letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,461 Commits 89 Branches 416 Tags 101 MiB
Commit Graph

39 Commits

Author SHA1 Message Date
Roland Shoemaker 3d5185d0db Merge branch 'master' into fixed-505 2015-08-13 22:50:13 -07:00
Roland Shoemaker f15402282c Review rework 
Refactor DNS problem details use

Actually store and log resolved addresses

Less convuluted get adresses function/usage

Store redirects, reconstruct transport on redirect, add redirect + lookup tests

Add another test

Review fixes

Initial bulk of review fixes (cleanups inc)

Comment cleanup

Add some more tests

Cleanups

Give addrFilter a type and add the config wiring

Expose filters

LookupHost cleanups

Remove Resolved Addresses and Redirect chain from replies to client without breaking RPC layer

Switch address/redirect logging method, add redirect loop checking + test

Review fixes + remove IPv6

Remove AddressFilter remnant + constant-ize the VA timeout

Review fixes pt. 1

Initialize validation record

Don't blank out validation reocrds

Add validation record sanity checking

Switch to shared struct

Check port is in valid range

Review fixes
 2015-08-13 22:49:33 -07:00
Roland Shoemaker bcb0ecb3ba Revert "Resolve and store IP addresses for SimpleHTTP and DVSNI validation (also store redirect chains)" 2015-08-13 13:00:37 -07:00
Roland Shoemaker 71e62bce13 Merge pull request #505 from letsencrypt/store-ips 
Resolve and store IP addresses for SimpleHTTP and DVSNI validation (also store redirect chains)
 2015-08-13 11:13:59 -07:00
Roland Shoemaker eefa8005c4 Fix LookupTXT 2015-08-12 17:21:08 -07:00
Roland Shoemaker c41cda04f7 Review fixes pt. 1 2015-08-07 15:09:08 -07:00
Roland Shoemaker 8d046a6e0d Review fixes + remove IPv6 2015-08-05 13:47:59 -07:00
Roland Shoemaker 881ce95a5e LookupHost cleanups 2015-07-31 21:42:07 -07:00
Roland Shoemaker 778c0daae5 Expose filters 2015-07-31 16:19:25 -07:00
Roland Shoemaker 5a1a3c7e0d Give addrFilter a type and add the config wiring 2015-07-31 15:47:03 -07:00
Roland Shoemaker 94095796b9 Cleanups 2015-07-31 14:40:54 -07:00
Roland Shoemaker 0041283960 Comment cleanup 2015-07-31 11:32:53 -07:00
Roland Shoemaker e12564bb11 Initial bulk of review fixes (cleanups inc) 2015-07-30 18:09:16 -07:00
Tom Clegg 4f177d34af Return actual rtt for nxdomain/nxrrset responses, not 0. 2015-07-28 23:28:19 -04:00
Tom Clegg 1993dc44c6 Allow DNS cache to follow CNAME/DNAME for us when looking up CAA. 
Only if the cache returns nothing for the CNAME query do we need to
look up CNAME/DNAME explicitly, in order to check CAAs on the parent
of the CNAME target rather than the parent of the original name.
 2015-07-27 22:10:44 -04:00
Tom Clegg a843772736 Follow CNAME and DNAME during CAA lookups, cf. RFC 6844. 2015-07-26 01:25:30 -04:00
Tom Clegg d30ea8a4b6 Distinguish between "lookup failed" and "CNAME does not exist" in LookupCNAME. 2015-07-25 05:47:15 -04:00
Roland Shoemaker 31f0674f03 Replace net.LookupMX with core.LookupMX using defined resolver 2015-07-21 22:36:29 -07:00
Richard Barnes d8a12d8073 Addressing @bifurcation comments 2015-07-21 16:42:23 +02:00
Roland Shoemaker a767daed4d Rebase on #438 and cleanup 2015-07-08 22:07:21 +01:00
Roland Shoemaker 3aa6befb0b Review fixes 2015-07-08 20:57:58 +01:00
Roland Shoemaker 34bd2a2915 Review fixes 2015-07-08 20:56:59 +01:00
Roland Shoemaker cb1ddfaf78 Add parseDNSError method and use it to provide better problem detail, also add test workaround for timeouts until #401 is fixed 2015-07-08 20:52:40 +01:00
Roland Shoemaker dfed747a99 Put LookupHost back, and re-add checks to validateSimpleHTTP and validateDvsni 2015-07-08 20:48:42 +01:00
Roland Shoemaker a4eaf65741 Clarify comments 2015-07-08 20:48:42 +01:00
Roland Shoemaker 2d339651d7 Remove LookupDNSSEC and LookupHosts methods, and their usage, log SERVFAIL from resolver and query type it came from, ignore SERVFAIL from LookupCAA 2015-07-08 20:47:46 +01:00
Roland Shoemaker f6248ef279 Flesh out DNS mock methods, and move them to their own sub-module instead of under test/ to avoid import loop, Add Loopback DNS resolver for core/dns_test.go 2015-07-07 22:31:44 +01:00
Roland Shoemaker 1b65434256 Merge master 2015-06-19 20:16:16 +01:00
Roland Shoemaker ccb46eb967 Fix comment typo 2015-06-19 20:10:22 +01:00
Roland Shoemaker cd10bd4726 Add DNSSEC check for A/AAAA records to validateSimpleHTTP and validateDvsni 2015-06-19 20:03:27 +01:00
Roland Shoemaker 2ed840e4c3 Add better CNAME/CAA comments 2015-06-19 19:18:18 +01:00
Roland Shoemaker 948cca7172 Consolidate CAA functions into va/validation-authority.go and core/dns.go 2015-06-19 19:06:50 +01:00
Roland Shoemaker d6ed289e05 Remove duplicate error check 2015-06-18 16:36:39 -07:00
Roland Shoemaker 7e4b52e69a Merge pull request #369 from bradmw/errors 
Validation Errors
 2015-06-18 16:33:30 -07:00
J.C. Jones 1b484608f4 Fix null pointer panic when LookupTXT fails at the DNS Resolver 
Seen in https://travis-ci.org/letsencrypt/boulder/builds/67439063

(Update: Don't send a nil duration)
 2015-06-18 15:25:10 -07:00
Brad Warren 93ff18b365 Finished addinig validation errors 2015-06-18 14:10:24 -07:00
Brad Warren f19cad3a04 Additional cleanup of error handling 2015-06-18 10:08:59 -07:00
J.C. Jones 41f5788c77 Correct most `go lint` warnings. (274 -> 5) 2015-06-16 22:18:28 -05:00
J.C. Jones b24f6b23fe Moved to `miekg/dns` for the VA. 
- Created some helper methods to run DNSSEC and reduce code reuse
- Support multiple DNS servers, but not in the Config file (yet)
- Fix typo; r=@rolandshoemaker
 2015-06-16 19:37:15 -05:00