Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,611 Commits 4 Branches 45 Tags 7.5 MiB
8965cf1af5
Commit Graph

1803 Commits

Author SHA1 Message Date
Mathias Petermann
4a181aff6e Merge branch 'master' into feature/acme-http-challenge 2020-11-10 15:20:47 +01:00
Hossein Shafagh
018f4a4b77
Merge branch 'master' into bugfix/group-lookup-fix-referral 2020-11-09 14:30:01 -08:00
Frederic Brin
57208fe198 Fix group lookup when AD DNS Referal is in lookup path 
Fix an issue when the DNS AD referal is in the path.
An Exception is raised, with the following stacktrace::

  Traceback (most recent call last):
    File "/www/lemur/lemur/auth/views.py", line 317, in post
      user = ldap_principal.authenticate()
    File "/www/lemur/lemur/auth/ldap.py", line 147, in authenticate
      self._bind()
    File "/www/lemur/lemur/auth/ldap.py", line 216, in _bind
      self.ldap_groups.append(values["cn"][0].decode("ascii"))
  TypeError: list indices must be integers or slices, not str

This is issue is trigerred by some extra rows that referrences
the DNS subtree::

   ['ldaps://DomainDnsZones.xxxx']

Limiting the extraction to the expected dicts fix this issue.
 2020-11-09 09:40:28 +01:00
Hossein Shafagh
7c779d6283
regex 2020-11-06 22:41:48 -08:00
Hossein Shafagh
519411b309
regex 2020-11-06 22:40:55 -08:00
charhate
6fe855e824
Merge branch 'master' into expanding-S3-plugin 2020-11-05 12:12:45 -08:00
charhate
894b74f523
Merge branch 'master' into expanding-S3-plugin 2020-11-04 18:39:23 -08:00
sayali
206d010c9a Version updates and making lint happy 2020-11-04 18:23:39 -08:00
sayali
7d2ce61303 Updating comment for application context 2020-11-04 18:04:57 -08:00
charhate
8990209411
Merge branch 'master' into ecc_changes 2020-11-04 17:00:09 -08:00
Jasmine Schladen
4cc0f6bb60 Stop repeating certs when sending expiration notifications to security team email 2020-11-04 10:53:27 -08:00
sayali
ab014873d0 invalid escape sequence warning for not an escape char 2020-11-03 19:33:13 -08:00
sayali
003779a112 Mock fix for DeprecationWarning: callable is None 2020-11-03 19:27:41 -08:00
sayali
dc7497e29d Fix Working outside of application context Test Failures in dev 2020-11-03 19:05:18 -08:00
Mathias Petermann
c71dbcb0a0 Fix duplicate tests 2020-11-03 09:48:25 +01:00
Mathias Petermann
bc564b574d Merge branch 'master' into feature/acme-http-challenge 2020-11-03 09:36:37 +01:00
sayali
3d64aa8d11 Fixing DeprecationWarning: callable is None: another syntax 2020-11-02 18:58:38 -08:00
sayali
86b2cfbe4a invalid escape sequence \ 2020-11-02 18:45:38 -08:00
sayali
b75bd56546 Check if ValueError assert works old way 2020-11-02 18:29:22 -08:00
sayali
6922d34825 invalid escape sequence \ 2020-11-02 18:16:15 -08:00
sayali
825a001a8b pass algorithm to jwt.decode() during login 
api_jwt.py : pass "algorithms" argument when calling decode(). This argument will be mandatory in a future version
 2020-11-02 17:37:04 -08:00
sayali
d88da028b1 Replace binary with LargeBinary 
https://flask-appbuilder.readthedocs.io/en/latest/_modules/sqlalchemy/sql/sqltypes.html
 2020-11-02 17:37:04 -08:00
