Remi Vichery
b2c2eec76b
Add identity token for all Azure cloud environments
...
* Azure Public Cloud (default)
* Azure China Cloud
* Azure US Gov Cloud
* Azure German Cloud
2023-03-08 08:18:55 -08:00
github-actions[bot]
b8ee206f71
Merge pull request #1305 from smallstep/dependabot/go_modules/google.golang.org/api-0.111.0
...
Bump google.golang.org/api from 0.110.0 to 0.111.0
2023-03-06 09:36:27 -08:00
github-actions[bot]
201be0891f
Merge pull request #1307 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.25.2
...
Bump go.step.sm/crypto from 0.25.0 to 0.25.2
2023-03-06 09:32:46 -08:00
dependabot[bot]
dd43e9e09f
Bump google.golang.org/api from 0.110.0 to 0.111.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.110.0 to 0.111.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.110.0...v0.111.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-06 17:15:23 +00:00
dependabot[bot]
152a0a2f3e
Bump go.step.sm/crypto from 0.25.0 to 0.25.2
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.25.0 to 0.25.2.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.25.0...v0.25.2 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-06 17:15:03 +00:00
github-actions[bot]
4fb00940c6
Merge pull request #1308 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.7.0
...
Bump golang.org/x/crypto from 0.6.0 to 0.7.0
2023-03-06 09:07:35 -08:00
dependabot[bot]
6452afc45c
Bump golang.org/x/crypto from 0.6.0 to 0.7.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-06 16:08:09 +00:00
Herman Slatman
7c54154013
Merge pull request #1300 from smallstep/herman/pkcs7-rsa-oaep
2023-03-03 20:30:15 +01:00
Herman Slatman
702f844fa2
Add RSA-OAEP decryption support to changelog
2023-03-03 13:39:38 +01:00
Herman Slatman
4d6ecf9a48
Upgrade to latest smallstep/pkcs7
to fix RSA OAEP decryption
2023-03-03 13:33:44 +01:00
Mariano Cano
2eb90bf45e
Merge pull request #1298 from smallstep/badger-gc
...
Add support for compacting the badger db
2023-03-02 10:42:26 -08:00
Mariano Cano
7700bb77da
Remove old call to compact
2023-03-01 17:37:56 -08:00
Mariano Cano
831a1e35ea
Add support for compating the badger db
...
This commit adds a job that will compact the badger db periodically.
In the nosql package, when Compact is called, it will run badger's
RunValueLogGC method.
2023-03-01 17:16:34 -08:00
github-actions[bot]
f8adb0a51c
Merge pull request #1295 from smallstep/dependabot/go_modules/github.com/stretchr/testify-1.8.2
...
Bump github.com/stretchr/testify from 1.8.1 to 1.8.2
2023-02-27 09:20:50 -08:00
dependabot[bot]
fe63f3e832
Bump github.com/stretchr/testify from 1.8.1 to 1.8.2
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-27 16:05:54 +00:00
Mariano Cano
060a2f186c
Merge pull request #1294 from smallstep/fix-1292
...
Disable database if WithNoDB() option is passed
2023-02-24 15:48:05 -08:00
Mariano Cano
4fd9a9b92b
Disable database if WithNoDB() option is passed
...
This commit removes the database from the configuration if the ca was
initialized with the "--no-db" flag.
Fixes #1292
2023-02-24 15:40:48 -08:00
Mariano Cano
23423814d3
Merge pull request #1293 from LarsBingBong/patch-1
...
Mark the IDP critical in the generated CRL data.
2023-02-24 14:58:32 -08:00
LarsBingBong
0d5c40e059
Mark the IDP critical in the generated CRL data.
...
Trying to get CRL to work on my environment I've been reading up on [RFC5280](https://www.rfc-editor.org/rfc/rfc5280#section-5.2.5 ) ... and the IDP to be marked as `Critical`. I hope I'm correct and that my understanding on how to mark the IDP is critical.
Looking at e.g. `3470b1ec57/x509util/extensions_test.go (L48)
` makes me think so.
---
Hopefully the above change - if accepted - can get CRL's to work on my environment. If not we're at least one step closer.
2023-02-24 20:32:49 +01:00
Herman Slatman
176cf30a6f
Merge pull request #1290 from smallstep/herman/email-domain-ssh-sign-error
...
Add email address to error message returned for OIDC validation
2023-02-23 21:13:54 +01:00
Herman Slatman
59462e826c
Improve testing errors for OIDC authorizeToken
function
2023-02-23 13:43:13 +01:00
Herman Slatman
10958a124b
Add email address to error message returned for OIDC validation
2023-02-23 13:24:09 +01:00
github-actions[bot]
b02c43cf8e
Merge pull request #1280 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.12.0
...
