7a7f05ec9e
Fix comments in sftp delete_files
2020-11-11 08:05:37 +01:00
252f84cf21
adding also response to upload acme token, just for future use-cases
2020-11-10 17:46:00 -08:00
ea77ef08aa
testing for delete
2020-11-10 17:45:02 -08:00
8efa682858
add delete acme token
2020-11-10 17:43:35 -08:00
31b5f3df86
Remove duplicate code for revoke_certificate
2020-11-10 18:18:45 +01:00
fba1fdcc34
Improve exception handling during http challenge
2020-11-10 18:06:19 +01:00
9ebcdfc189
Check authorization state and skip already validated challenges
2020-11-10 17:10:43 +01:00
6ffe7bc526
Check if challenges are already validated, and skip them if possible
2020-11-10 16:47:56 +01:00
960b8e78e3
Implement cleanup_acme_token for http challenge
2020-11-10 16:22:25 +01:00
99ca0ac78d
Add context fix to tests, Add regex, Flake8
2020-11-10 15:32:04 +01:00
4a181aff6e
Merge branch 'master' into feature/acme-http-challenge
2020-11-10 15:20:47 +01:00
018f4a4b77
Merge branch 'master' into bugfix/group-lookup-fix-referral
2020-11-09 14:30:01 -08:00
57208fe198
Fix group lookup when AD DNS Referal is in lookup path
...
Fix an issue when the DNS AD referal is in the path.
An Exception is raised, with the following stacktrace::
Traceback (most recent call last):
File "/www/lemur/lemur/auth/views.py", line 317, in post
user = ldap_principal.authenticate()
File "/www/lemur/lemur/auth/ldap.py", line 147, in authenticate
self._bind()
File "/www/lemur/lemur/auth/ldap.py", line 216, in _bind
self.ldap_groups.append(values["cn"][0].decode("ascii"))
TypeError: list indices must be integers or slices, not str
This is issue is trigerred by some extra rows that referrences
the DNS subtree::
['ldaps://DomainDnsZones.xxxx']
Limiting the extraction to the expected dicts fix this issue.
2020-11-09 09:40:28 +01:00
7c779d6283
regex
2020-11-06 22:41:48 -08:00
519411b309
regex
2020-11-06 22:40:55 -08:00
6fe855e824
Merge branch 'master' into expanding-S3-plugin
2020-11-05 12:12:45 -08:00
894b74f523
Merge branch 'master' into expanding-S3-plugin
2020-11-04 18:39:23 -08:00
206d010c9a
Version updates and making lint happy
2020-11-04 18:23:39 -08:00
7d2ce61303
Updating comment for application context
2020-11-04 18:04:57 -08:00
8990209411
Merge branch 'master' into ecc_changes
2020-11-04 17:00:09 -08:00
4cc0f6bb60
Stop repeating certs when sending expiration notifications to security team email
2020-11-04 10:53:27 -08:00
ab014873d0
invalid escape sequence warning for not an escape char
2020-11-03 19:33:13 -08:00
003779a112
Mock fix for DeprecationWarning: callable is None
2020-11-03 19:27:41 -08:00
dc7497e29d
Fix Working outside of application context Test Failures in dev
2020-11-03 19:05:18 -08:00
c71dbcb0a0
Fix duplicate tests
2020-11-03 09:48:25 +01:00
bc564b574d
Merge branch 'master' into feature/acme-http-challenge
2020-11-03 09:36:37 +01:00
3d64aa8d11
Fixing DeprecationWarning: callable is None: another syntax
2020-11-02 18:58:38 -08:00
86b2cfbe4a
invalid escape sequence \
2020-11-02 18:45:38 -08:00
b75bd56546
Check if ValueError assert works old way
2020-11-02 18:29:22 -08:00
6922d34825
invalid escape sequence \
2020-11-02 18:16:15 -08:00
825a001a8b
pass algorithm to jwt.decode() during login
...
api_jwt.py : pass "algorithms" argument when calling decode(). This argument will be mandatory in a future version
2020-11-02 17:37:04 -08:00
d88da028b1
Replace binary with LargeBinary
...