sayali
d821024e35 Fixing DeprecationWarning: callable is None 2020-11-02 17:37:04 -08:00
sayali
2dac95c6fb Replacing PassiveDefault (deprecated) with DefaultClause 2020-11-02 17:37:04 -08:00
sayali
4ffced70f8 backref cannot be set for viewonly relationship 
will be deprecated in SQLAlchemy 1.4, and will be disallowed in a future release
 2020-11-02 17:37:04 -08:00
sayali
634339eac6 replacing imp (deprecated) with importlib 2020-11-02 17:37:04 -08:00
Hossein Shafagh
9c6856bcdd adjusting the tests to the better naming 2020-10-30 18:36:32 -07:00
Hossein Shafagh
7bca42776b better comments 2020-10-30 18:28:34 -07:00
Hossein Shafagh
3dfafa0021 making lint happy 2020-10-30 18:28:10 -07:00
Hossein Shafagh
add0960579 more meaningful variable naming 2020-10-30 18:18:37 -07:00
Hossein Shafagh
e1ff89eb2d better return arguments 2020-10-30 18:18:14 -07:00
Hossein Shafagh
cc2aa5c1de cli for live testing 2020-10-30 18:17:34 -07:00
Hossein Shafagh
ba8eb7a3f5 better logging and metrics 2020-10-30 18:17:02 -07:00
Hossein Shafagh
c5769378cf
making lint happy 2020-10-30 15:21:22 -07:00
Hossein Shafagh
f90041353c
Merge branch 'master' into expanding-S3-plugin 2020-10-30 15:19:26 -07:00
Hossein Shafagh
d41daeb4af
Merge branch 'master' into ecc_changes 2020-10-30 10:55:23 -07:00
Chad S
cc05d21260
Merge branch 'master' into cname_01 2020-10-29 18:59:43 -07:00
csine-nflx
a4178ca113 fixing floating comma in CNAME PR 2020-10-29 18:52:22 -07:00
charhate
69aa98c1c8
Merge branch 'master' into ecc_changes 2020-10-29 18:05:38 -07:00
sayali
03dfbf535d Consistent algo in UI and API 
Removed '-' since UI displays only handful options
 2020-10-29 17:59:31 -07:00
sayali
aec24ae132 Missing commit in downgrade 2020-10-29 17:58:37 -07:00
sayali
4e44dd3d8f Check if authority options is JSON Array 2020-10-29 17:57:54 -07:00
Hossein Shafagh
9aa2d2af76
Merge branch 'master' into notification-plugin-field-fix 2020-10-29 14:58:43 -07:00
csine-nflx
ccecb26816 Merge branch 'cname_01' of github.com:Netflix/lemur into cname_01 2020-10-29 14:43:14 -07:00
csine-nflx
ca465e3c9e updating debug string with target_domain 2020-10-29 14:42:51 -07:00
Jasmine Schladen
a3a02a8077
Merge branch 'master' into notification-plugin-field-fix 2020-10-29 14:32:57 -07:00
Hossein Shafagh
2aec317127
Merge branch 'master' into cname_01 2020-10-29 14:32:23 -07:00
Jasmine Schladen
86207db93b
Merge branch 'master' into certificates-for-notification-fix 2020-10-29 14:21:25 -07:00
Hossein Shafagh
15a7921bf4
Merge branch 'master' into cname_01 2020-10-29 14:09:48 -07:00
Jasmine Schladen
84f8905cf1 Hide expired certs for notifications 2020-10-29 14:07:25 -07:00
Chad S
14348a1f95
Merge branch 'master' into cname_01 2020-10-29 14:01:14 -07:00
Hossein Shafagh
28c6f8583a
Merge branch 'master' into ses-arn-override 2020-10-29 13:52:51 -07:00
csine-nflx
a1f99c29c0 Merge branch 'cname_01' of github.com:Netflix/lemur into cname_01 2020-10-29 13:51:58 -07:00
csine-nflx
2b91077d92 updating variables based on feedback 2020-10-29 13:51:22 -07:00
Jasmine Schladen
