letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
boulder/ca/testdata
History
Aaron Gable 4f473edfa8
Deprecate 10 feature flags (#6502) 
Deprecate these feature flags, which are consistently set in both prod
and staging and which we do not expect to change the value of ever
again:
- AllowReRevocation
- AllowV1Registration
- CheckFailedAuthorizationsFirst
- FasterNewOrdersRateLimit
- GetAuthzReadOnly
- GetAuthzUseIndex
- MozRevocationReasons
- RejectDuplicateCSRExtensions
- RestrictRSAKeySizes
- SHA1CSRs

Move each feature flag to the "deprecated" section of features.go.
Remove all references to these feature flags from Boulder application
code, and make the code they were guarding the only path. Deduplicate
tests which were testing both the feature-enabled and feature-disabled
code paths. Remove the flags from all config-next JSON configs (but
leave them in config ones until they're fully deleted, not just
deprecated). Finally, replace a few testdata CSRs used in CA tests,
because they had SHA1WithRSAEncryption signatures that are now rejected.

Fixes #5171 
Fixes #6476
Part of #5997
 		2022-11-14 09:24:50 -08:00
..
bad_algorithm.der.csr move CA test data to a directory 2015-09-03 15:43:10 -07:00
ca_cert.pem move CA test data to a directory 2015-09-03 15:43:10 -07:00
ca_key.pem move CA test data to a directory 2015-09-03 15:43:10 -07:00
cn_and_san.der.csr move CA test data to a directory 2015-09-03 15:43:10 -07:00
ct_poison_extension.der.csr CA: Test that the CT poison extension in CSRs is ignored. (#2915) 2017-07-28 10:51:46 -07:00
ct_poison_extension_empty.der.csr Deprecate 10 feature flags (#6502) 2022-11-14 09:24:50 -08:00
dupe_name.der.csr move CA test data to a directory 2015-09-03 15:43:10 -07:00
ecdsa.der.csr Allow CFSSL profiles to be selected by key type 2016-01-22 11:00:41 +00:00
ecdsa_allow_list.yml CA: Load and reload ECDSA allow list from a file (#5392) 2021-05-10 13:19:46 -07:00
ecdsa_allow_list2.yml CA: Fix startup bug caused by ECDSA allow list reloader (#5412) 2021-05-17 14:41:15 -07:00
ecdsa_allow_list_malformed.yml CA: Load and reload ECDSA allow list from a file (#5392) 2021-05-10 13:19:46 -07:00
invalid_signature.der.csr Added test: CA must reject CSRs with invalid signatures. 2015-11-20 21:18:45 +01:00
long_cn.der.csr issue without a CommonName if not given one 2016-02-12 11:49:16 -08:00
must_staple.der.csr Deprecate 10 feature flags (#6502) 2022-11-14 09:24:50 -08:00
no_cn.der.csr move CA test data to a directory 2015-09-03 15:43:10 -07:00
no_names.der.csr issue without a CommonName if not given one 2016-02-12 11:49:16 -08:00
no_san.der.csr move CA test data to a directory 2015-09-03 15:43:10 -07:00
short_key.der.csr Deprecate 10 feature flags (#6502) 2022-11-14 09:24:50 -08:00
testcsr.go Allow CFSSL profiles to be selected by key type 2016-01-22 11:00:41 +00:00
too_many_names.der.csr move CA test data to a directory 2015-09-03 15:43:10 -07:00
unsupported_extension.der.csr CA: Use unknown extension in "unsupported extension" test. (#2914) 2017-07-27 17:13:19 -07:00