Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client
Jeremías Casteglione writes: > I just subscribed to the mailing list and requested to join the > project... Not sure how I/We should continue then? I've made a repository for you for acme-tiny under the team project. You should be able to commit to it: https://alioth.debian.org/plugins/scmgit/cgi-bin/gitweb.cgi?p=letsencrypt/acme-tiny.git;a=summary If you have any problems, let us know; the permissions might not be exactly correct yet. Sincerely, -- Harlan Lieberman-Berg ~hlieberman
Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client
Hi Harlan: On Sat, 20 Feb 2016 23:56:20 -0500 Harlan Lieberman-Berg wrote: > Hello Jeremías! > > This is something I'd definitely be interested in seeing as part of > the Let's Encrypt team. We can help you with sponsorship as well. That sounds great to me. Thanks! > > We're over at: https://alioth.debian.org/projects/letsencrypt/ I just subscribed to the mailing list and requested to join the project... Not sure how I/We should continue then? Cheers, -- Jeremías
Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client
On Fri, 19 Feb 2016 21:38:44 -0300 Jeremías Casteglione wrote: > Package: wnpp > Severity: wishlist > Owner: "Jeremías Casteglione" > > * Package name: acme-tiny > Version : 20151229 > Upstream Author : Daniel Roesler > * URL : https://github.com/diafygi/acme-tiny > * License : MIT > Programming Lang: Python > Description : letsencrypt tiny python client > > acme-tiny is a tiny script to issue and renew TLS certs from Let's Encrypt >PLEASE READ THE SOURCE CODE! Ok. :) The error handling in the whole script but especially in the wellknown-file writing section is a bit lacking. It can easily happen that a wellknown file is left in place, if some exception happens. Or even in the common path where the validation did not pass. Also I don't like the part where it does urlopen(challenge['uri']) This essentially opens any url, that can even be a local file, that the remote end said it wants to open. I think the uri should be validated before being passed to urlopen(). The connection the 'challenge' was retrieved through is https, but we'd still have to trust the other end not sending us funky uris. And I'm not sure about the github fork network. There seem to be forks that added major stuff to the code and also (from a quick look) addressed the exception bug from above. -- Michael pgpGz6JSyZ5kL.pgp Description: OpenPGP digital signature
Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client
Hello Jeremías! This is something I'd definitely be interested in seeing as part of the Let's Encrypt team. We can help you with sponsorship as well. We're over at: https://alioth.debian.org/projects/letsencrypt/ Sincerely, -- Harlan Lieberman-Berg ~hlieberman
Bug#815199: ITP: acme-tiny -- letsencrypt tiny python client
Package: wnpp Severity: wishlist Owner: "Jeremías Casteglione" * Package name: acme-tiny Version : 20151229 Upstream Author : Daniel Roesler * URL : https://github.com/diafygi/acme-tiny * License : MIT Programming Lang: Python Description : letsencrypt tiny python client acme-tiny is a tiny script to issue and renew TLS certs from Let's Encrypt This is a tiny, auditable script that you can throw on your server to issue and renew Let's Encrypt certificates. Since it has to be run on your server and have access to your private Let's Encrypt account key, I tried to make it as tiny as possible (currently less than 200 lines). The only prerequisites are python and openssl. You have to deal yourself wiht the openssl stuff, and with webserver configuration and such. But it doesn't require more dependencies than openssl and it just works, no need for sudo nor being root to run it either. I'm using it for my personal TLS stuff. I'm not a DD nor a DM either, so an sponsor will be needed.