28686fcf5d Merge branch 'ses-arn-override' of github.com:jtschladen/lemur into ses-arn-override 2020-10-29 13:48:55 -07:00
Jasmine Schladen
45cc9528d2 Cleaner syntax for default region 2020-10-29 13:48:43 -07:00
Jasmine Schladen
78afc060ae Add subject for SNS messages and correct date format 2020-10-29 13:41:47 -07:00
Hossein Shafagh
e967f2c676
Merge branch 'master' into ses-arn-override 2020-10-29 11:11:30 -07:00
Hossein Shafagh
2cea33cb11
Merge branch 'master' into expanding-S3-plugin 2020-10-29 11:09:00 -07:00
Chad S
af348b1012
Merge branch 'master' into cname_01 2020-10-28 22:41:23 -07:00
csine-nflx
33a006bbeb fixing delete with optional validation 2020-10-28 22:24:37 -07:00
csine-nflx
b47667b73e cname redirection working 2020-10-28 20:51:35 -07:00
Jasmine Schladen
3e492e6310 Add ability to override SES region 2020-10-28 17:09:54 -07:00
charhate
bbfc65813d
Merge branch 'master' into ecc_changes 2020-10-28 17:00:45 -07:00
charhate
6adf94d28f
Merge branch 'master' into log_update 2020-10-28 16:52:19 -07:00
Jasmine Schladen
5e696f36bf Add ability to override SourceArnn for SES 2020-10-28 16:34:31 -07:00
Jasmine Schladen
acc95a4b66 Fix notification view to actually show associated certs 2020-10-28 16:12:27 -07:00
charhate
c25782468b
Merge branch 'master' into log_update 2020-10-28 15:40:16 -07:00
Hossein Shafagh
cc69b433ca
Merge branch 'master' into notification-plugin-field-fix 2020-10-28 14:58:58 -07:00
csine-nflx
d27f2a53af Merge branch 'master' of github.com:Netflix/lemur into cname_01 2020-10-28 14:03:23 -07:00
charhate
95b647ee1d
Merge branch 'master' into ecc_changes 2020-10-28 13:54:14 -07:00
Hossein Shafagh
84d30b5d50
Merge branch 'master' into issuer-retry 2020-10-28 13:21:10 -07:00
Jasmine Schladen
13e8421c78
Merge branch 'master' into notification-plugin-field-fix 2020-10-28 08:50:46 -07:00
Jasmine Schladen
16ce7970d0
Merge branch 'master' into sns 2020-10-28 08:50:09 -07:00
Hossein Shafagh
a9d3b7a676
Merge branch 'master' into issuer-retry 2020-10-28 08:48:29 -07:00
Mathias Petermann
23e1700fad flake8 2020-10-28 13:47:57 +01:00
Jasmine Schladen
794e4d3855 Revert log to debug to be safe 2020-10-27 17:36:01 -07:00
Hossein Shafagh
c6a8034890
language 2020-10-27 16:13:05 -07:00
Hossein Shafagh
10aa02fd85 more compact design, thanks to Chad for the feedback 2020-10-27 14:42:51 -07:00
Hossein Shafagh
54c2245115 comments 2020-10-27 12:47:35 -07:00
Hossein Shafagh
d59a558d58 adopting ilike and not relying on == 
reducing redundancy
 2020-10-27 12:44:38 -07:00
Emmanuel Garette
e9824a6808 change the log level to info if upgrade is successful 2020-10-27 20:38:18 +01:00
Emmanuel Garette
79647e3372 add reference to LOG_UPGRADE_FILE in toplevel comment 2020-10-27 20:38:18 +01:00
Jasmine Schladen
20b8c2fd93 PR feedback 2020-10-27 08:56:43 -07:00
Mathias Petermann
ccf87986c0 Add store_account to AcmeDnsIssuer 2020-10-27 12:15:07 +01:00
Mathias Petermann
96fbcdaf70 Fix test_finalize_authorizations, dont reuse cleanup_dns_challenges in finalize_authorizations 2020-10-27 11:27:44 +01:00
Mathias Petermann
103e107668 Fix patches for test_create_certificate 2020-10-27 11:16:29 +01:00
