Mariano Cano
d461918eb0
Merge branch 'master' into context-authority
2022-05-06 13:21:41 -07:00
Herman Slatman
65090daac3
Merge pull request #788 from smallstep/herman/allow-deny
...
Add allow/deny policy for x509 SANs and SSH Principals
2022-05-06 19:11:34 +02:00
Herman Slatman
cc26a0b394
Explicitly disable wildcard Common Name constraint
2022-05-06 13:58:48 +02:00
Herman Slatman
0f4ffa504a
Fix linting issues
2022-05-06 13:23:09 +02:00
Herman Slatman
7104299119
Add full policy validation in API
2022-05-06 13:12:13 +02:00
Mariano Cano
2ea0c70344
Move acme context middleware to deprecated handler
2022-05-05 12:25:07 -07:00
Herman Slatman
ed231d29e2
Update to go.step.sm/linkedca@v0.16.1
2022-05-05 15:57:47 +02:00
Herman Slatman
105211392c
Don't rely on linkedca model stability in API response bodies
2022-05-05 14:10:52 +02:00
Herman Slatman
5e9bce508d
Unexport GetPolicy()
2022-05-05 12:32:53 +02:00
Herman Slatman
f0272dc717
Fix import replacement of linkedca
2022-05-05 11:10:21 +02:00
Herman Slatman
60d8b22d89
Change context retrievers to MustTFromContext
2022-05-05 11:05:57 +02:00
Mariano Cano
d51c6b7d83
Make step handler backward compatible
2022-05-04 19:20:34 -07:00
Mariano Cano
43ddcf2efe
Do not use deprecated AuthorizeSign
2022-05-04 17:35:34 -07:00
vijayjt
02c0ae81ac
Allow KMS type to be specified in the helm chart template if specified on the command line.
2022-05-05 00:10:59 +01:00
Mariano Cano
62d93a644e
Apply base context to test of the ca package
2022-05-02 19:39:50 -07:00
Mariano Cano
9147356d8a
Fix linter errors
2022-05-02 18:47:47 -07:00
Mariano Cano
a8a4261980
Fix authority/admin/api tests
2022-05-02 18:39:03 -07:00
Mariano Cano
2ab7dc6f9d
Fix acme tests.
2022-05-02 18:09:26 -07:00
Mariano Cano
ba499eeb2a
Fix acme/api tests.
2022-05-02 17:40:10 -07:00
Mariano Cano
6f9d847bc6
Fix panic in acme/api tests.
2022-05-02 17:35:35 -07:00
Herman Slatman
723c4c14c0
Merge branch 'master' into herman/allow-deny
2022-05-02 16:29:00 +02:00
Herman Slatman
77893ea55c
Change authority policy to use dbPolicy model
2022-05-02 15:55:26 +02:00
Herman Slatman
13173ec8a2
Fix SCEP GET requests
2022-05-01 22:29:17 +02:00
max furman
4cb74e7d8b
fix linter warnings
2022-04-30 13:08:28 -07:00
Herman Slatman
d82e51b748
Update AllowWildcardNames configuration name
2022-04-29 15:08:19 +02:00
Mariano Cano
d1f75f1720
Refactor ACME api.
2022-04-28 19:15:18 -07:00
Mariano Cano
fddd6f7d95
Move linker to the acme package.
2022-04-28 15:15:50 -07:00
Mariano Cano
55b0f72821
Add context methods for the acme linker.
2022-04-28 15:14:15 -07:00
Herman Slatman
2b7f6931f3
Change Subject Common Name verification
...
Subject Common Names can now also be configured to be allowed or
denied, similar to SANs. When a Subject Common Name is not explicitly
allowed or denied, its type will be determined and its value will be
validated according to the constraints for that type of name (i.e. URI).
2022-04-28 14:49:23 +02:00
Mariano Cano
bb8d85a201
Fix unit tests - work in progress
2022-04-27 19:08:16 -07:00
Mariano Cano
42435ace64
Use scep authority from context
...
This commit also converts all the methods from the handler to
functions.
2022-04-27 18:06:53 -07:00
Mariano Cano
688f9ceb56
Add scep authority to context.
2022-04-27 18:02:37 -07:00
Mariano Cano
216d8f0efb
Handle acme requests with the new api
2022-04-27 15:44:41 -07:00
Mariano Cano
d13537d426
Use context in the acme handlers.
2022-04-27 15:42:26 -07:00
Mariano Cano
439cb81b13
Use admin Route function
2022-04-27 12:16:16 -07:00
Mariano Cano
8bd4e1d73e
Inject the acme database in the context
2022-04-27 12:13:16 -07:00
Mariano Cano
bd412c9f42
Add context methods for the acme database
2022-04-27 12:11:00 -07:00
Mariano Cano
0446e82320
Add context methods for the authority database
2022-04-27 12:05:19 -07:00
Mariano Cano
00f181dec3
Use contexts in admin api handlers
2022-04-27 11:59:32 -07:00
Mariano Cano
623c296555
Create context methods from admin database
2022-04-27 11:58:52 -07:00
max furman
88a1bf17cf
Update to pull request template
2022-04-27 11:40:43 -07:00
Mariano Cano
48e2fabeb8
Add authority.MustFromContext
2022-04-27 11:38:06 -07:00
Mariano Cano
d5070ecf31
Use server BaseContext
...
Instead of using the authority middleware this change adds the
authority in the base context of the server.
2022-04-27 11:06:55 -07:00
Mariano Cano
817af3d696
Fix unit tests on the api package
2022-04-27 10:38:53 -07:00
Carl Tashian
c82296b7cd
Merge pull request #910 from jschlyter/docker_hsm
...
Dockerfile for HSM-enabled Step CA
2022-04-27 09:37:43 -07:00
Mariano Cano
a93653ea8e
Use api.Route instead of the caHandler.
2022-04-26 14:32:55 -07:00
Mariano Cano
a6b8e65d69
Retrieve the authority from the context in api methods.
2022-04-26 12:58:40 -07:00
Mariano Cano
900a640f01
Enable the authority middleware in the server
2022-04-26 12:55:28 -07:00
Mariano Cano
9628fa3562
Add methods to store and retrieve an authority from the context.
2022-04-26 12:54:54 -07:00
Herman Slatman
74a6e59b1f
Add tests for ProtoJSON and bad proto messages
2022-04-26 14:56:42 +02:00