Commit graph

17 commits

Author SHA1 Message Date
Herman Slatman
d82e51b748
Update AllowWildcardNames configuration name 2022-04-29 15:08:19 +02:00
Herman Slatman
2b7f6931f3
Change Subject Common Name verification
Subject Common Names can now also be configured to be allowed or
denied, similar to SANs. When a Subject Common Name is not explicitly
allowed or denied, its type will be determined and its value will be
validated according to the constraints for that type of name (i.e. URI).
2022-04-28 14:49:23 +02:00
Herman Slatman
6e1f8dd7ab
Refactor policy engines into container 2022-04-26 13:12:16 +02:00
Herman Slatman
76112c2da1
Improve error creation and testing for core policy engine 2022-04-26 01:47:07 +02:00
Herman Slatman
a2cfbe3d54
Fix (part of) PR comments 2022-04-21 12:14:03 +02:00
Herman Slatman
82e0033428
Remove Adder options 2022-04-18 21:47:39 +02:00
Herman Slatman
679e2945f2
Disallow name constraint wildcard notation 2022-04-04 15:35:49 +02:00
Herman Slatman
96f4c49b0c
Improve how policy errors are returned and used 2022-04-04 13:58:16 +02:00
Herman Slatman
571b21abbc
Fix (most) PR comments 2022-03-31 16:12:29 +02:00
Herman Slatman
6b620c8e9c
Improve protobuf unmarshaling error handling 2022-03-24 10:54:45 +01:00
Herman Slatman
101ca6a2d3
Check admin subjects before changing policy 2022-03-21 15:53:59 +01:00
Herman Slatman
88c7b63c9d
Split SSH user and cert policy configuration and execution 2022-02-01 15:18:39 +01:00
Herman Slatman
a7eb27d309
Fix URI domains IDNA support 2022-01-31 15:34:02 +01:00
Herman Slatman
9617edf0c2
Improve internationalized domain name handling
This PR improves internationalized domain name handling according
to rules of IDNA and based on the description in RFC 5280, section 7:
https://datatracker.ietf.org/doc/html/rfc5280#section-7.

Support for internationalized URI(s), so-called IRIs, still needs to
be done.
2022-01-27 17:18:33 +01:00
Herman Slatman
066bf32086
Fix part of PR comments 2022-01-25 15:00:07 +01:00
Herman Slatman
6440870a80
Clean up, improve test cases and coverage 2022-01-18 14:39:21 +01:00
Herman Slatman
1e808b61e5
Merge logic for X509 and SSH policy 2022-01-17 23:36:13 +01:00
Renamed from policy/x509/x509_test.go (Browse further)