acmed

Commit Graph

Author	SHA1	Message	Date
Rodolphe Breard	43c9eee202	Remove a few unwrap	5 years ago
Rodolphe Breard	62db048a46	Allow to define a custom delay for renewal	5 years ago
Rodolphe Breard	ea02e90292	Fix the JWS tests	5 years ago
Rodolphe Breard	582593de29	Allow to specify the account key type and signature alg in the config	5 years ago
Rodolphe Breard	636fbf9cf6	Refactor the JWS signature algorithm management Being tied with the key type, the signature algorithm should therefore be at the same place than the key type, hence `acme_common::crypto`. This reorganization will allow to specify the account key type as well as the signature algorithm in the configuration.	5 years ago
Rodolphe Breard	d7dbd58823	Move the hashing operation inside the signing function This hashing operation is part of the signing process itself and should therefore not be exposed outside of the signing function.	5 years ago
Rodolphe Breard	eabcddb0af	Add support for RSA 2048 account keys	5 years ago
Rodolphe Breard	1ab5b4012e	Use the correct algorithm and hash function for JWK signatures Since there is currently no possibility to chose a different account key type, the current implementation only supports the ES256 algorithm. With the upcoming support of different key types, it had to be changed. This commit add support for ES384 although there is no configuration option that can activate the actual use of it through account keys using the NIST P-384 curve.	5 years ago
Rodolphe Breard	88f83bafe4	Prepare the Cargo.toml files for a different crypto library	5 years ago
Rodolphe Breard	f2e23b20fd	ACMEd v0.9.0	5 years ago
dependabot-preview[bot]	c8a2b3d37f	Update nix requirement from 0.17 to 0.18 Updates the requirements on [nix](https://github.com/nix-rust/nix) to permit the latest version. - [Release notes](https://github.com/nix-rust/nix/releases) - [Changelog](https://github.com/nix-rust/nix/blob/master/CHANGELOG.md) - [Commits](https://github.com/nix-rust/nix/compare/v0.17.0...v0.18.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>	5 years ago
Rodolphe Breard	09d01eefb5	Remove openssl calls from the acmed crate The TLS library is encapsulated by acme_common.	5 years ago
Rodolphe Breard	501b1aa9d8	Replace `reqwest` by `attohttpc` `reqwest` is a very good crate, however ACMEd does not require most of its functionalities. For this job, `attohttpc` is also great and comes with much less dependencies. rel #1	5 years ago
Rodolphe Breard	da12bf93ba	Add support for user and groups names	5 years ago
Rodolphe Breard	942d0a9ba7	ACMEd v0.8.0	5 years ago
Rodolphe Breard	5a06631e05	Cleanup the code	5 years ago
Rodolphe Breard	41f2bda7d3	Format the code correctly	5 years ago
Rodolphe Breard	c498cadb14	Add threads based on endpoints Each endpoint can safely renew its certificates at the same time as other endpoints. Hence, this operation is now done within a new thread for each endpoint.	5 years ago
Rodolphe Breard	2222b99226	Bring the rate limit back	5 years ago
Rodolphe Breard	26ce6fdf40	Refactor the HTTP back-end The previous HTTP back-end was tightly coupled with the threads, which was very inconvenient. It is now completely decoupled so a new threading model may be implemented.	5 years ago
Rodolphe Breard	b288f2b32c	Add an independent endpoint structure Having the data relative to the endpoint in the certificate structure makes no sense. There is no way to share it across certificates which is sometimes needed. Also, having the other part of the endpoint data (mostly nonce and rate limit) in different places makes it difficult to maintain. Hence, the endpoint structure has been created. For now it is quite simple and does not handle every aspects of the endpoint, but this will be implemented in the future.	5 years ago
Rodolphe Breard	52973b4b9e	Remove the PID file after exit Fix #25	5 years ago
Rodolphe Breard	70db8e6dd9	Prevent unnecessary creation of a PID file When running in foreground, a PID file should be created only if the `--pid-file` option is specified. Rel #25	5 years ago