Bump cloud.google.com/go/security from 1.11.0 to 1.12.0
2023-02-21 22:16:06 -08:00
github-actions[bot]
81b1d2ede6
Merge pull request #1279 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.4.0
...
Bump github.com/hashicorp/vault/api/auth/approle from 0.3.0 to 0.4.0
2023-02-21 21:57:12 -08:00
dependabot[bot]
e0b9f3960c
Bump cloud.google.com/go/security from 1.11.0 to 1.12.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.11.0...video/v1.12.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-22 05:49:03 +00:00
dependabot[bot]
b4f8100c72
Bump github.com/hashicorp/vault/api/auth/approle from 0.3.0 to 0.4.0
...
Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-22 05:49:03 +00:00
github-actions[bot]
ae0be0acbd
Merge pull request #1282 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.4.1
...
Bump cloud.google.com/go/longrunning from 0.4.0 to 0.4.1
2023-02-21 21:47:44 -08:00
dependabot[bot]
5f835dc808
Bump cloud.google.com/go/longrunning from 0.4.0 to 0.4.1
...
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go ) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.4.0...batch/v0.4.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-21 21:14:50 +00:00
Max
6915feaae9
Merge pull request #1287 from smallstep/max/linting-errors
...
Fix linting errors
2023-02-21 11:30:47 -08:00
max furman
7c1c32d86b
Fix linting errors
2023-02-21 11:26:33 -08:00
github-actions[bot]
8e47f05dba
Merge pull request #1283 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.6.0
...
Bump golang.org/x/crypto from 0.5.0 to 0.6.0
2023-02-21 09:20:11 -08:00
dependabot[bot]
790139d5a7
Bump golang.org/x/crypto from 0.5.0 to 0.6.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-20 16:06:45 +00:00
Carl Tashian
ca9f8dc576
Merge pull request #1278 from smallstep/policy-help
...
Clarify policy lockout error message
2023-02-17 22:07:36 -08:00
Carl Tashian
cfcc95de93
Update policy test
2023-02-16 15:58:36 -08:00
Carl Tashian
96c6613739
Clarify policy lockout error message
2023-02-16 15:56:57 -08:00
github-actions[bot]
effe729d53
Merge pull request #1267 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.53.0
...
Bump google.golang.org/grpc from 1.52.3 to 1.53.0
2023-02-15 15:44:49 -08:00
dependabot[bot]
bb068f8280
Bump google.golang.org/grpc from 1.52.3 to 1.53.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.52.3 to 1.53.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.3...v1.53.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 23:38:31 +00:00
github-actions[bot]
d59d6c414f
Merge pull request #1268 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.4.0
...
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.3.0 to 0.4.0
2023-02-15 15:36:56 -08:00
Max
25599f8ad5
Merge pull request #1255 from zyzyx03/fix-step-ca-path
...
There is an error during RA installation which shows.
2023-02-14 23:02:56 -08:00
dependabot[bot]
2f2e3dea0f
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.3.0 to 0.4.0
...
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 22:04:07 +00:00
Mariano Cano
5fbee3d3ef
Merge pull request #1275 from smallstep/net-update
...
Upgrade golang.org/x/net
2023-02-14 14:00:28 -08:00
Mariano Cano
0d80473157
Upgrade golang.org/x/net
...
When the Go client is configured with an http2.Transport we need to
upgrade x/net due to:
- net/http: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
2023-02-14 13:11:25 -08:00
github-actions[bot]
12d905be3e
Merge pull request #1270 from smallstep/dependabot/go_modules/golang.org/x/net-0.6.0
...
Bump golang.org/x/net from 0.5.0 to 0.6.0
2023-02-14 09:51:49 -08:00
dependabot[bot]
045ae52452
Bump golang.org/x/net from 0.5.0 to 0.6.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 17:36:34 +00:00
Mariano Cano
c2c246b062
Merge pull request #1265 from smallstep/check-csr-acme-da
...
Verify CSR key fingerprint with attestation certificate key
2023-02-14 09:34:48 -08:00
Max
ff7b8830fe
Merge pull request #1273 from smallstep/max/dependabot-auto-merge
...
enable auto merge for dependabot PRs
2023-02-13 22:56:50 -08:00
max furman
74e6245e90
enable auto merge for dependabot PRs
2023-02-13 17:06:00 -08:00
Mariano Cano
5ff0dde819
Remove json tag in acme.Authorization fingerprint
2023-02-10 13:58:52 -08:00
Mariano Cano
da95c44943
Fix lint issue with Go 1.20
2023-02-09 17:02:35 -08:00
Mariano Cano
6ba20209c2
Verify CSR key fingerprint with attestation certificate key
...
This commit makes sure that the attestation certificate key matches the
key used on the CSR on an ACME device attestation flow.
2023-02-09 16:48:43 -08:00