Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Verify certificates by decoding them as 'plain' certs rather than 'otp. | Linus Nordberg | 2014-11-18 | 2 | -67/+201 |
| | | | | | | | OTP cert validation is too strict. Let's see if this is forgiving enough for our needs. Also, move all cert reading from disk to x509.erl. | ||||
* | Entry hash runs over leaf plus chain. | Linus Nordberg | 2014-11-18 | 1 | -2/+2 |
| | | | | Closes CATLFISH-5. | ||||
* | Log some info about certs that don't parse and why. | Linus Nordberg | 2014-11-05 | 2 | -11/+27 |
| | | | | Also move x509 specific code to the x509 module. | ||||
* | Rewrite root certificate cache handling | Magnus Ahltorp | 2014-10-26 | 3 | -18/+30 |
| | |||||
* | Stop using jiffy | Magnus Ahltorp | 2014-10-25 | 2 | -121/+107 |
| | |||||
* | Move internal HTTP APIs to mochiweb. | Magnus Ahltorp | 2014-10-25 | 2 | -8/+8 |
| | |||||
* | Whitespace. | Linus Nordberg | 2014-10-24 | 1 | -16/+19 |
| | | | | No long lines. | ||||
* | Use 'cacertfile' configuration. | Linus Nordberg | 2014-10-24 | 1 | -1/+2 |
| | |||||
* | Catch badly ASN.1-encoded certificates. | Linus Nordberg | 2014-10-24 | 2 | -18/+31 |
| | | | | | | Now not crashing badly encoded certs in the list of known roots, which is good. They're simply ignored. Next step is to figure out if we should accept some anomalies, due to reality. | ||||
* | Use mochiweb for v1 API | Magnus Ahltorp | 2014-10-24 | 4 | -56/+123 |
| | | | | | | Conflicts: catlfish.config src/v1.erl | ||||
* | Merge branch 'validate-certchain' into staging1 | Linus Nordberg | 2014-10-24 | 4 | -2/+371 |
|\ | | | | | | | | | Conflicts: src/catlfish.erl | ||||
| * | Log (info) when adding and rejecting a certificate chain.validate-certchain | Linus Nordberg | 2014-10-23 | 2 | -1/+9 |
| | | | | | | | | Writing to stdout for now, until we've decided on logging framework. | ||||
| * | Split CertChain properly. | Linus Nordberg | 2014-10-23 | 1 | -1/+1 |
| | | | | | | | | This way, Chain is always a list. | ||||
| * | Don't use der_encoded(). | Linus Nordberg | 2014-10-23 | 1 | -6/+5 |
| | | | | | | | | | | The type definition seem to have disappeared from public_key.hrl in R17 and I don't know how to conditionally define a type. | ||||
| * | Implement cert chain validation. | Linus Nordberg | 2014-10-22 | 4 | -2/+364 |
| | | | | | | | | NOTE: Presence of and constraints on names are not being validated. | ||||
* | | Break include dependency on plop.hrl | Magnus Ahltorp | 2014-10-24 | 2 | -8/+4 |
| | | |||||
* | | Add copyright and licensing information.copyright | Linus Nordberg | 2014-10-15 | 1 | -0/+3 |
|/ | | | | After offline discussions with Magnus Ahltorp. | ||||
* | Fix bug in get-entries limitation of entries. | Linus Nordberg | 2014-10-10 | 1 | -2/+1 |
| | |||||
* | Use proper return value format for plop:inclusion_and_entry(). | Linus Nordberg | 2014-10-10 | 1 | -1/+1 |
| | |||||
* | Limit get-entries to 1000 entries at the time. | Linus Nordberg | 2014-10-09 | 1 | -3/+2 |
| | |||||
* | Use raw file storage | Magnus Ahltorp | 2014-09-28 | 1 | -1/+1 |
| | |||||
* | Fix api problems | Magnus Ahltorp | 2014-09-27 | 2 | -14/+26 |
| | |||||
* | Fix api problems | Magnus Ahltorp | 2014-09-27 | 1 | -3/+3 |
| | |||||
