Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Canonicalise DS RR and refactor dns a bit.dnssec | Linus Nordberg | 2016-04-07 | 1 | -1/+1 |
| | | | | | | Rename split_rrset/1 -> decode_rrset/1. Add type rr() and use it. Canonicalise DS RR. | ||||
* | Add unit test for validation, from dnssecport:handle_call(). | Linus Nordberg | 2016-04-06 | 1 | -8/+9 |
| | | | | | | | | - The port now returns the RRset (DS, chain, trust root and all RRSIG's). This in preparatino for when this data will be normalised. - dnssecport decodes and encodes DNS data. - v1 stores the DS RR in the leaf and the rest, including the DS RRSIG, in the chain. | ||||
* | WIP | Linus Nordberg | 2016-03-27 | 1 | -24/+31 |
| | |||||
* | Add config knob max_submit_size. | Linus Nordberg | 2016-02-01 | 1 | -1/+12 |
| | | | | | If a blob is larger than this, in octets, after Base64 decoding, the submission is rejected with 400. | ||||
* | Change application URL to open/gaol/v1. | Linus Nordberg | 2016-02-01 | 1 | -1/+1 |
| | |||||
* | Base64-decode submitted blobs and treat them as leaf certs. | Linus Nordberg | 2016-02-01 | 1 | -2/+8 |
| | |||||
* | Accept any kind of submitted data, not only X.509 certificate chains. | Linus Nordberg | 2016-02-01 | 1 | -34/+8 |
| | | | | | | | | Have add_chain() take a blob instead of a cert leaf and a chain. Rename ct/v1/add-chain -> add-blob. Remove ct/v1/add-pre-chain. Remove chain checking code. Generate allowed_client config matching new HTTP API. | ||||
* | Parametrise "application part" of URL. | Linus Nordberg | 2015-11-13 | 1 | -10/+12 |
| | | | | | Breaking out "ct/v1" to a separate argument to request(). Good for other applications. | ||||
* | Don't answer public requests if STH is too old or nonexistent | Magnus Ahltorp | 2015-06-12 | 1 | -0/+28 |
| | |||||
* | Rename html/2 to err400/2. | Linus Nordberg | 2015-05-06 | 1 | -17/+17 |
| | |||||
* | Dialyzer clean. | Linus Nordberg | 2015-05-06 | 1 | -7/+11 |
| | |||||
* | Fix copyright strings. | Linus Nordberg | 2015-04-09 | 1 | -1/+1 |
| | |||||
* | Cleanup tests and use urllib2.build_opener | Magnus Ahltorp | 2015-03-31 | 1 | -2/+14 |
| | | | | | | | | | Remove unused files Generate test config files directly in release directory Move test database files to "tests" directory Generate log key when preparing tests Report error when STH not found in v1.erl Make merge, fetchallcerts, submitcert, verifysct, and testcase1 take log key as argument | ||||
* | Add precert handling. | Linus Nordberg | 2015-03-23 | 1 | -30/+31 |
| | |||||
* | Save STH instead of calculating a new one each time. | Magnus Ahltorp | 2015-03-04 | 1 | -10/+2 |
| | |||||
* | Stop using jiffy | Magnus Ahltorp | 2014-10-25 | 1 | -99/+90 |
| | |||||
* | Catch badly ASN.1-encoded certificates. | Linus Nordberg | 2014-10-24 | 1 | -5/+5 |
| | | | | | | Now not crashing badly encoded certs in the list of known roots, which is good. They're simply ignored. Next step is to figure out if we should accept some anomalies, due to reality. | ||||
* | Use mochiweb for v1 API | Magnus Ahltorp | 2014-10-24 | 1 | -43/+43 |
| | | | | | | Conflicts: catlfish.config src/v1.erl | ||||
* | Merge branch 'validate-certchain' into staging1 | Linus Nordberg | 2014-10-24 | 1 | -2/+14 |
|\ | | | | | | | | | Conflicts: src/catlfish.erl | ||||
| * | Log (info) when adding and rejecting a certificate chain.validate-certchain | Linus Nordberg | 2014-10-23 | 1 | -0/+4 |
| | | | | | | | | Writing to stdout for now, until we've decided on logging framework. | ||||
