pogpp/lego

Author	SHA1	Message	Date
xenolf	09ff568758	Adjust logging output for http-01	2015-12-27 19:18:38 +01:00
xenolf	466af28672	Extract validateFunc from httpChallenge and tlsSNIChallenge	2015-12-27 19:08:17 +01:00
xenolf	6b750198f2	Fix tests	2015-12-27 18:56:44 +01:00
xenolf	523f3eb250	Change SetHTTPSPort to SetTLSPort	2015-12-27 18:56:36 +01:00
xenolf	0e857b2fef	Adapt CLI to changes in lib - Change explicit include of challenges to explicit exclude - Add CLI switches for HTTP and TLS ports	2015-12-27 18:35:19 +01:00
xenolf	053dc4cfb1	Extract mutation of client into functions	2015-12-27 18:28:54 +01:00
xenolf	595f684e27	Merge branch 'master' of https://github.com/tommie/lego into refactor-client # Conflicts: # acme/client.go # acme/http_challenge.go # acme/http_challenge_test.go # acme/tls_sni_challenge.go # cli.go # cli_handlers.go	2015-12-27 17:38:49 +01:00
Mustafa Altun	f3df6b81b2	Fix gofmt errors	2015-12-24 10:57:09 +02:00
xenolf	c2630f8eb7	Limit ioutil.ReadAll calls in client as well	2015-12-21 02:44:25 +01:00
xenolf	00af84d91b	Close response body in getIssuerCertificate	2015-12-21 02:44:25 +01:00
xenolf	7789bd2ffc	Limit OCSP answers to 1MB. fixes #56	2015-12-18 22:33:30 +01:00
xenolf	136cc73ff8	Move call to ObtainSANCertificate	2015-12-18 17:55:43 +01:00
xenolf	5930ea52f0	lib: make renew aware of SAN	2015-12-18 17:55:43 +01:00
xenolf	c13968859a	tweak log messages a bit	2015-12-15 21:21:12 +01:00
xenolf	c2467d031f	Fix tests with new error	2015-12-11 17:16:24 +01:00
xenolf	f08c15df80	Use boulder error messages.	2015-12-11 17:16:24 +01:00
xenolf	a23289899c	Fix typo	2015-12-07 16:58:01 +01:00
xenolf	54e96f6fc5	Document that ObtainSANCertificate will never return a partial certificate on error.	2015-12-07 16:51:28 +01:00
Tommie Gannert	e32b9abfb2	Remove ObtainCertificates and rename ObtainSANCertificate to ObtainCertificate. Also removes revokation abilities from RenewCertificate. Makes the API more orthogonal. These things are not provided by the ACME protocol, but were convenience helpers.	2015-12-05 22:07:12 +00:00
Tommie Gannert	71624f607a	Replace exponential back-off in validate with Retry-After header. Last paragraph of ACME spec, section 6.5: To check on the status of an authorization, the client sends a GET request to the authorization URI, and the server responds with the current authorization object. In responding to poll requests while the validation is still in progress, the server MUST return a 202 (Accepted) response with a Retry-After header field.	2015-12-05 21:32:53 +00:00
Tommie Gannert	b2c88d7a5d	Make solvers configurable. Allows selecting which solvers are available, and specifying options for them.	2015-12-05 21:01:08 +00:00
Tommie Gannert	039b7c50dc	Use postJSON and getJSON wherever possible. Encapsulates JSON marshalling.	2015-12-05 15:59:15 +00:00
Tommie Gannert	2dc2fdd1af	Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests.	2015-12-05 15:09:29 +00:00
Tommie Gannert	bee1326835	Use a local ServeMux in httpChallenge.Solve. Avoids modifying global state.	2015-12-05 12:25:01 +00:00
Tommie Gannert	38cb60624f	Simplify tlsSNIChallenge code. Solve is blocking, so no need to run initialization code in a separate goroutine. Removes the need for s.start. Once the listener is closed, all I/O resources have been returned. No need to wait for http.Serve to return. Removes the need for s.end.	2015-12-05 12:24:49 +00:00
Tommie Gannert	5dc33c8c08	Simplify httpChallenge code. Solve is blocking, so no need to run initialization code in a separate goroutine. Removes the need for s.start. Once the listener is closed, all I/O resources have been returned. No need to wait for http.Serve to return. Removes the need for s.end.	2015-12-05 12:00:00 +00:00
Tommie Gannert	58a2fd2267	Split off validation function. This is a loop that interacts with the ACME server, not the individual challenges. Also switch to exponential back-off polling for good measure.	2015-12-05 11:52:24 +00:00
Tommie Gannert	237689b0cf	Run gofmt on acme/tls_sni_challenge.	2015-12-05 11:50:57 +00:00
Matthew Holt	d9e2e2a873	Cleaned up a couple log lines	2015-12-02 12:33:37 -07:00
xenolf	32a29fd5ad	We have two solvers now	2015-11-22 19:33:26 +01:00
xenolf	775545e2bb	Add tests to TLS-SNI-01	2015-11-22 19:31:16 +01:00
xenolf	22622438fd	Implement TLS-SNI-01 to match Boulder. Not spec conform.	2015-11-22 19:31:16 +01:00
xenolf	e8d64bb50b	WIP TLS-SNI-01 [ci skip]	2015-11-22 19:31:16 +01:00
Matthew Holt	974f2fa929	Don't try appending /directory to caURL (spec doesn't require it) Also improved some comments/docs and fixed a test	2015-11-20 12:01:06 -07:00
xenolf	f2389fda58	Remove simpleHTTP - Update README	2015-11-18 22:17:02 +01:00
xenolf	08680d8fcf	Properly name challenge types for http-01 tests	2015-11-18 22:11:47 +01:00
xenolf	7662cbcec5	Merge pull request #30 from xenolf/add-san-cert Add SAN certificates - fix #20	2015-11-18 22:07:54 +01:00
xenolf	f41ed4f9de	Remove unneeded function	2015-11-18 21:41:27 +01:00
xenolf	a8c2a12871	Move back to square/go-jose (reverted from commit `cae6d59e19`)	2015-11-18 21:15:49 +01:00
xenolf	cae6d59e19	Move back to square/go-jose	2015-11-18 21:06:45 +01:00
xenolf	caba7ddee7	Add comment to ObtainSANCertificate	2015-11-18 19:53:42 +01:00
xenolf	3be490f6cb	Change how challenge order is preserved as suggested by @zakjan	2015-11-18 19:44:47 +01:00
xenolf	b9ba9e58b3	Return the right error	2015-11-17 23:07:13 +01:00
xenolf	487c8763d5	Revert adding locks to jws - not in scope of this branch	2015-11-17 22:36:25 +01:00
xenolf	6671fd137c	Make sure the challenges do not get re-ordered for SAN certs	2015-11-17 22:22:25 +01:00
xenolf	c849ca1b90	If any challenge fails - return an error	2015-11-17 19:45:15 +01:00
xenolf	17576f0626	Update README & Extract KeyAuthorizations from HTTP-01	2015-11-16 23:57:04 +01:00
Jan Zak	5f566d2e0c	Add JSON tags to RegistrationResource as used in official client	2015-11-13 20:20:15 +01:00
xenolf	9ee93e8428	Add tests for http-01	2015-11-12 23:51:07 +01:00
xenolf	f29debf702	Adjust client tests to new solver count	2015-11-12 22:51:12 +01:00

1 2 3

133 commits