Commit graph

742 commits

Author SHA1 Message Date
Herman Slatman
91d51c2b88
Add allow/deny to Nebula provisioner 2022-01-14 13:06:32 +01:00
Herman Slatman
d9c56d67cc
Merge branch 'master' into herman/allow-deny 2022-01-14 12:58:07 +01:00
Herman Slatman
988efc8cd4
Merge pull request #792 from smallstep/herman/improve-template-errors
Improve errors related to template execution failures
2022-01-12 21:38:51 +01:00
Herman Slatman
50c3bce98d
Change if/if to if/else-if when checking the type of JSON error 2022-01-12 21:34:38 +01:00
max furman
4afcdd55ff Update doc line on WithSSHGetHosts 2022-01-12 12:25:04 -08:00
Herman Slatman
a3cf6bac36
Add special handling for *json.UnmarshalTypeError 2022-01-12 11:15:39 +01:00
Herman Slatman
0475a4d26f
Refactor extraction of JSON template syntax errors 2022-01-12 10:41:36 +01:00
Herman Slatman
a5455d3572
Improve errors related to template execution failures (slightly) 2022-01-10 15:49:37 +01:00
Mariano Cano
de549adf2d Do not add extra new lines when creating nebula provisioners 2022-01-07 11:24:59 -08:00
Mariano Cano
0920224816 Fix error message. 2022-01-07 11:09:32 -08:00
Mariano Cano
449a9fdfd6 Address review comments. 2022-01-06 12:00:58 -08:00
Mariano Cano
b424aa3dc1 Add nebula header and use der version of certificate. 2022-01-06 11:19:46 -08:00
Mariano Cano
f49a4b326f Add missing comments. 2022-01-05 10:54:09 -08:00
Mariano Cano
6600f1253e Fix error messages after review. 2022-01-05 10:12:49 -08:00
Mariano Cano
6a1d0cb9f8 Add linkedca conversions. 2022-01-04 18:42:57 -08:00
Mariano Cano
de51c2edfb More unit tests for nebula. 2022-01-04 18:16:41 -08:00
Mariano Cano
99845d38bb Add some extra unit tests for nebula. 2022-01-04 12:06:44 -08:00
Mariano Cano
76794ce613 Use default SANs without sans in the token.
Fix step claim condition in SSH
2022-01-04 12:05:58 -08:00
Herman Slatman
6bc0513468
Add more tests 2022-01-04 15:41:40 +01:00
Mariano Cano
9ec0276887 Update certificate set with new api. 2022-01-03 18:54:01 -08:00
Herman Slatman
9539729bd9
Add initial implementation of x509 and SSH allow/deny policy engine 2022-01-03 12:25:24 +01:00
Mariano Cano
cb72796a2d Fix decoding of certificate. 2021-12-29 16:07:05 -08:00
Mariano Cano
32390a2964 Add initial implementation of a nebula provisioner.
A nebula provisioner will generate a X509 or SSH certificate with
the identities in the nebula certificate embedded in the token.
The token is signed with the private key of the nebula certificate.
2021-12-29 14:12:03 -08:00
Herman Slatman
3bc3957b06
Merge branch 'master' into hs/acme-revocation 2021-12-09 09:36:52 +01:00
Mariano Cano
e0fee84694 Add comment about public key validator. 2021-12-03 15:24:42 -08:00
Herman Slatman
47a8a3c463
Add test case for ACME Revoke to Authority 2021-12-02 17:11:36 +01:00
Herman Slatman
a7fbbc4748
Add tests for GetCertificateBySerial 2021-11-28 21:20:57 +01:00
Herman Slatman
2d357da99b
Add tests for ACME revocation 2021-11-26 17:27:42 +01:00
Herman Slatman
c9cd876a7d
Merge branch 'master' into hs/acme-revocation 2021-11-25 00:40:56 +01:00
Mariano Cano
d35848f7a9 Fix unit tests. 2021-11-24 11:43:24 -08:00
Mariano Cano
c3f98fd04d Change some bad requests to forbidded.
Change in the sign options bad requests to forbidded if is the
provisioner the one adding a restriction, e.g. list of dns names,
validity, ...
2021-11-24 11:32:35 -08:00
Mariano Cano
ff04873a2a Change the default error type to forbidden in Sign.
The errors will also be propagated from sign options.
2021-11-23 18:58:16 -08:00
Mariano Cano
b9beab071d Fix unit tests. 2021-11-23 18:43:36 -08:00
Mariano Cano
507a272b4d Return always http errors in sign options. 2021-11-23 18:32:33 -08:00
Mariano Cano
a33709ce8d Fix sign ssh options tests. 2021-11-23 18:06:18 -08:00
Mariano Cano
1da7ea6646 Return always http errors in sign ssh options. 2021-11-23 17:52:39 -08:00
Mariano Cano
031d4d7000 Return BadRequest when validating sign options. 2021-11-23 17:52:17 -08:00
Mariano Cano
bb26799583 Modify errs.Wrap with forbidden errors. 2021-11-23 12:04:51 -08:00
Herman Slatman
2d50c96d99
Merge branch 'master' into hs/acme-revocation 2021-11-19 17:00:18 +01:00
Mariano Cano
b6ebd118fc Update temporal solution for sending message to users 2021-11-18 18:47:55 -08:00
Mariano Cano
668d3ea6c7 Modify errs.Wrap() with bad request to send messages to users. 2021-11-18 18:44:58 -08:00
Mariano Cano
8c8db0d4b7 Modify errs.BadRequestErr() to always return an error to the client. 2021-11-18 18:17:36 -08:00
Mariano Cano
8ce807a6cb Modify errs.BadRequest() calls to always send an error to the client. 2021-11-18 15:12:44 -08:00
Max
de2ce5cf9f
Merge pull request #692 from smallstep/max/context
Context management
2021-11-17 12:06:42 -08:00
Mariano Cano
440616cffa
Merge pull request #750 from smallstep/duration-errors
Report duration errors directly to the cli.
2021-11-17 12:06:31 -08:00
Mariano Cano
acd0bac025 Remove extra and in comment. 2021-11-17 12:03:29 -08:00
Mariano Cano
1aadd63cef Use always badRequest on duration errors. 2021-11-17 12:00:54 -08:00
Mariano Cano
41fec1577d Report duration errors directly to the cli. 2021-11-17 11:46:57 -08:00
max furman
7fac8c96c3 Merge branch 'master' into max/context 2021-11-17 11:40:01 -08:00
max furman
922d239171 Simplify conditional 2021-11-16 21:47:14 -08:00