Carl Tashian
e305940448
Small docs cleanup
2021-05-10 15:14:29 -07:00
Carl Tashian
6f0f023d2c
Small docs cleanup
2021-05-10 14:43:05 -07:00
Carl Tashian
08f9bc0031
Merge pull request #567 from FibreFoX/master
...
Added missing hints for running step-ca on Raspberry Pi
2021-05-10 13:04:32 -07:00
Carl Tashian
8e1343224c
Add arm6 to goreleaser
2021-05-10 09:59:33 -07:00
FibreFoX
9607691f9c
Added missing hints for running step-ca on Raspberry Pi
...
See #351 , #344 , #279
2021-05-08 22:28:22 +02:00
Mariano Cano
1788d09b44
Merge pull request #566 from smallstep/ed25519-improvements
...
Ed25519 improvements
2021-05-07 10:05:46 -07:00
Herman Slatman
877fc9ae8c
Add tests for CreateDecrypter
2021-05-07 15:32:07 +02:00
Mariano Cano
26e7cc6177
Allow to use the SDK with ed25519 keys.
2021-05-06 18:10:12 -07:00
Mariano Cano
c1c986922b
Show Ed25519 in the public-key log field.
2021-05-06 18:09:40 -07:00
Herman Slatman
a3ec890e71
Fix small typo in divisible
2021-05-07 00:31:34 +02:00
Herman Slatman
54610e890b
Improve error logging
2021-05-07 00:23:09 +02:00
Herman Slatman
d0a9cbc797
Change fmt to errors package for formatting errors
2021-05-07 00:22:06 +02:00
Herman Slatman
ff1b46c95d
Add configuration option for specifying the minimum public key length
...
Instead of using the defaultPublicKeyValidator a new validator called
publicKeyMinimumLengthValidator has been implemented that uses a
configurable minimum length for public keys in CSRs.
It's also an option to alter the defaultPublicKeyValidator to also
take a parameter, but that would touch quite some lines of code. This
might be a viable option after merging SCEP support.
2021-05-06 22:56:28 +02:00
Herman Slatman
c04f556dc2
Merge branch 'master' into hs/scep
2021-05-06 22:00:29 +02:00
Mariano Cano
5a6517ca5b
Merge pull request #561 from LecrisUT/master
...
Check admin privileges from group membership
2021-05-05 16:57:13 -07:00
Cristian Le
d7eec869c2
Fix the previous tests
2021-05-05 10:37:30 +09:00
Cristian Le
c2d30f7260
gofmt everything
2021-05-05 10:29:47 +09:00
Cristian Le
f38a72a62b
Leftover from previous commit
2021-05-05 10:17:08 +09:00
Cristian Le
1d2445e1d8
Removed the variadic username
...
Could be useful later on, but for the current PR changes should be minimized
2021-05-05 10:12:38 +09:00
Cristian Le
9e00b82bdf
Revert oidc_test.go
...
Moving the `preferred_username` to a separate PR
2021-05-05 08:49:03 +09:00
Cristian Le
cd67d64eec
Merge remote-tracking branch 'origin/master'
2021-05-05 08:16:14 +09:00
Cristian Le
decf0fc8ce
Revert using preferred_username
...
It might present a security issue if the users can change this value for themselves. Needs further investigation
2021-05-05 08:15:26 +09:00
Cristian Le
21732f213b
Fix shadow issue in CI
2021-05-05 08:15:26 +09:00
Mariano Cano
08e5ec6ad1
Fix IsAdminGroup comment.
2021-05-05 08:15:26 +09:00
Mariano Cano
46c1dc80fb
Use map[string]struct{} instead of map[string]bool
2021-05-05 08:15:26 +09:00
Mariano Cano
aafac179a5
Add test for oidc with preferred usernames.
2021-05-05 08:15:26 +09:00
Cristian Le
f730c0bec4
Sanitize usernames
2021-05-05 08:15:26 +09:00
Cristian Le
48666792c7
Draft: adding usernames to GetIdentityFunc
2021-05-05 08:15:26 +09:00
Cristian Le
79eec83f3e
Rename and reformat to PreferredUsername
2021-05-05 08:15:26 +09:00
Cristian Le
09a21fef26
Implement #550
...
- Read `preferred_username` from token
- Add `preferred_username` to the default Usernames
- Check the `admin` array for admin groups that the user might belong to
2021-05-05 08:15:26 +09:00
Cristian Le
bb1e051b27
Revert using preferred_username
...
It might present a security issue if the users can change this value for themselves. Needs further investigation
2021-05-05 08:12:17 +09:00
Max
1ee288f9fb
Merge pull request #565 from smallstep/max/load-init
...
Init config on load | Add wrapper for cli
2021-05-04 15:02:41 -07:00
max furman
8c709fe3c2
Init config on load | Add wrapper for cli
2021-05-04 14:45:11 -07:00
max furman
9a156d2210
Remove distribution doc.
2021-05-04 12:30:05 -07:00
max furman
bc4bf224e8
[action] Add needs-triage labeler
2021-05-04 11:30:20 -07:00
Cristian Le
e5b206c1de
Fix shadow issue in CI
2021-05-04 13:47:17 +09:00
Carl Tashian
0295280c20
Merge branch 'master' of https://github.com/smallstep/certificates
2021-05-03 16:19:47 -07:00
Carl Tashian
25325b6970
Revert systemd renewer unit change that was incorrect
...
This reverts commit 75f24a103a
.
2021-05-03 16:19:36 -07:00
Mariano Cano
484b30d0a1
Fix IsAdminGroup comment.
2021-04-29 18:47:17 -07:00
Mariano Cano
9cc410b308
Use map[string]struct{} instead of map[string]bool
2021-04-29 18:40:04 -07:00
Mariano Cano
c8eb771a8e
Add test for oidc with preferred usernames.
2021-04-29 18:37:48 -07:00
Cristian Le
8b1ab30212
Sanitize usernames
2021-04-30 09:41:06 +09:00
Cristian Le
bf364f0a5f
Draft: adding usernames to GetIdentityFunc
2021-04-30 09:14:28 +09:00
Cristian Le
861ef80e0d
Rename and reformat to PreferredUsername
2021-04-30 08:44:41 +09:00
Mariano Cano
b9b1ac04d1
Merge pull request #562 from smallstep/renew-db-interface
...
Renew DB interface and Rekey
2021-04-29 16:28:46 -07:00
Mariano Cano
5846314f88
Add missing Rekey method to the ca.Client
...
Fixes #315
2021-04-29 16:06:45 -07:00
Mariano Cano
2cbaee9c1d
Allow to use an alternative interface to store renewed certs.
...
This can be useful to know if a certificate has been renewed and
link one certificate with the 'parent'.
2021-04-29 15:55:22 -07:00
Herman Slatman
68d5f6d0d2
Merge branch 'master' into hs/scep
2021-04-29 22:18:00 +02:00
Cristian Le
55fbcfb3be
Implement #550
...
- Read `preferred_username` from token
- Add `preferred_username` to the default Usernames
- Check the `admin` array for admin groups that the user might belong to
2021-04-29 15:44:21 +09:00
Joe Julian
0369151bfa
use InsecureSkipVerify for validation
...
The server will not yet have a valid certificate so we need to disable
certificate validation in the HTTPGetter.
2021-04-27 08:18:35 -07:00