Commit Graph

223 Commits

Author SHA1 Message Date
Rick Breidenstein
e86954e8ea Destination Plugin/Lemur_linuxdst (#736)
* Added lemur_linuxdst

* Revert "Added lemur_linuxdst"

This reverts commit 010c19bd1937320189ee5a0660f9e356221121f3.

* added plugin\lemur_linuxdst

Destination plugin for a target linux host

* Update remote_host.py

* Update plugin.py

* Update remote_host.py

* Update plugin.py

* Update plugin.py

* chaning var and funct names

* Write data with local temp

* .

* .

* typo

* tested plugin successfully

* Update plugin.py

* Update remote_host.py

* removed whitespace

* set permissions on exported keys to 600

sftp.chmod(dst_dir_cn + '/' + dst_file, (stat.S_IRUSR))

* Update plugin.py

* Update remote_host.py

* Update plugin.py

* added 'paramiko==2.1.2'

required for lemur_linuxdst plugin

* data stored in clear text at rest

* Update plugin.py

* Update plugin.py

* Update remote_host.py
2017-04-27 09:19:49 -07:00
Paul Van de Vreede
604cd60dbe Return correct intermediate certificate on digicert creation. (#762)
This commit also removes the unused DIGICERT_INTERMEDIATE env
var as it is not used.
2017-04-27 09:14:20 -07:00
Travis McPeak
bc66ede9aa Fixing Bandit findings and adding travis Bandit job (#759)
* Fixes for Bandit

This commit fixes a couple of issues so that Bandit can run
cleanly using medium+ severity and confidence filtering.

* Adding Lemur Bandit job to TravisCI
2017-04-24 18:37:03 -07:00
Doppins
9c69c6d129 [Doppins] Upgrade dependency marshmallow-sqlalchemy to ==0.13.1 (#719)
* Upgrade dependency marshmallow-sqlalchemy to ==0.13.0

* Upgrade dependency marshmallow-sqlalchemy to ==0.13.1
2017-04-08 12:43:51 -07:00
Doppins
ea1e9cb4c6 Upgrade dependency psycopg2 to ==2.7.1 (#721) 2017-04-08 12:34:17 -07:00
Doppins
dac7a77afb Upgrade dependency gunicorn to ==19.7.1 (#733) 2017-04-08 12:33:57 -07:00
Doppins
9b21197fec Upgrade dependency SQLAlchemy-Utils to ==0.32.14 (#745) 2017-04-08 12:33:46 -07:00
Doppins
e4255649c0 Upgrade dependency acme to ==0.13.0 (#746) 2017-04-08 12:33:28 -07:00
Doppins
e092606181 Upgrade dependency marshmallow to ==2.13.4 (#732) 2017-03-20 09:08:26 -07:00
Doppins
d9f2faa462 Upgrade dependency pytest to ==3.0.7 (#727) 2017-03-14 15:06:54 -07:00
Doppins
574fed2618 Upgrade dependency marshmallow to ==2.13.3 (#717) 2017-03-11 11:07:17 -08:00
Doppins
d94e3113ff Upgrade dependency marshmallow to ==2.13.2 (#716) 2017-03-10 09:08:34 -08:00
Doppins
038beafb5e Upgrade dependency gunicorn to ==19.7.0 (#709) 2017-03-04 18:28:35 -08:00
Doppins
14923f8c07 Upgrade dependency marshmallow to ==2.13.1 (#710) 2017-03-04 18:28:24 -08:00
kevgliss
d53f64890c Adding max notification constraint. (#704)
* Adds additional constraints to the max notification time. With an increasing number of certificates we need to limit the max notification time to reduce the number of certificates that need to be analyzed for notification eligibility.
2017-03-03 12:59:16 -08:00
Doppins
4c11ac9a42 [Doppins] Upgrade dependency acme to ==0.11.1 (#647)
* Upgrade dependency acme to ==0.10.0

