aboutsummaryrefslogtreecommitdiffstats
path: root/webserver
Commit message (Collapse)AuthorAgeFiles
* Ensure fdopen is called with an integer.Guilhem Moulin2017-07-011
|
* webserver: improve serving logic for ACME challenge responses.Guilhem Moulin2017-06-291
| | | | | In particular, we now return "403 Forbidden" for /.well-known/acme-challenge/
* webserver: open ACME challenge files with O_NOFOLLOW.Guilhem Moulin2017-06-291
|
* webserver: refuse to follow symlink when serving ACME challenge responses.Guilhem Moulin2017-06-291
|
* webserver: allow listening to multiple addresses.Guilhem Moulin2017-06-281
| | | | | | | | | | (Useful when dual-stack IPv4/IPv6 is not supported.) Also, change the default to listen to a UNIX-domain socket </var/run/lacme.socket>. Moreover temporary iptables rules are no longer installed. Hosts without a public HTTP daemon listening on port 80 need to set the 'listen' option to [::] and/or 0.0.0.0, and possibly set the 'iptables' option to Yes.
* Add the short description in headers and manpages.Guilhem Moulin2016-06-141
|
* accountd: Don't mention "Let's Encrypt" in log messages.Guilhem Moulin2016-06-141
|
* Refactoring to use the account key manager.Guilhem Moulin2016-03-021
|
* acme-slave → client; acme-webserver → webserverGuilhem Moulin2015-12-181