Herman Slatman
edee01c80c
Refactor debug utility
2023-01-26 13:41:01 +01:00
Herman Slatman
1c38113e44
Add ACME Subproblem
for more detailed ACME client-side errors
...
When validating an ACME challenge (`device-attest-01` in this case,
but it's also true for others), and validation fails, the CA didn't
return a lot of information about why the challenge had failed. By
introducing the ACME `Subproblem` type, an ACME `Error` can include
some additional information about what went wrong when validating
the challenge.
This is a WIP commit. The `Subproblem` isn't created in many code
paths yet, just for the `step` format at the moment. Will probably
follow up with some more improvements to how the ACME error is
handled. Also need to cleanup some debug things (q.Q)
2023-01-26 13:29:31 +01:00
Herman Slatman
64d9ad7b38
Validate Subject Common Name for Orders with Permanent Identifier
2023-01-20 16:54:55 +01:00
Max
5bab65aa49
Merge pull request #1232 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.11
...
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
2023-01-18 14:09:29 -08:00
Max
925f32e82f
Merge pull request #1231 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.52.0
...
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
2023-01-18 14:08:53 -08:00
Max
466fe8280e
Merge pull request #1230 from smallstep/dependabot/go_modules/google.golang.org/api-0.107.0
...
Bump google.golang.org/api from 0.106.0 to 0.107.0
2023-01-18 14:08:31 -08:00
dependabot[bot]
fb39fccf6a
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.10 to 1.22.11.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.10...v1.22.11 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:56:04 +00:00
dependabot[bot]
29deb4befa
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.51.0 to 1.52.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.52.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:54:27 +00:00
dependabot[bot]
98cb439b41
Bump google.golang.org/api from 0.106.0 to 0.107.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.106.0 to 0.107.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.106.0...v0.107.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:51:18 +00:00
Carl Tashian
cc6b87d1a4
Merge pull request #1228 from smallstep/carl/entrypoint-boolean-fix
...
Only pass --admin-subject if --remote-management is true; fix boolean handling
2023-01-11 11:27:59 -08:00
Carl Tashian
2ab9483952
Only pass --admin-subject if --remote-management is true; fix overall boolean handling
2023-01-11 11:19:39 -08:00
Mariano Cano
e4073270f3
Merge pull request #1225 from smallstep/0.23.1-changelog
...
Upgrade changelog for v0.23.1
2023-01-11 00:40:52 +01:00
Max
627506b519
Merge pull request #1207 from smallstep/max/admin-check
...
Add IsEnabled method in AdminClient for checking admin API availability
2023-01-10 15:17:00 -08:00
max furman
fd921e5b26
successful isEnabled check should not return error
2023-01-10 15:02:23 -08:00
max furman
0b26698e72
Add IsEnabled method in AdminClient for checking admin API availability
2023-01-10 14:56:36 -08:00
Mariano Cano
bab77f257a
Add changelog line for smallstep/certificates#1223
2023-01-10 12:42:28 -08:00
Carl Tashian
a78ddc7cc5
Merge pull request #1223 from smallstep/carl/docker-pwd
...
Docker: Generate and use independent provisioner and private key passwords
2023-01-10 12:34:56 -08:00
Mariano Cano
2e86a392a8
Add proper PR links
2023-01-10 12:21:41 -08:00
Mariano Cano
2cd5708103
Upgrade changelog for v0.23.1
2023-01-10 12:15:11 -08:00
Mariano Cano
ad8a95cc10
Merge pull request #1206 from smallstep/oidc-principals
...
Ignore principals validations with OIDC
2023-01-10 20:33:52 +01:00
Carl Tashian
dc8b196823
Print admin username and pw after init
2023-01-10 09:57:47 -08:00
Carl Tashian
328276eaeb
Shred provisioner password
2023-01-09 18:01:14 -08:00
Carl Tashian
ad5cbd9a0e
Print and delete provisioner password on setup
2023-01-09 17:59:33 -08:00
Carl Tashian
a017238874
No need for PROVISIONER_PWDPATH
2023-01-09 17:23:47 -08:00
Carl Tashian
313bf2354b
Check for existance of pwdpath before copying
2023-01-09 17:08:24 -08:00
Carl Tashian
640bd0b7c7
Tabs to spaces
2023-01-09 16:51:36 -08:00
Carl Tashian
c836c7ab40
Backward compatibility
2023-01-09 16:48:31 -08:00
Carl Tashian
8242895909
Update hsm dockerfile as well
2023-01-09 16:39:34 -08:00
Carl Tashian
844cfd3bad
Generate and use independent provisioner and private key passwords
2023-01-09 16:36:00 -08:00
Max
ac4d5e63ab
Merge pull request #1221 from smallstep/dependabot/go_modules/google.golang.org/api-0.106.0
...
