262acdd3d8
get-certs: DNS01 challenge skipping preCheckDNS ( #591 )
2020-01-23 17:54:07 -05:00
f6ce421fdd
NEW PROVIDER: GANDI_V5 (deprecates GANDI) ( #572 )
...
* GANDI_v5: Add Registrar support
* Add GANDI deprecation warning
* vendor github.com/tiramiseb/go-gandi
2020-01-20 14:13:32 -05:00
2c0361b0d5
BUG: Correctly spell Cabability ( #582 )
2020-01-12 11:24:10 -05:00
2ee086d41c
switch to new go-acme imports from xenolf. Fix api changes ( #540 )
...
* switch to new go-acme imports from xenolf. Fix api changes
* update many vault related dependencies
2019-07-29 10:54:32 -04:00
be10c5f7c2
Bugfix: redirect: should be redirect= ( #507 )
2019-06-21 07:48:59 -04:00
2d9d93653b
SPF Optimizer: Add "redirect:" support ( #506 )
...
FYI: The support is very minimal. It only supports redirect if it is the last item in an SPF record. At that point, it is equivalent to include.
* In SFP, treat redirect like a special include.
* Document SPF redirect: limited implementation.
2019-06-19 18:46:56 +01:00
539820f87a
CF: Add ability to manage UniversalSSL ( #496 )
...
* Added Cloudflare UniveralSSL control
* Added CF_UNIVERSALSSL_ON/OFF macros
* Updated docs
* Small docs update
* go generate
2019-06-13 07:32:54 -04:00
8b86eec6bf
go generate
2019-05-30 19:52:35 -04:00
be5b588035
add must_staple option to cert. Default false ( #502 )
2019-05-29 14:03:36 -04:00
5538de6682
IGNORE() now supports glob pattern/wildcards ( #463 )
2019-05-27 10:14:29 -04:00
b3e35b56a2
DOC: Apply brand-preferred case ( #429 )
...
* Apply brand-preferred case
* Apply case to own branding as well
2019-05-23 09:29:21 -04:00
608dd7af56
NEW: require() now supports loading JSON too ( #474 )
2019-05-23 09:26:40 -04:00
f9df8c744a
NEW: Added support for specific TTL when using SPF_BUILDER ( #476 )
...
* Added support for specific TTL for SPF_BUILDER
* Added updated static.go file
* Use IF instead of reading defaultTTL
2019-05-23 09:25:06 -04:00
df163c0042
OVH: Update to use newer client library ( #445 )
...
* xlucas/go-ovh is deprecated, use ovh/go-ovh instead.
* vendor github.com/ovh/go-ovh
* Fix 022-sshfp.json test
2019-05-20 15:39:19 -04:00
5f77888296
DOCUMENTATION: Document bugid 491 ( #492 )
2019-05-20 14:37:23 -04:00
a16f689d32
Added CAA_BUILDER ( #478 )
...
* Added CAA_BUILDER
* CAA-Builder: simply use "none" to refuse all CAs
* Fixed small error in documentation
2019-05-18 11:10:17 -04:00
6d6f685f70
trim trailing dots from discovered nameservers in central place
2019-05-15 12:57:17 -04:00
5c24f6ce39
fix some tests
2019-05-06 11:12:42 -04:00
e242f5a152
Increase 'just because' sleep to 60s
2019-05-02 19:31:15 -04:00
61a00a7d7e
Check for duplicate records much earlier ( #467 )
...
* Check for duplicate records much earlier.
* Change GetTargetDiffable to ToDiffable
* fixup!
2019-04-22 15:41:39 -04:00
bb278caf92
Set NAPTR record to FQDN.
2019-04-01 09:15:43 +02:00
e2726dda64
Fix NAPTR record support.
2019-03-29 12:01:52 +01:00
7566c0428e
Attempt to add NAPTR support.
2019-03-28 15:40:13 +01:00
963bd32e20
Add SIP/JABBER labels to underscore exception list ( #453 )
...
* Improve comments in checkLabel
* Reformat labelUnderscores to make it easier to add to
* Add to exception list for label warnings
* Add underscores in hostnames to the opinions list.
2019-03-04 12:11:25 -05:00
5c03761fa6
notifications for get-certs command ( #451 )
2019-02-21 19:58:50 -05:00
7e5a1fb96d
add tls.combined field to vault cert backend
2019-02-06 15:21:08 -05:00
061ea63322
require() should handle paths as relative (like nodeJS) ( #443 )
...
* Integrate @nlowe's documentation and tests
* Use filepath.Clean() instead of filepath.Abs()
* Use a stackless implementation
2019-01-29 10:29:00 -05:00
f9fc6243d4
Add SSHFP DNS record support. ( #439 )
...
* Add SSHFP DNS record support.
* Fix integration test.
2019-01-28 17:26:20 -05:00
1b1f37da9d
Fix TLSA parse_test.
