Mirror
/
acmed
mirror of https://github.com/breard-r/acmed.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Commit Graph

  • f3838532b6
         Merge pull request #41 from chmodas/minor-documentation-fixes Rodolphe Bréard 2020-12-06 10:07:12 +0100
  • 42168f83d8
         Minor documentation fixes #41 Borislav Borisov 2020-12-06 00:21:32 +0000
  • ba1f5a0102 Fix build status Rodolphe Bréard 2020-11-26 18:16:51 +0100
  • 7c74e3b247 ACMEd v0.16.0 v0.16.0 Rodolphe Breard 2020-11-11 21:51:27 +0100
  • 9e18254b73 Update the certificate's subject attributes Rodolphe Breard 2020-11-11 19:27:30 +0100
  • d738e794b9 Fix typo in the man Rodolphe Breard 2020-11-11 19:27:01 +0100
  • 675a75b470 ACMEd v0.15.0 v0.15.0 Rodolphe Breard 2020-11-03 19:44:23 +0100
  • b7d848adef Add the file_name_format config directive Rodolphe Breard 2020-11-03 19:37:31 +0100
  • f8a74cfd7d Fix the storage log Rodolphe Breard 2020-11-03 18:14:34 +0100
  • eb6e363307 Include config files only once Rodolphe Breard 2020-11-02 19:13:15 +0100
  • e0ffe377a2 Allow certificates to have the same name but different key type Rodolphe Breard 2020-11-02 18:27:06 +0100
  • 5506fbe71b Add Rust 1.42 compatibility Rodolphe Breard 2020-11-01 09:59:16 +0100
  • 6a57a92bc5 Update the nom dependency Rodolphe Breard 2020-11-01 00:26:10 +0100
  • d7da82ad6f ACMEd v0.14.0 v0.14.0 Rodolphe Breard 2020-10-27 20:12:00 +0100
  • c4e2441404 Add the wiki Rodolphe Breard 2020-10-25 19:14:00 +0100
  • b1baa6d72b Update the README Rodolphe Breard 2020-10-25 00:13:09 +0200
  • 426fb63c50 Allow to specify a unique name for each certificate Rodolphe Breard 2020-10-24 23:39:20 +0200
  • 12b486c93a Update the manual for acmed.toml Options were not alphabetically sorted, which made it hard for someone to find what he is looking for. Also, the TOML specification link has been updated. Rodolphe Breard 2020-10-24 20:26:25 +0200
  • 1dcfe99405 Fix a tag in the man Rodolphe Breard 2020-10-24 18:31:02 +0200
  • 605c905ee8 Update the README Rodolphe Breard 2020-10-23 23:07:02 +0200
  • a7da547059 Update the README Rodolphe Breard 2020-10-22 19:09:12 +0200
  • 27e321d90d Fix the CHANGELOG Rodolphe Breard 2020-10-22 18:12:08 +0200
  • 17e544ac13 Update the env_logger dependency Rodolphe Breard 2020-10-22 18:07:54 +0200
  • 34944d226d Update the nix dependency Rodolphe Breard 2020-10-13 20:07:43 +0200
  • 914bdf8a8d
         Update nix requirement from 0.18 to 0.19 #40 dependabot-preview[bot] 2020-10-13 04:27:27 +0000
  • cdc8f79853 Update the attohttpc dependency Finishes the job initiated in #39 Rodolphe Breard 2020-10-12 22:46:54 +0200
  • c0383a1ad9
         Merge pull request #39 from breard-r/dependabot/cargo/attohttpc-0.16 Rodolphe Bréard 2020-10-12 21:44:48 +0200
  • a02df167c5
         Update attohttpc requirement from 0.15 to 0.16 #39 dependabot-preview[bot] 2020-10-12 04:29:03 +0000
  • 913199c106 Update the Rust versions in the CI Rodolphe Breard 2020-10-10 23:30:13 +0200
  • f520c05544 Update the base64 dependency Rodolphe Breard 2020-10-10 23:23:14 +0200
  • 44c6f99456 ACMEd v0.12.0 v0.13.0 Rodolphe Breard 2020-10-10 23:03:23 +0200
  • 1d80066c56 Improve the build system Rodolphe Breard 2020-10-10 22:06:14 +0200
