max furman
|
397a181d10
|
Add backdate validation to sshCertValidityValidator.
|
2020-01-28 13:29:40 -08:00 |
|
Mariano Cano
|
3d6a18180e
|
Fix a couple of race conditions in the renewal of certificates.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
df60fe3f0d
|
Remove all references to old apiError.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
1cb8bb3ae1
|
Simplify statuscoder error generators.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
dccbdf3a90
|
Introduce generalized statusCoder errors and loads of ssh unit tests.
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
|
2020-01-28 13:29:40 -08:00 |
|
Mariano Cano
|
549291c2ca
|
Upgrade smallste/cli
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
74ff0513b8
|
Use release v1.19.1 of golangci-lint
See https://github.com/golangci/golangci-lint/issues/885
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
9d5b7e65e4
|
Upgrade golangci-lint to v1.22.2
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
895d3054a3
|
Remove the use of custom x509 package.
Upgrade cli dependency.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
144acb9ee3
|
Remove debug statement.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
06411d1715
|
Add tests of profileLimitDuration with backdate.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
8297e5c717
|
Add tests for backdate and sshDefaultDuration
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
93b65bee7c
|
Add unit test for profileDefaultDuration.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
74b5d7f984
|
Add backdate support on ssh rekey.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
84ff172093
|
Add support for backdate to SSH certificates.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
a025f72af7
|
Disable backdata on ca tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
a88ba8eb31
|
Use errs package for HTTP errors.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
53334ce1e0
|
Update assert package.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
5565d61bf3
|
Add fault tolerance against clock skew accross system on TLS certificates.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
e6cafb89b6
|
Update cli dependency.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
ed26e97487
|
Fix tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
c1bd1561dd
|
Renew identity certificate in /ssh/rekey and /ssh/renew
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
47f4ac1b53
|
Add method to just write the identity certificate.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
14e59775bd
|
Add method to renew the identity.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
9aafe265d0
|
Should be returning nil from applyIdentity if cert expired.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
ed7ef7229f
|
cli dep update
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
74f1c111a9
|
updating dependencies
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
af8b8584dd
|
Update cli dep
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
b9f6aacb0f
|
Move api errors to their own package and modify the typedef
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
f033422ffa
|
Allow no provisioners.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
79b408dcf7
|
Update dependencies.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
3029addbf6
|
Use new version of nosql.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
65b4dda420
|
Add wrappers to identity methods in the ca package.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
524c221c61
|
Add mTLS test for identity client.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
25144539f8
|
Improve identity tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
d85386d0b4
|
Add identity client and move identity to a new package.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
9e7b86342b
|
Fix test.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
f4615d6258
|
Addapt test to api change.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
dedf6b17be
|
Addapt tests to the api change.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
c6f6493bb7
|
Fail silently if the identity fails.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
4d423137f0
|
Re-enable profiler.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
93320fd977
|
update cli dep
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
3ac388612a
|
Use x5cInsecure token for /ssh/check-host endpoint
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
ab126d6405
|
Add GetTransport to client.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
08eac1b00d
|
Make sure to define the KeyID from the token if available.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
9c3349e90c
|
Go mod tidy.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
2259f62638
|
Add method to create an ssh token.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
de3ba58455
|
Store renew certificate in the database.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
caa2b8dbb7
|
Add leeway in identity not before.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
0512f6e3e5
|
redundant variable type def
|
2020-01-28 13:29:39 -08:00 |
|