Up to [local] / src / usr.sbin / acme-client
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.21 / (download) - annotate - [select for diffs], Tue May 21 05:00:48 2024 UTC (12 days, 7 hours ago) by jsg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.20: +1 -2 lines
Diff to previous 1.20 (colored)
remove prototypes with no matching function and externs with no var partly checked by millert@
Revision 1.20 / (download) - annotate - [select for diffs], Mon Sep 14 16:00:17 2020 UTC (3 years, 8 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)
We need to be able to provide contact information to use the buypass.com acme api. From Bartosz Kuzma (bartosz.kuzma AT release11.com), thanks! OK beck, deraadt
Revision 1.19 / (download) - annotate - [select for diffs], Mon Sep 14 13:49:13 2020 UTC (3 years, 8 months ago) by florian
Branch: MAIN
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored)
Report what's wrong when account creation fails instead of a generic http error. OK beck
Revision 1.18 / (download) - annotate - [select for diffs], Sun May 10 17:34:07 2020 UTC (4 years ago) by florian
Branch: MAIN
Changes since 1.17: +2 -1 lines
Diff to previous 1.17 (colored)
In case the order fails print the human readable reason from the challenge objects that the server hopefully provides. input & OK deraadt OK beck, benno
Revision 1.17 / (download) - annotate - [select for diffs], Fri Feb 7 14:34:15 2020 UTC (4 years, 3 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.16: +3 -3 lines
Diff to previous 1.16 (colored)
Do not define variables in extern.h since this will lead to duplicate definitions in every source file that includes extern.h. From Michael Forney (mforney AT mforney DOT org), thanks! OK jca
Revision 1.16 / (download) - annotate - [select for diffs], Mon Jun 17 12:42:52 2019 UTC (4 years, 11 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.15: +6 -3 lines
Diff to previous 1.15 (colored)
Implement elliptic curve account keys. OK benno Input & OK tb
Revision 1.15 / (download) - annotate - [select for diffs], Sun Jun 16 19:49:13 2019 UTC (4 years, 11 months ago) by florian
Branch: MAIN
Changes since 1.14: +3 -3 lines
Diff to previous 1.14 (colored)
Trade unveil(2) for chroot(2). This uses less code and unveil(2) seems to be the better tool here. The directory one chroots into needs to be carefully setup (they are not) and comon wisedom is that root can break out of chroots. There is probably nothing wrong with the chroot code because of pledge but it still makes me feel uneasy. input & OK on previous version mestre OK on previous version deraadt bug found, input & OK benno
Revision 1.14 / (download) - annotate - [select for diffs], Fri Jun 14 19:55:08 2019 UTC (4 years, 11 months ago) by florian
Branch: MAIN
Changes since 1.13: +3 -7 lines
Diff to previous 1.13 (colored)
Track key type (RSA or ECDSA) in an enum and clean up a bit while here. Originaly from Renaud Allard following input from benno, tweaked by me. OK benno
Revision 1.13 / (download) - annotate - [select for diffs], Wed Jun 12 11:09:25 2019 UTC (4 years, 11 months ago) by gilles
Branch: MAIN
Changes since 1.12: +6 -1 lines
Diff to previous 1.12 (colored)
use acme-client to sign certificated with ecdsa keys diff from Renaud Allard <renaud@allard.it>, ok to get in from florian@
Revision 1.12 / (download) - annotate - [select for diffs], Sat Jun 8 07:52:55 2019 UTC (4 years, 11 months ago) by florian
Branch: MAIN
Changes since 1.11: +3 -4 lines
Diff to previous 1.11 (colored)
Remove A and D flag, they are superfluous. One could always use them on the command line and acme-client would do the right thing.
