5a4806bc43
Allowing description to be optional. ( #826 )
2017-06-01 17:09:04 -07:00
07969f7e10
Ensuring IPAddresses and IPNetworks are correctly serialized. ( #818 )
2017-05-26 10:48:26 -07:00
3141b47fba
Catch OAuth providers that want the params sent as data ( #800 )
2017-05-25 10:21:29 -07:00
21d48b32c9
Fixing an issue with uploading to cloudfront. ( #815 )
2017-05-25 10:10:12 -07:00
11bd42af82
Correct status code for basic-auth ( #813 )
...
* ensuring those using basic auth recieve a correct status code when their password is incorrect
* Fixing oauth status codes
2017-05-23 09:48:31 -07:00
f6b5012f56
Add Check of DB connections on healthcheck URL ( #812 )
2017-05-22 17:15:41 -07:00
f9b388c658
Modifying the was s3 uploading works. ( #810 )
...
* Modiying the was s3 uploading works.
* Fixing pep8
2017-05-20 12:07:44 -07:00
4093f4669a
Switching remaining uses of boto to boto3. ( #809 )
2017-05-20 11:09:55 -07:00
9594f2cd8d
Upgrading moto and fixing test that break due to deprecation. ( #808 )
...
* Upgrading moto and fixing test that break due to deprecation.
* Adding region.
2017-05-20 10:40:22 -07:00
380203eb53
Adding the ability to upload to cloudfront via the 'path' parameter. Cloudfront destinations must be created separately. ( #805 )
...
Closes #277
2017-05-18 13:49:17 -07:00
307a73c752
Fixing some confusion between 401 vs 403 error code. 401 indicates that the user should attempt to authenticate again. Where as 403 indicates the user is authenticated but not allowed to complete an action. ( #804 )
...
Closes #767
2017-05-18 13:20:17 -07:00
3050aca3e6
Minor fixes to the domains UI. ( #798 )
...
* Fixes checkbox input.
* Fixes notification message.
2017-05-15 19:14:12 -07:00
8c41c6785d
Fixes issue where domains without any associated certificates are not searchable. ( #797 )
2017-05-15 19:07:32 -07:00
092ce0f9d8
Closes #792 . ( #796 )
2017-05-15 19:07:16 -07:00
914de78576
Adds migration to fix keys on unique index. Closes #743 . ( #785 )
2017-05-10 12:13:42 -07:00
ecf00fe9d6
Splitting out the default date issuance logic for CIS and CC. CIS assumes years is converted to validity_end while CC prefers validity_years over validity_end. ( #784 )
2017-05-10 12:05:03 -07:00
c71b3a319d
Log the audit logs ( #781 )
2017-05-08 09:43:26 -07:00
767147aef1
Check for unknown as status is no longer represented as a boolean ( #780 )
2017-05-08 09:43:19 -07:00
ce5a45037a
Fix for status representation in the view ( #778 )
2017-05-05 11:04:40 -07:00
9c9ca37586
Enabling hex serial numbers without breaking backward compatibility. ( #779 )
...
* Enabling hex serial numbers without breaking backward compatibility.
* Fixing tests.
2017-05-05 11:04:09 -07:00
5c41dafc97
fix unit and interval transposition in schemas.py ( #752 ) ( #774 )
2017-04-30 12:23:34 -07:00
989e3733a2
Add docker setup for running tests on a docker enabled dev environment. ( #771 )
2017-04-28 09:28:06 -07:00
fbc24ea400
There is an issue when iterating over extensions where certificates might not have been issued in adherence with basic constraints. Here we log these errors instead of failing out right. ( #770 )
2017-04-27 17:45:34 -07:00
4905020e77
ensuring stdout has a default log level ( #766 )
2017-04-27 10:11:47 -07:00
75787d20bc
ensuring that lemur's default user has a valid email ( #765 )
2017-04-27 09:53:35 -07:00
ca9f120988
fixing some pep8 issues ( #764 )
2017-04-27 09:44:39 -07:00
e86954e8ea
Destination Plugin/Lemur_linuxdst ( #736 )
...
* Added lemur_linuxdst
* Revert "Added lemur_linuxdst"
This reverts commit 010c19bd1937320189ee5a0660f9e356221121f3.
* added plugin\lemur_linuxdst
Destination plugin for a target linux host
* Update remote_host.py
* Update plugin.py
* Update remote_host.py
* Update plugin.py
* Update plugin.py
* chaning var and funct names
* Write data with local temp
* .
* .
* typo
* tested plugin successfully
* Update plugin.py
* Update remote_host.py
* removed whitespace
* set permissions on exported keys to 600
sftp.chmod(dst_dir_cn + '/' + dst_file, (stat.S_IRUSR))
* Update plugin.py
* Update remote_host.py
* Update plugin.py
* added 'paramiko==2.1.2'
required for lemur_linuxdst plugin
* data stored in clear text at rest
* Update plugin.py
* Update plugin.py
* Update remote_host.py
2017-04-27 09:19:49 -07:00
604cd60dbe
Return correct intermediate certificate on digicert creation. ( #762 )
...