Mathias Petermann
82bf8e2ac6 Remove unnecessary code from dnsChallenge, Fix patches in dns tests 2020-10-27 11:09:30 +01:00
Mathias Petermann
2d98e71977 Replace deprecated assertRaisesRegexp with assertRaisesRegex 2020-10-27 10:44:04 +01:00
Mathias Petermann
30c10b93f8 Fix patches for acme_handler tests 2020-10-27 10:37:30 +01:00
Mathias Petermann
3b20a47603 Fix patches for acme_http tests, apparently isinstance is considered evil in python 2020-10-27 10:37:30 +01:00
Mathias Petermann
4464c5890d Flake8 2020-10-27 10:37:30 +01:00
Mathias Petermann
812e1dee92 Refactor Acme plugin into AcmeChallenge objects, dns01 2020-10-27 10:37:27 +01:00
Mathias Petermann
b91cebf245 Refactor Acme plugin into AcmeChallenge objects, http01 2020-10-27 10:36:06 +01:00
Mathias Petermann
6c1be02bfa Remove destination_list from AcmeHttpIssuer 2020-10-27 10:28:34 +01:00
Mathias Petermann
ef0fce2661 Set timeout for finalize to 90s 2020-10-27 10:28:34 +01:00
Mathias Petermann
235653b558 Refactor destination selection for acme-http authorities, to load destinations dynamically 2020-10-27 10:28:34 +01:00
Mathias Petermann
81b078604c Implement revoke certificate for ACME 2020-10-27 10:28:34 +01:00
Mathias Petermann
215070b327 Fix create_certificate tests 2020-10-27 10:28:34 +01:00
Mathias Petermann
41ea59d7e3 Remove unneeded polling 2020-10-27 10:28:33 +01:00
Mathias Petermann
d24fae0bac Fix permissions on acme token upload, dont append well-known automatically 2020-10-27 10:28:33 +01:00
Mathias Petermann
66cab6abd3 Make http-01 challenge work for SAN certificates 2020-10-27 10:28:33 +01:00
Mathias Petermann
e3e5ef7d66 Refactor AcmeHandler, Move DNS stuff into AcmeDnsHandler 2020-10-27 10:28:33 +01:00
Mathias Petermann
76dcfbd528 Add more tests 2020-10-27 10:28:33 +01:00
Mathias Petermann
d6719b729c Implement some test for AcmeHttpIssuerPlugin 2020-10-27 10:28:33 +01:00
Mathias Petermann
b2de986652 Split tests into handler, and dns specifics 2020-10-27 10:28:30 +01:00
Mathias Petermann
b93d271f31 Fix flake8 2020-10-27 10:25:31 +01:00
Mathias Petermann
e06bdcf2a3 Implement create_certificate for HTTP-01 challenge 2020-10-27 10:25:31 +01:00
Mathias Petermann
3012995c76 Improve naming, make it possible to create directories recursively with SFTP 2020-10-27 10:25:31 +01:00
Mathias Petermann
348d8477dd Refactor destination plugin, to allow upload of ACME http-challenge tokens 2020-10-27 10:25:31 +01:00
Mathias Petermann
d00dd9d295 Initial structure for ACME http challenge 2020-10-27 10:25:31 +01:00
Hossein Shafagh
3b258447db addressing Chad's feedbakc 2020-10-26 19:16:40 -07:00
Hossein Shafagh
1ef6139f9b ignore rotated certs, since there is a new cert that can be used 2020-10-26 18:34:21 -07:00
Hossein Shafagh
6a1b4b4857 ignore expired certs 2020-10-26 18:33:33 -07:00
Hossein Shafagh
709a9808aa better structure of the query and and removing ilike 2020-10-26 18:32:53 -07:00
sayali
392725ff30 Add description check in reissue unit test 2020-10-26 15:33:20 -07:00
csine-nflx
749aa772ba First change to get CNAME redirection working 2020-10-26 11:57:33 -07:00
Jasmine Schladen
