Mariano Cano
c8c59d68f5
Allow mTLS renewals if the provisioner extension does not exists.
...
This fixes a backward compatibility issue with with the new
LoadProvisionerByCertificate.
2022-04-11 12:19:42 -07:00
Mariano Cano
2fbff47acf
Add missing return in test.
2022-04-11 12:18:44 -07:00
Herman Slatman
256fe113f7
Improve tests for ACME account policy
2022-04-11 15:25:55 +02:00
Panagiotis Siatras
f2cf9cf828
authority/status: removed the package ( #892 )
2022-04-11 11:56:16 +03:00
Mariano Cano
2ace3097b7
Update changelog.
2022-04-08 14:29:20 -07:00
Mariano Cano
af8fcf5b01
Use always LoadProvisionerByCertificate on authority package
2022-04-08 14:18:24 -07:00
Mariano Cano
1d1e095447
Add tests for LoadProvisionerByCertificate.
2022-04-08 13:06:29 -07:00
Mariano Cano
e53bd64861
Use release version of linkedca.
2022-04-08 11:13:42 -07:00
Herman Slatman
0bb15e16f9
Fix missing ACME provisioner option
2022-04-08 16:10:26 +02:00
Herman Slatman
9797b3350e
Merge branch 'master' into herman/allow-deny
2022-04-08 16:01:56 +02:00
Mariano Cano
dfdc9c06ed
Fix linter error importShadow
2022-04-07 18:33:13 -07:00
Mariano Cano
304bb5b97a
Remove unused code.
2022-04-07 18:31:41 -07:00
Mariano Cano
cca5679a11
Use branch dependency for linkedca
2022-04-07 18:29:38 -07:00
Mariano Cano
8abd568f03
Merge branch 'master' into fix/adminra
2022-04-07 18:25:41 -07:00
Mariano Cano
67abe6607e
Merge pull request #863 from smallstep/feat/linkedra
...
Linked RA improvements
2022-04-07 18:24:17 -07:00
Mariano Cano
d4013f0df6
Update linkedca
2022-04-07 18:19:56 -07:00
Mariano Cano
b7e11da480
Merge branch 'master' into feat/linkedra
2022-04-07 18:19:04 -07:00
Mariano Cano
c55b27a2fc
Refactor admin token to use with RAs.
2022-04-07 18:14:43 -07:00
Herman Slatman
034b7943fe
Merge branch 'master' into herman/allow-deny
2022-04-07 14:12:20 +02:00
Herman Slatman
7df52dbb76
Add ACME EAB policy
2022-04-07 14:11:53 +02:00
Herman Slatman
1fd2481cb4
Merge pull request #891 from smallstep/herman/fix-acme-ipv6-challenge
...
Fix ACME IPv6 HTTP-01 challenges
2022-04-07 12:54:32 +02:00
Herman Slatman
479c6d2bf5
Fix ACME IPv6 HTTP-01 challenges
...
Fixes #890
2022-04-07 12:37:34 +02:00
Mariano Cano
db337debcd
Load provisioner from the database instead of the extension.
2022-04-05 19:25:47 -07:00
Mariano Cano
7d6116c3d0
Add GetCertificateData and refactor x509_certs_data.
2022-04-05 19:24:53 -07:00
Mariano Cano
41c6ded85e
Store in the db the provisioner that granted a cert.
2022-04-05 18:00:01 -07:00
Mariano Cano
df8ffb35af
Remove unnecessary database in provisioner config.
2022-04-05 17:39:06 -07:00
Carl Tashian
949c29d7db
Merge pull request #862 from smallstep/startup-info
...
Print some basic configuration info on startup
2022-04-05 15:33:59 -07:00
Carl Tashian
2e61e01f41
Linted.
2022-04-05 10:59:35 -07:00
Carl Tashian
150eee70df
Updates based on Herman's feedback
2022-04-05 10:59:25 -07:00
Carl Tashian
acc75bc679
Add context name to startup info
2022-04-04 12:29:27 -07:00
Carl Tashian
4b9f44982d
Merge branch 'master' into startup-info
2022-04-04 12:19:55 -07:00
Carl Tashian
43f2c655b9
More info on startup
2022-04-04 12:16:37 -07:00
Carl Tashian
7ebb2e4c74
Update ca/ca.go
...
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
2022-04-04 11:14:04 -07:00
Herman Slatman
679e2945f2
Disallow name constraint wildcard notation
2022-04-04 15:35:49 +02:00
Herman Slatman
96f4c49b0c
Improve how policy errors are returned and used
2022-04-04 13:58:16 +02:00
Herman Slatman
d8776d8f7f
Add K8sSA SSH user policy back
...
According to the docs, the K8sSA provisioner can be configured
to issue SSH user certs.
2022-04-01 15:37:48 +02:00
Herman Slatman
5f0dc42b1e
Fix tests on Go 1.18 due to IDNA deviations
...
In Go 1.18 the behavior for looking up domains with non-ASCII
characters was changed to be in accordance with UTS#46
(https://unicode.org/reports/tr46/ ). There's a slight difference
in how IDNA2003 and IDNA2008 process these. Go 1.18 handles
the deviations in accordance with IDNA2008 now.
2022-03-31 17:16:11 +02:00
Herman Slatman
235a2c9d04
Pin to specific version of go.step.sm/linkedca
2022-03-31 16:40:49 +02:00
Herman Slatman
5daa9fc0b1
Merge branch 'master' into herman/allow-deny
2022-03-31 16:13:50 +02:00
Herman Slatman
571b21abbc
Fix (most) PR comments
2022-03-31 16:12:29 +02:00
Mariano Cano
dc9db5fbba
Merge pull request #882 from smallstep/dep/crypto
...
Upgrade go.step.sm/crypto
2022-03-30 18:31:07 -07:00
Mariano Cano
f5bf46b950
Upgrade go.step.sm/crypto
2022-03-30 18:24:17 -07:00
Carl Tashian
1ba1584c7a
Formatted.
2022-03-30 16:08:10 -07:00
Carl Tashian
a13e58e340
Update GetAuthorityInfo -> GetInfo
2022-03-30 16:07:16 -07:00
Carl Tashian
90cb6315b1
Progress.
2022-03-30 16:05:26 -07:00
Carl Tashian
055e75f394
Progress?
2022-03-30 15:48:42 -07:00
Herman Slatman
bfa4d809fd
Improve middleware test coverage
2022-03-30 18:21:25 +02:00
Herman Slatman
6da243c34d
Add policy precheck for all admins
2022-03-30 15:39:03 +02:00
Herman Slatman
628d7448de
Don't return policy in provisioner JSON
2022-03-30 15:20:38 +02:00
Herman Slatman
2fbdf7d5b0
Merge branch 'master' into herman/allow-deny
2022-03-30 14:50:14 +02:00