| * | Implement cert chain validation. | Linus Nordberg | 2014-10-22 | 1 | -2/+10 |
| | | | | | | | | NOTE: Presence of and constraints on names are not being validated. | ||||
* | | Break include dependency on plop.hrl | Magnus Ahltorp | 2014-10-24 | 1 | -7/+4 |
|/ | |||||
* | Fix bug in get-entries limitation of entries. | Linus Nordberg | 2014-10-10 | 1 | -2/+1 |
| | |||||
* | Limit get-entries to 1000 entries at the time. | Linus Nordberg | 2014-10-09 | 1 | -3/+2 |
| | |||||
* | Make cert chains and CtExtensions variable length (TLS) vectors. | Linus Nordberg | 2014-09-25 | 1 | -56/+5 |
| | | | | Also move some CT-specific code to new file catlfish.erl. | ||||
* | Decode chain in 'add-chain' properly. | Linus Nordberg | 2014-09-20 | 1 | -28/+43 |
| | | | | | Also, present extra_data in response from get-entries and get-entry-and-proof. | ||||
* | Add get-entry-and-proof and adopt to new plop:inclusion/2 signature. | Linus Nordberg | 2014-09-19 | 1 | -6/+38 |
| | |||||
* | Encode get-sth-consistency and get-proof-by-hash properly. | Linus Nordberg | 2014-09-15 | 1 | -4/+6 |
| | |||||
* | Implement get-proof-by-hash. | Linus Nordberg | 2014-09-15 | 1 | -7/+28 |
| | |||||
* | Remove spurious parentheses. | Linus Nordberg | 2014-09-15 | 1 | -1/+1 |
| | |||||
* | Don't try to JSON-encode error messages. | Linus Nordberg | 2014-09-15 | 1 | -5/+8 |
| | |||||
* | It's plop:consistency/2. | Linus Nordberg | 2014-09-15 | 1 | -1/+1 |
| | |||||
* | Implement get-sth-consistency. | Linus Nordberg | 2014-09-14 | 1 | -2/+16 |
| | |||||
* | Add licensing information. | Linus Nordberg | 2014-06-10 | 1 | -0/+3 |
| | |||||
* | Base64-encode that empty string in extra_data. | Linus Nordberg | 2014-06-04 | 1 | -1/+1 |
| | |||||
* | Add get-entries and s/_/-/g in function names. | Linus Nordberg | 2014-06-04 | 1 | -20/+44 |
| | | | | | URL's now has hyphens rather than underscores. Rewriting URL's is no longer necessary. | ||||
* | Don't crash when reporting bad input to add-chain. | Linus Nordberg | 2014-05-20 | 1 | -4/+5 |
| | |||||
* | Set protocol version to 0, i.e. v1. | Linus Nordberg | 2014-05-20 | 1 | -1/+1 |
| | |||||
* | Make 'extensions' field the empty string. | Linus Nordberg | 2014-05-20 | 1 | -1/+1 |
| | | | | Not the empty list. | ||||
* | Merge branch 'master' of /home/linus/repo/ctls | Linus Nordberg | 2014-05-12 | 1 | -2/+5 |
|\ | | | | | | | | | Conflicts: src/v1.erl | ||||
| * | Signatures must now be serialised and base64 encoded. | Linus Nordberg | 2014-05-12 | 1 | -2/+5 |
| | | |||||
* | | Merge branch 'master' of /home/linus/repo/ctls | Linus Nordberg | 2014-05-10 | 1 | -2/+2 |
|\ \ | |/ | | | | | | | Conflicts: src/v1.erl | ||||
| * | The tree head signature from get-sth is not base64 encoded. | Linus Nordberg | 2014-05-10 | 1 | -2/+2 |
| | | |||||
| * | It's `tree_size'. | Linus Nordberg | 2014-05-07 | 1 | -1/+1 |
| | | | | | | | | Not `treesize'. | ||||
* | | Correct treesize -> tree_size in get-sth response. | Linus Nordberg | 2014-05-10 | 1 | -5/+8 |
|/ | | | | | Move call to mod_esi:deliver into own function, for easier changing of HTTP headers and such. | ||||
* | Add (empty) get-roots. | Linus Nordberg | 2014-05-05 | 1 | -2/+4 |
| | |||||
* | Add support for get-sth. | Linus Nordberg | 2014-05-05 | 1 | -1/+11 |
| | |||||
* | Follow s/spt_on_wire/spt/g in plop. | Linus Nordberg | 2014-05-04 | 1 | -5/+25 |
| | | | | Also, add NIY placeholders for all URLs. | ||||
* | Get going, first cut. | Linus Nordberg | 2014-05-04 | 1 | -0/+45 |
add-chain looks like it might work properly. Not verified! |