Roxen.git/ server/ etc/ modules/ CertDB.pmod

Branch: Tag:

2020-05-06

2020-05-06 10:23:08 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge branch 'patches/ws580' into 6.2

* patches/ws580:
StartTLSProtocol: Changed ssl_keys to contain names of key pairs.
CertDB: Added get_keypairs_by_name().
Protocol: Cleaned up defvar initialization.
CertDB: Update active ports when certificates change.
StartTLSProtocol: Get rid of race on certificate change.

2020-04-27

2020-04-27 13:35:16 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge branch 'patches/ws580' into devel

* patches/ws580:
StartTLSProtocol: Changed ssl_keys to contain names of key pairs.
CertDB: Added get_keypairs_by_name().
Protocol: Cleaned up defvar initialization.

2020-04-27 13:28:40 by Henrik Grubbström (Grubba) <grubba@grubba.org>

StartTLSProtocol: Changed ssl_keys to contain names of key pairs.

This changes ssl_keys from being a set of keypair identifier numbers
to a set of keypair names. This should make updating certificates
on the fly (with eg Let's Encrypt) behave more like users expect.

Previously if the certificate switched to a new key it was regarded
as a new certificate and manual configuration was needed. Now the
new certificate and key will most likely have the same name, and
will thus be used automatically.

Fixes [WS-580].

2020-04-27 13:26:42 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Added get_keypairs_by_name().

Needed for [WS-580].

2020-04-27 13:21:41 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge branch 'patches/ws580-old' into patches/ws580

* patches/ws580-old:
CertDB: Update active ports when certificates change.
StartTLSProtocol: Get rid of race on certificate change.
Core: Scan for certs in a handler thread

2019-11-18

2019-11-18 15:12:12 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge branch 'patches/ws580' into devel

* patches/ws580:
CertDB: Update active ports when certificates change.
StartTLSProtocol: Get rid of race on certificate change.

2019-11-18 15:07:44 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Update active ports when certificates change.

Fixes some of [WS-580].

2018-03-16

2018-03-16 12:57:44 by Karl Gustav Sterneberg <kg@roxen.com>

Merge branch 'devel' into kg/WS-168-webdav

* devel: (1803 commits)
Loader [MariaDB]: Set sql_mode in my.cnf.
DBManager: Use CREATE USER with MariaDB 10.2 and later.
WebDAV: Use urn:uuid: namespace for locks.
Version bumped to 6.2.94 by buildsystem.
APIs: Roxen.lookup_real_path_case_insens() now assumes utf-8 fs.
APIs: Improved ambiguity recovery in lookup_real_path_case_insens().
APIs: Roxen.lookup_real_path_case_insens() now survives NFD.
FTP: Normalize filenames to NFC.
APIs: find_dir() now normalizes paths to NFC.
HTTP: Normalize paths to Unicode NFC.
Fixes bug [WS-172] where an empty initial prestate issued an internal server error.
Loader: Remove the global __pragma_save_parent__.
Version bumped to 6.2.93 by buildsystem.
Use string_to_utf8 rather than Charset.Encoder when possible.
Added more verifications in test base class. [WS-168]
Adding support for copy and move between different mount points. [WS-168]
Broke out parent class from RoxenTest_webdav.pike [WS-168]
Version bumped to 6.2.92 by buildsystem.
Fixed FIXME comment in RoxenTest_webdav.pike. [WS-168]
Version bumped to 6.2.91 by buildsystem.
...

