Commit graph

2545 commits

Author SHA1 Message Date
Mariano Cano
93b532ecff
Merge pull request #312 from smallstep/cert-templates
Certificate flexibility
2020-08-14 11:23:11 -07:00
Mariano Cano
aaaa7e9b4e Merge branch 'master' into cert-templates 2020-08-14 10:45:41 -07:00
Carl Tashian
05450a843c Remove extraneous line from docker.mk 2020-08-13 16:24:56 -07:00
Carl Tashian
9815a38a2c Fixes #344; also gets docker buildx working on both darwin & linux 2020-08-12 19:50:47 -07:00
Max
393f3efe69
Merge pull request #345 from smallstep/max/acmeLogCert
Add cert logging for acme/certificate api
2020-08-12 16:42:35 -07:00
max furman
8e3481a8ef [logger map] small optimization
Rather than doing two key writes and one lookup, just write once.
2020-08-12 16:35:38 -07:00
max furman
55bf5a4526 Add cert logging for acme/certificate api 2020-08-12 15:50:45 -07:00
Mariano Cano
533ad0ca20 Use always go.step.sm/crypto/x509util 2020-08-11 17:59:33 -07:00
Mariano Cano
8c2d5425e7 Use new x509util on pki package. 2020-08-10 19:05:27 -07:00
Mariano Cano
3577d696c7 Use new x509util in tls_test.go 2020-08-10 18:14:32 -07:00
Mariano Cano
0a59efd853 Use new x509util to generate the CA certificate. 2020-08-10 16:09:22 -07:00
Mariano Cano
4943ae58d8 Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates. 2020-08-10 15:29:18 -07:00
Mariano Cano
77624c6b1c Remove now migrated sshutil. 2020-08-10 11:29:04 -07:00
Mariano Cano
e83e47a91e Use sshutil and randutil from go.step.sm/crypto. 2020-08-10 11:26:51 -07:00
max furman
e8c5a3b320 Document concurrency limitations in ACME server
- in concurrency / HA section
2020-08-07 13:48:35 -07:00
Mariano Cano
ce1eb0a01b Use new x509util for renew/rekey. 2020-08-05 19:09:06 -07:00
Mariano Cano
f437b86a7b Merge branch 'cert-templates' into ssh-cert-templates 2020-08-05 18:43:07 -07:00
Mariano Cano
c8d225a763 Use x509util from go.step.sm/crypto/x509util 2020-08-05 16:02:46 -07:00
Max
0eab3727bf
Merge pull request #336 from smallstep/max/docker
introduce docker-buildx
2020-08-04 11:21:53 -07:00
max furman
476bca3717 Add make docker-dev building and testing locally. 2020-08-03 20:45:51 -07:00
Mariano Cano
37f84e9bb3 Add delay in test. 2020-08-03 19:01:15 -07:00
Mariano Cano
342cb713ee Add test with custom templates. 2020-08-03 18:51:47 -07:00
Mariano Cano
8d89bbd62f Remove unused code. 2020-08-03 18:39:02 -07:00
Mariano Cano
c4bbc81d9f Fix authority tests. 2020-08-03 18:36:05 -07:00
Mariano Cano
413af88aad Fix provisioning tests. 2020-08-03 18:10:29 -07:00
Mariano Cano
b66bdfabcd Enforce an OIDC users to send all template variables. 2020-08-03 15:28:48 -07:00
Mariano Cano
9822305bb6 Use only the IID template on IID provisioners.
Use always sshutil.DefaultIIDCertificate and require at least one
principal on IID provisioners.
2020-08-03 15:11:42 -07:00
Max
7b9ddf1d09
Merge pull request #337 from smallstep/max/debName
Convert '-' to '~' in deb package name
2020-08-03 11:17:13 -07:00
max furman
652377dbf6 Convert '-' to '~' in deb package name 2020-08-03 09:23:29 -07:00
max furman
9e9808fe3d introduce docker-buildx 2020-08-02 13:40:49 -07:00
Max
e55ad2ad52
Merge pull request #335 from smallstep/max/sshpop
Add SSHPOP default provisioner if SSH enabled during init
2020-07-31 11:07:48 -07:00
max furman
3fb116f1b4 Add SSHPOP default provisioner if SSH enabled during init 2020-07-31 11:05:26 -07:00
Mariano Cano
53eea843bc Fix newExtension comment. 2020-07-31 11:03:47 -07:00
Mariano Cano
7c3c16b7be Fix UnmarshalJSON comment. 2020-07-31 11:00:17 -07:00
Mariano Cano
f1773489fc Fix comment. 2020-07-31 10:45:59 -07:00
Mariano Cano
aa657cdb4b Use SSHOptions inside provisioner options. 2020-07-30 18:44:52 -07:00
Mariano Cano
d82bdc1a00 Fix tests with criticalOptions. 2020-07-30 18:04:39 -07:00
Mariano Cano
02379d494b Add support for extensions and critical options on the identity
function.
2020-07-30 17:45:03 -07:00
Mariano Cano
8ff8d90f8c On JWK and X5C validate the key id on the request. 2020-07-30 17:45:03 -07:00
Mariano Cano
3b19bb9796 Add TemplateData to SSHSignRequest.
Add some omitempty tags.
2020-07-30 17:45:03 -07:00
Mariano Cano
a78f7e8913 Add template support on k8ssa provisioner. 2020-07-30 17:45:03 -07:00
Mariano Cano
6c36ceb158 Add initial template support for iid provisisioners. 2020-07-30 17:45:03 -07:00
Mariano Cano
8e7bf96769 Fix error prefix. 2020-07-30 17:45:03 -07:00
Mariano Cano
e0dce54338 Add missing argument. 2020-07-30 17:45:03 -07:00
Mariano Cano
c1fc45c872 Simplify SSH modifiers with options.
It also changes the behavior of the request options to modify only
the validity of the certificate.
2020-07-30 17:45:03 -07:00
Mariano Cano
df1f7e5a2e Use CertificateRequest type as input for ssh NewCertificate.
SSH does not have a real concept of ssh certificate request, but
we are using the type to encapsulate the parameters coming in the
request.
2020-07-30 17:45:03 -07:00
Mariano Cano
ad28f0f59a Move variable where it is used. 2020-07-30 17:45:03 -07:00
Mariano Cano
715eb4eacc Add initial support for ssh templates on OIDC. 2020-07-30 17:45:03 -07:00
Mariano Cano
c2dc76550c Add ssh certificate template to X5C provisioner. 2020-07-30 17:45:03 -07:00
Mariano Cano
380a0d6daf Add ssh certificate templates to JWK provisioner. 2020-07-30 17:45:03 -07:00