* Upgrade dependency acme to ==0.10.1

* Upgrade dependency acme to ==0.10.2

* Upgrade dependency acme to ==0.11.0

* Upgrade dependency acme to ==0.11.1
2017-02-16 13:24:28 -08:00
Doppins
b7833d8e09 Upgrade dependency Flask-Migrate to ==2.0.3 (#682) 2017-01-31 09:15:52 -08:00
Doppins
3fd39fb823 Upgrade dependency marshmallow to ==2.12.2 (#683) 2017-01-31 09:15:40 -08:00
Doppins
b1723b4985 [Doppins] Upgrade dependency marshmallow to ==2.12.1 (#672)
* Upgrade dependency marshmallow to ==2.12.0

* Upgrade dependency marshmallow to ==2.12.1
2017-01-24 13:46:37 -08:00
Doppins
6bf7d56d51 Upgrade dependency moto to ==0.4.31 (#673) 2017-01-24 13:46:14 -08:00
Doppins
9751cbbf83 Upgrade dependency pytest to ==3.0.6 (#671) 2017-01-22 18:03:22 -08:00
Doppins
8fa5ffa007 Upgrade dependency boto3 to ==1.4.4 (#670) 2017-01-20 13:10:01 -08:00
Doppins
4cfb5752b2 Upgrade dependency marshmallow to ==2.11.1 (#644) 2017-01-08 14:52:28 -08:00
Doppins
0d7b2d9f44 Upgrade dependency Flask to ==0.12 (#639) 2017-01-08 10:53:02 -08:00
Doppins
08ebc4cd59 Upgrade dependency marshmallow-sqlalchemy to ==0.12.1 (#640) 2017-01-08 10:50:37 -08:00
Doppins
85ae9712e3 Upgrade dependency marshmallow to ==2.11.0 (#642) 2017-01-08 10:49:41 -08:00
kevgliss
edc0116a3a urllib3 still failing. (#625) 2016-12-21 11:01:09 -08:00
Doppins
c1b2c3689c [Doppins] Upgrade dependency requests to ==2.12.4 (#543)
* Upgrade dependency requests to ==2.12.2

* Upgrade dependency requests to ==2.12.3

* Upgrade dependency requests to ==2.12.4
2016-12-21 10:06:30 -08:00
Doppins
6746cc33a0 Upgrade dependency factory-boy to ==2.8.1 (#616) 2016-12-21 10:01:46 -08:00
Doppins
fccb8148d5 Upgrade dependency marshmallow to ==2.10.5 (#615) 2016-12-21 07:19:32 -08:00
Doppins
3a4ebbf92c Upgrade dependency SQLAlchemy-Utils to ==0.32.12 (#614) 2016-12-21 07:19:10 -08:00
Doppins
48735e685c Upgrade dependency boto3 to ==1.4.3 (#623) 2016-12-20 18:28:07 -08:00
kevgliss
51c7216b70 Fixing configuration value. (#610)
* Fixing and configuration value.

