b7c3f68dac Add Cirrus CI (Jeremy Rand)
Pull request description:
Top commit has no ACKs.
Tree-SHA512: 7bd9359d9ada704e6c578a8b3e0625bbeaacf57de60f41065d28227eb8965297755bff82da0ca304dd93f110e205e1160c866c194e6b91a3e92198dcd36a948c
ba3a981852 certdehydrate: Fix unit test for Golang issue 40458 (Jeremy Rand)
Pull request description:
`CreateCertificate` now checks the resulting signature as of Go 1.16+. This was confusing our unit test for invalid dehydrated certs, which was expecting to need to verify the cert after the cert was created.
Top commit has no ACKs.
Tree-SHA512: 120daa2f4bb0849e452431d9ef30da39a10e52312311be038e115db056e7531aa8dacc651cd6f96e7e91b469525ca93f21d18c5f72b9705118a86b9df5592b20
CreateCertificate now checks the resulting signature as of Go 1.16+.
This was confusing our unit test for invalid dehydrated certs, which was
expecting to need to verify the cert after the cert was created.
39a0d8d25e Travis: Disable darwin/386 for Go 1.15+ (Jeremy Rand)
a1f234a64f Travis: Add Go 1.13.x, 1.14.x, 1.15.x (Jeremy Rand)
Pull request description:
Top commit has no ACKs.
Tree-SHA512: d18576050a2e594d64a6549d572ea7e033877a945603b8de8c548e0e48558b3146f6789fd6b38a7f6bb6bcf766ad01316b89cd961fe5c662a2d47d049deae569
d28a01dcd5 Use pointer receiver on DehydratedCertificate methods (Jeremy Rand)
647f05f049 Update Travis IRC notifications (Jeremy Rand)
eef31fbdc4 Use splicesign and standard x509 (Jeremy Rand)
Pull request description:
Thanks to Filippo Valsorda for the tip.
Top commit has no ACKs.
Tree-SHA512: ab62206c62315610efdbd09af3dbe01599561d692043af6cbec528bf64c1cd3c84e9285d88d87517f3e01a49224003cd7092517b95f20fdea32d4c802e9459f2
7e454f8b59 Travis: Use old goxnet for Go 1.11.x and earlier (Jeremy Rand)
Pull request description:
Fixes a build fail for Darwin targets.
Top commit has no ACKs.
Tree-SHA512: e50e976add771092df3ad4d98c667a54dc6aaadb3003aeddc8d68f61a0c9b2b18e9a30f9d10e79d715b0a77561f3ff4dcb5238b16c50a1b8739a8502564d11ba
539bc89 ncdumpzone: Work around encoding errors (JeremyRand)
Pull request description:
Fixes https://github.com/namecoin/ncdns/issues/105
TODO:
- [x] Merge https://github.com/namecoin/ncdns/pull/103 (this PR will then need a rebase)
ACKs for commit 539bc8:
Tree-SHA512: 5762687077ea2611cd7939dd49d337346b212a91442b32f7be5ac592e2580029bc0e63c4e6597b2685495de59a431fe422048fc3a1f0d52fb678e377eb947401
Namecoin Core 0.18.0+ now reports an empty Name with a non-empty NameError
when an encoding error was encountered. This was causing an infinite loop
in ncdumpzone.
Fixes https://github.com/namecoin/ncdns/issues/105
2b1eed8 Switch to new rpcclient based on latest upstream Conformal (JeremyRand)
Pull request description:
Namecoin's fork of Conformal's RPC client library is ancient and unmaintained; switching to upstream eliminates a major source of potential bugs (and known bugs, e.g. the ConsensusJ and Electrum compatibility bugs that we had to patch).
Fixes https://github.com/namecoin/ncdns/issues/9
TODO:
- [ ] Wait for Conformal to merge https://github.com/btcsuite/btcd/pull/1457
- [ ] Wait for Conformal to merge https://github.com/btcsuite/btcd/pull/1460
- [x] Push `name_show` support for `ncjson` and `ncrpcclient`
- [x] Implement cookie authentication
- [x] Test cookie authentication
ACKs for commit 2b1eed:
Tree-SHA512: 157780613661af240d83a78d66386c66fcfeed0700088d263a20389c45b200db1b651ea985f345de2ac2f250bdafcc4cd5901579e9f5a97ddc13e77e7a7bcf39
06d6efb backend: Stream-isolate LRU cache (JeremyRand)
ed8fa68 Add plumbing for stream isolation (JeremyRand)
Pull request description:
This PR adds the plumbing for stream isolation (from madns to namecoin, without passing the stream ID to namecoind), and stream-isolates the LRU cache. A follow-up PR will pass the stream ID to namecoind; that's currently blocked on https://github.com/namecoin/ncdns/pull/103 .
Prerequisites:
- [x] Merge https://github.com/hlandau/madns/pull/4
- [x] Merge https://github.com/hlandau/madns/pull/5
- [x] Tag a madns release (with major version 2).
- [x] Replace `madns.v1` dependency with `madns.v2`.
- [x] Tag a madns release (with https://github.com/hlandau/madns/pull/5 included).
