
2015-10-12 17:45:47 -07:00
a95c300d8b
Switch to using publicsuffix package.
...
This has two advantages:
- Fixes #901
- Reduces number of allocations and copies for methods that used the previous
public suffix code.
2015-10-12 16:32:35 -07:00
0df44e5d90
clean up CSRs with capitalized letters
...
This change lowercases domains before they are stored in the database
and makes policy.WillingToIssue reject any domains with uppercase
letters.
Fixes #927 .
2015-10-08 17:04:07 -07:00
f064c6d5c7
Merge branch 'master' to 'sig-reuse'
2015-10-05 23:16:16 -04:00
5217af94b0
allow whitelisting by a specific reg id
...
Currently, the whitelisted registration ID is one that is impossible for the
database to return. Once the partner's registration is in place, we can
deploy a change to it.
Fixes #810
2015-10-05 14:11:38 -07:00
9414b1a37e
Address @jmhodges comments and make tests pass
2015-10-03 14:47:17 -04:00
4c20bfe310
Merge master to sig-reuse
2015-10-01 18:58:35 -07:00
367973122e
Change 'TO DELETE' comments to something more useful
2015-10-01 18:48:15 -07:00
322da1f6a1
Remove LockCol from issuedNames.
...
Also, limit size of reversedName column to 640.
2015-09-30 16:38:36 -07:00
ea50be6c50
Change 00 to 01, and drop the underscore
2015-09-29 08:57:43 -04:00
c1c3d1e871
Changes to core, sa, policy
2015-09-28 10:51:55 -04:00
1a9fd9b455
Update to latest ACME spec
2015-09-28 10:10:06 -04:00
f33b103a01
Merge pull request #601 from letsencrypt/blacklist
...
Use DNS blacklist/whitelist DB
2015-09-02 11:04:31 -07:00
0ec76a525a
Review fixes
2015-09-01 22:05:04 -07:00
97c93cd6fa
Temporarily disable DNS challenge.
...
We're not planning to offer this one at launch (hopefully not long after,
though).
2015-08-31 21:26:12 -04:00
273b38e459
Review fixes pt. 1
2015-08-31 14:47:05 -07:00
3cf1ea8e38
Cleaner/quicker rule list search & properly cleanup database
2015-08-24 15:46:37 -07:00
7151c3cefb
Review fixes pt. 2
2015-08-18 14:25:51 -07:00
4fb747ead1
Merge master
2015-08-15 16:50:57 -07:00
b9913a2b41
Review fixes
2015-08-14 17:14:02 -07:00
bc1a649325
Actually use whitelist enforcement config val
2015-08-11 12:32:02 -07:00
c01c8a069b
Use natural sort
2015-08-11 11:50:38 -07:00
43a40d55c9
Allow whitelist to be enforcable + remove blacklist file
2015-08-10 11:56:49 -07:00
1a2825138d
Actually wire everything into the PADB
2015-08-06 16:57:38 -07:00
a888baf488
Initial PADB work for white/blacklists
2015-08-06 16:09:54 -07:00
41f5788c77
Correct most `go lint` warnings. (274 -> 5)
2015-06-16 22:18:28 -05:00
cc97492a54
Issue #11 : Basic DNS Challenge support
2015-06-16 09:03:03 -05:00
f4ee29d1d3
Change all references from SimpleHTTPS -> SimpleHTTP
2015-06-12 11:22:04 -07:00
6c0127d1b0
Add some comments, clean up RFC 6844 query order
2015-06-10 17:27:08 -07:00
1c9837ddf8
Audit all Challenges (success/failure) in VA for Issue #204
...
- Don't ignore entropy underruns in challenges.go
- Correct identity crisis in Policy Authority; hopefully it will remember.
- Add a method `AuditObject` in audit-logger and convert RA/VA to use it
- Fix json typo in registration-authority that caused empty audit logs
- Fix vet issue in WFE where RegID was being printed as a 32-bit int instead of 64-bit
- Unfix the issue in WFE where RegID isn't right, per PR #215
2015-05-21 13:58:40 -07:00
a77152e828
Rework Authority "New" methods to obtain AuditLogger from Singleton
...
- Also ran `go fmt` against these files I was touching anyway:
sa/storage-authority.go
va/validation-authority.go
wfe/web-front-end.go
2015-05-01 21:50:07 -07:00
Jacob Hoffman-Andrews