Bump google.golang.org/api from 0.105.0 to 0.106.0
2023-01-09 09:27:00 -08:00
Max
985a0e4858
Merge pull request #1220 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.5.0
...
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
2023-01-09 09:26:27 -08:00
Max
762ce06d84
Merge pull request #1219 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.11.0
...
Bump cloud.google.com/go/security from 1.10.0 to 1.11.0
2023-01-09 09:25:46 -08:00
dependabot[bot]
34dc119cf7
Bump google.golang.org/api from 0.105.0 to 0.106.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.105.0 to 0.106.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.105.0...v0.106.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:21:18 +00:00
Max
9cc35d1505
Merge branch 'master' into dependabot/go_modules/golang.org/x/crypto-0.5.0
2023-01-09 09:20:07 -08:00
dependabot[bot]
e7a4a1f43c
Bump cloud.google.com/go/security from 1.10.0 to 1.11.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.10.0...asset/v1.11.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:19:52 +00:00
Max
8ba1b44cd8
Merge pull request #1218 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.4.0
...
Bump cloud.google.com/go/longrunning from 0.3.0 to 0.4.0
2023-01-09 09:16:41 -08:00
Max
a063961175
Merge pull request #1217 from smallstep/dependabot/go_modules/golang.org/x/net-0.5.0
...
Bump golang.org/x/net from 0.4.0 to 0.5.0
2023-01-09 09:15:49 -08:00
dependabot[bot]
dae0ba9008
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:09:50 +00:00
dependabot[bot]
32f4908310
Bump cloud.google.com/go/longrunning from 0.3.0 to 0.4.0
...
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:09:21 +00:00
dependabot[bot]
c5c07be298
Bump golang.org/x/net from 0.4.0 to 0.5.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:08:56 +00:00
Herman Slatman
b13b527d18
Merge pull request #1211 from smallstep/herman/ca-client-context-methods
...
Add `WithContext` methods to the CA client
2022-12-22 11:55:26 +01:00
Herman Slatman
b5961beba9
Fix and/or ignore linting issues
2022-12-21 16:02:26 +01:00
Herman Slatman
319333f936
Add WithContext
methods to the CA client
2022-12-21 12:56:56 +01:00
Max
85f6554c5e
Merge pull request #1210 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.4.0
...
Bump golang.org/x/crypto from 0.3.0 to 0.4.0
2022-12-20 12:23:22 -08:00
Max
001c156b28
Merge pull request #1208 from smallstep/dependabot/go_modules/google.golang.org/api-0.105.0
...
Bump google.golang.org/api from 0.104.0 to 0.105.0
2022-12-20 12:17:36 -08:00
Max
407496234f
Merge pull request #1209 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.2
...
Bump github.com/newrelic/go-agent/v3 from 3.20.1 to 3.20.2
2022-12-20 12:15:33 -08:00
dependabot[bot]
27a50d50d3
Bump golang.org/x/crypto from 0.3.0 to 0.4.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:33 +00:00
dependabot[bot]
75ffbae5a7
Bump github.com/newrelic/go-agent/v3 from 3.20.1 to 3.20.2
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.20.1 to 3.20.2.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.1...v3.20.2 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:26 +00:00
dependabot[bot]
a4e64665da
Bump google.golang.org/api from 0.104.0 to 0.105.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.104.0 to 0.105.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.104.0...v0.105.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:20 +00:00
Mariano Cano
5d87201abc
Ignore principals validations with OIDC
...
This commit will ignore principals validation when an OIDC provisioner
is used. When the principals in the server does not match the principals
given the validation was failing, even if the proper principals were set
by templates or webhooks. With this change OIDC will not validate the
principals and just set the default ones (name, name@example.org ) plus
the ones in the templates.
This commit also includes a change in the templates to allow to pass
a provisioner to the $(step path)/ssh/config template
Related to #807
2022-12-14 17:51:50 -08:00