* This is a fix for a potential security issue; the old code had edge
cases with unexpected behavior.
* LEMUR_RESTRICTED_DOMAINS is no more, instead LEMUR_WHITELISTED_DOMAINS
is a list of *allowed* domain name patterns. Per discussion in PR #600
* Domain restrictions are now checked everywhere: in domain name-like
CN (common name) values and SAN DNSNames, including raw CSR requests.
* Common name values that contain a space are exempt, since they cannot
be valid domain names.
Make sure that fields specified in filter, sortBy, etc. are model fields
and may be accessed. This is fixes a potential security issue.
The filter() function allowed guessing the content of password hashes
one character at a time.
The sort() function allowed the user to call an arbitrary method of an
arbitrary model attribute, for example sortBy=id&sortDir=distinct would
produce an unexpected error.
* Adds the ability for destination plugins to be sub-classed from ExportDestination. These plugins have the extra option of specifying an export plugin before the destination receives the data. Closes#807.
* fixing tests
* Fixes for Bandit
This commit fixes a couple of issues so that Bandit can run
cleanly using medium+ severity and confidence filtering.
* Adding Lemur Bandit job to TravisCI
* Ensures that both AKI serial/issue _and_ keyid won't be included.
Validation issues crop up if both types of AKI fields are present.
* Ensure that SAN extension includes the certificate's common name
* Fix scenario where subAltNames are getting dropped when applying a template
* Ensure that SAN includes the CN
* Ensuring that getting here without a SAN extension won't break things.
* New cleaner approach
* Some bits of handling the extensions are a bit hacky, requiring access to attributes inside the objects in x509.
I think this is pretty clean though.
* lintian check
* Fixing tests
* Allow owner to be specified when syncing certs.
* Ensuring non-endpoint plugins don't fail to complete syncing.
* Adding in some additional error handling.
* Adds additional constraints to the max notification time. With an increasing number of certificates we need to limit the max notification time to reduce the number of certificates that need to be analyzed for notification eligibility.
* UI adjustments to make Key Agreement, Encipher Only, and Decipher Only relationship more user-friendly
* whitespace typo
* Issue #663 switching Encipher/Decipher Only options to be mutually exclusive and un-checkable radio buttons.
* Found a bug in the fields schema that was dropping Key Agreement bit if encipher/decipher only weren't checked
* subAltNames were getting wiped out every time a template was selected
* isCritical variables aren't presented in the UI, nor is this information used in determining to use them.
* Renaming the function so it sounds less root-specific
* Refactoring lemur_cryptography
* Adding to the certificate interface an easy way to request the subject and public_key of a certificate
* Turning the create authority functionality into a wrapper of creating a CSR in the certificate codebase and issueing that certificate in this plugin. (Dependent on https://github.com/Netflix/lemur/pull/666 changes first)
* Ensuring that intermediate certificates and signed certificates retain their chain cert data
* Handling extensions that are the responsibility of the CA
Implementing authority_key_identifier for lemur_cryptography signatures and including skeletons of handling the certificate_info_access and crl_distribution_points
* Fixing errors found with linter
* Updating plugin unit tests
* Changing this for Python3. Underlying cryptography library expects these to be bytes now.
* Updating tests to match new function names/interfaces
* Another naming update in the plugin tests
* Appears that create_csr won't like this input without an owner.
* Undoing last commit and putting it into the right place this time.
* create_csr should be good now with these options, and chain certs will be blank in tests
* This won't be blank in issue_certificate, like it will in creating an authority.
* Much cleaner
* unnecessary import
* Allowing that create_csr can be called with an additional flag in the csr_config to adjust the BasicConstraints for a CA.
* If there are no SANs, skip adding a blank list of SANs.
* Adding handling for all the extended key usage, key usage, and subject key identifier extensions.
* Fixing lint checks. I was overly verbose.
* This implements marshalling of the certificate extensions into x509 ExtensionType objects in the schema validation code.
* Will create x509 ExtensionType objects in the schema validation stage
* Allows errors parsing incoming options to bubble up to the requestor as ValidationErrors.
* Cleans up create_csr a lot in the certificates/service.py
* Makes BasicConstraints _just another extension_, rather than a hard-coded one
* Adds BasicConstraints option for path_length to the UI for creating an authority
* Removes SAN types which cannot be handled from the UI for authorities and certificates.
* Fixes Certificate() object model so that it doesn't just hard-code only SAN records in the extensions property and actually returns the extensions how you expect to see them. Since Lemur is focused on using these data in the "CSR" phase of things, extensions that don't get populated until signing will be in dict() form.* Trying out schema validation of extensions
* Aligning certificate creation between authority and certificate workflows
* Correctly missing and mis-named fields in schemas
* Re-ordering KeyUsage and ExtendedKeyUsage for consistency and clarity
* Adding client authentication to the authority options.
* Missing blank lines for pyflakes linting
* Updating tests for new fields/names/typos
* is_critical wasn't in the schema, so was getting dropped.
* isCritical in the Javascript wasn't getting assigned if it was unchecked. Now, it will be assumed false if missing.
* The display of critical or not in the list of added custom OIDs was unclear when it was just true/false with no heading. Now it will be displayed as critical or nothing instead.
* The namespace for the checkbox for isCritical was wrong, and didn't get processed with the oid/type/value variables.
* Combining Authority Key Identifier extension options in the schema.
This makes processing them in the cert/csr generation stage make more sense because they are two options in the same x.509 extension. They were already in the same part of the schema for authorities, but this makes the certificates follow the same pattern, and it allows them to share the same schema/validation layout.
* Updating schema tests to match changes
* Fixing an idiot typo
* I promise to stop using Travis as a typo-corrector soon.
* Fixing an IAM syncing issue. Were duplicates were not properly sync'd with Lemur. This resulted in a visibility gap. Even 'duplicates' need to sync'd to Lemur such that we can track rotation correctly. Failing on duplicates lead to missing those certificates and the endpoints onto which they were deployed. This commit removes the duplicate handling altogether.
* Fixing tests.
This way IDEs can verify method overrides in subclasses, otherwise these
are flagged as erroneous.
Changed base classes to properly raise NotImplementedError; previously
they would cause "TypeError: exceptions must derive from BaseException"
Also fixed exception handling in sources.service.clean().
Mostly typos, grammar errors and inconsistent indentation in code
examples.
Some errors detected using Topy (https://github.com/intgr/topy), all
changes verified by hand.
* Enabling the specification of a default authority, if no default is found then the first available authority is selected
* PEP8
* Skipping tests relying on keytool