* Pinning fake factory.
2016-12-18 18:21:12 -08:00
Doppins
f7fdf7902d Upgrade dependency boto to ==2.45.0 (#601) 2016-12-14 16:53:47 -08:00
Doppins
5dc0fa91e8 Upgrade dependency boto3 to ==1.4.2 (#550) 2016-12-13 09:53:49 -08:00
Doppins
a5c47e4fdc Upgrade dependency Flask-Migrate to ==2.0.2 (#582) 2016-12-12 10:42:57 -08:00
Doppins
9581278481 Upgrade dependency cryptography to ==1.7 (#583) 2016-12-12 10:42:45 -08:00
Doppins
25faf05807 Upgrade dependency boto to ==2.44.0 (#578) 2016-12-08 17:31:53 -08:00
Doppins
eee534a161 Upgrade dependency pytest to ==3.0.5 (#559) 2016-12-05 10:54:54 -08:00
Doppins
bd2abdf45f Upgrade dependency arrow to ==0.10.0 (#541) 2016-11-30 15:07:36 -08:00
kevgliss
058d2938fb migrating off of openssl (#539) 2016-11-29 11:30:44 -08:00
kevgliss
3db3214cbe installing the digicert CIS plugin (#537) 2016-11-29 10:02:40 -08:00
kevgliss
bfc80f982c minor fixes and downgrading requests (#535) 2016-11-28 16:50:26 -08:00
Doppins
734233257c Upgrade dependency arrow to ==0.9.0 (#529) 2016-11-27 15:27:12 -08:00
kevgliss
06a920502c Updating readme with supported python verisions (#524) 2016-11-22 17:09:21 -08:00
kevgliss
9d03e75d9b tweaking a few things to support the new marshmallow (#522) 2016-11-22 15:14:19 -08:00
Doppins
0158807847 Upgrade dependency cryptography to ==1.6 (#521) 2016-11-21 21:38:42 -08:00
kevgliss
12ae0a587d teaking the way exceptions are handled (#519) 2016-11-21 15:26:17 -08:00
kevgliss
b3aa057d58 Upgrade deps. (#517) 2016-11-21 14:29:20 -08:00
kevgliss
dd6d332166 Removing python2 compatibility. (#518) 2016-11-21 14:03:04 -08:00
kevgliss
b0eef03c73 adding python 3.5 as a target (#481)
* adding python 3.5 as a target

* adding env flag
2016-11-08 15:22:50 -08:00
kevgliss
aa979e31fd Digicert plugin (#478)
* Initial work on digicert plugin.

* Adding certificate pickup, to digicert plugin.

* Removing and rotating test api key.
2016-11-07 14:40:00 -08:00
kevgliss
1ac1a44e83 San alt name (#468) 2016-10-31 11:00:15 -07:00
Charles Hendrie
cd9c112218 Implement a CFSSL issuer plugin (#452)
* Implement CFSSL issuer plugin

Implement a Lemur plugin for generating certificates from the open
source certificate authority CFSSL
(https://github.com/cloudflare/cfssl). The plugin interacts with CFSSL
through the CFSSL REST API. The CFSSL configuration is defined in the
lemur.conf.py property file using property names prefixed with "CFSSL_".

* Update documentation to include CFSSL plugin
2016-10-22 00:52:18 -07:00
kevgliss
dcb18a57c4 Adds option to restrict certificate expiration dates to weekdays. (#453)
* Adding ability to restrict certificate creation to weekdays.

* Ensuring that we test for weekends.
2016-10-15 00:04:35 -07:00
Charles Hendrie
5cbf5365c5 Active S3 destination plugin (#433)
* Activate the AWS S3 destination plugin

Add the AWS S3 destination plugin to the list of available Lemur
plugins.

Update the S3 destination plugin's "accountNumber" option to be of type
'str' to handle account numbers starting with zeros.

Update Lemur's utils for parsing certificates to correctly encode the
X509 certificates before loading for python3.

* Add S3 destination plugin test

Added simple test to verify S3 destination plugin is available.
2016-10-08 17:06:20 -07:00
kevgliss
7e6278684c Python3 (#416)
* Fixing issue where decrypted credentials were not returning valid strings.
2016-08-26 16:02:23 -07:00
kevgliss
2d7a6ccf3c Owner email (#414)
* Ensuring python2 works with unicode strings.

* adding in owner DN

* fixing tests

* Upgrading requests.

* Fixing tests.
2016-08-25 10:09:46 -07:00
kevgliss
a644f45625 Adding some simplified reporting. (#403)
* Adding issuance report.

