Commit graph

1200 commits

Author SHA1 Message Date
Kate Jefferson
2569c53efe Add sync.Mutex to lock and unlock j.nonces 2016-08-18 16:35:03 -04:00
xenolf
63e8e33beb Merge pull request #268 from xenolf/authz-recycle
Skip challenges when authz is already valid
2016-08-17 20:15:46 +02:00
xenolf
cfdbc15336 Merge pull request #269 from xenolf/travisci-go-updates
Shift CI test to newer Go versions
2016-08-17 20:15:19 +02:00
Matt Holt
33ef204b5e Shift CI test to newer Go versions
Some dependencies evidently require Go 1.6 and newer; also Go 1.7 is out.
2016-08-16 21:56:30 -06:00
Matthew Holt
6bd7f505e1 Log when skipping challenges due to valid authz 2016-08-16 14:00:17 -06:00
Matthew Holt
b2d7a1821e Skip solving challenges when authz is already valid (fixes #267) 2016-08-16 13:50:56 -06:00
xenolf
eb7c5e6bb6 Merge pull request #262 from doublerr/google_multi_subdomains
Fix GoogleCloud DNS challenge to allow subdomains
2016-08-12 19:05:03 +02:00
xenolf
68f2512ba1 Merge pull request #260 from cristiangraz/export-pre-check-dns
Export PreCheckDNS so library users can manage the DNS check in tests
2016-08-12 19:02:52 +02:00
Ryan Richard
de8a56bde8 Fix GoogleCloud DNS challenge to allow subdomains
Fixes #257

Previously the google cloud provider assumed the domain being provided
was also the authoritative zone. This fix uses an acme function to
recursively lookup the authoritative zone for a provided domain.
2016-08-11 13:39:07 -05:00
Cristian Graziano
2818a41068 Export PreCheckDNS so library users can manage the DNS check in tests 2016-08-09 22:15:54 -07:00
xenolf
aa216e0399 Merge pull request #256 from heroku/newclient-doc-fix
Fix documentation for acme.NewClient
2016-08-05 14:04:00 +02:00
liz
5eae7e889c Fix documentation for acme.NewClient 2016-08-04 12:09:42 -04:00
xenolf
4c33bee13d Merge pull request #254 from janeczku/findzonebyfqdn-fix
Correctly determine the zone for CNAME domains pointing to another zone
2016-08-01 13:31:24 +02:00
janeczku
d6197084fc Fixes zone lookup for domains that have a CNAME with the target in another zone 2016-07-29 21:28:28 +02:00
xenolf
5720cba2c9 Merge pull request #251 from bshi/master
Filter Google Cloud DNS List() calls
2016-07-26 14:04:26 +02:00
Bo Shi
028e412850 Filter Google Cloud DNS List() calls
Make a more efficient API call to only fetch the name of interest.
2016-07-21 19:05:16 +00:00
xenolf
b12ce5e731 Merge pull request #245 from bsiegert/master
codegangsta is now called urfave.
2016-07-21 03:40:32 +02:00
xenolf
e2f341198f Remove unneeded re-checking of OCSP responses. The stdlib has us covered already.
Fixes #247
2016-07-21 03:32:56 +02:00
xenolf
029ece0fd2 Well a timeout of 10 something is a good idea indeed... 2016-07-21 03:27:34 +02:00
xenolf
082ff6d029 Removed HTTPTimeout and exported a new HTTPClient variable as a replacement.
The HTTPTimeout was not honored by the default client. Clients should now construct their own HTTPClient for overriding the timeout.
Fixes #246
2016-07-21 03:24:11 +02:00
Benny Siegert
524e35dba6 codegangsta is now called urfave.
Update import paths for cli package.
2016-07-13 21:03:47 +02:00
xenolf
58ead76066 Merge pull request #238 from moomerman/dnsmadeeasy
Add DNSProvider for DNSMadeEasy (http://dnsmadeeasy.com/)
2016-07-10 04:39:59 +02:00
xenolf
b7b05e88db Merge pull request #233 from disaster37/master
Add OVH DNS provider
2016-07-04 15:00:59 +02:00
xenolf
0eba8326e9 Merge pull request #231 from paybyphone/paybyphone_dns_ttl
providers/dns/route53: Adjust DNS challenge TTL to 10 seconds
2016-06-29 16:21:13 +02:00
Richard Taylor
108eaea79b Add DNSProvider for DNSMadeEasy (http://dnsmadeeasy.com/) 2016-06-28 22:48:06 +01:00
disaster
cc40650b80 lauch go fmt to format the change 2016-06-24 18:23:28 +00:00
xenolf
02f0c50815 Merge pull request #234 from jboelter/master
Add optional support for .pem output (.crt + .key)
2016-06-21 02:30:01 +02:00
Joshua Boelter
941e753c80 Add optional support for .pem output (.crt + .key) 2016-06-18 22:55:15 -07:00
Chris Marchesi
64f8e0d225 providers/dns/route53: Adjust DNS challenge TTL to 10 seconds
While more than likely never to come up in a real-world situation,
during renewal integration testing a value of 120 seconds has
proven to be too high (the old challenge record has not expired
by the time the new one is created).
2016-06-17 16:07:37 -07:00
disaster
4f6c1d470f Add OVH DNS provider 2016-06-16 21:11:19 +02:00
xenolf
b2fad61981 Merge pull request #224 from paybyphone/support_existing_csr
Support existing CSRs (update to #122)
2016-06-16 01:01:12 +02:00
Chris Marchesi
575370e196 cert: Extend acme.CertificateResource, support CSRs on renew
client.RenewCertificate now supports CSRs, and in fact prefers them,
when renewing certificates. In other words, if the certificate was
created via a CSR then using that will be attempted before re-generating
off a new private key.

