Commit Graph

988 Commits

Author SHA1 Message Date
Doppins
c381331c10 Upgrade dependency pyjwt to ==1.5.3 () 2017-09-25 09:19:54 -07:00
Doppins
a7923f2a06 Upgrade dependency six to ==1.11.0 () 2017-09-25 09:19:40 -07:00
Doppins
e5f7172c97 [Doppins] Upgrade dependency paramiko to ==2.3.1 ()
* Upgrade dependency paramiko to ==2.3.0

* Upgrade dependency paramiko to ==2.3.1
2017-09-25 09:19:24 -07:00
Doppins
43fff0450b Upgrade dependency acme to ==0.18.2 () 2017-09-25 09:19:08 -07:00
Doppins
107fd3fce1 [Doppins] Upgrade dependency raven to ==6.2.1 ()
* Upgrade dependency raven to ==6.2.0

* Upgrade dependency raven to ==6.2.1
2017-09-25 09:18:57 -07:00
Doppins
1a9b6dec26 [Doppins] Upgrade dependency moto to ==1.1.13 ()
* Upgrade dependency moto to ==1.1.12

* Upgrade dependency moto to ==1.1.13
2017-09-25 09:18:40 -07:00
Aaron Mell
444be5bb7f Updated Quikstart ()
Got some failures doing a clean install on Ubuntu 17.04 Zesty Zapus (Final) from virtualboxes.org
2017-09-22 12:35:25 -07:00
Doppins
5ebfa018ee [Doppins] Upgrade dependency moto to ==1.1.11 ()
* Upgrade dependency moto to ==1.1.7

* Upgrade dependency moto to ==1.1.8

* Upgrade dependency moto to ==1.1.9

* Upgrade dependency moto to ==1.1.10

* Upgrade dependency moto to ==1.1.11
2017-09-21 10:31:45 -07:00
Ian Stahnke
a6dab5e1ee a bit more ldap documentaion () 2017-09-21 06:00:26 -07:00
Horatiu Eugen Vlad
f766871824 Create default rotation policy with name () 2017-09-18 09:09:59 -07:00
Doppins
ba29bbe3be Upgrade dependency pyOpenSSL to ==17.2.0 () 2017-09-13 20:54:54 -07:00
Doppins
d711031ce9 Upgrade dependency moto to ==1.1.6 () 2017-09-13 20:54:43 -07:00
Kevin Glisson
af5c19cc52 Solving conflicts 2017-09-13 09:41:19 -07:00
Kevin Glisson
359fbd2d73 Pinning version of PyOpenSSL 2017-09-13 09:39:52 -07:00
Caige Nichols
e8b9853367 Fixes 873 by explicitly declaring pyopenssl version. () 2017-09-13 09:30:20 -07:00
Doppins
376b2b8051 Upgrade dependency moto to ==1.1.5 () 2017-09-12 16:01:24 -07:00
Doppins
e8d0af87e4 Upgrade dependency SQLAlchemy-Utils to ==0.32.16 () 2017-09-12 09:59:49 -07:00
Doppins
a4267320b0 Upgrade dependency Flask-Script to ==2.0.6 () 2017-09-12 09:59:23 -07:00
Doppins
52dd42701a Upgrade dependency moto to ==1.1.4 () 2017-09-12 09:58:38 -07:00
Rick Breidenstein
fc9b1e5b12 server_default from "False" to sa.false() () 2017-09-11 09:19:19 -07:00
Francisco Santos
2ecfaa41cf Add pyldap mock for readthedocs () 2017-09-11 09:18:03 -07:00
Francisco Santos
7106c4fdcf Sync docs requirements.txt () 2017-09-10 10:41:46 -07:00
Doppins
9420ca9949 Upgrade dependency acme to ==0.18.1 () 2017-09-08 16:59:49 -07:00
Doppins
956a1851a2 Upgrade dependency moto to ==1.1.3 () 2017-09-08 16:59:39 -07:00
Marti Raudsepp
dafed86179 Improve certificate name normalization: remove Unicode characters, etc. ()
* Accented characters are replaced with non-accented version (ä -> a)
* Spaces are replaced with '-' (previously they were removed)
* Multiple non-alphanumeric characters are collapsed into one '-'
2017-09-08 10:52:22 -07:00
Doppins
e72efce071 Upgrade dependency acme to ==0.18.0 () 2017-09-07 18:09:52 -07:00
Doppins
77b9658dba Upgrade dependency pyldap to ==2.4.37 () 2017-09-07 18:09:37 -07:00
Doppins
090c984ca3 Upgrade dependency pytest to ==3.2.2 () 2017-09-07 18:09:15 -07:00
Doppins
2ff25b656f Upgrade dependency moto to ==1.1.2 () 2017-09-07 18:09:07 -07:00
Ian Stahnke
ff4d1edd63 remove duplicated ldap_bind_uri description () 2017-09-04 10:12:40 -07:00
Ian Stahnke
79d12578c7 basic ldap support () 2017-09-03 20:41:43 -07:00
Doppins
c0784b40e0 Upgrade dependency Flask-Migrate to ==2.1.1 () 2017-08-29 20:20:39 -07:00
kevgliss
ff87c487c8 It's too expensive to attempt to load all certificates associated with a given notification. Some queries such as default are associated with a large number of certificates. We have little control over when these objects are loaded, but when marshalled they are lazyloaded via SQLAlachemy. If a user needs to get all the certificates associated with a certificate they should use the /notifications/<id>/certificates endpoints that support pagination. () 2017-08-28 17:57:39 -07:00
Marti Raudsepp
82b43b5a9d Create signal hooks and handler for dumping CSR and certificate details () 2017-08-28 17:35:56 -07:00
Doppins
4b4e159a8e [Doppins] Upgrade dependency moto to ==1.1.1 ()
* Upgrade dependency moto to ==1.1.0

