Commit Graph

1595 Commits

Author SHA1 Message Date
Ryan Clough 2073090628 Use american english for consistency 2015-10-28 19:39:10 -07:00
kevgliss 0453afcb0e Fixing issuer where roles were not added correctly to user. 2015-10-26 10:59:20 -07:00
kevgliss 4b968a9474 Adding aes - fernet migration 2015-10-23 16:47:17 -07:00
Robert Picard 40eb950e94 Use MultiFernet for encryption
Facilitates key rotation and uses more secure encryption than what
sqlalchemy-utils does.

Fixes #117 and #119.
2015-10-13 16:58:58 -07:00
Robert Picard 2fc6d4cd21 Fix a handful of typos in documentation
As I was reading through the docs I made note of grammar issues and
typos I saw. Not a huge deal but might as well fix what I noticed.
2015-10-06 15:05:05 -07:00
kevgliss a20726a301 Fixing python 3.x syntax error 2015-10-06 13:11:24 -07:00
kevgliss 39727a1c9f Fixing tests 2015-10-06 13:00:06 -07:00
kevgliss 168f46a436 Adding the ability to track a certificates signing key algorithm 2015-10-06 12:51:59 -07:00
kevgliss 798a6295ee Fixes destination stat 2015-10-06 09:43:31 -07:00
kevgliss 63b7b71b49 adding clipboard functionality 2015-10-05 16:06:56 -07:00
kevgliss 9965af9ccd fixing links, and adding zeroclipboard 2015-10-05 09:48:52 -07:00
kevgliss 867be09e29 more double quotes 2015-10-05 09:24:11 -07:00
kevgliss 8362a92898 fixing double quotes 2015-10-05 09:19:14 -07:00
kevgliss 162482dbc4 Adding ui router and perma links to certificates and authorities 2015-10-05 09:00:51 -07:00
kevgliss 2187898494 adding copy and a better profile picture for non-sso users 2015-10-02 15:36:50 -07:00
kevgliss d4bc6ae7a1 Fixes #105 2015-10-02 13:46:13 -07:00
kevgliss 5cfa9d4bc5 description should be optional 2015-09-29 16:37:32 -07:00
kevgliss 7ebd0bf5d4 making fields required 2015-09-24 08:42:31 -07:00
kevgliss 06a69c09a0 Fixing a bug where notifications associated during certificate creation would not be respected. 2015-09-22 13:01:05 -07:00
kevgliss be6a5b859e adding notification example 2015-09-22 09:46:54 -07:00
Eric Mill baef329a4d Rename SSL to TLS 2015-09-21 18:16:19 -04:00
Eric Mill a3385bd2ac Rename SSL to TLS 2015-09-21 18:15:25 -04:00
kevgliss fc0a884d5f Cleaning up unneed/unused files 2015-09-20 09:49:16 -07:00
kevgliss ef72de89b3 Minor fixes 2015-09-18 15:50:59 -07:00
kevgliss a563986ce4 fixing an error where dates components were not replaced in logical order 2015-09-16 11:10:09 -07:00
kevgliss d3cf273a45 Merge pull request #72 from kevgliss/docker
[WIP] Docker
2015-09-11 15:36:25 -07:00
kevgliss 25f652c1eb fixing merge conflict 2015-09-11 08:38:48 -07:00
kevgliss 7f119e95e1 making the verisign urls more generic 2015-09-11 08:27:34 -07:00
kevgliss 1e314b505f fixing keyerror 2015-09-08 18:18:14 -07:00
kevgliss ef9a80ebfd adding actual recipients 2015-09-08 18:03:18 -07:00
kevgliss 84d0afae4c fixing email internvals 2015-09-08 17:56:20 -07:00
kevgliss 48a53ad436 fixing error in default password creation 2015-09-08 17:42:57 -07:00
kevgliss 2f4aee49e2 adding logging 2015-09-08 10:56:23 -07:00
kevgliss f3f5b9eeb3 adding password commandline option 2015-09-08 10:56:23 -07:00
kevgliss 8ab9c06778 removing more netflix 2015-09-04 15:54:52 -07:00
kevgliss 0afd4c94b4 removing more netflix 2015-09-04 15:54:02 -07:00
kevgliss aaae4d5a1f unifying lemur defaults 2015-09-04 15:52:56 -07:00
kevgliss 9da713ab06 cleaning up references to netflix 2015-09-04 15:29:57 -07:00
kevgliss 160eaa6901 Fixing issue with expiration emails not being sent 2015-09-04 09:24:55 -07:00
kevgliss 180c8228e1 adding verisign source 2015-09-02 14:37:07 -07:00
kevgliss 089c0b2b1b Merge pull request #68 from kevgliss/crons
Crons
2015-09-02 09:35:46 -07:00
kevgliss 3b109ec578 Cleaning up temporary file creation, and revocation checking 2015-09-02 09:19:06 -07:00
kevgliss 45158c64a2 cleaning up temporary file creation 2015-09-02 09:19:06 -07:00
kevgliss a350940cd1 Adding command to fetch and publish verisign units 2015-09-02 09:19:06 -07:00
kevgliss efec79d8de removing silly description validation from lemur and enforcing it on the cloudca plugin (who actually cares) 2015-09-02 09:15:12 -07:00
kevgliss 62950128a2 Adding a better error message for really long common names Fixes #38 2015-09-02 09:15:11 -07:00
kevgliss aca69ce03c Closes #53 2015-09-02 09:15:11 -07:00
kevgliss bf8ce354e5 Closes #55 2015-09-02 09:13:47 -07:00
kevgliss 8d09d865b1 Closes #57 2015-09-02 09:13:47 -07:00
kevgliss 480078da42 Removing str casting for role permission 2015-09-01 14:15:40 -07:00
