360369c generate_nmc_cert: Use external x509 package in parent.go (JeremyRand)
Pull request description:
`parent.go` was accidentally not updated when `x509` moved to an external repo; this is breaking the Travis build. This PR fixes that.
ACKs for commit 360369:
Tree-SHA512: d90deee1bfd9d8bdab7e33d48897508781c0d0b97b823e36a8142d80472dee2cf8d10bcfdcd92b4b6719d8db44d37bf0cd98ffdc41a11cd412db736b3e4a4d6d
39fbbc0 ncdumpzone: Add mode for a URL list. (JeremyRand)
Pull request description:
This PR is intended to facilitate YaCy crawl jobs.
ACKs for commit 39fbbc:
Tree-SHA512: 070cfd9ad1ee4bc59286ec2c0c120379f30b4cfd761bd3eecd5e2a028b70091171b6dd054acb3c9205800d454187c88fed9e1be9c6591e087d808dd49e2ecda4
7e25dea Travis: use more Go versions with x509-signature-splice (JeremyRand)
Pull request description:
TODO:
- [x] Merge #101 first.
ACKs for commit 7e25de:
Tree-SHA512: 5c9057f16268a0db4e2dba02a1f5a5e248ea7bea86827a6e4cfd11523f56bb01a67b2013adebbcda674b253c81715c0031068d27d6c2d07b655d930bc18cf36f
7db5b5a Move x509 subpackage to its own repo (JeremyRand)
Pull request description:
This avoids tying the ncdns repo to a specific Go version; we can maintain separate branches of the x509-signature-splice repo per Go version with much less hassle.
ACKs for commit 7db5b5:
Tree-SHA512: e6d784c6b344d46955d0ca275174772b6da6bf86bfa84e03a5a59faa9f0a88805d32ecfe29d83970c61246904e1025859dd4cff031ec8052b8f544867c55bf21
d5bac49 Support name-constrained CA's (JeremyRand)
Pull request description:
This enables compatibility of generated certs with mozilla::pkix TLS clients such as Firefox (which don't allow end-entity trust anchors), and also decreases the size of the data stored in the blockchain. Support for actually using the generated certs is out of scope for this PR; the relevant code for ncp11 is already written, and the relevant code for certinject shouldn't be difficult to write later.
ACKs for commit d5bac4:
Tree-SHA512: 100a3f24bc350fccd5421482ea95637dbf492b2fcca0a4c1359217603852f130a2806c2ee245ef7d4ed0a0da2d53fb8563997b228f9e567636d5aab37c8db285
This avoids tying the ncdns repo to a specific Go version; we can maintain
separate branches of the x509-signature-splice repo per Go version with
much less hassle.
e5918ac Travis: Drop support for Go 1.11.x and lower (JeremyRand)
bb16218 Travis: Set Go 1.12.5 as release version (JeremyRand)
f687a9b Add Go 1.11.x, 1.12.5, and 1.12.x to Travis (JeremyRand)
759c009 Rebase x509 onto Go 1.12 (JeremyRand)
9c1ba94 Rebase x509 onto Go 1.11 (JeremyRand)
Pull request description:
Tor is now using Go 1.12.5 for their rbm builds; this PR restores compatibility with Go 1.12.x. The x509 generate script has also been refactored a bit.
ACKs for commit e5918a:
Tree-SHA512: f9d9b346c49be124caad896360ca64e26d6b77b5a584f24994adc95ef35eab89aa02fcac5c3ce3d3ee130b8b5feed3362af1338f8077089f21ca678223152823
9a4ee1e Make Namecoin RPC timeout configurable (JeremyRand)
Pull request description:
The 1500ms timeout regularly gets hit when using Electrum-NMC over Tor, so being able to configure it seems like a good idea.
Tree-SHA512: 77915c56df2e98800108af3a130d20a1bbb04af2fe7cfb4291eff7f9c5611ed011f17ade9f3929988ec54989109bc8e2efa5e75948f515ff97b7c2a6951db155
d74be4d Disable q and dns-prop279 in Travis (JeremyRand)
Pull request description:
Both of them are broken due to upstream issues. The upstream breakage should be possible to workaround in rbm when we get around to it, but that's probably not going to happen before the next ncdns release.