* Upgrade dependency moto to ==1.1.1
2017-08-28 17:35:12 -07:00
Marti Raudsepp
bb1c339655 Fix ability to remove all roles from authority () 2017-08-28 17:35:01 -07:00
kevgliss
aca6d6346f Removing legacy requirement for nodejs. Closes () 2017-08-25 10:12:56 -07:00
Marti Raudsepp
e7efaf4365 Prevent creation of empty SubjAltNames extension in CSR () 2017-08-18 09:10:56 -07:00
Marti Raudsepp
c6d76f580e Disable unused Flask Principal sessions ()
Lemur uses its own auth token for authentication; logging out doesn't
properly dispose of the Flask Principal session.
2017-08-17 09:24:35 -07:00
Marti Raudsepp
941df0366d Fix roles display on user screen and fix removing user roles () 2017-08-17 09:24:10 -07:00
Marti Raudsepp
7762d6ed52 Reworked sensitive domain name and restriction logic ()
* This is a fix for a potential security issue; the old code had edge
  cases with unexpected behavior.
* LEMUR_RESTRICTED_DOMAINS is no more, instead LEMUR_WHITELISTED_DOMAINS
  is a list of *allowed* domain name patterns. Per discussion in PR 
* Domain restrictions are now checked everywhere: in domain name-like
  CN (common name) values and SAN DNSNames, including raw CSR requests.
* Common name values that contain a space are exempt, since they cannot
  be valid domain names.
2017-08-16 19:24:49 -07:00
Doppins
466df367e6 Upgrade dependency boto3 to ==1.4.6 () 2017-08-16 09:56:22 -07:00
Doppins
b0c8787cfa Upgrade dependency marshmallow to ==2.13.6 () 2017-08-16 09:56:08 -07:00
Marti Raudsepp
cf805f530f Prevent unintended access to sensitive fields (passwords, private keys) ()
Make sure that fields specified in filter, sortBy, etc. are model fields
and may be accessed. This is fixes a potential security issue.

The filter() function allowed guessing the content of password hashes
one character at a time.

The sort() function allowed the user to call an arbitrary method of an
arbitrary model attribute, for example sortBy=id&sortDir=distinct would
produce an unexpected error.
2017-08-16 09:38:42 -07:00
Doppins
b40c6a1c67 Upgrade dependency pem to ==17.1.0 () 2017-08-10 15:08:11 -07:00
Doppins
3a62010445 Upgrade dependency pytest to ==3.2.1 () 2017-08-09 15:00:15 -07:00
Andrew Murray
3b4e7d9169 Fixed typo () 2017-08-09 08:40:22 -07:00
Doppins
4245ba0d15 Upgrade dependency acme to ==0.17.0 () 2017-08-06 11:19:10 -07:00
Doppins
95e4c23db1 Upgrade dependency factory-boy to ==2.9.2 () 2017-08-06 11:19:00 -07:00
Rick Breidenstein
f5e120ad2e Update readme.txt () 2017-08-04 12:42:27 -07:00