Commit graph

158 commits

Author SHA1 Message Date
max furman
672e3f976e Few ACME fixes ...
- always URL escape linker output
- validateJWS should accept RSAPSS
- GetUpdateAccount -> GetOrUpdateAccount
2021-04-12 19:06:07 -07:00
max furman
df05340521 fixing broken unit tests 2021-03-25 12:05:46 -07:00
max furman
f72b2ff2c2 [acme db interface] nosql authz unit tests 2021-03-25 12:05:46 -07:00
max furman
074ab7b221 [acme db interface] add linker tests 2021-03-25 12:05:46 -07:00
max furman
bb8d54e596 [acme db interface] unit tests compiling 2021-03-25 12:05:46 -07:00
max furman
fc395f4d69 [acme db interface] compiles! 2021-03-25 12:05:46 -07:00
max furman
80a6640103 [acme db interface] wip 2021-03-25 12:05:46 -07:00
Mariano Cano
5be86691c1 Fix unit tests in Go 1.16. 2021-02-23 15:29:56 -08:00
Mariano Cano
b487edbd13 Clarify comment. 2021-02-11 17:38:14 -08:00
Mariano Cano
fbd2208044 Close key manager for safe reloads when a cgo module is used. 2021-02-01 17:14:44 -08:00
Mariano Cano
40d0596b71 Use smallstep/cli-utils instead of smallstep/cli 2020-10-29 13:10:03 -07:00
Mariano Cano
ba918100d0 Use go.step.sm/crypto/jose
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
2020-08-24 14:44:11 -07:00
Mariano Cano
d30a95236d Use always go.step.sm/crypto 2020-08-14 15:33:50 -07:00
Mariano Cano
533ad0ca20 Use always go.step.sm/crypto/x509util 2020-08-11 17:59:33 -07:00
Mariano Cano
4943ae58d8 Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates. 2020-08-10 15:29:18 -07:00
Mariano Cano
e83e47a91e Use sshutil and randutil from go.step.sm/crypto. 2020-08-10 11:26:51 -07:00
Mariano Cano
6c64fb3ed2 Rename provisioner options structs:
* provisioner.ProvisionerOptions => provisioner.Options
* provisioner.Options => provisioner.SignOptions
* provisioner.SSHOptions => provisioner.SingSSHOptions
2020-07-22 18:24:45 -07:00
Mariano Cano
44207523be Add missing tests. 2020-07-21 14:21:54 -07:00
Mariano Cano
0c8376a7f6 Fix existing unit tests. 2020-07-21 14:21:54 -07:00
max furman
1951669e13 wip 2020-06-23 11:10:45 -07:00
max furman
6e69f99310 Always set nbf and naf for new ACME orders ...
- Use the default value from the ACME provisioner if values are not
defined in the request.
2020-05-22 10:31:58 -07:00
Mariano Cano
9f1d95d8bf Fix renew of certificate at the start of the server. 2020-05-07 18:21:11 -07:00
Mariano Cano
1d7ab9145a Avoid lint error. 2020-03-24 14:33:01 -07:00
Mariano Cano
0b62ce9d0e Use go 1.13 to build certificates. 2020-03-24 14:23:02 -07:00
max furman
495e60a44b Extraneous fmt.Sprintf 2020-03-23 12:15:46 -07:00
Mariano Cano
349bca06bb Fix line error due to deprecated DialTLS. 2020-03-05 15:11:03 -08:00
Mariano Cano
f5d2f92099 Load identity certificate from disk in each connection. 2020-03-04 15:02:17 -08:00
Ivan Bertona
9052da66a3 Fix linter, tidy go.mod file. 2020-02-07 14:42:56 -05:00
Mariano Cano
3d6a18180e Fix a couple of race conditions in the renewal of certificates. 2020-01-28 13:29:40 -08:00
max furman
1cb8bb3ae1 Simplify statuscoder error generators. 2020-01-28 13:29:40 -08:00
max furman
dccbdf3a90 Introduce generalized statusCoder errors and loads of ssh unit tests.
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
2020-01-28 13:29:40 -08:00
Mariano Cano
a025f72af7 Disable backdata on ca tests. 2020-01-28 13:29:39 -08:00
Mariano Cano
a88ba8eb31 Use errs package for HTTP errors. 2020-01-28 13:29:39 -08:00
Mariano Cano
47f4ac1b53 Add method to just write the identity certificate. 2020-01-28 13:29:39 -08:00
Mariano Cano
14e59775bd Add method to renew the identity. 2020-01-28 13:29:39 -08:00
max furman
9aafe265d0 Should be returning nil from applyIdentity if cert expired. 2020-01-28 13:29:39 -08:00
max furman
b9f6aacb0f Move api errors to their own package and modify the typedef 2020-01-28 13:29:39 -08:00
Mariano Cano
65b4dda420 Add wrappers to identity methods in the ca package. 2020-01-28 13:29:39 -08:00
Mariano Cano
524c221c61 Add mTLS test for identity client. 2020-01-28 13:29:39 -08:00
Mariano Cano
25144539f8 Improve identity tests. 2020-01-28 13:29:39 -08:00
Mariano Cano
d85386d0b4 Add identity client and move identity to a new package. 2020-01-28 13:29:39 -08:00
Mariano Cano
9e7b86342b Fix test. 2020-01-28 13:29:39 -08:00
Mariano Cano
c6f6493bb7 Fail silently if the identity fails. 2020-01-28 13:29:39 -08:00
max furman
3ac388612a Use x5cInsecure token for /ssh/check-host endpoint 2020-01-28 13:29:39 -08:00
Mariano Cano
ab126d6405 Add GetTransport to client. 2020-01-28 13:29:39 -08:00
Mariano Cano
2259f62638 Add method to create an ssh token. 2020-01-28 13:29:39 -08:00
Mariano Cano
caa2b8dbb7 Add leeway in identity not before. 2020-01-28 13:29:39 -08:00
max furman
0512f6e3e5 redundant variable type def 2020-01-28 13:29:39 -08:00
Mariano Cano
d2b1f1547f Create a custom client that sends a custom User-Agent. 2020-01-28 13:29:39 -08:00
Mariano Cano
5d7829b198 Replace /ssh/get-hosts to /ssh/hosts 2020-01-28 13:29:39 -08:00