3f765b51ef Fix sources and destinations, and allow actually updating the notification type 2020-10-26 11:27:40 -07:00
Hossein Shafagh
6723e3c80d now fixing the month to minute bug 2020-10-26 11:27:40 -07:00
Hossein Shafagh
3290d6634b fixing testing 2020-10-26 11:27:40 -07:00
Hossein Shafagh
fa62023b2d fixing the time bug, sub-second to second, and month to minute! 2020-10-26 11:27:40 -07:00
Emmanuel Garette
d7478a5c5c use an alternative logger for the upgrade 2020-10-25 19:24:17 +01:00
Hossein Shafagh
f6554a9a1e typo, fixing abstract class complaints 2020-10-23 18:03:55 -07:00
Hossein Shafagh
0e02abbb37 Entrust just looks into CSR for RSA/EC key type 2020-10-23 18:03:27 -07:00
Hossein Shafagh
9957120a7f adding missing import 2020-10-23 18:03:07 -07:00
Hossein Shafagh
7e573d6d51 fixing typo 2020-10-23 18:02:54 -07:00
Hossein Shafagh
6891077501 readability 2020-10-23 18:02:35 -07:00
Hossein Shafagh
75bc3a5b20 refactoring and adding retry 2020-10-23 18:02:05 -07:00
Hossein Shafagh
d233490c8a simple retry 2020-10-23 18:01:14 -07:00
Hossein Shafagh
2c1e7b19a2 10x 10s delay might be too long for the load balancer request 2020-10-23 17:59:58 -07:00
sayali
2c22d42a57 Modify description during reissue 
Include the certificate ID being reissued and mention that this is created by Lemur as part of reissue
 2020-10-23 17:07:14 -07:00
Hossein Shafagh
3d83db6f8f
Merge branch 'master' into expanding-S3-plugin 2020-10-23 14:13:30 -07:00
Hossein Shafagh
30915d30be
Merge branch 'master' into log_update 2020-10-23 14:13:17 -07:00
Hossein Shafagh
01bd357b1c
Merge branch 'master' into sns 2020-10-23 11:38:35 -07:00
Hossein Shafagh
1495fb3595 now fixing the month to minute bug 2020-10-23 10:18:24 -07:00
Hossein Shafagh
bc6fb02fc2 fixing testing 2020-10-23 10:16:38 -07:00
Hossein Shafagh
e01863097b fixing the time bug, sub-second to second, and month to minute! 2020-10-23 10:16:23 -07:00
Jasmine Schladen
a5cea4fb9a Skip revoked certs when looking for certs to notify 2020-10-23 09:42:03 -07:00
Jasmine Schladen
233f9768e8 Fix error handling 2020-10-23 09:35:46 -07:00
Jasmine Schladen
98962ae5f5
Merge branch 'master' into sns 2020-10-23 08:50:26 -07:00
Hossein Shafagh
41ac43013d
Merge branch 'master' into notification-plugin-field-fix 2020-10-23 08:43:29 -07:00
Hossein Shafagh
2b274f723a
Merge branch 'master' into improved-logging 2020-10-23 07:59:30 -07:00
Jasmine Schladen
71df6b8560 Fix plugin field on notification edit 2020-10-22 18:15:26 -07:00
Hossein Shafagh
8610af8b83
more precise language 2020-10-22 17:54:46 -07:00
Hossein Shafagh
820106e333
Merge branch 'master' into expanding-S3-plugin 2020-10-22 17:35:20 -07:00
Hossein Shafagh
9ce0010bf1 handle_respone can also handle the no data response 2020-10-22 17:33:39 -07:00
Hossein Shafagh
cf87e178c8 making lint happy 2020-10-22 17:33:02 -07:00
Hossein Shafagh
97f80b79dc adjusting digicert test to support seconds 2020-10-22 17:23:33 -07:00
Hossein Shafagh
9acd974b74 fixing the test to support seconds 2020-10-22 17:20:47 -07:00
Hossein Shafagh
ae1e9d120b consistent messaging 2020-10-22 17:13:58 -07:00