starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-03-21 08:39:01 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity
677 Commits 5 Branches 15 Tags
67b111a7b09374182bbba2bf3feecbbd549c0df2
Commit Graph

677 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lukas Schauer
e784ba3853 use normal error behaviour for failing http requests (fixes #782) 2020-12-10 16:32:26 +01:00
Lukas Schauer
abd369d062 allow to set domains.txt as cli argument (fixes #678) 2020-12-10 16:07:28 +01:00
Lukas Schauer
cb7fb82beb use secp384r1 as default (instead of rsa, fixes #651) 2020-12-10 16:01:54 +01:00
Lukas Schauer
174616becd use secp384r1 as default (instead of rsa, fixes #651) 2020-12-10 16:01:08 +01:00
Raphael Hoegger
27fd41d75f adding new CLI Command (--cleanupdelete / -gcd) to cleanup+delete (instead of just moving to /archive) (closes #587) 2020-12-10 14:58:14 +01:00
Lukas Schauer
ea106ef72e allow setting OCSP_FETCH and OCSP_DAYS per certificate config (closes #602, thx @bjacke) 2020-12-10 14:28:30 +01:00
Lukas Schauer
f2d6a6152e cleanup: also remove dangling symlinks 2020-12-10 14:15:07 +01:00
Arnout Vandecappelle (Essensium/Mind)
129ec851ed cleanup: also do cleanup if symlink is broken (closes #667) 
The cleanup command skips filetypes for which the symlink is broken or
doesn't exist. However, if dehydrated fails, we may end up in exactly
the situation that the symlink doesn't exist (yet). If dehydrated fails
repeatedly, we may end up with a lot of old cert.csr, cert.pem and
privkey.pem files, so we really want to be able to clean them up.

Remove all files if the symlink is broken/missing, instead of skipping
those files.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
 2020-12-10 14:14:35 +01:00
Georg Altmann
835963fa6e make alpn-validation certificates and keys group readable (closes #754, fixes #753) 2020-12-10 14:00:26 +01:00
Daniel Molkentin
829aaeff2d Fix OCSP_FETCH with libressl 
libressl did not pick up the implicit host header patches
of OpenSSL 1.1 even in version 3 and thus exhibits the same
behavior as OpenSSL 1.0.

Patch by Chen, Chih-Chia <pigfoot@gmail.com>

Fixes #778
 2020-12-10 13:52:47 +01:00
Lukas Schauer
481aba7d7b remove quotes from per-cert-config vars to allow for spaces (fixes #789, closes #791) 2020-12-09 20:41:17 +01:00
Lukas Schauer
fbcaac89f9 changed method for parsing issuer cn, fixing compatibility with some openssl versions 2020-12-09 19:38:27 +01:00
Lukas Schauer
589e9f30b3 show available options if preferred chain is not found 2020-11-21 16:19:08 +01:00
Lukas Schauer
f2103340f3 fix spaces in sudo arguments 2020-11-20 17:09:04 +01:00
Lukas Schauer
c670c18299 added display-terms to changelog+readme 2020-11-13 20:49:18 +01:00
Daniel Molkentin
7cc9e2d07f add --display-terms to display the URL for the current ToS 
Implements #649
 2020-11-13 20:47:49 +01:00
Lukas Schauer
7dfde364a3 added support for requesting preferred-chain instead of default chain 2020-11-13 20:36:51 +01:00
Lukas Schauer
7d3288f428 one more \s -> [[:space:]] replacement 2020-09-30 11:35:06 +02:00
Jarkko Oranen
e69df6521b Replace \s with [[:space:]] for compatibility 2020-09-30 11:32:23 +02:00
Daniel Molkentin
8ddead4854 Complain about deactivated accounts 2020-09-28 01:15:48 +02:00
Daniel Molkentin
308b3ec750 implement account deactivation through --deactivate parameter 
This is an updated version of https://github.com/lukas2511/dehydrated/files/2641548/dehydrated_add_deactivate_command.diff.txt