https://flask-appbuilder.readthedocs.io/en/latest/_modules/sqlalchemy/sql/sqltypes.html
2020-11-02 17:37:04 -08:00
d821024e35
Fixing DeprecationWarning: callable is None
2020-11-02 17:37:04 -08:00
2dac95c6fb
Replacing PassiveDefault (deprecated) with DefaultClause
2020-11-02 17:37:04 -08:00
4ffced70f8
backref cannot be set for viewonly relationship
...
will be deprecated in SQLAlchemy 1.4, and will be disallowed in a future release
2020-11-02 17:37:04 -08:00
634339eac6
replacing imp (deprecated) with importlib
2020-11-02 17:37:04 -08:00
9c6856bcdd
adjusting the tests to the better naming
2020-10-30 18:36:32 -07:00
7bca42776b
better comments
2020-10-30 18:28:34 -07:00
3dfafa0021
making lint happy
2020-10-30 18:28:10 -07:00
add0960579
more meaningful variable naming
2020-10-30 18:18:37 -07:00
e1ff89eb2d
better return arguments
2020-10-30 18:18:14 -07:00
cc2aa5c1de
cli for live testing
2020-10-30 18:17:34 -07:00
ba8eb7a3f5
better logging and metrics
2020-10-30 18:17:02 -07:00
c5769378cf
making lint happy
2020-10-30 15:21:22 -07:00
f90041353c
Merge branch 'master' into expanding-S3-plugin
2020-10-30 15:19:26 -07:00
d41daeb4af
Merge branch 'master' into ecc_changes
2020-10-30 10:55:23 -07:00
cc05d21260
Merge branch 'master' into cname_01
2020-10-29 18:59:43 -07:00
a4178ca113
fixing floating comma in CNAME PR
2020-10-29 18:52:22 -07:00
69aa98c1c8
Merge branch 'master' into ecc_changes
2020-10-29 18:05:38 -07:00
03dfbf535d
Consistent algo in UI and API
...
Removed '-' since UI displays only handful options
2020-10-29 17:59:31 -07:00
aec24ae132
Missing commit in downgrade
2020-10-29 17:58:37 -07:00
4e44dd3d8f
Check if authority options is JSON Array
2020-10-29 17:57:54 -07:00
9aa2d2af76
Merge branch 'master' into notification-plugin-field-fix
2020-10-29 14:58:43 -07:00
ccecb26816
Merge branch 'cname_01' of github.com:Netflix/lemur into cname_01
2020-10-29 14:43:14 -07:00
ca465e3c9e
updating debug string with target_domain
2020-10-29 14:42:51 -07:00
a3a02a8077
Merge branch 'master' into notification-plugin-field-fix
2020-10-29 14:32:57 -07:00
2aec317127
Merge branch 'master' into cname_01
2020-10-29 14:32:23 -07:00
86207db93b
Merge branch 'master' into certificates-for-notification-fix
2020-10-29 14:21:25 -07:00
15a7921bf4
Merge branch 'master' into cname_01
2020-10-29 14:09:48 -07:00
84f8905cf1
Hide expired certs for notifications
2020-10-29 14:07:25 -07:00
14348a1f95
Merge branch 'master' into cname_01
2020-10-29 14:01:14 -07:00
28c6f8583a
Merge branch 'master' into ses-arn-override
2020-10-29 13:52:51 -07:00
a1f99c29c0
Merge branch 'cname_01' of github.com:Netflix/lemur into cname_01
2020-10-29 13:51:58 -07:00
2b91077d92
updating variables based on feedback
2020-10-29 13:51:22 -07:00
28686fcf5d
Merge branch 'ses-arn-override' of github.com:jtschladen/lemur into ses-arn-override
2020-10-29 13:48:55 -07:00
45cc9528d2
Cleaner syntax for default region
2020-10-29 13:48:43 -07:00
78afc060ae
Add subject for SNS messages and correct date format
2020-10-29 13:41:47 -07:00
e967f2c676
Merge branch 'master' into ses-arn-override
2020-10-29 11:11:30 -07:00
2cea33cb11
Merge branch 'master' into expanding-S3-plugin
2020-10-29 11:09:00 -07:00
af348b1012
Merge branch 'master' into cname_01
2020-10-28 22:41:23 -07:00
33a006bbeb
fixing delete with optional validation