* Fixing whitespace.
2016-07-27 12:41:32 -07:00
kevgliss
f38868a97f Fixing various problems with the syncing of endpoints, throttling sta… (#398)
* Fixing various problems with the syncing of endpoints, throttling stale endpoints etc.
2016-07-12 08:40:49 -07:00
kevgliss
54b888bb08 Adding a toy certificate authority. (#378) 2016-06-29 09:05:39 -07:00
kevgliss
c8447dea3d Fixing a few issues with startup. (#374) 2016-06-28 14:28:05 -07:00
kevgliss
5021e8ba91 Adding ACME Support (#178) 2016-06-27 15:57:53 -07:00
kevgliss
fe9703dd94 Closes #284 (#336) 2016-06-27 14:40:46 -07:00
mik373
b44a7c73d8 Kubernetes desination plugin (#357)
* Kubernetes desination plugin

* fixing build warnings

* fixing build warnings
2016-06-27 14:40:01 -07:00
kevgliss
81a6228028 Updating requirements.txt 2016-06-23 09:20:35 -07:00
kevgliss
a0c8765588 Various bug fixes. (#314) 2016-05-12 12:38:44 -07:00
Harm Weites
776e0fcd11 Slack plugin for notifications (#305) 2016-05-08 09:07:16 -07:00
kevgliss
52f44c3ea6 Closes #278 and #199, Starting transition to marshmallow (#299)
* Closes #278  and #199, Starting transition to marshmallow
2016-05-05 12:52:08 -07:00
kevgliss
62d03b0d41 Closes #216 2016-04-01 16:54:33 -07:00
kevgliss
028d86c0bb Adding a new flag to export plugins 'requires_key' that specifies whether the export plugin needs access to the private key. Defaults to True. 2016-01-29 12:45:18 -08:00
kevgliss
4a952d867b reverting depedency 2016-01-04 13:58:12 -08:00
kevgliss
1bce7a832b Fixing setup.py 2016-01-04 11:46:07 -08:00
kevgliss
42e5470dd0 updating dependencies 2016-01-04 10:36:39 -08:00
kevgliss
b8c2d42cad Closes #176 2015-12-17 14:52:20 -08:00
kevgliss
95e2636f23 Updating docs 2015-12-01 09:15:53 -08:00
kevgliss
3651cce542 adding automatic versioning 2015-11-30 10:43:41 -08:00
kevgliss
9e0b9d9dda Merge pull request #154 from kevgliss/125-output-plugins
Initial work on #125
2015-11-30 10:31:25 -08:00
kevgliss
f56c6f2836 Downgrading req to pass tests. 2015-11-30 10:10:50 -08:00
kevgliss
920d595c12 Initial work on #125 2015-11-25 14:54:08 -08:00
requires.io
c4abc59673 [requires.io] dependency update 2015-11-25 14:18:00 -08:00
kevgliss
0600481a67 Updating requirements 2015-11-23 15:41:11 -08:00
kevgliss
9a316ae1a9 Updating requirements 2015-11-23 10:23:23 -08:00
kevgliss
cafecd1e19 Version bump and needed documentation. 2015-10-24 11:18:27 -07:00
Patrick Kelley
78819c1733 Updating cryptography to 1.0.2 for el capitan 2015-10-21 18:45:50 -07:00
kevgliss
5f87c87751 version bump 2015-09-28 14:54:58 -07:00
Eric Mill
b103fc7bfb Rename SSL to TLS 2015-09-21 18:16:04 -04:00
kevgliss
fc0a884d5f Cleaning up unneed/unused files 2015-09-20 09:49:16 -07:00
kevgliss
1d45926122 fixing typo 2015-09-19 10:24:56 -07:00
kevgliss
d7ca6d4327 More documentation fixes 2015-09-19 10:12:12 -07:00
kevgliss
ef72de89b3 Minor fixes 2015-09-18 15:50:59 -07:00
kevgliss
d3cf273a45 Merge pull request #72 from kevgliss/docker
[WIP] Docker
2015-09-11 15:36:25 -07:00
kevgliss
bf957d2509 moving to hotfix version of cryptography 2015-09-11 08:19:35 -07:00
kevgliss
2f4aee49e2 adding logging 2015-09-08 10:56:23 -07:00
kevgliss
084604cf3c fixing setup.py 2015-09-07 21:54:23 -07:00
kevgliss
fe7b075f7b rely on stable version of cryptography instead of dev 2015-09-02 09:19:06 -07:00
kevgliss
90e49613f9 develop doesn't need to build the static files, the make develop will do that 2015-08-11 16:21:00 -07:00
kevgliss
d3ff79d800 Getting correct path to readme so that it doesn't matter where setup.py is run from 2015-08-11 15:46:54 -07:00
kevgliss
b488c349e8 Look for compiled static files, to see if they need to be created 2015-08-11 14:53:28 -07:00
kevgliss
fc68552d0f Making Lemur py3 compatible 2015-08-03 21:07:28 -07:00
kevgliss
7d169f7c4c Fixing up some of the sync related code 2015-08-03 13:51:27 -07:00
kevgliss
e7e6a99ff4 Adding more source syncing logic 2015-08-01 18:31:38 -07:00
kevgliss
327a00bec6 Cryptography is weird until they do a release 2015-07-29 22:01:30 -07:00
kevgliss
c4b53b22da Fixing dep 2015-07-29 21:57:44 -07:00
kevgliss
2e1abdd2f1 Fixing tests and pinning versions 2015-07-29 21:54:29 -07:00
kevgliss
1e748a64d7 Initial support for notification plugins closes #8, closes #9, closes #7, closes #4, closes #16 2015-07-29 17:13:06 -07:00
kevgliss
7d8cac6605 Adding support for SMTP emails 2015-07-23 13:46:54 -07:00
kevgliss
3adae27a87 Fixing pinning 2015-07-23 13:01:45 -07:00
kevgliss
d51517268a Trying to pin test requirements to fix weird testing issue 2015-07-23 12:47:43 -07:00
kevgliss
66df3d4291 Moving the temporary asset to the makefile instead of setup.py 2015-07-23 12:16:56 -07:00
kevgliss
9bc292c107 Trying to get dep links to be recognized 2015-07-23 10:34:47 -07:00
kevgliss
66a4212d2a Specifying dev version of cryptography to get support for CSR building 2015-07-23 10:22:16 -07:00
kevgliss
9c0f2917ad Merge branch 'master' into ci
* master:
  Fixed issue where hardcoded localhost:port combination existed in Javascript, added another step to setup.py 'package' that removes such instances and creates a more agnostic javascript blob.
  Fixing issue where nginx was not sending the right mimetype for CSS files.

