cecd097f68
Improve unit testing to resolve Issue #217
...
- Support multiple HTTPserver instances in `validation-authority_test.go`
- Improve coverage of ValidateDvsni and ValidateHttps
- Cover UpdateValidations
2015-05-21 13:59:30 -07:00
1c9837ddf8
Audit all Challenges (success/failure) in VA for Issue #204
...
- Don't ignore entropy underruns in challenges.go
- Correct identity crisis in Policy Authority; hopefully it will remember.
- Add a method `AuditObject` in audit-logger and convert RA/VA to use it
- Fix json typo in registration-authority that caused empty audit logs
- Fix vet issue in WFE where RegID was being printed as a 32-bit int instead of 64-bit
- Unfix the issue in WFE where RegID isn't right, per PR #215
2015-05-21 13:58:40 -07:00
a9a50d9f15
Merge pull request #213 from letsencrypt/issuer-cert-absolute
...
Use absolute URL for link to issuer cert
2015-05-19 18:39:41 -07:00
48cdd35026
gofmt wfe
2015-05-19 18:25:02 -07:00
8c9830618b
Use absolute URL for link to issuer cert
2015-05-19 16:30:33 -07:00
2d7bcd93fb
Merge pull request #208 from letsencrypt/no-registration-get
...
Disallow GETs for Registration.
2015-05-19 13:34:31 -07:00
8dd4c650bd
Disallow GETs for Registration.
...
Per the spec, authenticated requests must be signed by an account key, and
GET requests can't be signed under the current protocol. If the account holder
wishes to fetch their current registration, they can do so by posting a signed,
empty update to their registration resource.
Also fix a bug in generating registration URLs.
2015-05-19 12:44:04 -07:00
1c251bc19a
Merge pull request #207 from rolandshoemaker/keycleanup
...
Cleanup + tests for #201
2015-05-19 12:43:52 -07:00
a3417b5849
Merge pull request #209 from letsencrypt/test-mode-ok
...
Allow using an issuer key file in non-TestMode.
2015-05-19 12:17:45 -07:00
c81437b036
Allow using an issuer key file in non-TestMode.
...
This was causing difficulty running the demo instance.
We'll fix this the right way as part of moving to a CFSSL local signer:
https://github.com/letsencrypt/boulder/issues/163
2015-05-19 12:09:17 -07:00
97ff1c8423
merge upstream/master
2015-05-18 19:07:04 -07:00
1c7d0d5411
gofmt touched files
2015-05-18 19:03:25 -07:00
7c7aa9feb4
Merge pull request #186 from letsencrypt/formatting_script
...
Enforce `go fmt` is clean in the test run.
2015-05-18 19:02:43 -07:00
cf7f6f5db3
add RA regID checks
2015-05-18 18:53:48 -07:00
42302541bd
Run `go fmt` for PR #186
2015-05-18 18:44:38 -07:00
39a61774e7
Enforce `go fmt` is clean in the test run.
...
Adds a routine to test.sh to ensure committers have run `go fmt` before submission.
2015-05-18 18:42:04 -07:00
221e19d232
Merge pull request #175 from letsencrypt/63-bifurcation-audit
...
Add audit logging
2015-05-18 18:41:17 -07:00
d2be0dcb95
Review updates
2015-05-18 18:24:37 -07:00
894703ae67
Follow-on work for Issue #62
...
- Documentation correction
- Don't lose the problemDoc failback (merge issue, I guess?)
- Add the start of an ack script to find methods implementing the audit UUIDs
- Documentation fix (RA calls VA, not WFE)
- Audit log revocations
- Audit log unauthorized domains
- Include all SANs in issuance audit log
- Add a script to locate all audit markers
2015-05-18 18:23:09 -07:00
c3b312118e
Add audit logging
...
- Auditing for general errors in executables
- Auditing for improper messages received by WFE
- Automatic audit wlogging of software errors
- Audit logging for mis-routed messages
- Audit logging for certificate requests
- Auditing for improper messages received by WFE
- Add audit events table
- Expect more details in TestRegistration in web-front-end_test.go
- Remove "extra" debug details from web-front-end.go per Issue #174
- Improve test coverage of web-front-end.go
- WFE audit updates for revocation support rebase
- Add audit messages to RPC for Improper Messages and Error Conditions
- Also note misrouted messages
2015-05-18 18:23:08 -07:00
af01cb0cf9
Cleanup RA.NewAuthorization and add SA tests for GetRegistration and GetRegistrationByKey with invalid arguments
2015-05-18 18:02:06 -07:00
63a5b08eb1
Merge pull request #206 from letsencrypt/125-different-keys
...