This commit also removes the unused DIGICERT_INTERMEDIATE env
var as it is not used.
2017-04-27 09:14:20 -07:00
05f4ae8e58
Hexify cert serial ( #763 )
...
* Hexify serial at the serialization layer
* Fix for flakey test. Change test to test for uppercased string
2017-04-27 09:13:04 -07:00
88ac783fd2
PEP8 Fixes ( #760 )
2017-04-25 09:23:18 -07:00
bc66ede9aa
Fixing Bandit findings and adding travis Bandit job ( #759 )
...
* Fixes for Bandit
This commit fixes a couple of issues so that Bandit can run
cleanly using medium+ severity and confidence filtering.
* Adding Lemur Bandit job to TravisCI
2017-04-24 18:37:03 -07:00
1c295896e6
Add test for when there are no notifications on a certificate ( #757 )
2017-04-24 09:04:49 -07:00
01aa372e59
Version bump. ( #751 )
2017-04-08 13:23:48 -07:00
81aff42e03
Removing this exception handling, that error should be caught above. ( #749 )
2017-04-07 16:01:40 -07:00
7f019583f2
Don’t set ‘custom_expiration_date’ if validity years is set in the UI. ( #742 )
...
* Don’t set ‘custom_expiration_date’ if validity years is set in the UI.
* Use single quotes instead of double quotes.
2017-04-04 17:11:17 -07:00
f91ae5b319
Fixes bug where authority status was not set correctly. ( #739 )
2017-03-29 10:10:51 -07:00
f0dde845db
Adding ability to exclude certificates from expiration ( #730 )
...
* adding ability to exclude certificates from expiration
* fixing tests
2017-03-15 11:25:19 -07:00
b0ea027769
Underscores should not be in hostnames ( #728 )
2017-03-15 08:41:06 -07:00
8762e1c5ae
Issue #703 bugfix ( #711 )
...
* Ensures that both AKI serial/issue _and_ keyid won't be included.
Validation issues crop up if both types of AKI fields are present.
* Ensure that SAN extension includes the certificate's common name
* Fix scenario where subAltNames are getting dropped when applying a template
* Ensure that SAN includes the CN
* Ensuring that getting here without a SAN extension won't break things.
* New cleaner approach
* Some bits of handling the extensions are a bit hacky, requiring access to attributes inside the objects in x509.
I think this is pretty clean though.
* lintian check
* Fixing tests
2017-03-10 09:09:18 -08:00
3c5b2618c0
Rely on the lemur generating the correct name for rotated certificates. ( #714 )
...
* Rely on the lemur generating the correct name for rotated certificates.
* Fixing tests.
2017-03-09 13:09:20 -08:00
602c5580d3
Only validates values if present in options. Fixing authority test to parse plugin information. ( #713 )
2017-03-06 20:38:04 -08:00
b715687617
Ensuring that we don't fail cleaning if it doesn't exist. ( #708 )
2017-03-03 16:03:52 -08:00
c46fa5d69c
Ensures the rotation has a value during migration. ( #707 )
2017-03-03 15:16:25 -08:00
310e1d4501
Adds support for filtering by UI. Closes #702 . ( #706 )
2017-03-03 15:07:26 -08:00
fc957b63ff
Source syncing tweaks. ( #705 )
...
* Allow owner to be specified when syncing certs.
* Ensuring non-endpoint plugins don't fail to complete syncing.
* Adding in some additional error handling.
2017-03-03 14:53:56 -08:00
d53f64890c
Adding max notification constraint. ( #704 )
...
* Adds additional constraints to the max notification time. With an increasing number of certificates we need to limit the max notification time to reduce the number of certificates that need to be analyzed for notification eligibility.
2017-03-03 12:59:16 -08:00
5f5583e2cb
UI adjustments for mutually exclusive (radio button version) encipher/decipher-only Key Usage #664 ( #692 )
...
* UI adjustments to make Key Agreement, Encipher Only, and Decipher Only relationship more user-friendly
* whitespace typo
* Issue #663 switching Encipher/Decipher Only options to be mutually exclusive and un-checkable radio buttons.
* Found a bug in the fields schema that was dropping Key Agreement bit if encipher/decipher only weren't checked
2017-02-16 13:26:56 -08:00
cf6ad94509
Adjusting the way that certificates are requested. ( #643 )
...
* Adjusting the way that certificates are requested.
* Fixing tests.
2017-02-16 13:24:05 -08:00
08bb9c73a0
allow attributes to be excluded from a cert subject ( #690 )
...
* allow more flexibility in cert subject name
* clean up logic/remove unnecessary code
2017-02-16 13:21:52 -08:00
8e49194764
Issue 688 cert templates ( #689 )
...
* subAltNames were getting wiped out every time a template was selected
* isCritical variables aren't presented in the UI, nor is this information used in determining to use them.
2017-02-10 12:43:41 -08:00
