]>
git.street.me.uk Git - andy/dehydrated.git/log
Lukas Schauer [Wed, 10 Feb 2016 11:05:32 +0000 (12:05 +0100)]
fixed some zsh quirks
Lukas Schauer [Wed, 10 Feb 2016 11:05:04 +0000 (12:05 +0100)]
changed the way SCRIPTDIR is searched for so it works better with symbolic links (e.g. a symbolic link in ~/.bin)
Lukas Schauer [Fri, 5 Feb 2016 15:02:17 +0000 (16:02 +0100)]
use "openssl dgst" instead of "openssl sha" (fixes #120)
Lukas Schauer [Fri, 5 Feb 2016 14:58:01 +0000 (15:58 +0100)]
check if privkey exists and is readable instead of checking if it's a regular file (fixes #122)
Gerard Dombroski [Mon, 25 Jan 2016 18:18:17 +0000 (13:18 -0500)]
Add option to chain challenge hook arguments. Fixes #79.
Lukas Schauer [Wed, 3 Feb 2016 02:20:31 +0000 (03:20 +0100)]
Merge pull request #118 from allixx/lockfile-config.sh.example
Added LOCKFILE to config.sh.example
allixx [Tue, 2 Feb 2016 08:16:53 +0000 (11:16 +0300)]
Added LOCKFILE to config.sh.example
Lukas Schauer [Mon, 1 Feb 2016 17:55:27 +0000 (18:55 +0100)]
added link to wiki page with example scripts for dns-01, fixes #117
Lukas Schauer [Tue, 26 Jan 2016 16:49:28 +0000 (17:49 +0100)]
don't try to delete DOMAINS_TXT on early failure when not yet set
Lukas Schauer [Tue, 26 Jan 2016 16:16:34 +0000 (17:16 +0100)]
fixed curl check (fixes #112)
Lukas Schauer [Tue, 26 Jan 2016 16:15:19 +0000 (17:15 +0100)]
Merge pull request #111 from weppos/patch-1
The dns-01 support is now available in production
Lukas Schauer [Tue, 26 Jan 2016 16:12:11 +0000 (17:12 +0100)]
Merge pull request #113 from hilbix/master
pass IO descriptors to HOOK transparently
Valentin Hilbig [Mon, 25 Jan 2016 00:12:56 +0000 (01:12 +0100)]
pass IO descriptors to HOOK transparently
closes #101
Simone Carletti [Sun, 24 Jan 2016 09:45:43 +0000 (10:45 +0100)]
The dns-01 support is now available in production
See https://twitter.com/letsencrypt/status/
689919523164721152
Lukas Schauer [Sat, 23 Jan 2016 11:43:00 +0000 (12:43 +0100)]
Merge pull request #107 from jantore/hook-example
Add hook script example.
Jan Tore Morken [Fri, 22 Jan 2016 20:48:19 +0000 (21:48 +0100)]
Add hook script example.
Lukas Schauer [Fri, 22 Jan 2016 15:54:47 +0000 (16:54 +0100)]
Merge pull request #95 from nielslaukens/master
Add ability to sign "arbitrary" CSRs
Lukas Schauer [Fri, 22 Jan 2016 15:46:34 +0000 (16:46 +0100)]
Merge pull request #103 from nneul/fix-issue-102
Retain full result when submitting challenge. Fixes #102
Lukas Schauer [Fri, 22 Jan 2016 15:40:21 +0000 (16:40 +0100)]
Merge pull request #99 from ymc/feature/add_conf.d_support
Add conf.d support
Lukas Schauer [Fri, 22 Jan 2016 15:36:35 +0000 (16:36 +0100)]
Merge pull request #97 from ymc/feature/fix_syntax_highlighting
Fix possibly broken syntax highlighting
Lukas Schauer [Fri, 22 Jan 2016 15:35:03 +0000 (16:35 +0100)]
Merge pull request #100 from davidearl/master
Add detail as to how dns-01 hook works
Lukas Schauer [Fri, 22 Jan 2016 15:31:15 +0000 (16:31 +0100)]
Merge pull request #98 from ymc/fix/configuring_BASEDIR_does_not_affect_built_in_defaults
Respect configured BASEDIR for default values
Nathan Neulinger [Thu, 21 Jan 2016 23:11:11 +0000 (23:11 +0000)]
Retain full result when submitting challenge. Fixes #102
davidearl [Thu, 21 Jan 2016 15:39:18 +0000 (15:39 +0000)]
Add detail as to how dns-01 hook works
Daniel Beyer [Thu, 21 Jan 2016 15:29:16 +0000 (16:29 +0100)]
Add conf.d support
This adds support for a new config variable CONFIG_D in the main configuration
file. Setting a path to a directoy for CONFIG_D advises letsencrypt.sh to
source any additional files found in the specified CONFIG_D directory, that
have a '.sh' ending.
