02c4a47a4e
Update comment.
2016-02-16 10:56:52 -08:00
20d6281e98
Return error from PA when DB is down.
...
Previously, we'd return "Name is blacklisted" in the case of a DB failure. After
this change, we correctly return an internal server error.
2016-02-15 20:33:49 -08:00
01cee65079
Changed return type for "ChallengesFor".
2016-02-13 23:01:28 +01:00
cecb4d08e9
Reject final "-" in DNS label.
2016-01-28 11:08:10 -08:00
c9010744b4
delete old challenge code
...
Specifically, delete the simpleHttp and dvsni.
Hooray!
Fixes #894
2015-12-10 15:41:40 -08:00
ea95bcf78c
Fix test.
2015-11-20 17:02:39 -08:00
aedc674d97
Restore bytewise DNS check.
2015-11-20 15:55:52 -08:00
d22457cdc1
Add test for core.MalformedRequestError in NewAuth
...
Also wrap policy errors in a var ( ) and delete old ones.
2015-11-19 16:14:54 -08:00
662ed0730f
Fix return types of errors.
2015-11-19 15:43:39 -08:00
eb8134f0cc
Return more specific errors from WillingToIssue.
...
Fixes #1066
2015-11-19 12:00:49 -08:00
d2b6cc0e98
randomize output of PolicyAuthority.ChallengesFor
...
This shuffles both the challenges and the combinations returned while
keeping them in sync.
Fixes #1069 .
2015-11-18 11:14:11 -08:00
f61183e144
Use a map and set defaults
2015-11-07 12:39:57 -05:00
fe047a1da8
Change config to flags from strings
2015-11-03 23:17:26 +09:00
a16e98a4a4
Further copy/paste errors
2015-11-01 23:20:28 +09:00
36225bdf4f
Fix go fmt errors
2015-11-01 22:35:29 +09:00
f67405bfbc
Fix unit test failures and a copy/paste error
2015-11-01 08:28:15 -05:00
39dcb9f285
Further unit test fixes
2015-10-31 18:11:08 +09:00
587bd8c89a
Initialize the challenge type map before using it
2015-10-31 17:08:25 +09:00
d8c67285cf
Enable configuration of supported challenges
2015-10-31 16:55:59 +09:00
3ce50c106b
Add test/vars package
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-10-20 22:29:34 -07:00
6171420108
Golint fixes to builds work
2015-10-18 18:59:05 -07:00
dd05ace030
Set up databases with restrictive user permissions.
...
Fixes https://github.com/letsencrypt/boulder/issues/898
Also removes currently-unused 'development' DB, and do initial migrations in
parallel, which shortens create_db.sh from 20 seconds to 10 seconds.
Changes ResetTestDatabase into two functions, one each for SA and Policy DBs,
which take care of setting up the DB connection using a special higher-privileged
user called test_setup.
2015-10-16 15:50:57 -07:00
3ab31960d3
Whitelist partner registration id.
2015-10-15 09:15:45 -07:00
310343a061
Fix error name and tests.
2015-10-12 17:45:47 -07:00
a95c300d8b
Switch to using publicsuffix package.
...
This has two advantages:
- Fixes #901
- Reduces number of allocations and copies for methods that used the previous
public suffix code.
2015-10-12 16:32:35 -07:00
0df44e5d90
clean up CSRs with capitalized letters
...
This change lowercases domains before they are stored in the database
and makes policy.WillingToIssue reject any domains with uppercase
letters.
Fixes #927 .
2015-10-08 17:04:07 -07:00
17674cb3a7
Merge branch 'master' into sig-reuse
2015-10-06 17:37:30 -07:00
faa4ba2668
Fix policy rule dump
2015-10-06 14:06:04 -07:00
f064c6d5c7
Merge branch 'master' to 'sig-reuse'
2015-10-05 23:16:16 -04:00
5217af94b0
allow whitelisting by a specific reg id
...
Currently, the whitelisted registration ID is one that is impossible for the
database to return. Once the partner's registration is in place, we can
deploy a change to it.
Fixes #810
2015-10-05 14:11:38 -07:00
9414b1a37e
Address @jmhodges comments and make tests pass
2015-10-03 14:47:17 -04:00
4c20bfe310
Merge master to sig-reuse
2015-10-01 18:58:35 -07:00
367973122e
Change 'TO DELETE' comments to something more useful
2015-10-01 18:48:15 -07:00
322da1f6a1
Remove LockCol from issuedNames.
...
Also, limit size of reversedName column to 640.
2015-09-30 16:38:36 -07:00
ea50be6c50
Change 00 to 01, and drop the underscore
2015-09-29 08:57:43 -04:00
f476432449
Store a DB of issued names.
...
Add counting for issued names within a given time period.
First part of https://github.com/letsencrypt/boulder/issues/864 .
2015-09-28 19:37:50 -07:00
c1c3d1e871
Changes to core, sa, policy
2015-09-28 10:51:55 -04:00
1a9fd9b455
Update to latest ACME spec
2015-09-28 10:10:06 -04:00
f33b103a01
Merge pull request #601 from letsencrypt/blacklist
...
Use DNS blacklist/whitelist DB
2015-09-02 11:04:31 -07:00
0ec76a525a
Review fixes
2015-09-01 22:05:04 -07:00
97c93cd6fa
Temporarily disable DNS challenge.
...