  • 82674904c1 Allow to specify a target in the Makefile Rodolphe Breard 2020-10-10 21:14:07 +0200
  • 41d343eeaa Remove the acme_common build script's warning Rodolphe Breard 2020-10-10 20:15:46 +0200
  • 8c0d208fe5 Add the `openssl_vendored` feature rel #4 Rodolphe Breard 2020-10-10 20:14:31 +0200
  • 9ec48e7e03 Add the `root_certificates` parameter Being able to define root certificates in the command line is not enough for two reasons: 1. It is always global, you cannot define a root certificate for a specific endpoint. 2. Daemon scripts and unit files are not meant to be changed every time you need to add a root certificate. Rodolphe Breard 2020-10-10 18:57:36 +0200
  • 48179d19ed Refactor the JWS protected header generation Rodolphe Breard 2020-10-08 21:48:52 +0200
  • d1901bea91 Update the CONTRIBUTING.md file Rodolphe Breard 2020-10-06 20:10:48 +0200
  • b75b8ba9f7 Prepare the code for an OpenSSL replacement The part of code that are specific to OpenSSL are now included only if the openssl feature is activated. The generic parts of code included in OpenSSL specific files has been moved out. Rodolphe Breard 2020-10-06 20:06:32 +0200
  • d1a344a171 Reorder the Cargo.toml Rodolphe Breard 2020-10-03 22:38:20 +0200
  • fc71b90822 Include packaging in the CONTRIBUTING.md file Rodolphe Breard 2020-09-27 19:20:23 +0200
  • d9fdc8cb08 Fix the man pages syntax Rodolphe Breard 2020-09-27 00:08:09 +0200
  • de6561cd24 ACMEd v0.12.0 v0.12.0 Rodolphe Breard 2020-09-26 16:44:45 +0200
  • 0db5e6898f Stop to require the `orders` field on account creation RFC 8555 states that: - when an account is successfully created, the server "returns this account object" (section 7.3); - the `orders` field in account objects is mandatory (section 7.1.2). Rodolphe Breard 2020-09-26 16:17:23 +0200
  • 0c8b0d3e53 Log HTTP responses and POST requests Rodolphe Breard 2020-09-26 14:31:09 +0200
  • 8477d927a1 Add support for NIST P-521 curve and ES512 signatures Rodolphe Breard 2020-09-20 11:09:14 +0200
  • 53a6eff1eb Fix the new order request Rodolphe Breard 2020-09-19 23:59:38 +0200
  • 1a1c1bed91 Allow to specify subject attributes for certificates Rodolphe Breard 2020-09-19 20:22:00 +0200
  • 2dee1cce4c Remove nonce scoping from the planned features Rodolphe Breard 2020-09-19 17:04:01 +0200
  • 0456737458 ACMEd v0.11.0 v0.11.0 Rodolphe Breard 2020-09-19 12:07:47 +0200
  • 2e526f63e2 Update the CHANGELOG Rodolphe Breard 2020-09-19 11:54:18 +0200
  • 3c173bcf13 Create a new account if the external account has changed Rodolphe Breard 2020-09-19 11:46:19 +0200
  • bb47e04558 Improve the binary's long version Rodolphe Breard 2020-09-13 21:23:47 +0200
  • 1267e09ecb Dynamically retrieve the OpenSSL version Rodolphe Breard 2020-09-13 20:44:31 +0200
  • 51ff3fb9f8 Fix the test_account_new test Rodolphe Breard 2020-09-12 19:30:46 +0200
  • 8c116f0b55 Add external account binding Rodolphe Breard 2020-09-12 19:13:02 +0200
  • 875a403485 Add the b64_decode function Rodolphe Breard 2020-09-12 15:55:17 +0200
  • 45ca322ea6 Add the HS256, HS384 and HS512 signature algorithms Rodolphe Breard 2020-09-12 15:18:49 +0200
  • 30517d8b54 Add the HMAC computation in the HashFunction API Rodolphe Breard 2020-09-12 15:15:34 +0200
  • 4eb0423da3 Reformat log messages Rodolphe Breard 2020-09-08 19:29:20 +0200