2020-10-28 22:24:37 -07:00
b47667b73e
cname redirection working
2020-10-28 20:51:35 -07:00
3e492e6310
Add ability to override SES region
2020-10-28 17:09:54 -07:00
bbfc65813d
Merge branch 'master' into ecc_changes
2020-10-28 17:00:45 -07:00
6adf94d28f
Merge branch 'master' into log_update
2020-10-28 16:52:19 -07:00
5e696f36bf
Add ability to override SourceArnn for SES
2020-10-28 16:34:31 -07:00
acc95a4b66
Fix notification view to actually show associated certs
2020-10-28 16:12:27 -07:00
c25782468b
Merge branch 'master' into log_update
2020-10-28 15:40:16 -07:00
cc69b433ca
Merge branch 'master' into notification-plugin-field-fix
2020-10-28 14:58:58 -07:00
d27f2a53af
Merge branch 'master' of github.com:Netflix/lemur into cname_01
2020-10-28 14:03:23 -07:00
95b647ee1d
Merge branch 'master' into ecc_changes
2020-10-28 13:54:14 -07:00
84d30b5d50
Merge branch 'master' into issuer-retry
2020-10-28 13:21:10 -07:00
13e8421c78
Merge branch 'master' into notification-plugin-field-fix
2020-10-28 08:50:46 -07:00
16ce7970d0
Merge branch 'master' into sns
2020-10-28 08:50:09 -07:00
a9d3b7a676
Merge branch 'master' into issuer-retry
2020-10-28 08:48:29 -07:00
23e1700fad
flake8
2020-10-28 13:47:57 +01:00
794e4d3855
Revert log to debug to be safe
2020-10-27 17:36:01 -07:00
c6a8034890
language
2020-10-27 16:13:05 -07:00
10aa02fd85
more compact design, thanks to Chad for the feedback
2020-10-27 14:42:51 -07:00
54c2245115
comments
2020-10-27 12:47:35 -07:00
d59a558d58
adopting ilike and not relying on ==
...
reducing redundancy
2020-10-27 12:44:38 -07:00
Emmanuel Garette
e9824a6808
change the log level to info if upgrade is successful
2020-10-27 20:38:18 +01:00
Emmanuel Garette
79647e3372
add reference to LOG_UPGRADE_FILE in toplevel comment
2020-10-27 20:38:18 +01:00
20b8c2fd93
PR feedback
2020-10-27 08:56:43 -07:00
ccf87986c0
Add store_account to AcmeDnsIssuer
2020-10-27 12:15:07 +01:00
96fbcdaf70
Fix test_finalize_authorizations, dont reuse cleanup_dns_challenges in finalize_authorizations
2020-10-27 11:27:44 +01:00
103e107668
Fix patches for test_create_certificate
2020-10-27 11:16:29 +01:00
82bf8e2ac6
Remove unnecessary code from dnsChallenge, Fix patches in dns tests
2020-10-27 11:09:30 +01:00
2d98e71977
Replace deprecated assertRaisesRegexp with assertRaisesRegex
2020-10-27 10:44:04 +01:00
30c10b93f8
Fix patches for acme_handler tests
2020-10-27 10:37:30 +01:00
3b20a47603
Fix patches for acme_http tests, apparently isinstance is considered evil in python
2020-10-27 10:37:30 +01:00
4464c5890d
Flake8
2020-10-27 10:37:30 +01:00
812e1dee92
Refactor Acme plugin into AcmeChallenge objects, dns01
2020-10-27 10:37:27 +01:00
b91cebf245
Refactor Acme plugin into AcmeChallenge objects, http01
2020-10-27 10:36:06 +01:00
6c1be02bfa
Remove destination_list from AcmeHttpIssuer
2020-10-27 10:28:34 +01:00
ef0fce2661
Set timeout for finalize to 90s
2020-10-27 10:28:34 +01:00
235653b558
Refactor destination selection for acme-http authorities, to load destinations dynamically
2020-10-27 10:28:34 +01:00
81b078604c
Implement revoke certificate for ACME
2020-10-27 10:28:34 +01:00
215070b327
Fix create_certificate tests
2020-10-27 10:28:34 +01:00
41ea59d7e3
Remove unneeded polling
2020-10-27 10:28:33 +01:00
d24fae0bac
Fix permissions on acme token upload, dont append well-known automatically
