ee5a290 Travis: Make gosimple critical for gometalinter. (JeremyRand)
18a502d Web server: minor refactor of initTemplates. (JeremyRand)
Pull request description:
Based on recommendations from "gosimple" static analysis. ~Depends on https://github.com/namecoin/ncdns/pull/46 .~
Tree-SHA512: c0aaebac6d91b1c958223f4e4e49626bb1ed896409cc8fa7eef13abde0d44f89565e9460c254f842785f2bd1d590457123e2a7b670dc5faa82fe3a66c76d7d4e
375ff45 certinject: NSS: Add an internal test. (JeremyRand)
ead7a20 certinject: NSS: Improve error handling. (JeremyRand)
145d1e3 certinject: Fix various issues found by static analysis. (JeremyRand)
2c8b5fe certinject: NSS improvements, now works on arbitrary NSS cert store directories. (JeremyRand)
e5c7c09 certinject: add support for the shared NSS trust store on GNU/Linux systems. (JeremyRand)
Pull request description:
Extend #16 to support the user's shared NSS trust store on GNU/Linux systems.
Please review but do not merge yet.
TODO before merging:
- [x] Get #16 merged.
- [x] Figure out what to do in the case where ncdns isn't run by the same user as the owner of the NSS database. Presumably it makes sense to run ncdns under its own user. Should we require a config option that lists the users whose NSS databases are written to?
Other issue to discuss:
Writing to the NSS database with `certutil` is really slow, I'm seeing ~700ms latency added by this. Is there a faster way to do it? If we try to handle multiple NSS databases (one per user), this could easily cause DNS timeouts. Using the system NSS database should be possible, but it would be unsafe for users who haven't installed the HPKP pin into Chromium.
Tree-SHA512: d35fcb44e6c09d6654140de8cf378b0b7523ac19d63d007064db14d5c84cd2178cad95d348baa3234843d215fb563185b98ced33c3e876876d8d42a01ba4e6a7
1f98613 Change default Namecoin RPC host from localhost to 127.0.0.1. (JeremyRand)
Pull request description:
This should be a harmless change, and for some unknown reason it fixed an "unexpected end of JSON input" RPC error on my Windows 10 x86_32 VM.
Tree-SHA512: 9ceb14423dcacf7448922bb76d2da7e8fc1f2ccb002b01c6a81b576e441143b756feef48428f54c279cacda70ab98234c8b47c60aef02bf37b03eae30f69ba89
In Go stdlib, RSA2048 is used by default. RSA support was removed in our fork, but we neglected to set a default ECDSA curve, so the user had to choose a curve. P256 is recommended by the Go devs and by us, so it seems to be a reasonable default.
3a75a2f Travis: build q and dns-prop279. (JeremyRand)
042dab6 Travis: Slight refactor. (JeremyRand)
Pull request description:
Temporary kludge for getting `q` and `dns-prop279` binaries included in the releases until we replace the build system with RBM.
Tree-SHA512: 581619de3f466d52c4cc2a7e9fc6fca329992ff78040e1b939ac589013768b83e1205ea49543297cf4e895e965a81b489cfa64f69bd3ce4652018d5435ac6745
e1b2e31 certdehydrate: Improve comments for exported functions. (JeremyRand)
Pull request description:
Based on recommendations from static analysis.
Tree-SHA512: 4f68a4d0de6d17d242b3b6c3ac8027e9babf438f1902722a8041406907b9ce52d54fd83f3283b17f33c4a3fd579e60b7eb559bf273497c1a7448f331ec97f42a