By default CONFIG_D is not set, meaning letsencrypt.sh does not source any
additional configuration files.
Daniel Beyer [Thu, 21 Jan 2016 14:56:52 +0000 (15:56 +0100)]
Respect configured BASEDIR for default values
If BASEDIR is set in config.sh, this does not modify the (default) values
of either PRIVATE_KEY, WELLKNOWN or LOCKFILE. One needs to manually specify
those three config variables in config.sh, if a different BASEDIR
should be used by letsencrypt.sh.
This commit makes letsencrypt.sh fully aware of a configured BASEDIR.
Daniel Beyer [Thu, 21 Jan 2016 10:58:49 +0000 (11:58 +0100)]
Fix possibly broken syntax highlighting
The pattern
```
VAR="$(cmd '"')"
```
breaks syntax highlighting in some editors (e.g. gedit or jedit) due to
the tripple double quotes.
Niels Laukens [Wed, 20 Jan 2016 10:32:56 +0000 (11:32 +0100)]
Add --signcsr command
Niels Laukens [Wed, 20 Jan 2016 10:15:15 +0000 (11:15 +0100)]
Add extract_altnames() function
Niels Laukens [Wed, 20 Jan 2016 10:15:01 +0000 (11:15 +0100)]
Split off CSR signing to separate function
Lukas Schauer [Sat, 16 Jan 2016 21:41:03 +0000 (22:41 +0100)]
Merge pull request #89 from germeier/master
add support for Elliptic Curve Cryptography (ECC)
Lukas Schauer [Sat, 16 Jan 2016 21:29:09 +0000 (22:29 +0100)]
added header with script-name and url to github repository
Lukas Schauer [Sat, 16 Jan 2016 21:28:17 +0000 (22:28 +0100)]
moved OSTYPE check and use built-in [[ for OSTYPE check
Lukas Schauer [Sat, 16 Jan 2016 20:50:15 +0000 (21:50 +0100)]
check exitcode of `curl -V` because of some issue with ancient versions of curl returning error codes on checking the version number
Lukas Schauer [Sat, 16 Jan 2016 20:40:12 +0000 (21:40 +0100)]
use different sed version for different system types (mostly for compatibility with ancient linux distros nobody should be using anyway ¯\_(ツ)_/¯)
Markus Germeier [Sat, 16 Jan 2016 17:55:36 +0000 (18:55 +0100)]
add support for Elliptic Curve Cryptography (ECC)
Lukas Schauer [Fri, 15 Jan 2016 22:36:28 +0000 (23:36 +0100)]
Merge pull request #88 from f1rebird/master
Lukas Schauer [Fri, 15 Jan 2016 22:29:14 +0000 (23:29 +0100)]
Merge pull request #82 from jantore/wellknown-http-only
Require $WELLKNOWN only when using http-01.
Lukas Schauer [Fri, 15 Jan 2016 22:24:45 +0000 (23:24 +0100)]
Merge pull request #85 from jaquer/fix-exit
Added missing space before exit code.
Moritz Kick [Fri, 15 Jan 2016 22:22:24 +0000 (23:22 +0100)]
I's are important
Lukas Schauer [Fri, 15 Jan 2016 22:20:28 +0000 (23:20 +0100)]
Merge pull request #86 from petrkle/lock-dir-writable
Check if directory for LOCKFILE is writable.
Lukas Schauer [Fri, 15 Jan 2016 22:03:12 +0000 (23:03 +0100)]
check for sed with support for extended regular expressions
Petr [Fri, 15 Jan 2016 09:43:34 +0000 (10:43 +0100)]
Fix typo
Petr [Fri, 15 Jan 2016 09:25:06 +0000 (10:25 +0100)]
Check if directory for LOCKFILE is writable.
Arturo R [Thu, 14 Jan 2016 04:33:13 +0000 (20:33 -0800)]
Added missing space before exit code.
Lukas Schauer [Sun, 10 Jan 2016 03:46:52 +0000 (04:46 +0100)]
use -z instead of `== ""`.. it's late.