  • 35fc59f761 Remove the signature algorithm from the key hash The key hash is responsible for the initiation of a key rollover on endpoints. Therefore, it should differ only when such an action is required, which is only if the key pair has changed. For this, hashing the public key is sufficient. Adding the signature algorithm will generate unnecessary key rollovers. Rodolphe Breard 2020-09-08 18:11:51 +0200
  • f44d95e7b1 Remove the -D option from install In the Makefile, `make install` is used to create missing directories and install files into them. Until now, the -D option was used for this job. However, FreeBSD as an implementation of the install command that differs about this option. In order to remain compatible with FreeBSD, the -D option has been removed and replace by prior directory creation using the -d option, which is common to (most?) implementations. https://www.freebsd.org/cgi/man.cgi?query=install https://man.openbsd.org/install https://linux.die.net/man/1/install Rodolphe Breard 2020-09-06 14:37:36 +0200
  • b340ac778d Make the account hooks optional Rodolphe Breard 2020-09-06 12:15:04 +0200
  • dc0603b9e7 Update the Travis CI configuration The `dist: xenial` has been added because, at the time, build was done using an old version of Ubuntu including an unsupported version of OpenSSL. Now that Xenial is the default build version, this option should be removed. See commit 261e0e50fd Rodolphe Breard 2020-09-04 20:11:15 +0200
  • 220f580d90 Use libc::time_t instead of i64 The use of i64 causes troubles in architectures that doesn't defines time_t as an i64. Fixes #37 Rodolphe Breard 2020-09-04 20:07:38 +0200
  • 04841e1773 Fix the account key rollover Rodolphe Breard 2020-09-01 20:30:19 +0200
  • 8b2a32d671 Re-create accounts dropped by the endpoint Rodolphe Breard 2020-09-01 18:23:28 +0200
  • 9b12e88ae1 Allow accounts to be updated The previous strategy for accounts management on endpoints was to send an account creation request every time in order to retrieve the account URL. Although it works on most cases, the contact information or key update wasn't handled correctly. Rodolphe Breard 2020-09-01 16:01:56 +0200
  • a9603528f4 Add questions about parallelization in the FAQ Rodolphe Breard 2020-09-01 11:15:45 +0200
  • 51cfd49f08 Refactor the account management Rodolphe Breard 2020-09-01 00:48:39 +0200
  • 32c1e986af Fix invalid link in the CONTRIBUTING file Rodolphe Breard 2020-08-30 11:18:01 +0200
  • 04a95dad26 Update the CONTRIBUTING file Rodolphe Breard 2020-08-30 11:16:57 +0200
  • 69739d4703 Create a dedicated FileManager struct The certificate struct was bloated with file management data which therefore required the certificate to be passed in every storage function. In order to clean this, a new FileManager struct has been created. Rodolphe Breard 2020-08-28 17:44:32 +0200
  • 3b7f41a7e8 Update the README Rodolphe Breard 2020-08-28 00:16:44 +0200
  • f126ee22d0 ACMEd v0.10.0 v0.10.0 Rodolphe Breard 2020-08-27 11:42:41 +0200
  • 64e7d80f7c Improve the CHANGELOG Rodolphe Breard 2020-08-27 11:29:44 +0200
  • a1ff1f6181 Raise a descriptive error for invalid identifier specifications An identifier must have one and only one type field (`dns` or `ip`). Rel #24 Rodolphe Breard 2020-08-27 00:02:26 +0200
