24dca1a758
remove some no longer used db struct tags
2015-08-13 14:29:53 -07:00
bcb0ecb3ba
Revert "Resolve and store IP addresses for SimpleHTTP and DVSNI validation (also store redirect chains)"
2015-08-13 13:00:37 -07:00
71e62bce13
Merge pull request #505 from letsencrypt/store-ips
...
Resolve and store IP addresses for SimpleHTTP and DVSNI validation (also store redirect chains)
2015-08-13 11:13:59 -07:00
c448c01d70
Add concat test
2015-08-12 18:47:09 -07:00
eefa8005c4
Fix LookupTXT
2015-08-12 17:21:08 -07:00
4a26a515c9
Switch to shared struct
2015-08-10 16:20:11 -07:00
d7b0b11648
Fixing more merge issues
2015-08-10 12:19:04 -07:00
e9b24cfafd
Merge remote-tracking branch 'origin/master' into existing-cert
...
Conflicts:
cmd/boulder-ra/main.go
cmd/boulder/main.go
cmd/shell.go
core/objects.go
policy/policy-authority_test.go
test/boulder-config.json
2015-08-10 12:02:01 -07:00
212bf67670
Add validation record sanity checking
2015-08-07 16:41:40 -07:00
3d540cf4b4
Merge branch 'master' into store-ips
2015-08-07 15:09:43 -07:00
c41cda04f7
Review fixes pt. 1
2015-08-07 15:09:08 -07:00
390464ddf4
correct unique indexing of Registrations
...
Fixes #579 (which blocks #132 ).
This changes the SA to use a unique index on the sha256 of a
Registration's JWK's public key data instead of on the full serialized
JSON of the JWK. This corrects multiple problems:
1. MySQL/Mariadb no longer complain about key's being larger than the
largest allowed key size in an index
2. We no longer have to worry about large keys not being seen as unique
3. We no longer have to worry about the JWK's JSON being serialized with its inner keys in different orders and causing incorrectly empty queries or non-unique writes.
This change also hides the details of how Registrations are stored in
the database from the other services outside of SA. This will give us
greater flexibility if we need to move them to another database, or
change their schema, etc.
Also, adds some tests for NoSuchRegistration in the SA.
2015-08-06 14:19:19 -07:00
0f03494d56
use pointer to AcmeURL everywhere
...
This has the benefit of not requiring us to copy very fat url.URL
objects when we pass them to funcs or call their methods.
2015-08-05 18:23:38 -07:00
8d046a6e0d
Review fixes + remove IPv6
2015-08-05 13:47:59 -07:00
1ee8a9d755
Fixing some more small code style issues--changes should only be cosmetic
2015-08-04 14:06:08 -07:00
70347b4f9a
Fixing "go fmt" errors
2015-08-04 13:57:54 -07:00
ec409463db
Adding the schemas for the external certs and the identifiers to db_schema-main.sql, and also removing the lastUpdate timestamp from the code and the import format document (since we don't really need it for anything).
2015-08-04 13:45:07 -07:00
8805f7e6e9
Switch address/redirect logging method, add redirect loop checking + test
2015-08-03 20:31:32 -07:00
aeba06dcd9
Remove Resolved Addresses and Redirect chain from replies to client without breaking RPC layer
2015-08-03 11:02:23 -07:00
881ce95a5e
LookupHost cleanups
2015-07-31 21:42:07 -07:00
778c0daae5
Expose filters
2015-07-31 16:19:25 -07:00
5a1a3c7e0d
Give addrFilter a type and add the config wiring
2015-07-31 15:47:03 -07:00
94095796b9
Cleanups
2015-07-31 14:40:54 -07:00
bc4069db05
Add some more tests
2015-07-31 13:46:24 -07:00
0041283960
Comment cleanup
2015-07-31 11:32:53 -07:00
e12564bb11
Initial bulk of review fixes (cleanups inc)
2015-07-30 18:09:16 -07:00
f5acc4e260
Merge master
2015-07-30 14:07:03 -07:00
46573e93a2
Merge pull request #497 from letsencrypt/update-challenges
...
Update challenges to match the spec
2015-07-30 15:06:32 -04:00
652702bd7f
Merge master
2015-07-30 13:47:10 -04:00
726d59cb52
Merge master
2015-07-29 16:35:37 -07:00
5ea17d980a
Merge master
2015-07-29 16:37:39 -04:00
272fbbd480
Merge pull request #541 from r0ro/remove-authz-newcert
...
Remove the need for a client to send authorizations url when requesting new certificate
2015-07-29 13:10:46 -07:00
6777b276a7
Merge branch 'master' into store-ips
2015-07-29 12:24:20 -07:00
08c86e560e
Fix test failures in core
2015-07-29 14:40:41 -04:00
f506da377a
Clean up Challenge.MergeResponse
2015-07-29 12:59:52 -04:00
4f95f66f98
Remove AcmeJWS and move everything over to LE fork of go-jose
2015-07-29 12:44:39 -04:00
9e87cef807
Further test fixes
2015-07-29 12:20:00 -04:00
de5c50739a
Mostly fixed tests
2015-07-29 12:19:12 -04:00
e60df240d8
Update DVSNI and DNS challenges
2015-07-29 12:19:12 -04:00
4cac9da9fd
Refactor simpleHttp challenge
2015-07-29 12:18:09 -04:00
26b140b0cc
Removing unused literals and exposing more error info
2015-07-29 11:17:26 -04:00
965be920a6
Enforce 'resource' field
2015-07-29 10:19:14 -04:00
27708be2c3
Merge pull request #532 from tomclegg/cname-nxdomain
...
Fix authz always failing when CAA record is not present + fix CAA lookup algorithm per RFC
2015-07-28 20:58:17 -07:00
4f177d34af
Return actual rtt for nxdomain/nxrrset responses, not 0.
2015-07-28 23:28:19 -04:00
289dfeabe6
Fixing go formatting issues (ran go fmt on the files below)
2015-07-28 17:07:36 -07:00
65c923d547
we now ignore duplicate additions and require three different command line args
2015-07-28 14:03:56 -07:00
36cba96fb2
update tests after jwk encoding fix.
2015-07-28 16:25:30 +02:00
1993dc44c6
Allow DNS cache to follow CNAME/DNAME for us when looking up CAA.
...
Only if the cache returns nothing for the CNAME query do we need to
look up CNAME/DNAME explicitly, in order to check CAAs on the parent
of the CNAME target rather than the parent of the original name.
2015-07-27 22:10:44 -04:00
abd06564ec
Merge branch 'master' into mailer
2015-07-27 12:46:19 -07:00
145790d9c3
Review fixes
2015-07-27 12:46:09 -07:00
Jeff Hodges