summaryrefslogtreecommitdiff
path: root/usr.sbin/acme-client
AgeCommit message (Expand)Author
2019-08-12Do not exit with error if the challenge file already exists, instead truncate...Sebastian Benoit
2019-08-11In let's encrypt v1 we had to track a challenge for every domain inFlorian Obser
2019-07-12According to RFC 8555 we MUST send an User-Agent.Florian Obser
2019-07-04Use v02 let's encrypt API key as in the example filesolene
2019-06-28When system calls indicate an error they return -1, not some arbitraryTheo de Raadt
2019-06-18When the parser detects that it needs more tokens it returnsFlorian Obser
2019-06-17It's enough to allocate the EC key once.Florian Obser
2019-06-17One NULL-check before EVP_MD_CTX_free() was left in previous.Theo Buehler
2019-06-17 Use non-deprecated API; from Renaud Allard, thanks!Florian Obser
2019-06-17 Implement elliptic curve account keys.Florian Obser
2019-06-17s/get1/get0/ in commentsFlorian Obser
2019-06-16Trade unveil(2) for chroot(2).Florian Obser
2019-06-16 Do not leak rsa keys; nobody is messing with the reference behind ourFlorian Obser
2019-06-16acctkey indirection is unnecessary, just pass authority->accountFlorian Obser
2019-06-15Remove bugs section.Florian Obser
2019-06-15 Now that we have different key types (rsa and ecdsa) we probablyFlorian Obser
2019-06-15Print domain key type in config test mode (-n).Florian Obser
2019-06-14Track key type (RSA or ECDSA) in an enum and clean up a bit while here.Florian Obser
2019-06-12tweak previous;Jason McIntyre
2019-06-12these were moved to key.[ch] in previous commitGilles Chehade
2019-06-12use acme-client to sign certificated with ecdsa keysGilles Chehade
2019-06-08remove unused variableFlorian Obser
2019-06-08 Remove A and D flag, they are superfluous.Florian Obser
2019-06-07Implement RFC 8555 "Automatic Certificate Management EnvironmentFlorian Obser
2019-04-01repair confusing "} if"; from florian@Christian Weisgerber
2019-03-09remove free() before exit() from main(), in ongoing work to makeSebastian Benoit
2019-03-09use temporary strings for calls to basename(), because it may changeSebastian Benoit
2019-03-08fix dirname usage in acme-client: dirname() can modify its argumentSebastian Benoit
2019-03-04According to RFC 7230 Section 3.2 header field names areFlorian Obser
2019-02-13(unsigned) means (unsigned int) which on ptrdiff_t or size_t or otherTheo de Raadt
2019-02-03flesh this page out a bit to (hopefully) make it more helpful;Jason McIntyre
2019-02-01fix comments and clean up whitespaceSebastian Benoit
2019-02-01if not all challenges were validated, retry again.Sebastian Benoit
2019-01-31make struct chng.status a enum for readability.Sebastian Benoit
2019-01-30consistently talk about domain key; ok bennoJason McIntyre
2019-01-29add an extra check for existing "api ..." line in the config.Sebastian Benoit
2019-01-08With the change to httpd the workflow got much simpler.Florian Obser
2019-01-08Remove missleading and outdated examples from man page.Florian Obser
2018-11-29update for libtls default cert changes.Ted Unangst
2018-11-06Use TLS_CA_CERT_FILE instead of a separate define.Joel Sing
2018-11-01- odd condition/test in PF lexerAlexandr Nedvedicky
2018-09-07replace malloc()+strlcpy() with strndup() in cmdline_symset().miko
2018-08-08In netproc process, unveil to only expose the CA file.Theo de Raadt
2018-08-03return is not a function and if (x) -> if (x != NULL)Sebastian Benoit
2018-08-03fix error messages from earlier syntax changeSebastian Benoit
2018-08-03correct an error message, from Ross L RichardsonSebastian Benoit
2018-08-03document the default in the abscence of a certificate authority.Sebastian Benoit
2018-08-03Document that domain certificate is optional.Sebastian Benoit
2018-08-02According to code (and testing), each is optional but at leastSebastian Benoit
2018-08-02It's an "X.509 certificate" rather than a "TLS certificate".Sebastian Benoit