1. 14 Aug, 2017 1 commit
  2. 16 May, 2016 1 commit
  3. 22 Jan, 2016 1 commit
    • Patrick J Cherry's avatar
      common: Refactored how --force works and when certs get generated/rolled over · ddc32981
      Patrick J Cherry authored
      The defaults are as follows:
      
      * If the current set is available
      
      ** If it is due to expire inside the threshold
      
      *** generate a new set if there is no set more recent (unless instructed
      otherwise)
      *** roll over to the new set if one has been generated (unless
      instructed not to)
      
      ** Otherwise
      
      *** do not generate a new set (unless instructed otherwise)
      *** do not roll over (unless instructed to)
      
      * If the "current" set is missing, but other sets are available
      
      ** If the most recent set is due to expire inside the threshold
      
      *** generate a new set (unless instructed otherwise)
      *** roll over to the new set if one has been generated (unless
      instructed not to)
      
      ** If the most recent set is not due to expire soon
      
      *** do not generate a new set (unless instructed otherwise)
      *** roll over to the latest set (unless instructed not to)
      
      * If there are no certificate sets
      
      ** generate a new one (unless instructed otherwise)
      ** roll over to the new set if one has been generate (unless instructed
      not to)
      ddc32981
  4. 21 Jan, 2016 2 commits
  5. 08 Jan, 2016 1 commit
    • Patrick J Cherry's avatar
      common: Massive commits suck · 764ebd54
      Patrick J Cherry authored
      * Refactored symbiosis-ssl code into the library
      * Added tests to test this new code.
      * symbiosis-ssl tries to regain privs after creating the certs if it
        thinks it has them.
      * Changed what gets logged when a bit.  Stuff in the SSL validation
        checks is now only shown if $DEBUG is set.
      * The cache of available SSL sets is always emptied before rollover
        starts.
      * The way available sets are sorted has changed to be done by expiry.
      * The symlink to current now uses the full path.
      * SSL sets are now kept in config/ssl/sets for neatness/namespace
        goodness.
      * CertificateSet#write drops privs if possible when creating a new set.
      764ebd54
  6. 05 Jan, 2016 1 commit
  7. 04 Jan, 2016 2 commits
  8. 14 Dec, 2015 2 commits
  9. 10 Dec, 2015 4 commits
  10. 09 Dec, 2015 1 commit
  11. 09 Apr, 2015 1 commit
  12. 03 Dec, 2014 1 commit
  13. 11 Sep, 2012 1 commit
  14. 15 Feb, 2012 1 commit
  15. 27 Jan, 2012 1 commit
  16. 19 Jan, 2012 2 commits
  17. 17 Jan, 2012 1 commit
  18. 22 Dec, 2011 2 commits