Conflicts:
	gulp/build.js
2015-07-20 16:53:58 -07:00
kevgliss
c89dff7994 Getting travisCI setup 2015-07-20 16:13:42 -07:00
kevgliss
5ce3f9427b Fixed issue where hardcoded localhost:port combination existed in Javascript, added another step to setup.py 'package' that removes
such instances and creates a more agnostic javascript blob.
2015-07-19 19:04:42 -07:00
kevgliss
76049b4ff1 Fixing how we feed a list of destinations to be saved. 2015-07-10 17:02:23 -07:00
kevgliss
8239aa55e1 fixing conflicts 2015-07-07 16:26:37 -07:00
kevgliss
82c4be29a4 fixing merge conflict 2015-07-07 15:36:39 -07:00
kevgliss
c59bf3f257 Fixing tests 2015-07-06 10:53:12 -07:00
kevgliss
3f49bb95ff Starting to move to new plugin architecture. 2015-07-04 12:47:57 -07:00
Kevin Glisson
39ad270dad Adding in some initial tests 2015-07-02 15:48:54 -07:00
Kevin Glisson
5111f055fa Adding in some initial tests 2015-06-24 16:48:40 -07:00
Kevin Glisson
4330ac9c05 initial commit 2015-06-22 13:47:27 -07:00