[vhffs-dev] [GIT] vhffs4/vhffs.git branch, master, updated. 58f071982641

[vhffs-dev] [GIT] vhffs4/vhffs.git branch, master, updated. 58f071982641fd9f72c6dc405fa44f6b43556116

[ Thread Index | Date Index | More vhffs.org/vhffs-dev Archives ]

To: vhffs-dev@xxxxxxxxx
Subject: [vhffs-dev] [GIT] vhffs4/vhffs.git branch, master, updated. 58f071982641fd9f72c6dc405fa44f6b43556116
From: git@xxxxxxxxxxxxx
Date: Thu, 25 Feb 2016 20:51:47 +0100

This is an automated email from git. It was enerated because a ref
change was pushed to the repository "vhffs4/vhffs.git".

The branch, master has been updated
       via  58f071982641fd9f72c6dc405fa44f6b43556116 (commit)
       via  0369402181195986a3385e876ddde1eca4c60283 (commit)
       via  00bafea5f73ee96470cbb70d2d70c7fda2b40cd3 (commit)
       via  d625b475ed3cafae41350d4f14b9cbd930277a6b (commit)
       via  ab49af721c2d624928d5ba13c8da164e4a1cc12a (commit)
       via  acf60c6be0bd9abc8064d1e5cedb74708564679b (commit)
       via  4b3974c5d5c362ca3dc41a1b7c5fb55c7b6f34da (commit)
       via  341fc345cf530398cf396465d4a860a8df534437 (commit)
       via  1b9e2b04c5fcab8368c2e63328dbf4bdcd344884 (commit)
       via  fd6c7bbe268d14ae0a16ce4469922161c6146758 (commit)
       via  83efb894b7197d976ab77042c8ee8b884308c471 (commit)
       via  3c03a401f4ba4f320716c6331be3a6427636caf1 (commit)
       via  c691d067d78c5029345301763ca91c2216676ce7 (commit)
       via  13e1ee6974e1830eb6a767000ebfa65a193765fa (commit)
       via  c67269aa5ef3ec9c8df1f50ef0da7acea4e03717 (commit)
       via  934ce996092920089ee83f0cdc65d39ea9bef10e (commit)
       via  d846445358d86556f0999e0377c8b973f3bf14f4 (commit)
       via  326d4febe37413ee0b2dfc781145ac3ca08a4a8b (commit)
       via  c97a127d84580951d8633e9f6bca8b1c8d37fdf8 (commit)
       via  0c4e1e475bea9546f4e54c224b31a1278b056191 (commit)
      from  0bba71aa0b6db247ff5cfd018d638d258715f000 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 58f071982641fd9f72c6dc405fa44f6b43556116
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Thu Feb 25 09:44:23 2016 +0000

    tls: robot: push openssl/letsencrypt process output into database in case of failure
    
    When we failed to generate a certificate for some reason, push the
    failure reason into database in order to ease finding out why it
    failed.

commit 0369402181195986a3385e876ddde1eca4c60283
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Thu Feb 25 09:17:44 2016 +0000

    tls: add output text column to vhffs_tls
    
    We are willing to provide the output message from Let's Encrypt (or
    anything else) in case of errors, to help diagnose why the certificate
    failed to be generated. Add an output text column to vhffs_tls so
    we can write it there.

commit 00bafea5f73ee96470cbb70d2d70c7fda2b40cd3
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Thu Feb 25 09:03:02 2016 +0000

    tls: add missing index on vhffs_tls(valid)

commit d625b475ed3cafae41350d4f14b9cbd930277a6b
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 23:31:18 2016 +0000

    tls: robot: sort domain names by alphabetical order in log output
    
    Sort domain names by alphabetical order in log output, that's easier
    to read and grep from logs.

commit ab49af721c2d624928d5ba13c8da164e4a1cc12a
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 23:28:11 2016 +0000

    tls: robot: display faulty domain names from partial certificates in log
    
    Append a (F) to domain names which were removed from certificate
    while generating a partial certificate.

commit acf60c6be0bd9abc8064d1e5cedb74708564679b
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 23:17:43 2016 +0000

    tls: robot: capture output from child processes
    
    Whenever we can, capture the output from the called process. We might
    need it.

commit 4b3974c5d5c362ca3dc41a1b7c5fb55c7b6f34da
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 22:55:11 2016 +0000

    tls: robot: only include valid domain name
    
    Remove domain name that failed to be added to certificates.

commit 341fc345cf530398cf396465d4a860a8df534437
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 22:47:55 2016 +0000

    tls: robot: store correct domain valid bool for partial TLS certificate
    
    Partial TLS certificate support might generate a domain with a partial
    list of domains. Properly set the boolean we have in the vhffs_tls_domain
    table to notify about this condition.

