Commit graph

30 commits

Author SHA1 Message Date
Mariano Cano
47bd5a80d9
Set dialer local address with STEP_CLIENT_ADDR
The environment variable STEP_CLIENT_ADDR can be used to set the local
address to use when dialing an address. This can be useful when step
is behind an CIDR-based ACL.

Fixes smallstep/cli#730
2022-11-09 15:49:19 -08:00
max furman
ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors 2022-09-20 16:35:41 -07:00
Mariano Cano
23b8f45b37 Address gosec warnings
Most if not all false positives
2022-08-18 17:46:20 -07:00
Herman Slatman
a7dd3a986f
Set nil dial context for js/wasm runtime 2022-05-25 16:51:26 +02:00
Mariano Cano
ad8a813abe Fix linter errors 2022-03-21 16:53:57 -07:00
Mariano Cano
36b622bfc2 Use Golang's default keep-alive.
Since Go 1.13 a net.Listen keep-alive is enabled by default if
the protocol and OS supports it. The new one is 15s to match
the net.Dial default one. Previously http.Server ListenAndServe
and ListenAndServeTLS used to add a wrapper with 3m that we
replicated.

See https://github.com/golang/go/issues/31510
2021-10-15 14:12:43 -07:00
max furman
933b40a02a Introduce gocritic linter and address warnings 2021-10-08 14:59:57 -04:00
max furman
7b5d6968a5 first commit 2021-05-19 15:20:16 -07:00
Mariano Cano
26e7cc6177 Allow to use the SDK with ed25519 keys. 2021-05-06 18:10:12 -07:00
Mariano Cano
1328aa3e47 Fix review comments. 2021-04-26 18:45:46 -07:00
Mariano Cano
c5234e9c61 Refactor tls tunnel connections.
New method will use an identity-like file with the configuration
used to create the (m)TLS connection to the tunnel.
2021-04-21 16:20:53 -07:00
Mariano Cano
e75a9409a5 Add experimental support for a TLS over TLS tunnel. 2021-04-21 16:20:53 -07:00
Mariano Cano
44207523be Add missing tests. 2020-07-21 14:21:54 -07:00
Mariano Cano
1d7ab9145a Avoid lint error. 2020-03-24 14:33:01 -07:00
Mariano Cano
0b62ce9d0e Use go 1.13 to build certificates. 2020-03-24 14:23:02 -07:00
Mariano Cano
349bca06bb Fix line error due to deprecated DialTLS. 2020-03-05 15:11:03 -08:00
Mariano Cano
b4739c185d Remove unnecessary method GetCertificateRenewer. 2019-04-12 11:10:56 -07:00
Mariano Cano
fa216ccaad Use SetTransport method. 2019-04-12 11:06:38 -07:00
Mariano Cano
8d2de64811 Add method to get a certificate renewer. 2019-04-03 11:08:09 -07:00
Mariano Cano
f1f6c548ad Fix typo. 2019-02-06 16:48:20 -08:00
Mariano Cano
d394dd233a Initiate default RootCAs/ClientCAs when no options are passed. 2019-01-23 14:33:16 -08:00
Mariano Cano
25eba1a96c WIP on the safely rotate of root and federated certificates.
Fixes #23
2019-01-22 19:54:12 -08:00
Mariano Cano
518b597535 Remove mTLS client requirement in /roots and /federation 2019-01-11 19:08:08 -08:00
Mariano Cano
10aaece1b0 Update root certificates on renew. 2019-01-09 13:20:28 -08:00
Mariano Cano
d296cf95a9 Add mTLS request to get all the root CAs, not the federated ones. 2019-01-07 17:48:56 -08:00
Mariano Cano
722bcb7e7a Add initial support for federated root certificates. 2019-01-04 17:51:32 -08:00
Mariano Cano
d872f09910 Use mTLS by default on SDK methods.
Add options to modify the tls.Config for different configurations.
Fixes #7
2018-11-21 13:31:09 -08:00
Mariano Cano
9c64dbda9a Add helpers to add direct support for mTLS. 2018-11-07 16:07:35 -08:00
max furman
c74fcd57a7 ca-component -> certificates
* fix redundant error check
* add README
2018-10-31 21:36:01 -07:00
max furman
c284a2c0ab first commit 2018-10-05 21:48:36 +00:00