Tree-SHA512: a6f0bf2cc947d41b2f13200263b1971674d727f967a07c6ee70bd07f9e0f5cda5e0ecc428e7ac903251e74f33e52f5f628f40ebef45956342b75fac65210edd7
524d09d Travis: mark gosec static analyzer as non-critical (JeremyRand)
9bcdd25 (WIP) Support tlsrestrictnsssync. (JeremyRand)
Pull request description:
This PR adds the ability to automatically re-apply name constraints whenever an NSS application such as Firefox is updated. Depends on https://github.com/namecoin/tlsrestrictnss/pull/14 .
Tree-SHA512: 9d7055ef493236b8bf1dd75487984bb80827c64e602a0745da522974462c5a7bb389dd4d7c06dec06bce9b3814e8337afc30f703e9efb63d5699d8ec86d04b06
4ee5a1c Travis: Update to Go 1.10.3 for releases, and test on newer Go versions. (JeremyRand)
Pull request description:
TODO:
- [x] Test this on Travis.
Tree-SHA512: 0cf071d09cf359e2cc327d6eca76e5e832cc762543d62e57948c957d6ab7560367f747f666246778727d9bd2d06f24be0a466b7f9da461c799cd369bfe9c0c97
443f1b1 x509: Fix goimports warning in x509_splice.go (JeremyRand)
437303f Rebase x509 onto Go 1.10. (JeremyRand)
8d44b53 x509: Update install script for Go 1.10. (JeremyRand)
5884c30 Travis: Upgrade to Go 1.10. (JeremyRand)
Pull request description:
Depends on #65 . Should not be merged until The Tor Project has upgraded their RBM descriptor to Go 1.10 or higher.
Tree-SHA512: e32dac7b7e1edeb16ffc94c53d1c25fb97fff5ab12ae2ab175a190babde38735d9785805f1f8455b7883283c949db4fd3dcd9f749bb0766bbbb46acd47c8051b
9496034 Travis: disable gofmt linter. (JeremyRand)
99cb7d9 Travis: enable goimports static analyzer as critical. (JeremyRand)
Pull request description:
Depends on https://github.com/namecoin/ncdns/pull/54 and https://github.com/namecoin/ncdns/pull/77 . Should be mergeable after those are merged, assuming Travis passes at that point.
Tree-SHA512: 174fc0d5b0bd5734703d4e97d04d70389883071fec41436ef6a93b543e449032db8faab2ab0a3b287a3c180504e3a2e64d446c613cc4643016c90e13a4744c7a
1a6a3db ncdumpzone: Refactor into library and executable. (JeremyRand)
Pull request description:
Also a few other minor refactorings of ncdumpzone.
Refs https://github.com/namecoin/ncdns/pull/80 .
Tree-SHA512: 2e456f07125dec4a39dd840685090b3b6809663993995ab0103405d4301eec2671c1533c2b5fccd099e6716e9957a1acaf03be6973e088a63450bdae5b68ebb6
c4a72a8 Travis: disable gochecknoglobals as critical. (JeremyRand)
Pull request description:
The gochecknoglobals is newly added to gometalinter, and it's breaking the build right now. We should disable it until we've evaluated whether the issues it flags are significant.
Tree-SHA512: 71d305d72fd5c7283878c0b93607efee6f68bf52501d29ad23ea2cad7e3465e7e5a1f47b292023ad252ad6d1af8a696639431f1f6da40f3de05f381c70f58faf
5c7489c Re-enable netbsd/arm builds. (JeremyRand)
Pull request description:
Do not merge this PR until miekg/dns#655 is fixed.
Tree-SHA512: 9f56e1c2d8aec52c92dda7094e8e8e5ea88a9df451efa22e4b82cf42cd0b34503c46ade2446cd14fb01afec7528599a66f05085dd0195d60109cc91f8a977380
986772b generate_nmc_cert: disable goimports linter. (JeremyRand)
fb709df generate_nmc_cert: Use more standard imports order. (JeremyRand)
cee2b18 generate_nmc_cert: Disable gofmt linter. (JeremyRand)
fca636d generate_nmc_cert: Use P256 curve by default. (JeremyRand)
7263b7a generate_nmc_cert: split falsehost into its own file, which makes auditing merges from upstream Go stdlib substantially easier. (JeremyRand)
deea55b generate_nmc_cert: rebase against Go 1.8.3 standard library. (JeremyRand)
Pull request description:
~~Not yet tested; feel free to review/test but do not merge.~~
Ready for review, I think it's mergeable.
Tree-SHA512: 18fab3d3a335f742d021f6b516681a4e3cc2320443b647d12c52bb3726d8e3c2281e2314ab4014b934eaa93329feb891e02768ff5059acf8bce587f7b901b29a