sp0156
|
f3dfe04a51
|
crl creation added
|
2016-02-21 11:03:35 +01:00 |
|
martin61
|
5f9e23cb41
|
su3 RebuildInterval: 24h --> 90h, numRi per su3 file: 75 --> 77
|
2016-01-30 19:13:31 +01:00 |
|
martin61
|
e66b97b460
|
TLS certificate: rsa4096 --> ECDSAWithSHA512 384bit secp384r1
elliptic curves in ECDHE handshake: only CurveP384 + CurveP521, default CurveP256 removed
RebuildInterval: 24h --> 72h
certificate valid: 2y --> 5y
throttled.PerDay(4) --> PerHour(4), to enable limited testing
|
2016-01-29 19:36:41 +01:00 |
|
martin61
|
e464fcbbda
|
Update utils.go
martin61
|
2016-01-24 12:48:56 +01:00 |
|
martin61
|
e5d706b55b
|
Update verify.go
martin61
|
2016-01-24 12:48:29 +01:00 |
|
martin61
|
cb35167d27
|
Update reseed.go
martin61
|
2016-01-24 12:47:54 +01:00 |
|
Matt Drollette
|
0a81139b82
|
remove public server list and certs
|
2015-05-28 08:10:48 -05:00 |
|
Matt Drollette
|
07d1b03458
|
stats and less verbose blocking
|
2015-04-26 12:01:42 -05:00 |
|
Matt Drollette
|
cedbcc0ce2
|
connection blacklisting
|
2015-04-26 11:40:56 -05:00 |
|
Matt Drollette
|
80bb78f73d
|
stashing blacklist changes
|
2015-04-10 15:07:39 -05:00 |
|
Matt Drollette
|
9ed476b7d6
|
update default port and interval
|
2015-03-16 21:34:50 -05:00 |
|
Matt Drollette
|
73dddf7776
|
remove remote port from remoteaddr
|
2014-12-21 11:56:15 -06:00 |
|
Matt Drollette
|
8975a23f33
|
revert back to RSA keys
|
2014-12-20 01:20:36 -06:00 |
|
Matt Drollette
|
bb7c6029e4
|
use original mtime of routerInfo and simplify Reseeder interface
|
2014-12-15 14:50:10 -06:00 |
|
Matt Drollette
|
d6e3a1df78
|
use ecdsa-sha256 for tls cert
|
2014-12-15 08:21:31 -06:00 |
|
Matt Drollette
|
031cc261d8
|
rename repo
|
2014-12-14 23:32:35 -06:00 |
|
Matt Drollette
|
9d077f2ccc
|
prompt to generate new keys if none exist
|
2014-12-14 23:12:14 -06:00 |
|
Matt Drollette
|
ed933f89b6
|
check if tls cert/key exist
|
2014-12-14 21:44:02 -06:00 |
|
Matt Drollette
|
7827bab301
|
include file extension
|
2014-12-14 21:39:49 -06:00 |
|
Matt Drollette
|
481a472f8b
|
more restrictive tls ciphers
|
2014-12-14 19:37:42 -06:00 |
|
Matt Drollette
|
aa33b176c8
|
prefer server ciphers
|
2014-12-14 18:55:14 -06:00 |
|
Matt Drollette
|
664764aeb4
|
cleaned up keygen
|
2014-12-14 17:44:27 -06:00 |
|
Matt Drollette
|
a443d7c2a2
|
clean up keygen and actually zip files within su3
|
2014-12-14 16:49:58 -06:00 |
|
Matt Drollette
|
fc0d63b4da
|
zip and sign su3's concurrently
|
2014-12-14 14:54:12 -06:00 |
|
Matt Drollette
|
f016b6bbfe
|
set ri mtime when zipping
|
2014-12-13 12:11:47 -06:00 |
|
Matt Drollette
|
e37fd5cfb4
|
default to 75 ri's per su3
|
2014-12-13 11:50:27 -06:00 |
|
Matt Drollette
|
76c594b83a
|
flag for trusting proxy headers
|
2014-12-11 15:02:18 -06:00 |
|
Matt Drollette
|
0f66b45fce
|
implement encoding Marshal/Unmarshal
|
2014-12-11 11:24:34 -06:00 |
|
Matt Drollette
|
ca065f4470
|
misc clean up
|
2014-12-11 11:11:12 -06:00 |
|
Matt Drollette
|
8fd8d91b12
|
flag for signer id
|
2014-12-11 08:26:00 -06:00 |
|
Matt Drollette
|
b7696f9be2
|
refresh su3 cache
|
2014-12-11 08:24:06 -06:00 |
|
Matt Drollette
|
9b88ec00f5
|
missed some files
|
2014-12-11 00:05:41 -06:00 |
|
Matt Drollette
|
a457029b8c
|
https server
|
2014-12-11 00:05:27 -06:00 |
|
Matt Drollette
|
9e2d1ad715
|
move key store to reseed
|
2014-12-10 20:04:21 -06:00 |
|
Matt Drollette
|
ce34022e93
|
add a command to verify all public reseeders
|
2014-12-10 19:17:12 -06:00 |
|
Matt Drollette
|
4be2dbe247
|
simplify su3file
|
2014-12-10 17:21:40 -06:00 |
|
Matt Drollette
|
a2891a2bc6
|
very rough su3 creation and signing
|
2014-12-10 01:10:37 -06:00 |
|
Matt Drollette
|
2d445337c8
|
su3 parser
|
2014-12-09 17:00:18 -06:00 |
|
Matt Drollette
|
aea04a6719
|
refactor
|
2014-12-05 15:22:34 -06:00 |
|