 Solderpunk
|
088c415987
Make openssl binary calls compatible with LibreSSL.
|
4 years ago |
|
Solderpunk
|
16dc7dc831
Cipher hardening.
|
4 years ago |
|
Solderpunk
|
fecd46378c
Use current UTC time for comparison against certificate validity. Closes #14. Thanks, mozz!
|
4 years ago |
|
solderpunk
|
6b17792546
Merge pull request 'Add `abbrevs` command' (#13) from vee/AV-98:vee/abbrevs into master
|
4 years ago |
 Vee
|
e558c80740
Add `abbrevs` command
|
4 years ago |
|
Solderpunk
|
dbe08ee787
Another silly bug fix, closes #12.
|
4 years ago |
|
Solderpunk
|
49531bfb25
Fix silly copy/paste bug. Closes #11.
|
4 years ago |
|
Solderpunk
|
a3fd543aa6
Correctly test individual names, not Common Name over and over.
|
4 years ago |
|
Solderpunk
|
16cf9fecb6
Don't crash when cert has no Common Name.
|
4 years ago |
|
Solderpunk
|
94e8abe934
Slightly better wording around certs.
|
4 years ago |
|
Solderpunk
|
2c7e6502f8
Fix umask call.
|
4 years ago |
|
Solderpunk
|
c48c85b5e1
Notify upon creation of config directory.
|
4 years ago |
|
Solderpunk
|
68d5f9b42e
Set umask so that config directory is private.
|
4 years ago |
|
Solderpunk
|
8945fa4f7e
Don't follow cross-domain redirects automatically.
|
4 years ago |
|
Solderpunk
|
7a3f1c77a5
Present expiration information about previous certificates in TOFU warning messages.
|
4 years ago |
|
Solderpunk
|
e455d2ec85
Actually create a missing config directory!
|
4 years ago |
|
Solderpunk
|
a68e092593
Add option to toggle between CA and TOFU certificate validation.
|
4 years ago |
|
Solderpunk
|
ec07491578
Check alternative subject names.
|
4 years ago |
|
Solderpunk
|
094e3117c4
Better reporting of certificate errors.
|
4 years ago |
|
Solderpunk
|
9ce8d2481a
Use cryptography library to do better certificate checking, if it's available.
|
4 years ago |
|
Solderpunk
|
ca1a0a62e6
Cache certificates to disk in the expectation of more advanced cert wrangling in future.
|
4 years ago |
|
Solderpunk
|
68e55d245a
Add AV-98 contributors, in place of VF-1 contributors.
|
4 years ago |
|
Solderpunk
|
991de05512
Immediately commit all changes to the TOFU DB, so it gets unlocked and multiple clients can access it at once.
|
4 years ago |
|
Solderpunk
|
13f885c226
Make transient clients expire after 1 day, not 365!
|
4 years ago |
|
Solderpunk
|
d1412377da
Initial implementation of TOFU security model.
|
4 years ago |
|
solderpunk
|
cbd1ff48e9
Merge pull request 'Limit server header response length' (#9) from jprjr/AV-98:header-limit into master
|
4 years ago |
 jprjr
|
78e0134c8a
spec states meta max length is 1024
|
4 years ago |
|
jprjr
|
0b79cd174f
enforce a maximum header line length
|
4 years ago |
|
solderpunk
|
3769ddebc6
Merge pull request 'Add command to search GUS' (#8) from vee/AV-98:vee/gus into master
|
4 years ago |
|
Vee
|
c174836159
Add command to search GUS
|
4 years ago |
