mbiryukova/certificates

Author	SHA1	Message	Date
Herman Slatman	54610e890b	Improve error logging	2021-05-07 00:23:09 +02:00
Herman Slatman	d0a9cbc797	Change fmt to errors package for formatting errors	2021-05-07 00:22:06 +02:00
Herman Slatman	ff1b46c95d	Add configuration option for specifying the minimum public key length Instead of using the defaultPublicKeyValidator a new validator called publicKeyMinimumLengthValidator has been implemented that uses a configurable minimum length for public keys in CSRs. It's also an option to alter the defaultPublicKeyValidator to also take a parameter, but that would touch quite some lines of code. This might be a viable option after merging SCEP support.	2021-05-06 22:56:28 +02:00
Herman Slatman	c04f556dc2	Merge branch 'master' into hs/scep	2021-05-06 22:00:29 +02:00
Mariano Cano	5a6517ca5b	Merge pull request #561 from LecrisUT/master Check admin privileges from group membership	2021-05-05 16:57:13 -07:00
Cristian Le	d7eec869c2	Fix the previous tests	2021-05-05 10:37:30 +09:00
Cristian Le	c2d30f7260	gofmt everything	2021-05-05 10:29:47 +09:00
Cristian Le	f38a72a62b	Leftover from previous commit	2021-05-05 10:17:08 +09:00
Cristian Le	1d2445e1d8	Removed the variadic username Could be useful later on, but for the current PR changes should be minimized	2021-05-05 10:12:38 +09:00
Cristian Le	9e00b82bdf	Revert `oidc_test.go` Moving the `preferred_username` to a separate PR	2021-05-05 08:49:03 +09:00
Cristian Le	cd67d64eec	Merge remote-tracking branch 'origin/master'	2021-05-05 08:16:14 +09:00
Cristian Le	decf0fc8ce	Revert using preferred_username It might present a security issue if the users can change this value for themselves. Needs further investigation	2021-05-05 08:15:26 +09:00
Cristian Le	21732f213b	Fix shadow issue in CI	2021-05-05 08:15:26 +09:00
Mariano Cano	08e5ec6ad1	Fix IsAdminGroup comment.	2021-05-05 08:15:26 +09:00
Mariano Cano	46c1dc80fb	Use map[string]struct{} instead of map[string]bool	2021-05-05 08:15:26 +09:00
Mariano Cano	aafac179a5	Add test for oidc with preferred usernames.	2021-05-05 08:15:26 +09:00
Cristian Le	f730c0bec4	Sanitize usernames	2021-05-05 08:15:26 +09:00
Cristian Le	48666792c7	Draft: adding usernames to GetIdentityFunc	2021-05-05 08:15:26 +09:00
Cristian Le	79eec83f3e	Rename and reformat to PreferredUsername	2021-05-05 08:15:26 +09:00
Cristian Le	09a21fef26	Implement #550 - Read `preferred_username` from token - Add `preferred_username` to the default Usernames - Check the `admin` array for admin groups that the user might belong to	2021-05-05 08:15:26 +09:00
Cristian Le	bb1e051b27	Revert using preferred_username It might present a security issue if the users can change this value for themselves. Needs further investigation	2021-05-05 08:12:17 +09:00
Max	1ee288f9fb	Merge pull request #565 from smallstep/max/load-init Init config on load \| Add wrapper for cli	2021-05-04 15:02:41 -07:00
max furman	8c709fe3c2	Init config on load \| Add wrapper for cli	2021-05-04 14:45:11 -07:00
max furman	9a156d2210	Remove distribution doc.	2021-05-04 12:30:05 -07:00
max furman	bc4bf224e8	[action] Add needs-triage labeler	2021-05-04 11:30:20 -07:00
Cristian Le	e5b206c1de	Fix shadow issue in CI	2021-05-04 13:47:17 +09:00
Carl Tashian	0295280c20	Merge branch 'master' of https://github.com/smallstep/certificates	2021-05-03 16:19:47 -07:00
Carl Tashian	25325b6970	Revert systemd renewer unit change that was incorrect This reverts commit `75f24a103a`.	2021-05-03 16:19:36 -07:00
Mariano Cano	484b30d0a1	Fix IsAdminGroup comment.	2021-04-29 18:47:17 -07:00
Mariano Cano	9cc410b308	Use map[string]struct{} instead of map[string]bool	2021-04-29 18:40:04 -07:00
Mariano Cano	c8eb771a8e	Add test for oidc with preferred usernames.	2021-04-29 18:37:48 -07:00
Cristian Le	8b1ab30212	Sanitize usernames	2021-04-30 09:41:06 +09:00
Cristian Le	bf364f0a5f	Draft: adding usernames to GetIdentityFunc	2021-04-30 09:14:28 +09:00
Cristian Le	861ef80e0d	Rename and reformat to PreferredUsername	2021-04-30 08:44:41 +09:00
Mariano Cano	b9b1ac04d1	Merge pull request #562 from smallstep/renew-db-interface Renew DB interface and Rekey	2021-04-29 16:28:46 -07:00
Mariano Cano	5846314f88	Add missing Rekey method to the ca.Client Fixes #315	2021-04-29 16:06:45 -07:00
Mariano Cano	2cbaee9c1d	Allow to use an alternative interface to store renewed certs. This can be useful to know if a certificate has been renewed and link one certificate with the 'parent'.	2021-04-29 15:55:22 -07:00
Herman Slatman	68d5f6d0d2	Merge branch 'master' into hs/scep	2021-04-29 22:18:00 +02:00
Cristian Le	55fbcfb3be	Implement #550 - Read `preferred_username` from token - Add `preferred_username` to the default Usernames - Check the `admin` array for admin groups that the user might belong to	2021-04-29 15:44:21 +09:00
Mariano Cano	582d6b161d	Merge pull request #531 from smallstep/tls-tunnel Add experimental support for a TLS over TLS tunnel.	2021-04-26 18:51:33 -07:00
Mariano Cano	1328aa3e47	Fix review comments.	2021-04-26 18:45:46 -07:00
Mariano Cano	d3c6bcbcce	Merge pull request #553 from smallstep/store-chain Add extension of db.AuthDB to store the fullchain	2021-04-26 14:37:05 -07:00
Mariano Cano	e6833ecee3	Add extension of db.AuthDB to store the fullchain. Add a temporary solution to allow an extension of an db.AuthDB interface that logs the fullchain of certificates instead of just the leaf.	2021-04-26 12:28:51 -07:00
Mariano Cano	50b9aaec57	Add new identity tests.	2021-04-21 18:07:59 -07:00
Mariano Cano	e414d0c8ea	Fix unit tests.	2021-04-21 16:20:53 -07:00
Mariano Cano	c5234e9c61	Refactor tls tunnel connections. New method will use an identity-like file with the configuration used to create the (m)TLS connection to the tunnel.	2021-04-21 16:20:53 -07:00
Mariano Cano	180b5c3e3c	Fix typo.	2021-04-21 16:20:53 -07:00
Mariano Cano	e75a9409a5	Add experimental support for a TLS over TLS tunnel.	2021-04-21 16:20:53 -07:00
Carl Tashian	75f24a103a	Sync cert renewer service with docs	2021-04-20 17:04:18 -07:00
Carl Tashian	e50c5bc4b1	Remove pronoun	2021-04-19 12:08:42 -07:00

... 2 3 4 5 6 ...

2002 commits