| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-01-21 | typo; ok benno | Florian Obser | |
| 2017-01-21 | acme-client use configuration file [5 of 5] | Sebastian Benoit | |
| implement new -n option to check and print configuration ok florian | |||
| 2017-01-21 | acme-client use configuration file [4 of 5] | Sebastian Benoit | |
| fix getopt() ok florian | |||
| 2017-01-21 | acme-client use configuration file [3 of 5] | Sebastian Benoit | |
| change command line options: n -> A new Account key N -> D new Domain key With this acme-client has these main usage patterns: * create new Account Key and Domain Key and get a certificate: acme-client -A -D www.example.com * renew certificate: acme-client www.example.com * revoke certificate: acme-client -r www.example.com ok florian | |||
| 2017-01-21 | acme-client use configuration file [2 of 5] | Sebastian Benoit | |
| - add challengedir option to config file - remove -C option from command line ok florian | |||
| 2017-01-21 | acme-client use configuration file [1 of 5] | Sebastian Benoit | |
| start using the configuration file and delete command line arguments: -a agreement -> agreement url ... -c certdir -> domain certificate "path" -f accountkey -> account key "path" -k domainkey -> domain key "path" -s authority -> sign with "name" new argument: -f configfile the changes needed to use the new configuration are local to main.c for now. While the configuration could be passed directly to netproc(), keyproc() etc, the diff is smaller this way. This also removes the multidir (-m) mode for now - specify different paths in each domain {} block instead. ok florian | |||
| 2017-01-05 | Replace hand-rolled for(;;) emptying of 'symhead' TAILQ with more | Kenneth R Westerback | |
| modern TAILQ_FOREACH_SAFE(). No intentional functional change. ok millert@ bluhm@ gilles@ | |||
| 2017-01-05 | Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQ | Kenneth R Westerback | |
| with more modern TAILQ_FOREACH(). This what symget() was already doing. Add paranoia '{}' around body of symget()'s TAILQ_FOREACH(). No intentional functional change. ok bluhm@ otto@ | |||
| 2016-11-02 | Use secure defaults for TLS - instead of accepting TLSv1.0 and any cipher | Joel Sing | |
| suite, use the libtls defaults and require TLSv1.2 with an AEAD+PFS cipher suite - given who we're talking to one would hope that they meet these requirements... ok benno@ deraadt@ florian@ | |||
| 2016-10-04 | Avoid a potential MITM - calling tls_config_insecure_noverify() is a bad | Joel Sing | |
| idea, so stop doing that. Instead, use a single tls_config, set it up and configure the CA file to use while we still have rpath, then drop rpath. This also avoids creating a new tls_config for each and every HTTPS connection, which is unnecessary. ok benno@ florian@ | |||
| 2016-10-04 | s/letsencrypt/ACME/ | Joel Sing | |
| 2016-10-04 | tls_close() can return TLS_WANT_POLLIN/TLS_WANT_POLLOUT - handle this | Joel Sing | |
| case correctly. ok florian@ | |||
| 2016-09-24 | The file descriptor needs to be closed in both the TLS and non-TLS case, | Joel Sing | |
| so make it a common/shared code path. | |||
| 2016-09-24 | Both tls_free() and tls_config_free() are safe to call with NULL. | Joel Sing | |
| 2016-09-24 | Remove more backwards compat for unsupported OpenBSD releases. | Joel Sing | |
| 2016-09-20 | reoorder includes, | Sebastian Benoit | |
| noticed by & ok florian@ | |||
| 2016-09-18 | tweak previous; | Jason McIntyre | |
| 2016-09-18 | add a config file parser to acme-client (unused at the moment, so that | Sebastian Benoit | |
| it can be worked on in the tree). ok florian@ deraadt@ | |||
| 2016-09-15 | more fat trimming; | Jason McIntyre | |
| 2016-09-14 | move default file and directory locations to a new FILES section | T.J. Townsend | |
| and trim some extraneous text. ok florian jmc deraadt | |||
| 2016-09-13 | convert some ifs to switches. ok millert tb | Ted Unangst | |
| 2016-09-13 | A small amount more KNF to make this easier on our eyes. Not going further | Theo de Raadt | |
| than this. ok florian | |||
| 2016-09-13 | hoist local variable initialization directly into the definitions, | Theo de Raadt | |
| rather than doing it right afterwards. ok florian | |||
| 2016-09-13 | hoist local variable initialization directly into the definitions, | Theo de Raadt | |
| rather than doing it right afterwards. ok florian | |||
| 2016-09-13 | Inconsistant use of case (value): idiom drives me nuts, I have no idea | Theo de Raadt | |
| what purpose it was intended to serve. | |||
| 2016-09-13 | RAND_status() and RAND_seed() are not needed, this is 2016. | Theo de Raadt | |
| 2016-09-13 | use reallocarray() | Theo de Raadt | |
| 2016-09-13 | chroot is not the reason this is run as root | Theo de Raadt | |
| 2016-09-06 | some indent; from michael reed | Jason McIntyre | |
| 2016-09-05 | We do not compile things -g by default | Theo de Raadt | |
| 2016-09-05 | this file cannot be kept accurate | Theo de Raadt | |
| 2016-09-01 | Use b64_ntop instead of adding yet another base implementation of base64 | Theo Buehler | |
| encoding to base. Tweaked version of a diff by florian. ok florian | |||
| 2016-09-01 | update usage(); pointed out by jmc@ | Florian Obser | |
| 2016-09-01 | tidy up the list; | Jason McIntyre | |
| 2016-09-01 | Implement table driven selection to which ACME authorities we can | Florian Obser | |
| talk. Suggest by and OK deraadt, OK benno. (Later on deraadt and benno discussed if this should be handled with a config file. This seems to be good enough for now. We can do a config file later.) | |||
| 2016-09-01 | make the page more neutral, as suggested by deraadt; | Jason McIntyre | |
| add STANDARDS, as suggested by florian; help/ok deraadt florian | |||
| 2016-09-01 | various cleanup; | Jason McIntyre | |
| 2016-09-01 | we don't have config.h | Florian Obser | |
| 2016-09-01 | line wrap usage | Theo de Raadt | |
| 2016-09-01 | do { } while is easier to eyeball | Theo de Raadt | |
| 2016-09-01 | PATH_VAR_EMPTY is not used | Theo de Raadt | |
| 2016-09-01 | Collapse krazy abstractions for other sandbox models, using chroot and | Theo de Raadt | |
| pledge directly as needed. ok florian | |||
| 2016-09-01 | knf | Sebastian Benoit | |
| 2016-08-31 | whitespace | Sebastian Benoit | |
| 2016-08-31 | whitespace | Sebastian Benoit | |
| 2016-08-31 | whitespace | Sebastian Benoit | |
| 2016-08-31 | whitespace | Sebastian Benoit | |
| 2016-08-31 | We are past 5.8. Also gets rid of asserts as a bonus. | Florian Obser | |
| OK benno@, deraadt@ | |||
| 2016-08-31 | Bring in license for man page Kristaps just added upstream in | Florian Obser | |
| commit 33c4b38b1db65097e4301e982c9cffcb8c3e648d. | |||
| 2016-08-31 | whitespace | Sebastian Benoit | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |