Commit Graph

2278 Commits

Author SHA1 Message Date
Curtis Castrapel 2c22c9c2f1 Allow proper detection of zones, fix certificate detection 2018-08-14 14:37:45 -07:00
Curtis e050177c08
Merge pull request #1553 from castrapel/fix_le_renew
Allow auto-detection of DNS providers / Fix acme renewal flow
2018-08-13 15:22:45 -07:00
Curtis Castrapel 1a5abe6550 fix lint 2018-08-13 15:11:57 -07:00
Curtis Castrapel cc836433fb formatting 2018-08-13 15:06:16 -07:00
Curtis Castrapel 5829794d82 typo fix 2018-08-13 14:25:54 -07:00
Curtis Castrapel bb026b8b59 Allow LetsEncrypt renewals and requesting certificates without specifying DNS provider 2018-08-13 14:22:59 -07:00
Curtis 771be58dc5
Merge pull request #1511 from intgr/unittests-use-valid-certs
Fix unit tests certificates to have correct chains and private keys
2018-08-07 10:04:56 -07:00
Curtis ab37189022
Merge branch 'master' into unittests-use-valid-certs 2018-08-07 09:42:39 -07:00
Curtis 3463848cb5
Merge pull request #1509 from intgr/fill-missing-rotation-policy
Fill in missing cert rotation_policy; don't ignore validation errors when re-issuing certs
2018-08-07 09:40:09 -07:00
Curtis cf71f88680
Merge branch 'master' into fill-missing-rotation-policy 2018-08-07 08:23:29 -07:00
Curtis 234533e367
Merge branch 'master' into unittests-use-valid-certs 2018-08-07 08:13:48 -07:00
Curtis e0c6d6dd7d
Merge pull request #1530 from castrapel/up-reqs8718
Up reqs8718
2018-08-07 08:13:32 -07:00
Curtis Castrapel c82f3bbf0f updating requirements 2018-08-07 07:48:09 -07:00
Curtis Castrapel 51d5a897c2 Merge remote-tracking branch 'upstream/master' 2018-08-07 07:47:07 -07:00
Cyril Dangerville 7f821abfef Fixed invalid JSON payloads (making API requests fail in particular) (#1522) 2018-08-07 07:46:59 -07:00
Marti Raudsepp 1edb964da9 Delete dead code in unit tests (#1510) 2018-08-07 07:46:59 -07:00
Marti Raudsepp 400bcaf085 Add .pytest_cache dir to .gitignore (#1512) 2018-08-07 07:46:58 -07:00
Curtis Castrapel 583bbee606 remove debug print 2018-08-07 07:46:58 -07:00
Curtis Castrapel 7463d47057 Support LetsEncrypt accounts 2018-08-07 07:46:58 -07:00
Mike Grima 46cd1a21f7 Proper flask_restful boolean parsing.
This is documented here: https://github.com/flask-restful/flask-restful/issues/488
2018-08-07 07:46:58 -07:00
Curtis Castrapel 82c7530b6f fix deletion 2018-08-07 07:46:58 -07:00
Curtis Castrapel 6d8217e00f requirements 2018-08-07 07:46:58 -07:00
Curtis Castrapel cc735e9b33 Error logging 2018-08-07 07:46:58 -07:00
Curtis Castrapel 19753632a9 Show and send error for pending certs 2018-08-07 07:46:58 -07:00
Curtis Castrapel a3e1d08ba2 Adding pessimistic sqlalchemy disconnection handling 2018-08-07 07:46:58 -07:00
Curtis Castrapel 5e34287530 no bare except 2018-08-07 07:46:57 -07:00
Curtis Castrapel dd7c9e3f88 Explicit capture exception during create failure 2018-08-07 07:46:57 -07:00
Curtis Castrapel d8652fad36 Unpinning requests 2018-08-07 07:46:57 -07:00
Curtis Castrapel 58ec0bab09 updated requirements 2018-08-07 07:46:57 -07:00
Marti Raudsepp 094b2fd5a9 Clean up module imports
Example:
* import lemur.common.utils -> from lemur.common import utils
* import sqlalchemy.types as types -> from sqlalchemy import types
2018-08-07 07:46:57 -07:00
Marti Raudsepp 85285b5e62 Cache parsed certificate instead of re-parsing for each field
Use @cached_property decorator to cache the results of parse_certificate().

This significantly cuts down on the number of times certs need to be
parsed for a list view.
2018-08-07 07:46:57 -07:00
Curtis Castrapel 16dc7dc2f6 no bare except 2018-08-07 07:46:57 -07:00
Curtis Castrapel f53067ab29 Explicit capture exception during create failure 2018-08-07 07:46:56 -07:00
Curtis Castrapel efd33db69d Unpinning requests 2018-08-07 07:46:56 -07:00
Steven Reiling 5b13032aec Adds an optional interval variable to notification service's
create_default_expiration_notifications and introduces a new optional
configuration variable, LEMUR_SECURITY_TEAM_EMAIL_INTERVALS, to allow admins
control over the centralized email notification defaults.
2018-08-07 07:46:56 -07:00
Curtis Castrapel 177208f9da updated requirements 2018-08-07 07:46:56 -07:00
Marti Raudsepp b8d017418a Clean up module imports
Example:
* import lemur.common.utils -> from lemur.common import utils
* import sqlalchemy.types as types -> from sqlalchemy import types
2018-08-07 07:46:56 -07:00
Marti Raudsepp ce6e64bd17 Cache parsed certificate instead of re-parsing for each field
Use @cached_property decorator to cache the results of parse_certificate().

This significantly cuts down on the number of times certs need to be
parsed for a list view.
2018-08-07 07:46:56 -07:00
root 6ce044806b initial commit 2018-08-07 07:46:56 -07:00
Justin P 68203436e0 Sinful Use of `$`
Using the `$` sign within any block of text already marked as a code block is a grievous sin due to the fact that it makes it 100% pointless for you to have USED THE CODE BLOCK IN THE FIRST PLACE!

The `$` becomes included in the text we're trying to highlight for us to be able to actually use in our own projects.

Why post the info if you don't want us to use it.

Thank you.
2018-08-07 07:46:55 -07:00
Curtis f9a7b97839
Merge branch 'master' into unittests-use-valid-certs 2018-08-07 07:45:45 -07:00
Cyril Dangerville 2869042f38 Fixed invalid JSON payloads (making API requests fail in particular) (#1522) 2018-08-03 15:26:48 -07:00
Marti Raudsepp 82158aece6 Fill in missing cert rotation_policy; don't ignore validation errors when re-issuing certs
CertificateInputSchema requires the rotation_policy field, but
certificates created before the field existed have set to NULL. Thus
saving such certificates failed and probably caused other errors.

Made cert re-issuing (get_certificate_primitives) more strict so such
errors are harder to miss in the future.
2018-08-03 20:06:21 +03:00
Marti Raudsepp 1f0f432327 Fix unit tests certificates to have correct chains and private keys
In preparation for certificate integrity-checking: invalid certificate
chains and mismatching private keys will no longer be allowed anywhere
in Lemur code.

The test vector certs were generated using the Lemur "cryptography"
authority plugin.

* Certificates are now more similar to real-world usage: long serial
  numbers, etc.
* Private key is included for all certs, so it's easy to re-generate
  anything if needed.
2018-08-03 19:45:13 +03:00
Marti Raudsepp acd2701fa2 Delete dead code in unit tests (#1510) 2018-08-03 08:21:55 -07:00
Marti Raudsepp bb0c229d7e Add .pytest_cache dir to .gitignore (#1512) 2018-08-03 08:12:04 -07:00
Curtis 3f9d66bd51
Merge pull request #1497 from castrapel/letsencrypt_account_support
Letsencrypt account support
2018-07-30 15:37:35 -07:00
Curtis 025d177565
Merge branch 'master' into letsencrypt_account_support 2018-07-30 15:28:29 -07:00
Curtis Castrapel 44192d4494 remove debug print 2018-07-30 15:27:23 -07:00
Curtis 4b5e93cd3c
Merge pull request #1491 from mikegrima/booleans
Proper flask_restful boolean parsing
2018-07-30 15:25:52 -07:00