Jan Broer
323bb88640
Fetch remaining zones when response is truncated.
...
Route53 API won’t return more than 100 zones per request.
2016-01-22 18:50:18 +01:00
xenolf
50be32a69e
Change maximum zone number requested from Route53 to Math.MaxInt32 from MaxInt64.
...
Fixes #79 .
2016-01-22 18:18:53 +01:00
xenolf
5992793edd
Refactor DNS precheck
2016-01-22 02:25:27 +01:00
xenolf
602aeba6c1
Merge branch 'add-dns-challenge'
2016-01-22 01:51:10 +01:00
xenolf
a3f134e3fb
Check DNS entry for validity before hitting boulder
2016-01-22 01:38:15 +01:00
Matthew Holt
db3a956d52
Couple more tests to ensure right method is being used
2016-01-13 18:49:25 -07:00
Ernesto Alejo
873ed4771d
Fix fallthrough in the response status codes
2016-01-14 00:32:45 +01:00
xenolf
beac6273f6
Merge pull request #71 from xenolf/pem-decode-fix
...
Fix PEM decoding if file ends with multiple newlines
2016-01-12 18:16:52 +01:00
xenolf
33216d7563
Fix a race for socket in HTTP-01
2016-01-11 22:04:04 +01:00
Matthew Holt
19ea2cbf75
Fix PEM decoding if file ends with multiple newlines
...
This method more closely reflects how crypto/tls does it here: https://golang.org/src/crypto/tls/tls.go?s=5139:5210#L174
2016-01-11 10:02:28 -07:00
xenolf
db1a519684
Add the ability to reuse a private key
2016-01-08 10:14:41 +01:00
xenolf
6e33cd1b84
Move JSON http wrappers to http.go file
2016-01-08 10:04:57 +01:00
xenolf
0c10083ef0
Update tests
2016-01-08 08:04:50 +01:00
xenolf
de29381f7a
Add interface:port override to HTTP-01 and TLS-01 instead of only port
2016-01-08 08:04:38 +01:00
xenolf
1193ae895a
Merge pull request #66 from xenolf/user-agent-string
...
Implement custom User-Agent string
2016-01-07 04:51:31 +01:00
Jan Broer
04e4239653
Base64 encode dns-01 record
2016-01-05 00:40:05 +01:00
Matthew Holt
0786c993c9
Return full, parsed ocsp response instead of just the status
2015-12-31 16:07:18 -07:00
Matthew Holt
bfc24007db
Oops
2015-12-31 15:04:58 -07:00
Matthew Holt
89908f39e9
Implement custom User-Agent string
...
Also a couple miscellaneous vet fixes
2015-12-30 15:01:21 -07:00
xenolf
fce9468e1e
Update client docs
2015-12-27 20:56:02 +01:00
xenolf
8362f35823
Remove unreachable code
2015-12-27 20:55:44 +01:00
xenolf
3a3baf1597
Fix validateFunc tests
2015-12-27 19:26:47 +01:00
xenolf
09ff568758
Adjust logging output for http-01
2015-12-27 19:18:38 +01:00
xenolf
466af28672
Extract validateFunc from httpChallenge and tlsSNIChallenge
2015-12-27 19:08:17 +01:00
xenolf
6b750198f2
Fix tests
2015-12-27 18:56:44 +01:00
xenolf
523f3eb250
Change SetHTTPSPort to SetTLSPort
2015-12-27 18:56:36 +01:00
xenolf
0e857b2fef
Adapt CLI to changes in lib
...
- Change explicit include of challenges to explicit exclude
- Add CLI switches for HTTP and TLS ports
2015-12-27 18:35:19 +01:00
xenolf
053dc4cfb1
Extract mutation of client into functions
2015-12-27 18:28:54 +01:00
xenolf
595f684e27
Merge branch 'master' of https://github.com/tommie/lego into refactor-client
...