commit 1b9e2b04c5fcab8368c2e63328dbf4bdcd344884
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 21:57:35 2016 +0000

    tls: get_domains now returns a hashref of Vhffs::Tls::Domain
    
    We need to call Vhffs::Tls::Domain sub in Vhffs::Robots::Tls,
    change Vhffs::Tls get_domains API to returns an hashref of
    Vhffs::Tls::Domain objects instead of returning a array
    of domains name.

commit fd6c7bbe268d14ae0a16ce4469922161c6146758
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 21:53:37 2016 +0000

    tls: add Vhffs:Tls::Domain class
    
    Add Vhffs:Tls::Domain class for vhffs_tls_domain database objects,
    we need to change the vhffs_tls_domain.valid value and its very
    nice this way.

commit 83efb894b7197d976ab77042c8ee8b884308c471
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 20:02:13 2016 +0000

    tls: robot: add support for partial certificate
    
    If all requested domains name failed, try to generate a partial
    certificate by checking each domain individually then generate a partial
    certificate. This is quite ressource intensive but it should not happen
    very often.

commit 3c03a401f4ba4f320716c6331be3a6427636caf1
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 19:14:31 2016 +0000

    tls: robot: rework _gencsr to use a domain list
    
    In order to do subset tries in order to generate partial certificates
    we need to be able to generate and check generation over a subset of
    domain name. Change _gencsr to accept a domain list.

commit c691d067d78c5029345301763ca91c2216676ce7
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Wed Feb 24 19:03:40 2016 +0000

    tls: robot: cosmetic changes

commit 13e1ee6974e1830eb6a767000ebfa65a193765fa
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Tue Feb 23 23:22:08 2016 +0000

    tls: robot: move Let's Encrypt dry-run try into its own sub

commit c67269aa5ef3ec9c8df1f50ef0da7acea4e03717
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Tue Feb 23 23:13:12 2016 +0000

    tls: robot: move existing CSR generation code into its own sub

commit 934ce996092920089ee83f0cdc65d39ea9bef10e
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Tue Feb 23 22:49:45 2016 +0000

    tls: robot: reworked _create sub to pass error message to caller
    
    We are going to need much more sub to handle partial certificate
    support. Prepare previously used sub to a more generic error
    passing.

commit d846445358d86556f0999e0377c8b973f3bf14f4
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Tue Feb 23 22:31:54 2016 +0000

    tls: robot: fix theoretically possible temporary file leak

commit 326d4febe37413ee0b2dfc781145ac3ca08a4a8b
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Tue Feb 23 22:22:14 2016 +0000

    tls: robot: code cleaning
    
    Moved delete function at the end to easy module readability.

commit c97a127d84580951d8633e9f6bca8b1c8d37fdf8
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Tue Feb 23 22:18:01 2016 +0000

    tls: robot: move CSR creation inside Let's Encrypt block
    
    Prepare for partial certificates, move CSR creation inside Let's Encrypt block,
    we will need to create CSR until it works.

commit 0c4e1e475bea9546f4e54c224b31a1278b056191
Author: Sylvain Rochet <gradator@xxxxxxxxxxxx>
Date:   Tue Feb 23 21:48:59 2016 +0000

    tls: add valid boolean column to vhffs_tls_domain
    
    Prepare for partial certificate support, were we will try to request
    a certificate for each domain separately if the full domain certificate
    failed for some reason. This way, we would be able to support
    certificates that do not contain all requested domains. Add a table
    field to be able to report this condition to user.
    
    We need to do that because the web area service is asking for
    domain and www.domain, it works well with domain.tld and www.domain.tld
    but it doesn't work well with patterns such as blog.domain.tld were
    we are requesting blog.domain.tld and www.blog.domain.tld.

-----------------------------------------------------------------------

Summary of changes:
 vhffs-api/src/Vhffs/Robots/Tls.pm     |  359 ++++++++++++++++++++++-----------
 vhffs-api/src/Vhffs/Tls.pm            |  160 +++++++++++++--
 vhffs-backend/src/pgsql/initdb.sql.in |    7 +-
 vhffs-compat/from-4.5-to-4.6.sql      |   12 ++
 4 files changed, 402 insertions(+), 136 deletions(-)


hooks/post-receive
--
vhffs4/vhffs.git

Messages sorted by: [ date | thread ]
Prev by Date: [vhffs-dev] [GIT] vhffs4/vhffs.git branch, master, updated. 0bba71aa0b6db247ff5cfd018d638d258715f000
Next by Date: [vhffs-dev] [GIT] vhffs4/vhffs.git branch, master, updated. 9b29dce2f0d21ab94a5123522f521cc7b1b70d9d
Previous by thread: [vhffs-dev] [GIT] vhffs4/vhffs.git branch, master, updated. 0bba71aa0b6db247ff5cfd018d638d258715f000
Next by thread: [vhffs-dev] [GIT] vhffs4/vhffs.git branch, master, updated. 9b29dce2f0d21ab94a5123522f521cc7b1b70d9d

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/