Rodolphe Breard	eccac72460	Fix the default PID file name	5 years ago
Danilo Bargen	3e49c938ea	Remove trailing period from logs Some logs contain a trailing period, some don't. Since they don't add any information, I removed them for more consistency.	5 years ago
Danilo Bargen	972dd4d4be	Log certificate domains before and after renewal Right now only the id is logged as a prefix (e.g. crt-3), so it's not possible to easily determine which certificate was renewed, or failed to renew.	5 years ago
Rodolphe Breard	51fabb38ea	Remove threads The threading architecture was not good at all. It was built around the HTTP part, which isn't flexible enough. Hence, the decision has been made to refactor both of those parts. This will takes 4 steps : 1. remove threads and rate limits (this commit) 2. refactor the HTTP part (the tricky part) 3. reintroduce rate-limits (quite easy) 4. introduce a new threading system (the easiest part)	5 years ago
Rodolphe Breard	8be37b7fc6	ACMEd v0.7.0	5 years ago
Rodolphe Breard	39430009ac	Add internationalized domain names support	5 years ago
Rodolphe Breard	9eda92662d	Allow --pid-file to be used with --foreground The PID file is now always written whether or not ACMEd is running in the foreground. Previously, it was written only when running in the background. Fix #7	5 years ago
Rodolphe Breard	39df1601d8	Format code	5 years ago
Rodolphe Breard	9a436fc35f	Remove superfluous characters in JSON In some situations, it has been found that a specific ACME server returns extra characters before and after the JSON, which is therefore invalid. Although this must be fixed in the server, ACMEd should gracefully ignore such erroneous characters instead of refusing the response.	5 years ago
Rodolphe Breard	e338469b7a	Fix the type of the externalAccountRequired field	5 years ago
Rodolphe Breard	e6ff3b97ba	Replace * by _ in file names	5 years ago
Rodolphe Breard	6255587329	Display certificate TTL in days instead of seconds	5 years ago
Rodolphe Breard	b16b2e6b09	Remove the explicit dependency on the time crate	5 years ago
Rodolphe Breard	a8cde157b6	Update the handlebars dependency	5 years ago
Rodolphe Breard	d373f1fdbb	Update the nix dependency	5 years ago
Jakub Pastuszek	d8a52e85f3	support for wildcard certificates	5 years ago
Rodolphe Breard	8752b0d1d5	ACMEd v0.6.1	5 years ago
Rodolphe Breard	f9a71cbde6	Fix the "foregroung" typo I made the typo once and then copy/pasted it everywhere.	5 years ago
Rodolphe Breard	f3f3bbc116	Update the nix dependency	6 years ago
Rodolphe Breard	405386e5a4	Prevent the crates from being published to a registry This project provides binaries without any link to Rust or Cargo. It is just normal binaries that appears to be written in Rust. Therefore, it does not makes any sense to distribute them in a Rust-specific registry. Furthermore, such publication would not include the man pages installation may not respect some distribution-specific policies.	6 years ago
Rodolphe Breard	3ccfc9e327	Use the HookType enum from the hook module	6 years ago
Rodolphe Breard	55f4d3416b	Refactor the JWK implementation	6 years ago
Rodolphe Breard	117a19f985	Create account key pair at startup If several certificates uses the same account and this account doesn't exists yet, they will both try to create it, resulting in a race condition. This commit solves the problem by creating the account key pair at startup. Account creation on the endpoint is not subject to a race condition since the request does not differ from the one used to retrieve the account id. Fix #3	6 years ago
Rodolphe Breard	9e337a2d1a	Move JWS out of acme_proto	6 years ago
Rodolphe Breard	37d9fd5e57	Remove unused Curve25519	6 years ago
Rodolphe Breard	4ea49512d6	Remove the standalone feature As discussed in #2, ring is not mature enough to replace OpenSSL. Hence, the standalone mode which has been made to implement such a replacement has to be removed until ring becomes usable.	6 years ago
Rodolphe Breard	5a1aaa443a	Update the tests	6 years ago

1 2 3

131 Commits (43c9eee202c82ddfd4e435410a39f28b032634d7)