# Conflicts:
# acme/client.go
# acme/http_challenge.go
# acme/http_challenge_test.go
# acme/tls_sni_challenge.go
# cli.go
# cli_handlers.go
2015-12-27 17:38:49 +01:00
Mustafa Altun
f3df6b81b2
Fix gofmt errors
2015-12-24 10:57:09 +02:00
xenolf
c2630f8eb7
Limit ioutil.ReadAll calls in client as well
2015-12-21 02:44:25 +01:00
xenolf
00af84d91b
Close response body in getIssuerCertificate
2015-12-21 02:44:25 +01:00
xenolf
7789bd2ffc
Limit OCSP answers to 1MB.
...
fixes #56
2015-12-18 22:33:30 +01:00
xenolf
136cc73ff8
Move call to ObtainSANCertificate
2015-12-18 17:55:43 +01:00
xenolf
5930ea52f0
lib: make renew aware of SAN
2015-12-18 17:55:43 +01:00
xenolf
c13968859a
tweak log messages a bit
2015-12-15 21:21:12 +01:00
xenolf
c2467d031f
Fix tests with new error
2015-12-11 17:16:24 +01:00
xenolf
f08c15df80
Use boulder error messages.
2015-12-11 17:16:24 +01:00
Jan Broer
666698cea3
Modular DNS challenge
...
- Manual provider
- Dynamic DNS Update provider (RFC2136)
- Route53 provider
- CloudFlare provider
2015-12-10 18:35:35 +01:00
xenolf
a23289899c
Fix typo
2015-12-07 16:58:01 +01:00
xenolf
54e96f6fc5
Document that ObtainSANCertificate will never return a partial certificate on error.
2015-12-07 16:51:28 +01:00
Tommie Gannert
e32b9abfb2
Remove ObtainCertificates and rename ObtainSANCertificate to ObtainCertificate.
...
Also removes revokation abilities from RenewCertificate.
Makes the API more orthogonal. These things are not provided by the
ACME protocol, but were convenience helpers.
2015-12-05 22:07:12 +00:00
Tommie Gannert
71624f607a
Replace exponential back-off in validate with Retry-After header.
...
Last paragraph of ACME spec, section 6.5:
To check on the status of an authorization, the client sends a GET
request to the authorization URI, and the server responds with the
current authorization object. In responding to poll requests while
the validation is still in progress, the server MUST return a 202
(Accepted) response with a Retry-After header field.
2015-12-05 21:32:53 +00:00
Tommie Gannert
b2c88d7a5d
Make solvers configurable.
...
Allows selecting which solvers are available, and specifying options for them.
2015-12-05 21:01:08 +00:00
Tommie Gannert
039b7c50dc
Use postJSON and getJSON wherever possible.
...
Encapsulates JSON marshalling.
2015-12-05 15:59:15 +00:00
Tommie Gannert
2dc2fdd1af
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests.
2015-12-05 15:09:29 +00:00
Tommie Gannert
bee1326835
Use a local ServeMux in httpChallenge.Solve.
...
Avoids modifying global state.
2015-12-05 12:25:01 +00:00
Tommie Gannert
38cb60624f
Simplify tlsSNIChallenge code.
...
Solve is blocking, so no need to run initialization code in a separate
goroutine. Removes the need for s.start.
Once the listener is closed, all I/O resources have been returned. No
need to wait for http.Serve to return. Removes the need for s.end.
2015-12-05 12:24:49 +00:00
Tommie Gannert
5dc33c8c08
Simplify httpChallenge code.
...
Solve is blocking, so no need to run initialization code in a separate
goroutine. Removes the need for s.start.
Once the listener is closed, all I/O resources have been returned. No
need to wait for http.Serve to return. Removes the need for s.end.
2015-12-05 12:00:00 +00:00
Tommie Gannert
58a2fd2267
Split off validation function.
...
This is a loop that interacts with the ACME server, not the individual challenges.
Also switch to exponential back-off polling for good measure.
2015-12-05 11:52:24 +00:00