| Commit message (Collapse) | Author | Age | Files | |
|---|---|---|---|---|
| * | Updated version 0.5 from 'upstream/0.5' | Guilhem Moulin | 2018-05-09 | 8 | 
| |\ | ||||
| | * | New dependency: perl module Types::Serialiserupstream/0.5 | Guilhem Moulin | 2018-05-09 | 1 | 
| | | | ||||
| | * | Use ACME v2 endpoints | Guilhem Moulin | 2018-04-27 | 6 | 
| | | | | | | | | | https://tools.ietf.org/html/draft-ietf-acme-acme-12 | |||
| | * | Fix manpage generation with pandoc >=2.1 | Guilhem Moulin | 2018-04-26 | 2 | 
| | | | ||||
| * | | Prepare new release.debian/0.4-1 | Guilhem Moulin | 2017-07-28 | 1 | 
| | | | ||||
| * | | Fix manpage generation with pandoc >=1.18. | Guilhem Moulin | 2017-07-28 | 2 | 
| | | | ||||
| * | | Updated version 0.4 from 'upstream/0.4' | Guilhem Moulin | 2017-07-28 | 2 | 
| |\| | ||||
| | * | Copy snippets/*.conf to /etc/lacmeupstream/0.4 | Guilhem Moulin | 2017-07-28 | 2 | 
| | | | ||||
| | * | Fix generation of manpages with pandoc >=1.18 | Guilhem Moulin | 2017-07-28 | 2 | 
| | | | ||||
| * | | Prepare new release.debian/0.3-1 | Guilhem Moulin | 2017-07-09 | 1 | 
| | | | ||||
| * | | Update copyright info. | Guilhem Moulin | 2017-07-09 | 1 | 
| | | | ||||
| * | | Updated version 0.3 from 'upstream/' | Guilhem Moulin | 2017-07-09 | 6 | 
| |\| | ||||
| | * | Update copyright infoupstream/0.3 | Guilhem Moulin | 2017-07-09 | 6 | 
| | | | ||||
| * | | mv config/{apache2.conf,nginx.conf} snippets/ | Guilhem Moulin | 2017-07-08 | 1 | 
| | | | ||||
| * | | Merge branch 'master' into debian | Guilhem Moulin | 2017-07-08 | 9 | 
| |\| | ||||
| | * | Bind webserver to /var/run/lacme-www.socket by default. | Guilhem Moulin | 2017-07-08 | 6 | 
| | | | ||||
| | * | mv config/{apache2.conf,nginx.conf} snippets/ | Guilhem Moulin | 2017-07-08 | 2 | 
| | | | ||||
| | * | lacme: Specify minimum required Socket version 1.95. | Guilhem Moulin | 2017-07-01 | 2 | 
| | | | ||||
| | * | Specify minimum required Perl versions. | Guilhem Moulin | 2017-07-01 | 5 | 
| | | | ||||
| | * | Avoid hash slices. | Guilhem Moulin | 2017-07-01 | 1 | 
| | | | | | | | | | That's mostly what prevents us from supporting Perl older than 5.20. | |||
| | * | Ensure fdopen is called with an integer. | Guilhem Moulin | 2017-07-01 | 4 | 
| | | | ||||
| | * | wibble | Guilhem Moulin | 2017-06-30 | 1 | 
| | | | ||||
| * | | Provide apache2 configuration snippet. | Guilhem Moulin | 2017-06-29 | 1 | 
| | | | ||||
| * | | Merge branch 'master' into debian | Guilhem Moulin | 2017-06-29 | 9 | 
| |\| | ||||
| | * | Improve docs. | Guilhem Moulin | 2017-06-29 | 1 | 
| | | | ||||
| | * | Provide apache2 configuration snippet. | Guilhem Moulin | 2017-06-29 | 3 | 
| | | | ||||
| | * | webserver: improve serving logic for ACME challenge responses. | Guilhem Moulin | 2017-06-29 | 1 | 
| | | | | | | | | | | | In particular, we now return "403 Forbidden" for /.well-known/acme-challenge/ | |||
| | * | webserver: open ACME challenge files with O_NOFOLLOW. | Guilhem Moulin | 2017-06-29 | 1 | 
| | | | ||||