Lukas Schauer [Sun, 10 Jan 2016 03:44:44 +0000 (04:44 +0100)]
show help if no arguments are provided
Jan Tore Morken [Sat, 9 Jan 2016 17:42:50 +0000 (18:42 +0100)]
Require $WELLKNOWN only when using http-01.
Lukas Schauer [Sat, 9 Jan 2016 14:51:33 +0000 (15:51 +0100)]
Merge pull request #81 from pascalj/remove-home-path
Remove home path from config.sh.example
Pascal Jungblut [Sat, 9 Jan 2016 14:13:09 +0000 (15:13 +0100)]
Remove home path from config.sh.example
Lukas Schauer [Sat, 9 Jan 2016 00:38:44 +0000 (01:38 +0100)]
call mktemp with `-t XXXXXX` for compatibility with older BSD versions
Lukas Schauer [Fri, 8 Jan 2016 22:03:06 +0000 (23:03 +0100)]
fixed whitespace-stripping, replace all whitespace in domains.txt entries with single space character (fixes #60 and #78)
Lukas Schauer [Fri, 8 Jan 2016 21:51:57 +0000 (22:51 +0100)]
cleanup for dns-01-challenge-support code
Lukas Schauer [Fri, 8 Jan 2016 21:29:36 +0000 (22:29 +0100)]
made link in readme clickable
Lukas Schauer [Fri, 8 Jan 2016 21:28:06 +0000 (22:28 +0100)]
moved import notice up in readme
Lukas Schauer [Fri, 8 Jan 2016 21:26:45 +0000 (22:26 +0100)]
Merge pull request #77 from germeier/master
add support for dns-01 challenge - try 2
Lukas Schauer [Fri, 8 Jan 2016 21:20:16 +0000 (22:20 +0100)]
moved import scripts from repository to wiki and updated readme a bit
Markus Germeier [Fri, 8 Jan 2016 21:09:27 +0000 (22:09 +0100)]
add support for dns-01 challenge - try 2
Lukas Schauer [Fri, 8 Jan 2016 21:01:59 +0000 (22:01 +0100)]
check for mktemp dependency
Lukas Schauer [Fri, 8 Jan 2016 20:55:38 +0000 (21:55 +0100)]
fixed BASEDIR dependent default config values
Lukas Schauer [Fri, 8 Jan 2016 20:41:47 +0000 (21:41 +0100)]
re-set RENEW_DAYS to 30 (got accidentally reverted in one of the previous commits)
Markus Germeier [Fri, 8 Jan 2016 20:05:16 +0000 (21:05 +0100)]
make hook a command line parameter
Lukas Schauer [Fri, 8 Jan 2016 19:33:59 +0000 (20:33 +0100)]
do not change exit code of loop in command_sign_domains
Lukas Schauer [Fri, 8 Jan 2016 19:18:31 +0000 (20:18 +0100)]
changed urlbase64 helper to also use sed for character replacements
Lukas Schauer [Fri, 8 Jan 2016 18:48:02 +0000 (19:48 +0100)]
use _exiterr helper in a few more places
Lukas Schauer [Fri, 8 Jan 2016 18:45:29 +0000 (19:45 +0100)]
added a few more comments
Lukas Schauer [Fri, 8 Jan 2016 18:39:20 +0000 (19:39 +0100)]
removed get_json_array helper, rearranged sign_domain method a bit, made grep for PEM-format-check quiet
Lukas Schauer [Fri, 8 Jan 2016 18:35:55 +0000 (19:35 +0100)]
return error on invalid request method in http_request, shortened http_request a bit
Lukas Schauer [Fri, 8 Jan 2016 18:33:18 +0000 (19:33 +0100)]
removed anti_newline helper
Lukas Schauer [Fri, 8 Jan 2016 18:30:56 +0000 (19:30 +0100)]
moved _openssl helper a bit up to be near the other helper methods
Lukas Schauer [Fri, 8 Jan 2016 18:28:19 +0000 (19:28 +0100)]
rewritten command_revoke method (shortened + changed output to look less like one of those weird openssl error messages)
Lukas Schauer [Fri, 8 Jan 2016 18:26:44 +0000 (19:26 +0100)]
updated readme
Lukas Schauer [Fri, 8 Jan 2016 18:25:58 +0000 (19:25 +0100)]
fixed --domain syntax in test.sh
Lukas Schauer [Fri, 8 Jan 2016 18:16:39 +0000 (19:16 +0100)]