* | wipplop-if-cleanup | Linus Nordberg | 2014-09-27 | 2 | -30/+123 |
| | |||||
* | Make cert chains and CtExtensions variable length (TLS) vectors. | Linus Nordberg | 2014-09-25 | 2 | -56/+64 |
| | | | | Also move some CT-specific code to new file catlfish.erl. | ||||
* | Start inets service automatically and update README.md with new build ↵ | Magnus Ahltorp | 2014-09-24 | 1 | -2/+0 |
| | | | | instructions | ||||
* | Merge branch 'map/releasemanagement' into master-origin | Linus Nordberg | 2014-09-22 | 1 | -0/+29 |
|\ | | | | | | | | | Conflicts: ebin/catlfish.app | ||||
| * | Release management | Magnus Ahltorp | 2014-09-19 | 1 | -0/+29 |
| | | |||||
* | | Decode chain in 'add-chain' properly. | Linus Nordberg | 2014-09-20 | 1 | -28/+43 |
| | | | | | | | | | | Also, present extra_data in response from get-entries and get-entry-and-proof. | ||||
* | | Add get-entry-and-proof and adopt to new plop:inclusion/2 signature. | Linus Nordberg | 2014-09-19 | 1 | -6/+38 |
|/ | |||||
* | Encode get-sth-consistency and get-proof-by-hash properly. | Linus Nordberg | 2014-09-15 | 1 | -4/+6 |
| | |||||
* | Implement get-proof-by-hash. | Linus Nordberg | 2014-09-15 | 1 | -7/+28 |
| | |||||
* | Remove spurious parentheses. | Linus Nordberg | 2014-09-15 | 1 | -1/+1 |
| | |||||
* | Don't try to JSON-encode error messages. | Linus Nordberg | 2014-09-15 | 1 | -5/+8 |
| | |||||
* | It's plop:consistency/2. | Linus Nordberg | 2014-09-15 | 1 | -1/+1 |
| | |||||
* | Implement get-sth-consistency. | Linus Nordberg | 2014-09-14 | 1 | -2/+16 |
| | |||||
* | Remove unused stuff. | Linus Nordberg | 2014-06-11 | 7 | -217/+0 |
| | |||||
* | Add licensing information. | Linus Nordberg | 2014-06-10 | 3 | -0/+9 |
| | |||||
* | Change ctls -> catlfish. | Linus Nordberg | 2014-06-10 | 2 | -3/+3 |
| | |||||
* | Base64-encode that empty string in extra_data. | Linus Nordberg | 2014-06-04 | 1 | -1/+1 |
| | |||||
* | Add get-entries and s/_/-/g in function names. | Linus Nordberg | 2014-06-04 | 1 | -20/+44 |
| | | | | | URL's now has hyphens rather than underscores. Rewriting URL's is no longer necessary. | ||||
* | Don't crash when reporting bad input to add-chain. | Linus Nordberg | 2014-05-20 | 1 | -4/+5 |
| | |||||
* | Set protocol version to 0, i.e. v1. | Linus Nordberg | 2014-05-20 | 1 | -1/+1 |
| | |||||
* | Make 'extensions' field the empty string. | Linus Nordberg | 2014-05-20 | 1 | -1/+1 |
| | | | | Not the empty list. | ||||
* | Merge branch 'master' of /home/linus/repo/ctls | Linus Nordberg | 2014-05-12 | 1 | -2/+5 |
|\ | | | | | | | | | Conflicts: src/v1.erl | ||||
| * | Signatures must now be serialised and base64 encoded. | Linus Nordberg | 2014-05-12 | 1 | -2/+5 |
| | | |||||
* | | Merge branch 'master' of /home/linus/repo/ctls | Linus Nordberg | 2014-05-10 | 1 | -2/+2 |
|\ \ | |/ | | | | | | | Conflicts: src/v1.erl | ||||
| * | The tree head signature from get-sth is not base64 encoded. | Linus Nordberg | 2014-05-10 | 1 | -2/+2 |
| | | |||||
| * | It's `tree_size'. | Linus Nordberg | 2014-05-07 | 1 | -1/+1 |
| | | | | | | | | Not `treesize'. | ||||
* | | Correct treesize -> tree_size in get-sth response. | Linus Nordberg | 2014-05-10 | 1 | -5/+8 |
|/ | | | | | Move call to mod_esi:deliver into own function, for easier changing of HTTP headers and such. |