| [vhffs-dev] [GIT] vhffs4/vhffs.git branch, master, updated. 63137b3555339eca622c5dfabc98e02d4f17ec44 |
[ Thread Index |
Date Index
| More vhffs.org/vhffs-dev Archives
]
- To: vhffs-dev@xxxxxxxxx
- Subject: [vhffs-dev] [GIT] vhffs4/vhffs.git branch, master, updated. 63137b3555339eca622c5dfabc98e02d4f17ec44
- From: git@xxxxxxxxxxxxx
- Date: Mon, 22 Feb 2016 00:06:30 +0100
This is an automated email from git. It was enerated because a ref
change was pushed to the repository "vhffs4/vhffs.git".
The branch, master has been updated
via 63137b3555339eca622c5dfabc98e02d4f17ec44 (commit)
via ed3b3f94b9761328320eb1a770638baa08748cb0 (commit)
via 75efda275e318e295f184eb1aa7a3f1f85888bec (commit)
via 4978286e012374a234fca59cd836bce5dcda1908 (commit)
via daa5b57408a696b604b54969185ca74ab21e2a04 (commit)
from 0893f7882aafdc6f418cee881fcd2432ba1ebca8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 63137b3555339eca622c5dfabc98e02d4f17ec44
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date: Sun Feb 21 23:05:52 2016 +0000
tls: add Nginx TLS proxy configuration generator
commit ed3b3f94b9761328320eb1a770638baa08748cb0
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date: Sun Feb 21 22:32:20 2016 +0000
tls: merge TLS certificate create and renew robots
The are almost exactly the same, there is no real difference between
creating or renewing a certificate except we need to skip the private
key creation if it already exist. Plus it removes an ugly database
boolean usage on expire field (a 0 value was private key created but
without certificate yet).
commit 75efda275e318e295f184eb1aa7a3f1f85888bec
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date: Sun Feb 21 22:03:54 2016 +0000
tls: add get_valid_list method
Add a method which returns all TLS certificates which can be used on production servers.
commit 4978286e012374a234fca59cd836bce5dcda1908
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date: Sun Feb 21 21:55:34 2016 +0000
tls: use valid boolean state in TLS robot
We need to acknowledge the fact a TLS certificate became invalid.
Properly set valid state when creating or renewing and take care
of invalidate certificate when we need to do so.
commit daa5b57408a696b604b54969185ca74ab21e2a04
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date: Sun Feb 21 20:33:14 2016 +0000
tls: add valid boolean object state
We need a new state for certificates that are near expiration date,
we need to remove those certificates from software configuration files
a few days before the real expiration date to let software reload
their configuration file without soon expired certificate, so we need
a trigger (soon expired and valid) and ack somewhere (valid -> invalid)
that we do so.
-----------------------------------------------------------------------
Summary of changes:
vhffs-api/src/Vhffs/Robots/Tls.pm | 118 +++++++++++++++++++------------
vhffs-api/src/Vhffs/Tls.pm | 123 ++++++++++++++++++++++++---------
vhffs-backend/conf/vhffs.conf.dist.in | 9 +++
vhffs-backend/src/pgsql/initdb.sql.in | 2 +
vhffs-compat/from-4.5-to-4.6.sql | 6 ++
vhffs-robots/src/tls.pl | 12 ++--
6 files changed, 190 insertions(+), 80 deletions(-)
hooks/post-receive
--
vhffs4/vhffs.git