rewritten init_system method and parts of command_sign_domains (DOMAINS_TXT handling)
Lukas Schauer [Fri, 8 Jan 2016 18:13:50 +0000 (19:13 +0100)]
rewritten help method to get rid of `column` dependency
Lukas Schauer [Fri, 8 Jan 2016 18:10:50 +0000 (19:10 +0100)]
rewritten argument handling and moved to new main() method, added dependency checks, added _exiterr helper
Lukas Schauer [Fri, 8 Jan 2016 18:02:13 +0000 (19:02 +0100)]
rewritten hex2bin method
Lukas Schauer [Fri, 8 Jan 2016 17:59:01 +0000 (18:59 +0100)]
moved loading of configuration to seperate method
Lukas Schauer [Fri, 8 Jan 2016 16:59:46 +0000 (17:59 +0100)]
renamed _request method to http_request
Lukas Schauer [Wed, 6 Jan 2016 19:55:23 +0000 (20:55 +0100)]
Merge pull request #71 from chrisb86/master
Changed shebang of import-certs.sh to #!/usr/bin/env bash
Christian Busch [Wed, 6 Jan 2016 18:12:08 +0000 (19:12 +0100)]
Changed shebang of import-certs.sh to #!/usr/bin/env bash
Lukas Schauer [Tue, 5 Jan 2016 14:21:49 +0000 (15:21 +0100)]
Merge pull request #68 from onovy/master
Renew certificate 30 days before expiration
Lukas Schauer [Tue, 5 Jan 2016 14:20:56 +0000 (15:20 +0100)]
Merge pull request #69 from olf/upstream
fix typo in test.sh (ngrok not found)
Olaf Peters [Tue, 5 Jan 2016 11:20:36 +0000 (12:20 +0100)]
fix typo in test.sh (ngrok not found)
Ondřej Nový [Sat, 2 Jan 2016 17:31:42 +0000 (18:31 +0100)]
Renew certificate 30 days before expiration
According to https://community.letsencrypt.org/t/quick-start-guide/1631
Renewals and Lifetimes:
Certificates from Let's Encrypt are valid for 90 days. We recommend
renewing them every 60 days to provide a nice margin of error.
Lukas Schauer [Tue, 22 Dec 2015 14:11:39 +0000 (15:11 +0100)]
added license (fixes #63)
Lukas Schauer [Sun, 20 Dec 2015 18:54:39 +0000 (19:54 +0100)]
hide output of grep for pem-format-check
Lukas Schauer [Sat, 19 Dec 2015 22:34:08 +0000 (23:34 +0100)]
Merge pull request #59 from erdgeist/master
when using printf, we do not need inline expansion of variables
Dirk Engling [Sat, 19 Dec 2015 22:26:49 +0000 (23:26 +0100)]
when using printf, we do not need inline expansion of variables
Lukas Schauer [Sat, 19 Dec 2015 22:24:29 +0000 (23:24 +0100)]
wat. removed some unnecessary code.
Lukas Schauer [Sat, 19 Dec 2015 16:45:24 +0000 (17:45 +0100)]
readme: mores infos about WELLKNOWN
Lukas Schauer [Sat, 19 Dec 2015 01:36:18 +0000 (02:36 +0100)]
shellcheck fixes
Markus Germeier [Wed, 16 Dec 2015 18:30:20 +0000 (19:30 +0100)]
revoke: follow symlink, exit with error on non-existing certificate file
Dominik Heidler [Fri, 18 Dec 2015 09:20:10 +0000 (10:20 +0100)]
add perl shebang
Lukas Schauer [Sat, 19 Dec 2015 00:57:58 +0000 (01:57 +0100)]
use temporary openssl config instead of weird fake fds (fixes #57)
Lukas Schauer [Sat, 19 Dec 2015 00:56:04 +0000 (01:56 +0100)]
also test SAN config
Lukas Schauer [Thu, 17 Dec 2015 17:42:36 +0000 (18:42 +0100)]
format CA certificate as PEM
Lukas Schauer [Thu, 17 Dec 2015 17:40:45 +0000 (18:40 +0100)]
never PASS with content in errorlog
Lukas Schauer [Thu, 17 Dec 2015 17:33:54 +0000 (18:33 +0100)]
check if renewal works
Lukas Schauer [Thu, 17 Dec 2015 17:22:01 +0000 (18:22 +0100)]
use different fake-ca for travis tests