ACKs for commit 06d6ef:
Tree-SHA512: ee385454aef3b802899659db74bbeb28ec6555216f4a4ccfc6047c08f32272080b7f76f851e4b291204ab41525bbfae30e7cdc663b49595d7d5105744810c763
344672c Travis: Fix goxsys error on Go 1.11 and earlier (JeremyRand)
Pull request description:
ACKs for commit 344672:
Tree-SHA512: 5c2331cd0a092d3aacfe343ac408adc6229b665e9530c285b404a230bfbe17747b72654113ed2b429c1bc7ba5f4ef204c2595a626431d453dbfbff16c8452c8b
0e63698 Add no_namecoin_tls build tag (JeremyRand)
Pull request description:
This PR allows building ncdns without TLSA record support. Doing so decreases the binary size and attack surface significantly.
ACKs for commit 0e6369:
Tree-SHA512: 84ab2a36ab2931e40d6511997ba7f06a0b66d9773dba8002f3044abd21da5729a6d9239042be74a86a23c18678b83edc80e8d105045ca787af88c495a0856d8d
360369c generate_nmc_cert: Use external x509 package in parent.go (JeremyRand)
Pull request description:
`parent.go` was accidentally not updated when `x509` moved to an external repo; this is breaking the Travis build. This PR fixes that.
ACKs for commit 360369:
Tree-SHA512: d90deee1bfd9d8bdab7e33d48897508781c0d0b97b823e36a8142d80472dee2cf8d10bcfdcd92b4b6719d8db44d37bf0cd98ffdc41a11cd412db736b3e4a4d6d
39fbbc0 ncdumpzone: Add mode for a URL list. (JeremyRand)
Pull request description:
This PR is intended to facilitate YaCy crawl jobs.
ACKs for commit 39fbbc:
Tree-SHA512: 070cfd9ad1ee4bc59286ec2c0c120379f30b4cfd761bd3eecd5e2a028b70091171b6dd054acb3c9205800d454187c88fed9e1be9c6591e087d808dd49e2ecda4
7e25dea Travis: use more Go versions with x509-signature-splice (JeremyRand)
Pull request description:
TODO:
- [x] Merge #101 first.
ACKs for commit 7e25de:
Tree-SHA512: 5c9057f16268a0db4e2dba02a1f5a5e248ea7bea86827a6e4cfd11523f56bb01a67b2013adebbcda674b253c81715c0031068d27d6c2d07b655d930bc18cf36f
7db5b5a Move x509 subpackage to its own repo (JeremyRand)
Pull request description:
This avoids tying the ncdns repo to a specific Go version; we can maintain separate branches of the x509-signature-splice repo per Go version with much less hassle.
ACKs for commit 7db5b5:
Tree-SHA512: e6d784c6b344d46955d0ca275174772b6da6bf86bfa84e03a5a59faa9f0a88805d32ecfe29d83970c61246904e1025859dd4cff031ec8052b8f544867c55bf21
d5bac49 Support name-constrained CA's (JeremyRand)
Pull request description:
This enables compatibility of generated certs with mozilla::pkix TLS clients such as Firefox (which don't allow end-entity trust anchors), and also decreases the size of the data stored in the blockchain. Support for actually using the generated certs is out of scope for this PR; the relevant code for ncp11 is already written, and the relevant code for certinject shouldn't be difficult to write later.
ACKs for commit d5bac4:
Tree-SHA512: 100a3f24bc350fccd5421482ea95637dbf492b2fcca0a4c1359217603852f130a2806c2ee245ef7d4ed0a0da2d53fb8563997b228f9e567636d5aab37c8db285
This avoids tying the ncdns repo to a specific Go version; we can maintain
separate branches of the x509-signature-splice repo per Go version with
much less hassle.
e5918ac Travis: Drop support for Go 1.11.x and lower (JeremyRand)
bb16218 Travis: Set Go 1.12.5 as release version (JeremyRand)
f687a9b Add Go 1.11.x, 1.12.5, and 1.12.x to Travis (JeremyRand)
759c009 Rebase x509 onto Go 1.12 (JeremyRand)
9c1ba94 Rebase x509 onto Go 1.11 (JeremyRand)
Pull request description:
Tor is now using Go 1.12.5 for their rbm builds; this PR restores compatibility with Go 1.12.x. The x509 generate script has also been refactored a bit.
ACKs for commit e5918a:
Tree-SHA512: f9d9b346c49be124caad896360ca64e26d6b77b5a584f24994adc95ef35eab89aa02fcac5c3ce3d3ee130b8b5feed3362af1338f8077089f21ca678223152823
9a4ee1e Make Namecoin RPC timeout configurable (JeremyRand)
Pull request description:
The 1500ms timeout regularly gets hit when using Electrum-NMC over Tor, so being able to configure it seems like a good idea.
Tree-SHA512: 77915c56df2e98800108af3a130d20a1bbb04af2fe7cfb4291eff7f9c5611ed011f17ade9f3929988ec54989109bc8e2efa5e75948f515ff97b7c2a6951db155
d74be4d Disable q and dns-prop279 in Travis (JeremyRand)
Pull request description:
Both of them are broken due to upstream issues. The upstream breakage should be possible to workaround in rbm when we get around to it, but that's probably not going to happen before the next ncdns release.
Tree-SHA512: a6f0bf2cc947d41b2f13200263b1971674d727f967a07c6ee70bd07f9e0f5cda5e0ecc428e7ac903251e74f33e52f5f628f40ebef45956342b75fac65210edd7
Jeremy Rand
JeremyRand