Fixes #216
 2020-09-28 01:15:47 +02:00
Daniel Molkentin
39e1068a87 Don't require sudo before we know we really need it 
Fixes #665
 2020-09-27 22:26:20 +02:00
Daniel Molkentin
6d9fcd2588 Do not fail silently with invalid sudo user/group 2020-09-27 22:26:18 +02:00
Daniel Molkentin
60cb678e3b add more CAs, now that support for CA presets is implemented 
- letsencrypt-test (LE staging CA)
- buypass (verified to work with the new json parsing, see #653)
- buypass-test analogously
 2020-09-27 20:41:34 +02:00
Daniel Molkentin
5f8cfa50ba fix OS name detection 
before applying heuristics, use PRETTY_NAME from os-release(3),
which reliably exists on all common linux distributions.

keep the /etc/issue parsing as fallback.
 2020-09-27 20:35:18 +02:00
Lukas Schauer
b3abc41dbe tmpfix: log error if acmev1 validation is denied + fix unbound variable 2020-09-15 17:27:24 +02:00
Lukas Schauer
b3b2fee496 eab: use hex key instead of binary (fixes issue with nullbytes) 2020-09-14 18:59:41 +02:00
Lukas Schauer
416fd0fd1b do not fail on challenge in "processing" state (fixes #759) 2020-09-14 18:31:24 +02:00
Lukas Schauer
142c69dd90 fixed bad typo.. 2020-09-14 18:28:05 +02:00
Lukas Schauer
74c136905b readme+changelog 2020-09-14 18:24:01 +02:00
Lukas Schauer
5fc1175aef EAB + ZeroSSL support 2020-09-14 18:22:36 +02:00
Lukas Schauer
4b91fcf498 read boolean values from json 2020-09-14 18:19:08 +02:00
Lukas Schauer
11323d0727 removed accidental shebang 2020-09-14 18:18:35 +02:00
Lukas Schauer
a9a64c9fd0 use presets for some CAs instead of requiring full urls 2020-09-14 16:37:16 +02:00
Jason Francis
42a0fc9a5e fix tls-alpn-01 configuration example 2020-07-05 22:30:38 +02:00
Lukas Schauer
e119d9136b fixed some typos (fixes #725, fixes #741, fixes #740) 2020-07-05 22:29:57 +02:00
j-ed
275fb40ab4 removed tmp file in 'generate_alpn_certificate' function 
Made sure that the temp file will be removed at the end of the function.
 2020-07-05 21:41:12 +02:00
Lukas Schauer
7e92850957 fixed zsh compatibility 2020-07-05 04:13:11 +02:00
Lukas Schauer
bb5a1473d1 merged temporary json.sh into dehydrated, fixed authorization "pending" loop 2020-07-04 21:51:32 +02:00
Lukas Schauer
7f970b527c experimental json.sh support 2020-07-04 21:36:23 +02:00
Krayon
dc552c602e Use existing curl version var 
Signed-off-by: Krayon <krayon.git@qdnx.org>
 2020-04-28 21:36:52 +02:00
Lukas Schauer
9827a411b3 removed instructions for importing from "official" client (certbot) as it probably doesn't work anymore and there isn't really much use for it anyway 2020-04-28 21:29:24 +02:00
Lukas Schauer
4a55f93896 fix link to wiki in documentation (fixes #690) 2020-04-28 21:27:49 +02:00
Lukas Schauer
a07c8d14f6 reworked dependency check and moved it up a bit in code (fixes #715, resolves #717 again...) 2020-04-28 21:25:08 +02:00
Lukas Schauer
42047fdf11 added changelog 2020-04-28 21:10:22 +02:00
Lukas Schauer
76d7e31981 added note about newline encoded in accounts directory hashes (resolves #730) 2020-04-28 21:03:55 +02:00
Lukas Schauer
4fd4d4d3c2 temporarily store raw curl version output to fix check (fixes #717) 2020-04-28 20:58:46 +02:00
Lukas Schauer
229f7186a6 store errorcode while using KEEP_GOING (fixes #659) 2020-04-28 20:39:04 +02:00
Lukas Schauer
4b7a1e4ce6 report issues with hook scripts instead of silently exiting (fixes #733, fixes #686) 2020-04-28 20:13:03 +02:00
Lukas Schauer
871efe653b skip exit_hook in _exiterr if KEEP_GOING is enabled (fixes #686) 2020-04-28 18:36:02 +02:00