  • 53d55af96e Improve the FAQ Rodolphe Breard 2020-08-26 20:21:34 +0200
  • 96cc42375e Improve the FAQ Rodolphe Breard 2020-08-26 20:02:04 +0200
  • 52fe2c60ba Refactor the certificate key type management The previous system used a duplicated enum (`acmed::certificate::Algorithm`) and an imprecise identifier name (algorithm) for both the certificate configuration and post operation hook variable. The first one has been replaced by the `acme_common::crypto::KeyType` enum and the second renames `key_type`. Rodolphe Breard 2020-08-26 19:45:51 +0200
  • bea33179d7 Allow to specify the CSR's digest algorithm Rodolphe Breard 2020-08-26 19:16:04 +0200
  • e17e6d1174 Add the PID file name in the error message Rel #24 Rodolphe Breard 2020-08-26 17:39:37 +0200
  • 3ee3419676 Add missing commas Rodolphe Breard 2020-08-26 17:38:57 +0200
  • 7292cc68ca Fix the certificate generation tests Rodolphe Breard 2020-08-26 16:12:18 +0200
  • c5f1e90276 Add the `--crt-digest` option in tacd Rodolphe Breard 2020-08-26 16:09:07 +0200
  • f640688a3b Refactor the hash function interface Rodolphe Breard 2020-08-26 15:43:09 +0200
  • c7263703d1 Improve the CLI Some default values were missing. Some descriptions has been rephrased. Rodolphe Breard 2020-08-26 14:40:15 +0200
  • b08da88bcf Fix the conditional compilation Rodolphe Breard 2020-08-26 14:12:37 +0200
  • 602d8c6cf6 Add the `--crt-signature-alg` option in tacd Rodolphe Breard 2020-08-26 14:12:04 +0200
  • 4614d6c407 Add partial EdDSA support Currently, OpenSSL does not have the required `EVP_PKEY_get1_ED(25519|448)` functions, hence EdDSA has been partially implemented and disabled. Once OpenSSL 3.0.0 is out and the `openssl` crates implements the bindings to those functions, full EdDSA implementation could be done and activated. Conditional compilation has been implemented using `rustc-cfg` instructions rather than features so it can be activated from the build script depending on whether or not the cryptographic library supports Ed25519 and Ed448. 7c664b1f1b Rodolphe Breard 2020-08-26 12:42:47 +0200
  • a0f4928a73 Move the account key type and signing algorithm Those options are tied with the account and should therefore be defined in the associated section, not in the endpoint section. Rodolphe Breard 2020-08-25 22:48:56 +0200
  • 9f6f10c67a Fix the case Rodolphe Breard 2020-08-25 21:50:28 +0200
  • 87f97ec334 Improve configuration error messages Rel #24 Rodolphe Breard 2020-08-25 21:34:55 +0200
  • 566d09a618 Warn on empty inclusion patterns Rodolphe Breard 2020-08-25 20:27:17 +0200
  • 573442dbd2 Improve the logging of the renewal decision Rodolphe Breard 2020-08-25 20:08:58 +0200
  • 2f39e798d1 Add Unix style globing for config file inclusion Close #6 Rodolphe Breard 2020-08-25 19:58:30 +0200
  • 25450aebbf Implement IP identifiers RFC 8738: https://tools.ietf.org/html/rfc8738 Rodolphe Breard 2020-08-25 18:52:30 +0200
  • 43c9eee202 Remove a few unwrap Rodolphe Breard 2020-08-24 16:25:22 +0200
  • 62db048a46 Allow to define a custom delay for renewal Rodolphe Breard 2020-08-24 15:37:59 +0200
  • 387adc7c4f Remove the useless calls to `map_err` Rodolphe Breard 2020-08-24 12:09:20 +0200