Revision 1.11 / (download) - annotate - [select for diffs], Fri Jun 7 08:07:52 2019 UTC (4 years, 11 months ago) by florian
Branch: MAIN
Changes since 1.10: +37 -14 lines
Diff to previous 1.10 (colored)
Implement RFC 8555 "Automatic Certificate Management Environment (ACME)" to be able to talk to the v02 Let's Encrypt API. With this acme-client(1) will no longer be able to talk to the v01 API. Users must change the api url in /etc/acme-client.conf to https://acme-v02.api.letsencrypt.org/directory Existing accounts (and certs of course) stay valid and after the url change acme-client will be able to renew certs. Tested by Renaud Allard and benno Input & OK benno
Revision 1.10 / (download) - annotate - [select for diffs], Thu Jan 31 15:55:48 2019 UTC (5 years, 4 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.9: +8 -2 lines
Diff to previous 1.9 (colored)
make struct chng.status a enum for readability. ok florian@
Revision 1.9 / (download) - annotate - [select for diffs], Mon Nov 27 01:58:52 2017 UTC (6 years, 6 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.8: +3 -2 lines
Diff to previous 1.8 (colored)
Deprecate agreement url config option and get the information from the directory call. This way we don't need to update the acme-client.conf file every time it changes. Still parse the option, ignore and warn about it for a release. Sysmerge should be able to handle the removal. "nice" deraadt@ OK benno
Revision 1.8 / (download) - annotate - [select for diffs], Sat Jan 21 08:54:26 2017 UTC (7 years, 4 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.7: +4 -10 lines
Diff to previous 1.7 (colored)
Split certificate file from config file into certdir and certfile. This way we can still chroot to certdir but the the certificate file is not fixed to "cert.pem". Writing of chain.pem and fullchain.pem is currently broken with this. OK benno
Revision 1.7 / (download) - annotate - [select for diffs], Sat Jan 21 08:52:30 2017 UTC (7 years, 4 months ago) by florian
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)
Remove backup option. This is not acme-client's business; also it gets in the way. OK benno
Revision 1.6 / (download) - annotate - [select for diffs], Sat Jan 21 08:41:42 2017 UTC (7 years, 4 months ago) by benno
Branch: MAIN
Changes since 1.5: +7 -12 lines
Diff to previous 1.5 (colored)
acme-client use configuration file [1 of 5] start using the configuration file and delete command line arguments: -a agreement -> agreement url ... -c certdir -> domain certificate "path" -f accountkey -> account key "path" -k domainkey -> domain key "path" -s authority -> sign with "name" new argument: -f configfile the changes needed to use the new configuration are local to main.c for now. While the configuration could be passed directly to netproc(), keyproc() etc, the diff is smaller this way. This also removes the multidir (-m) mode for now - specify different paths in each domain {} block instead. ok florian
Revision 1.5 / (download) - annotate - [select for diffs], Thu Sep 1 12:17:00 2016 UTC (7 years, 9 months ago) by florian
Branch: MAIN
Changes since 1.4: +12 -1 lines
Diff to previous 1.4 (colored)
Implement table driven selection to which ACME authorities we can talk. Suggest by and OK deraadt, OK benno. (Later on deraadt and benno discussed if this should be handled with a config file. This seems to be good enough for now. We can do a config file later.)
Revision 1.4 / (download) - annotate - [select for diffs], Thu Sep 1 00:25:57 2016 UTC (7 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +1 -5 lines
Diff to previous 1.3 (colored)
PATH_VAR_EMPTY is not used
Revision 1.3 / (download) - annotate - [select for diffs], Thu Sep 1 00:21:36 2016 UTC (7 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.2: +1 -8 lines
Diff to previous 1.2 (colored)
Collapse krazy abstractions for other sandbox models, using chroot and pledge directly as needed. ok florian
Revision 1.2 / (download) - annotate - [select for diffs], Wed Aug 31 22:49:09 2016 UTC (7 years, 9 months ago) by benno
Branch: MAIN
Changes since 1.1: +4 -4 lines
Diff to previous 1.1 (colored)
whitespace
Revision 1.1 / (download) - annotate - [select for diffs], Wed Aug 31 22:01:42 2016 UTC (7 years, 9 months ago) by florian
Branch: MAIN
Import Kristaps' letskencrypt and call it acme-client in tree. OK to get it in deraadt@ (and probably beck@) At least deraadt@, beck@ and otto@ are fine with the name and the disagreements stopped.