2018-03-15

2018-03-15 11:35:22 by Karl Gustav Sterneberg <kg@roxen.com>

Merge branch 'devel' into kg/WS-168-webdav

* devel: (1803 commits)
Loader [MariaDB]: Set sql_mode in my.cnf.
DBManager: Use CREATE USER with MariaDB 10.2 and later.
WebDAV: Use urn:uuid: namespace for locks.
Version bumped to 6.2.94 by buildsystem.
APIs: Roxen.lookup_real_path_case_insens() now assumes utf-8 fs.
APIs: Improved ambiguity recovery in lookup_real_path_case_insens().
APIs: Roxen.lookup_real_path_case_insens() now survives NFD.
FTP: Normalize filenames to NFC.
APIs: find_dir() now normalizes paths to NFC.
HTTP: Normalize paths to Unicode NFC.
Fixes bug [WS-172] where an empty initial prestate issued an internal server error.
Loader: Remove the global __pragma_save_parent__.
Version bumped to 6.2.93 by buildsystem.
Use string_to_utf8 rather than Charset.Encoder when possible.
Added more verifications in test base class. [WS-168]
Adding support for copy and move between different mount points. [WS-168]
Broke out parent class from RoxenTest_webdav.pike [WS-168]
Version bumped to 6.2.92 by buildsystem.
Fixed FIXME comment in RoxenTest_webdav.pike. [WS-168]
Version bumped to 6.2.91 by buildsystem.
...

2017-12-01

2017-12-01 12:55:53 by Pontus Östlund <ponost@roxen.com>

Merge branch 'devel' into ponost/admin-if-17

2017-11-17

2017-11-17 10:17:43 by Karl Gustav Sterneberg <kg@roxen.com>

Merge branch 'devel' into kg/archive-client

2017-11-13

2017-11-13 10:23:18 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge branch 'patches/ws85' into devel

* patches/ws85:
CertDB: Fixed typo in comment.
CertDB: Clean up low_refresh_pem().
StartTLSProtocol: Added some more notes.
StartTLSProtocol: Removed some disabled code.
ConfigIF: Remove broken action "certs.pike".
CertDB: Update the private key data too.
ConfigIF: Added missing white space in doc.

2017-11-13 10:22:48 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Fixed typo in comment.

2017-11-13 10:22:47 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Clean up low_refresh_pem().

Split low_refresh_pem() into multiple smaller functions.

Fixes some of [WS-91] Issue #10.

2017-11-13 10:22:39 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Update the private key data too.

Fixes the case where the data for an existing private key
has become corrupted.

Fixes [WS-91] Issue #1.

2017-11-07

2017-11-07 10:25:54 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge branch 'patches/ws85' into devel

* patches/ws85:
Core: Disabled some certificate scanning debug.
CertDB: Improved diagnostics somewhat.
ConfigIF: Added some more doc for the SSL/TLS certificate selector.
ConfigIF: Hide the old SSL/TLS certificate settings.
CertificateKeyChoiceVariable: Show full source paths
CertificateKeyChoiceVariable: Show source paths
CertificateKeyChoiceVariable: Layout and localization

2017-11-07 10:01:53 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Improved diagnostics somewhat.

2017-11-06

2017-11-06 13:01:45 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge branch 'patches/ws85' into devel

* patches/ws85:
CertDB: Added get_keypair_metadata().
CertDB: Cleaned up types.

2017-11-06 13:01:33 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Added get_keypair_metadata().

Add a function to retreive metadata about keypairs.

2017-11-06 12:51:51 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Cleaned up types.

Add and use the typedef sql_row.

2017-11-03

2017-11-03 11:12:46 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge branch 'patches/ws85' into devel

* patches/ws85:
CertDB: Improved diagnostics.
StartTLSProtocol: Improved rendering of certificate selector.
Variable.MultipleChoice: Added render_element().
Init: Refresh all PEM files at start.
CertDB: Added refresh_all_pem_files().
CertDB: Update the PEM file metadata.
CertDB: Add names to the keypairs.
ConfigIF: Added ACME task.
StartTLSProtocol: Use the CertDB.
StartTLSProtocol: Removed some Pike 7.8 compat.
CertDB: New module.
SSL/TLS: Add registry for certificates.

2017-11-03 11:12:25 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Improved diagnostics.

2017-11-03 11:12:19 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Added refresh_all_pem_files().

2017-11-03 11:12:18 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Update the PEM file metadata.

2017-11-03 11:12:16 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: Add names to the keypairs.

2017-11-03 11:12:11 by Henrik Grubbström (Grubba) <grubba@grubba.org>

CertDB: New module.

Provide an API to access the SSL/TLS Certificate registry.

Fixes some of [WS-66]/[WS-85].