2019-01-11 10:34:13 -05:00
a5e14a5f93
fixup!
2018-12-19 10:22:37 -05:00
f83b624ea1
BUG: parse_tests: Fix (revert) earlier reformatting ( #431 )
2018-12-19 10:19:50 -05:00
ff3d446681
Codestyle: Fix formatting on parse_test JSON ( #427 )
...
* Fix failing parse_test 021
* Fix JSON formatting in parse_test directory
* js_test.go now reports json content length
2018-12-13 11:46:43 -05:00
4ef9e8bc40
Fix SRV record handling when target is shortname ( #422 )
...
* models/record.go: SRV targets are case insensitive. Downcase them.
* models/t_srv.go: Rename setTargetIntAndStrings() to setTargetSRVIntAndStrings() (makes it easier to search for /setTargetSRV/).
* pkg/js/parse_tests/021-srv.js*: SRV: Add parse_tests
* pkg/normalize/validate.go: SRV targets are hostnames, turn into FQDNs.
* Add #rtype_variations warnings for future developers
2018-12-07 16:30:04 -05:00
cf7f199462
allow ecc certs if desired ( #411 )
2018-10-09 18:51:48 -04:00
6764811c5f
Abstraction for Certificate Storage (+ vault storage) ( #406 )
...
* new abstraction around storage
* re-work completely to fit new acme package pre-solving paradigm
* vault storage plugin
* add some vendor
* delete old vendor pinning mechanism
2018-10-08 16:11:19 -04:00
06ee4d6fb1
Verbose debug logging via the ConsolePrinter and printer package. ( #404 )
...
This:
* adds a global -v flag for verbosity
* refactors the "printer" package to have a DefaultPrinter and package
functions that call it, similar to net/http's DefaultServeMux
* adds printer tests
* moves current users of Debugf to Printf
* moves most users of the "log" package to use "printer"
* demotes noticably noisy log messages to "Debugf", like "IGNORE"-
and "NO_PURGE"-related messages
2018-10-08 16:10:44 -04:00
e30cbff674
fix build
2018-09-07 14:17:02 -04:00
61281d7046
Add NAMESERVER_TTL and associated documentation. ( #398 )
2018-09-04 10:57:11 -04:00
402fc449e2
Certs: Create directories with execute permissions so they can be opened ( #395 )
...
* Create directories with execute permissions so they can be opened
* Use 0700 permissions on certificate directories instead of 0755
2018-08-27 12:12:53 -04:00
95ebf1d35b
Include PTR types in SPF Builder ( #378 )
...
* Include PTR types in SPF
* Simplify PTR and Exists logic
* Include PTR test case
* Include PTR test case
* Remove extra }
2018-08-02 10:57:41 -04:00
b40f188fae
Flatten: Improve spfcache.json instructions ( #375 )
2018-07-24 16:37:25 -04:00
6c60eac7c7
Work around extra whitespace in spf records ( #361 )
...
* handle empty spf parts from bad records
* update spf tool
2018-05-03 10:03:38 -04:00
f77f202b65
Add support for "exists" element in SPF. ( #356 )
...
* Include support for "exists" element in SPF.
* Add exists: SPF entry to test support
2018-05-03 08:54:19 -04:00
17e64ca28d
fix names for internal transformed records ( #358 )
...
* fix names for internal transformed records
* activedirectory use standard messaged
* add test for fqdn consistency in final validation pass
2018-04-26 14:45:10 -04:00
2e8c4a758f
Let's Encrypt Certificate Generation ( #327 )
...
* Manual rebase of get-certs branch
* fix endpoints, add verbose flag
* more stable pre-check behaviour
* start of docs
* docs for get-certs
* don't require cert for dnscontrol
* fix up directory paths
* small doc tweaks
2018-04-26 13:11:13 -04:00
558aea906a
make bonfire notifications multiple posts for markdown compatibility
2018-03-28 10:00:05 -04:00
2a7b382767
Better validate NAMESERVER format. ( #350 )
...
* remove misleading ip field we don't touch
2018-03-22 11:52:52 -04:00
899100b7b3
Add again setting LabelFQDN in NormalizeAndValidateConfig ( #342 )
...
This is to prevent all labels to get erased by the empty LabelFQDN
during calls to `PunyCode`, until a better fix is found.
2018-03-22 09:29:55 -04:00
a7eba97ada
Refactor in preparation to unexport RecordConfig.{Name,NameFQDN,Target} ( #337 )
...
* Preparing for the unexport of Name/NameFQDN/Target
* Cleanups
2018-03-19 17:18:58 -04:00
54de1ff698
NEW PROVIDER: OctoDNS ( #309 )
...
* govendor gopkg.in/yaml.v2
* Ignore YAML and BIND test data litter. Create README.txt files to force git to create subdirectories.
* Update convertzone to also read OctoDNS files
2018-02-27 17:36:47 -05:00