Also adjusted the API of ObtainCertificateForCSR to be a little
more in line with the original ObtainCertificate function.
2016-06-14 21:15:25 -07:00
Will Glynn
01e2a30802 Document --csr flag 2016-06-14 21:15:25 -07:00
Will Glynn
333af54906 Add --csr option to generate a certificate for an existing CSR 2016-06-14 21:15:25 -07:00
Will Glynn
8d7afd02b9 Add ObtainCertificateForCSR()
This commit also breaks requestCertificate() into two parts, the first of
which generates a CSR, the second of which became requestCertificateForCsr()
which does what the name implies.
2016-06-14 21:15:25 -07:00
xenolf
c570b320ae Merge pull request #222 from connctd/registration
In case of conflict during registration, the old registration is now recovered
2016-06-14 13:13:50 +02:00
Till Klocke
402756c1c5 registration message in case of conflict 409 should not contain contact details 2016-06-14 09:50:12 +02:00
xenolf
a9d8cec0e6 Merge pull request #227 from dmcgowan/add-rsc-changes
Change TLS SNI Challenge Cert function to return domain
2016-06-14 01:31:55 +02:00
Derek McGowan
be785fda33 Updated original signature and removed new function 2016-06-12 22:57:22 -07:00
xenolf
a4dfe5a7e7 Merge pull request #230 from doherty/account-json-executable
Write account.json without executable bit set
2016-06-13 03:01:50 +02:00
Mike Doherty
58758f4761 Write account.json without executable bit set
Fixes gh-229
2016-06-11 23:17:11 -07:00
Russ Cox
c8b0781028 Add TLS SNI Challenge function which returns domain
Used by rsc.io/letsencrypt to get the challenge domain.
Originally committed under rsc.io/letsencrypt/vendor.
2016-06-10 11:47:43 -07:00
xenolf
cae9c70e1e Merge pull request #223 from paybyphone/paybyphone_reg_read_delete
reg: Add Query and Delete functions
2016-06-09 21:26:13 +02:00
Chris Marchesi
3028225371 reg: Add Query and Delete functions
Add 2 new functions to acme.Client for registration stuff:

 * QueryRegistration: This performs a POST on the client
   registration's URI and gets the updated registration info.
 * DeleteRegistration: This deletes the registration as currently
   configured in the client.

The latter, while a part of the IETF draft, may not be 100%
functional in LE yet, my tests showed that resources were still
available after deletion.
2016-06-08 16:36:42 -07:00
Till Klocke
599eb9a739 In case of conflict during registration, the old registration is now recovered 2016-06-06 15:32:02 +02:00
xenolf
30a7a8e882 Merge pull request #215 from zealic/master
Add dns-timeout support.
2016-05-27 13:43:23 +02:00
zealic
88932f9167 Add dns-timeout support. 2016-05-25 11:22:09 +08:00
xenolf
b119bc45fb Add "http-timeout" CLI flag.
This allows for an override of the default HTTP timeout for library HTTP requests.
Fixes #207.
2016-05-19 18:52:58 +02:00
xenolf
9e0c21c439 Add HTTPTimeout variable to http.go.
This lets users of this library override the default internal timeout for HTTP requests issued by the library. The default is 10 seconds.
2016-05-19 18:51:47 +02:00
xenolf
1389afd8d8 Better cloudflare API error handling. Report all errors if more then one error is available. 2016-05-19 18:33:35 +02:00