We're not planning to offer this one at launch (hopefully not long after,
though).
2015-08-31 21:26:12 -04:00
9e3d971c2d
Fix dump and load functions
2015-08-31 16:05:56 -07:00
98c5bae31d
cert-checker fixes
2015-08-31 15:55:10 -07:00
273b38e459
Review fixes pt. 1
2015-08-31 14:47:05 -07:00
0e1e38011a
Review fixes pt. 2
2015-08-26 12:09:15 -07:00
e28fbdf465
Add goose schema + migration
2015-08-25 18:09:38 -07:00
1e1a1c0eae
Review fixes pt. 1
2015-08-25 16:45:40 -07:00
3cf1ea8e38
Cleaner/quicker rule list search & properly cleanup database
2015-08-24 15:46:37 -07:00
00a83e49a1
Add another test
2015-08-18 14:29:18 -07:00
7151c3cefb
Review fixes pt. 2
2015-08-18 14:25:51 -07:00
eb710716a0
Quick subdomain fix
2015-08-18 14:14:26 -07:00
4fb747ead1
Merge master
2015-08-15 16:50:57 -07:00
b9913a2b41
Review fixes
2015-08-14 17:14:02 -07:00
ffe3d19da2
Initial review fixes
2015-08-14 16:44:44 -07:00
bc1a649325
Actually use whitelist enforcement config val
2015-08-11 12:32:02 -07:00
c8d4b9f8d6
Remove debug statements
2015-08-11 11:52:12 -07:00
c01c8a069b
Use natural sort
2015-08-11 11:50:38 -07:00
e9855dd41e
Add method comments
2015-08-10 15:36:26 -07:00
df8e83a2b8
Trim commented code
2015-08-10 15:13:04 -07:00
5540729b56
Finished policy-loader
2015-08-10 14:32:53 -07:00
541971471a
Flesh out the policy db loader tool
2015-08-10 13:58:32 -07:00
43a40d55c9
Allow whitelist to be enforcable + remove blacklist file
2015-08-10 11:56:49 -07:00
1a2825138d
Actually wire everything into the PADB
2015-08-06 16:57:38 -07:00
1bd02fbeb3
Add comments so lint will shut up
2015-08-06 16:23:11 -07:00
8ee990b966
typo
2015-08-06 16:11:27 -07:00
a888baf488
Initial PADB work for white/blacklists
2015-08-06 16:09:54 -07:00
2d0be62966
Use mock syslog in test suites (except core and log). Drop SwitchLog().
2015-07-21 17:06:39 -04:00
41f5788c77
Correct most `go lint` warnings. (274 -> 5)
2015-06-16 22:18:28 -05:00
fcaa6b9530
Issue #11 : Add tests
2015-06-16 09:03:03 -05:00
cc97492a54
Issue #11 : Basic DNS Challenge support
2015-06-16 09:03:03 -05:00
f4ee29d1d3
Change all references from SimpleHTTPS -> SimpleHTTP
2015-06-12 11:22:04 -07:00
6c0127d1b0
Add some comments, clean up RFC 6844 query order
2015-06-10 17:27:08 -07:00
1c9837ddf8
Audit all Challenges (success/failure) in VA for Issue #204
...
- Don't ignore entropy underruns in challenges.go
- Correct identity crisis in Policy Authority; hopefully it will remember.
- Add a method `AuditObject` in audit-logger and convert RA/VA to use it
- Fix json typo in registration-authority that caused empty audit logs
- Fix vet issue in WFE where RegID was being printed as a 32-bit int instead of 64-bit
- Unfix the issue in WFE where RegID isn't right, per PR #215
2015-05-21 13:58:40 -07:00
a77152e828
Rework Authority "New" methods to obtain AuditLogger from Singleton
...
- Also ran `go fmt` against these files I was touching anyway:
sa/storage-authority.go
va/validation-authority.go
wfe/web-front-end.go
2015-05-01 21:50:07 -07:00
e828c61818
Add singleton semantics to Audit Logger, per Issue #135
...
- Update tests to use the singleton logger
- Update commands to set the audit logger singleton
- Formatting updates to the tests (go fmt)
2015-05-01 21:48:24 -07:00
4967e9486d
hook in everywhere, add Noop client in tests
2015-04-12 21:50:07 -07:00
84df10fd6e
Add empty tests where missing.
...
This will bring our coverage numbers down to a more meaningful number, and will
mean that we can start aiming to increase them monotonically.
2015-04-07 11:27:33 -07:00
bb2e03ed36
Fix policy test.
2015-03-25 18:54:17 -07:00
33ac212b70
Add logging infrastructure to all authorities and commands
2015-03-24 19:06:11 -07:00
2cca7f6530
Fixup: missing ","
2015-03-20 13:28:09 -07:00
24627cdb5f
Merge two sets of additional tests
...
Conflicts:
policy/policy-authority_test.go
2015-03-20 12:43:11 -07:00
4689eb137b
Add some more tests
2015-03-20 12:30:56 -07:00
718a00d572
Restore some dropped tests cases for PA.
2015-03-20 12:29:03 -07:00
3279c13b42
Removing stray copy of the PSL
2015-03-17 17:35:40 -04:00
01fd8ce4df
Add IPv6 support
2015-03-17 11:57:30 -04:00
e142aa7cf9
Forgot the actual policy implementation
2015-03-16 21:48:58 -04:00
Jacob Hoffman-Andrews