Check that cert key != account key.
2015-05-18 16:56:19 -07:00
61be79e51d
Check that cert key != account key.
2015-05-18 15:20:02 -07:00
4cda5e11f3
Merge pull request #201 from rolandshoemaker/remkey
...
Switch Authorization object from key to registration ID as association
2015-05-18 11:24:51 -07:00
e1ba291019
Store registration ID with certificate
2015-05-16 13:47:51 -07:00
faa1d5ac45
review cleanups
2015-05-16 13:25:36 -07:00
2ba4698b3c
Merge pull request #147 from letsencrypt/revocation-wfe
...
Implement user-facing revocation.
2015-05-15 13:20:33 -07:00
f8d54a728c
Fix up rebase issues.
2015-05-14 16:11:56 -07:00
d4b0719d78
Add revoke.js to test revocation.
2015-05-14 15:54:12 -07:00
b43d647fa2
Call RevokeCertificate through RA.
2015-05-14 15:54:12 -07:00
7b5038ac89
Switch WFE to revoke by posting cert rather than serial.
2015-05-14 15:54:10 -07:00
de4e37bf60
Implement user-facing revocation.
2015-05-14 15:53:58 -07:00
bff5ea2cfe
Implement user-facing revocation.
2015-05-14 15:52:11 -07:00
a20f145d3a
Merge pull request #200 from letsencrypt/speedup_only_build_master
...
Configure Travis to only build master on pushes
2015-05-14 14:40:28 -07:00
2c020f9da0
Configure Travis to only build master on pushes
2015-05-14 14:23:42 -07:00
e233fdaa61
switch authz and pending_authz to store registration ID instead of key (and update all the random stuff they touched)
2015-05-14 14:14:36 -07:00
672f0b1fbe
Merge pull request #197 from letsencrypt/speedup_build_and_tests
...
First pass at build speedups.
2015-05-14 12:05:05 -07:00
ed32332204
First pass at build speedups. Feel free to use `make -j9` on your desktops!
2015-05-14 11:37:23 -07:00
55c0c34dc9
Merge pull request #196 from letsencrypt/185-fix_build
...
Add missing mock method to fix build for PR #185 .
2015-05-14 10:55:35 -07:00
b43e7de8dc
Add missing mock method to fix build for PR #185 .
2015-05-14 10:25:40 -07:00
6be5c4910e
Merge pull request #185 from rolandshoemaker/deny-store
...
Store and check previously denied CSRs
2015-05-14 09:03:06 -07:00
fc157e4b55
Merge pull request #192 from rolandshoemaker/verify-reg
...
Check key is assosiated with existing registration in verifyPOST
2015-05-13 22:05:52 -07:00
b3d85ed9b5
fix breakage introduced by b0rked rebase
2015-05-13 19:30:37 -07:00
8aa2a0607e
return full registration object and proper JSON marshal
2015-05-13 19:16:55 -07:00
c580041ed5
appropriate error messages
2015-05-13 19:16:55 -07:00
b9745cf894
check key is assosiated with existing registration in verifyPOST
2015-05-13 19:16:20 -07:00
bb06f522e6
Merge pull request #194 from letsencrypt/193_fix_build
...
Fix WFE test
2015-05-13 19:09:21 -07:00
7c6a5332eb
Fix WFE test
...
Use a static key so we can test for exact output equality.
2015-05-13 19:01:16 -07:00
c3cb20ad12
Merge pull request #183 from letsencrypt/go-jose2
...
Move to Square's go-jose library
2015-05-13 17:37:24 -07:00
aa8c20f84a
Fixes in response to review feedback.
2015-05-13 17:36:39 -07:00
J.C. Jones
James 'J.C.' Jones
Jacob Hoffman-Andrews
Roland Shoemaker
Richard Barnes