Mariano Cano
|
4943ae58d8
|
Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates.
|
2020-08-10 15:29:18 -07:00 |
|
Mariano Cano
|
e83e47a91e
|
Use sshutil and randutil from go.step.sm/crypto.
|
2020-08-10 11:26:51 -07:00 |
|
Mariano Cano
|
6c64fb3ed2
|
Rename provisioner options structs:
* provisioner.ProvisionerOptions => provisioner.Options
* provisioner.Options => provisioner.SignOptions
* provisioner.SSHOptions => provisioner.SingSSHOptions
|
2020-07-22 18:24:45 -07:00 |
|
Mariano Cano
|
44207523be
|
Add missing tests.
|
2020-07-21 14:21:54 -07:00 |
|
Mariano Cano
|
0c8376a7f6
|
Fix existing unit tests.
|
2020-07-21 14:21:54 -07:00 |
|
max furman
|
1951669e13
|
wip
|
2020-06-23 11:10:45 -07:00 |
|
max furman
|
6e69f99310
|
Always set nbf and naf for new ACME orders ...
- Use the default value from the ACME provisioner if values are not
defined in the request.
|
2020-05-22 10:31:58 -07:00 |
|
Mariano Cano
|
9f1d95d8bf
|
Fix renew of certificate at the start of the server.
|
2020-05-07 18:21:11 -07:00 |
|
Mariano Cano
|
1d7ab9145a
|
Avoid lint error.
|
2020-03-24 14:33:01 -07:00 |
|
Mariano Cano
|
0b62ce9d0e
|
Use go 1.13 to build certificates.
|
2020-03-24 14:23:02 -07:00 |
|
max furman
|
495e60a44b
|
Extraneous fmt.Sprintf
|
2020-03-23 12:15:46 -07:00 |
|
Mariano Cano
|
349bca06bb
|
Fix line error due to deprecated DialTLS.
|
2020-03-05 15:11:03 -08:00 |
|
Mariano Cano
|
f5d2f92099
|
Load identity certificate from disk in each connection.
|
2020-03-04 15:02:17 -08:00 |
|
Ivan Bertona
|
9052da66a3
|
Fix linter, tidy go.mod file.
|
2020-02-07 14:42:56 -05:00 |
|
Mariano Cano
|
3d6a18180e
|
Fix a couple of race conditions in the renewal of certificates.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
1cb8bb3ae1
|
Simplify statuscoder error generators.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
dccbdf3a90
|
Introduce generalized statusCoder errors and loads of ssh unit tests.
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
|
2020-01-28 13:29:40 -08:00 |
|
Mariano Cano
|
a025f72af7
|
Disable backdata on ca tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
a88ba8eb31
|
Use errs package for HTTP errors.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
47f4ac1b53
|
Add method to just write the identity certificate.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
14e59775bd
|
Add method to renew the identity.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
9aafe265d0
|
Should be returning nil from applyIdentity if cert expired.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
b9f6aacb0f
|
Move api errors to their own package and modify the typedef
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
65b4dda420
|
Add wrappers to identity methods in the ca package.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
524c221c61
|
Add mTLS test for identity client.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
25144539f8
|
Improve identity tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
d85386d0b4
|
Add identity client and move identity to a new package.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
9e7b86342b
|
Fix test.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
c6f6493bb7
|
Fail silently if the identity fails.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
3ac388612a
|
Use x5cInsecure token for /ssh/check-host endpoint
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
ab126d6405
|
Add GetTransport to client.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
2259f62638
|
Add method to create an ssh token.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
caa2b8dbb7
|
Add leeway in identity not before.
|
2020-01-28 13:29:39 -08:00 |
|
max furman
|
0512f6e3e5
|
redundant variable type def
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
d2b1f1547f
|
Create a custom client that sends a custom User-Agent.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
5d7829b198
|
Replace /ssh/get-hosts to /ssh/hosts
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
2fe07cd79c
|
Fix tests.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
85d3843968
|
Add Identity helpers.
|
2020-01-28 13:29:39 -08:00 |
|
Mariano Cano
|
50188fc901
|
Add version support to the ca.Client.
|
2020-01-28 13:28:17 -08:00 |
|
Mariano Cano
|
db3b795eea
|
Fix directory permissions.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
bbaf8e106e
|
Support for retry and identity files.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
d555f310dc
|
Add support for identity authentication.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
f9e5b27e63
|
Add client method for SSHBastion
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
29853ae016
|
sshpop provisioner + ssh renew | revoke | rekey first pass
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
862d704f6b
|
get-hosts fixes
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
5616386eed
|
Add SSH getHosts api
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
b8817ad648
|
Add proxycommand and new lines to templates.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
37f17213bb
|
Add initial support for check-host endpoint.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
d08db4df23
|
Rename SSH methods.
|
2020-01-28 13:28:16 -08:00 |
|
Mariano Cano
|
b5bc249e1c
|
Add support for multiple ssh roots.
Fixes #125
|
2020-01-28 13:28:16 -08:00 |
|