2020-10-27 10:28:33 +01:00
66cab6abd3
Make http-01 challenge work for SAN certificates
2020-10-27 10:28:33 +01:00
e3e5ef7d66
Refactor AcmeHandler, Move DNS stuff into AcmeDnsHandler
2020-10-27 10:28:33 +01:00
76dcfbd528
Add more tests
2020-10-27 10:28:33 +01:00
d6719b729c
Implement some test for AcmeHttpIssuerPlugin
2020-10-27 10:28:33 +01:00
b2de986652
Split tests into handler, and dns specifics
2020-10-27 10:28:30 +01:00
b93d271f31
Fix flake8
2020-10-27 10:25:31 +01:00
e06bdcf2a3
Implement create_certificate for HTTP-01 challenge
2020-10-27 10:25:31 +01:00
3012995c76
Improve naming, make it possible to create directories recursively with SFTP
2020-10-27 10:25:31 +01:00
348d8477dd
Refactor destination plugin, to allow upload of ACME http-challenge tokens
2020-10-27 10:25:31 +01:00
d00dd9d295
Initial structure for ACME http challenge
2020-10-27 10:25:31 +01:00
3b258447db
addressing Chad's feedbakc
2020-10-26 19:16:40 -07:00
1ef6139f9b
ignore rotated certs, since there is a new cert that can be used
2020-10-26 18:34:21 -07:00
6a1b4b4857
ignore expired certs
2020-10-26 18:33:33 -07:00
709a9808aa
better structure of the query and and removing ilike
2020-10-26 18:32:53 -07:00
392725ff30
Add description check in reissue unit test
2020-10-26 15:33:20 -07:00
749aa772ba
First change to get CNAME redirection working
2020-10-26 11:57:33 -07:00
3f765b51ef
Fix sources and destinations, and allow actually updating the notification type
2020-10-26 11:27:40 -07:00
6723e3c80d
now fixing the month to minute bug
2020-10-26 11:27:40 -07:00
3290d6634b
fixing testing
2020-10-26 11:27:40 -07:00
fa62023b2d
fixing the time bug, sub-second to second, and month to minute!
2020-10-26 11:27:40 -07:00
Emmanuel Garette
d7478a5c5c
use an alternative logger for the upgrade
2020-10-25 19:24:17 +01:00
f6554a9a1e
typo, fixing abstract class complaints
2020-10-23 18:03:55 -07:00
0e02abbb37
Entrust just looks into CSR for RSA/EC key type
2020-10-23 18:03:27 -07:00
9957120a7f
adding missing import
2020-10-23 18:03:07 -07:00
7e573d6d51
fixing typo
2020-10-23 18:02:54 -07:00
6891077501
readability
2020-10-23 18:02:35 -07:00
75bc3a5b20
refactoring and adding retry
2020-10-23 18:02:05 -07:00
d233490c8a
simple retry
2020-10-23 18:01:14 -07:00
2c1e7b19a2
10x 10s delay might be too long for the load balancer request
2020-10-23 17:59:58 -07:00
2c22d42a57
Modify description during reissue
...
Include the certificate ID being reissued and mention that this is created by Lemur as part of reissue
2020-10-23 17:07:14 -07:00
3d83db6f8f
Merge branch 'master' into expanding-S3-plugin
2020-10-23 14:13:30 -07:00
30915d30be
Merge branch 'master' into log_update
2020-10-23 14:13:17 -07:00
01bd357b1c
Merge branch 'master' into sns
2020-10-23 11:38:35 -07:00
1495fb3595
now fixing the month to minute bug
2020-10-23 10:18:24 -07:00
bc6fb02fc2
fixing testing
2020-10-23 10:16:38 -07:00
e01863097b
fixing the time bug, sub-second to second, and month to minute!
2020-10-23 10:16:23 -07:00
a5cea4fb9a
Skip revoked certs when looking for certs to notify
2020-10-23 09:42:03 -07:00
233f9768e8
Fix error handling
2020-10-23 09:35:46 -07:00
98962ae5f5
Merge branch 'master' into sns
2020-10-23 08:50:26 -07:00
Mathias Petermann
Hossein Shafagh
Frederic Brin
charhate
sayali
Jasmine Schladen
Chad S
csine-nflx
Emmanuel Garette