| | * | Remove potential race when creating ACME challenge response files. | Guilhem Moulin | 2017-06-29 | 2 | 
| | | | ||||
| | * | lacme(1), lacme-accountd(1): fix version number. | Guilhem Moulin | 2017-06-29 | 3 | 
| | | | ||||
| | * | webserver: refuse to follow symlink when serving ACME challenge responses. | Guilhem Moulin | 2017-06-29 | 3 | 
| | | | ||||
| | * | wibble | Guilhem Moulin | 2017-06-29 | 1 | 
| | | | ||||
| | * | wibble | Guilhem Moulin | 2017-06-29 | 1 | 
| | | | ||||
| | * | Improve docs. | Guilhem Moulin | 2017-06-29 | 2 | 
| | | | ||||
| | * | Improve docs. | Guilhem Moulin | 2017-06-28 | 1 | 
| | | | ||||
| | * | Update README. | Guilhem Moulin | 2017-06-28 | 1 | 
| | | | ||||
| * | | Bump Standards-Version from 3.9.8 to 4.0.0. | Guilhem Moulin | 2017-06-28 | 2 | 
| | | | ||||
| * | | New upstream release. | Guilhem Moulin | 2017-06-28 | 2 | 
| | | | ||||
| * | | Merge branch 'master' into debian | Guilhem Moulin | 2017-06-28 | 8 | 
| |\| | ||||
| | * | Provide nginx configuration snippet. | Guilhem Moulin | 2017-06-28 | 2 | 
| | | | ||||
| | * | Change the default 'min-days' from 10 to 21. | Guilhem Moulin | 2017-06-28 | 4 | 
| | | | | | | | | | | | | | This avoids expiration notices from Let's Encrypt when auto-renewal is done by a cronjob: Let's Encrypt sends a notice 19 (then 9) days before expiration. | |||
| | * | new-cert: use File::Temp for the temporary cert filename. | Guilhem Moulin | 2017-06-28 | 1 | 
| | | | | | | | | | This ensures we aren't overwritting existing /path/to/srv.pem.new files. | |||
| | * | webserver: allow listening to multiple addresses. | Guilhem Moulin | 2017-06-28 | 5 | 
| | | | | | | | | | | | | | | | | | | | | | (Useful when dual-stack IPv4/IPv6 is not supported.) Also, change the default to listen to a UNIX-domain socket </var/run/lacme.socket>. Moreover temporary iptables rules are no longer installed. Hosts without a public HTTP daemon listening on port 80 need to set the 'listen' option to [::] and/or 0.0.0.0, and possibly set the 'iptables' option to Yes. | |||
| | * | new-cert: create certificate files atomically. | Guilhem Moulin | 2017-02-24 | 2 | 
| | | | ||||
| | * | new-cert: mark basicConstraints and keyUsage x509v3 extensions as critical ↵ | Guilhem Moulin | 2017-02-22 | 2 | 
| | | | | | | | | | | | | | | | in the CSR. Boulder's issue #565 "Golang errors on extensions marked critical" was fixed upstream, cf. https://github.com/letsencrypt/boulder/issues/565 . | |||
| | * | Changelog: prefix bugfixes with '+'. | Guilhem Moulin | 2017-02-22 | 1 | 
| | | | ||||
| | * | new-cert: new CLI option "min-days" | Guilhem Moulin | 2017-02-19 | 3 | 
| | | | ||||
| | * | new-cert: sort section names if not passed explicitely. | Guilhem Moulin | 2017-02-19 | 2 | 
| | | | ||||
| | * | Ensure lacme's config file descriptor has the FD_CLOEXEC bit set. | Guilhem Moulin | 2017-02-19 | 2 | 
| | | | ||||
| | * | config-cert: import the default section of files already read. | Guilhem Moulin | 2017-02-19 | 2 | 
| | | | ||||