kevgliss 46a5355377 Allows authorities to have editable owners and descriptions 2015-09-01 14:15:40 -07:00
kevgliss 3fb226ec11 Merge pull request #64 from kevgliss/validation
Validation of common name field
2015-08-29 14:01:31 -07:00
kevgliss 7471984ecf removing silly description validation from lemur and enforcing it on the cloudca plugin (who actually cares) 2015-08-29 13:57:07 -07:00
kevgliss df9b345541 Adding a better error message for really long common names Fixes #38 2015-08-29 13:57:07 -07:00
kevgliss a484a6e24d Closes #53 2015-08-29 13:07:30 -07:00
kevgliss a7fd74396c Merge pull request #61 from kevgliss/editOwner
Closes #55
2015-08-29 12:09:09 -07:00
kevgliss 8977c5ddbf Ensuring notifications follow owner 2015-08-29 12:02:50 -07:00
kevgliss f492e9ec1b Closes #55 2015-08-29 11:53:46 -07:00
kevgliss 03e2991ced Closes #57 2015-08-29 11:48:39 -07:00
kevgliss 80136834b5 Merge pull request #59 from kevgliss/cleanup
Cleanup
2015-08-29 10:30:03 -07:00
kevgliss 3b2f71cc8a Merge pull request #58 from kevgliss/configBasedNames
Adding ability to define distinguished names in config
2015-08-29 10:23:21 -07:00
kevgliss 783acf6d8c Removing Meechum specific code 2015-08-29 10:11:03 -07:00
Jeremy Heffner 53ce9cac4c Fix a typo, add a typo 2015-08-27 15:55:39 -07:00
Jeremy Heffner 51800d5e4b Added better error handling
Added a "dry run" option
2015-08-27 15:48:49 -07:00
Jeremy Heffner 627b36d2a5 Adding method to get existing listeners 2015-08-27 15:45:00 -07:00
kevgliss 70ccd137e1 removing netflix specific code from auth flow 2015-08-27 13:09:02 -07:00
kevgliss 9a04371680 Adding ability to define distinguished names in config 2015-08-27 12:59:40 -07:00
kevgliss f799ff3af1 Seeing if using decode explicity this helps py3 problem 2015-08-24 20:10:03 -07:00
Jeremy Heffner 6db1d0b031 fixing unicode support 2015-08-24 16:37:24 -07:00
Jeremy Heffner d599aaa410 Updating to handle unicode in python 2 and 3$
added retry with backoff for the SSL cert to show up after it is added (CAP, ftw)$
2015-08-24 16:17:04 -07:00
Jeremy Heffner 09bc79ef84 Merge remote-tracking branch 'upstream/master' into elb-ssl-automation 2015-08-24 12:18:40 -07:00
Jeremy Heffner 6e39a1e666 Finished glue code to push ELBs. 2015-08-24 12:18:15 -07:00
kevgliss 75de814b15 Adding new verisign error 2015-08-24 09:43:30 -07:00
kevgliss b4c348aef7 switching out default orgname 2015-08-24 09:41:03 -07:00
kevgliss 45c442000e Fixing some unfortunate casting that prevent creators from viewing/updating their certs 2015-08-22 10:56:15 -07:00
kevgliss a07db5625b Fixing an issue were extensions were implicitly required 2015-08-22 10:22:36 -07:00
kevgliss 4b7a55c89f Fixing issue with a certificate with no role not being viewable 2015-08-21 16:08:53 -07:00
Jeremy Heffner 3ff5cdf43f Merge remote-tracking branch 'upstream/master' into elb-ssl-automation 2015-08-21 14:29:03 -07:00
Jeremy Heffner dbfd6b1e17 Fixing this so it pulls the named option 2015-08-21 13:09:29 -07:00
kevgliss d62f57eab3 Fixing an issue with futures, unicode and b64 not being able to handle the unicode values 2015-08-20 15:49:08 -07:00
Jeremy Heffner 96c3ab7f9d Merge remote-tracking branch 'upstream/master' into elb-ssl-automation 2015-08-20 15:46:11 -07:00
Jeremy Heffner 38ebeab163 Refactoring.. with pep8 fixes 2015-08-20 15:45:53 -07:00
Jeremy Heffner fcfaa21a24 Refactoring 2015-08-20 15:45:42 -07:00
kevgliss 0f0d11a828 Merge pull request #45 from kevgliss/authByOwner
Fixes #35
2015-08-19 18:08:55 -07:00
kevgliss 6b2da2fe6b Fixes #35 2015-08-19 18:05:18 -07:00
kevgliss cbcc8af3bd Fixing bug were domains would not have correct pagination 2015-08-19 16:42:56 -07:00
Jeremy Heffner ab7b0c442c provisionelb creates certs. needs some cleanup and the rest of the glue 2015-08-19 16:10:45 -07:00
kevgliss b00917aa60 Ensure there are no accidental newlines when fetching the ENCRYPTION_KEY 2015-08-19 15:46:10 -07:00
kevgliss b96af3a1f1 Editing footer text 2015-08-19 10:10:19 -07:00
kevgliss 28e12a973f Misc fixed around certificate notifications 2015-08-19 10:07:22 -07:00
kevgliss c6747439fb Misc fixed around certificate syncing 2015-08-18 16:17:20 -07:00
kevgliss f09f5eb0f1 Fixing issue with creating roles 2015-08-17 22:51:29 -07:00
kevgliss dd607e5c07 Making CLOUDCA_API_ENDPOINT configurable 2015-08-17 17:09:31 -07:00
kevgliss eb55d5465f Making LEMUR_DEFAULT_SECURITY_EMAIL optional 2015-08-17 16:03:57 -07:00
kevgliss 500b212a25 Adding a few default expiration intervals 2015-08-17 15:49:16 -07:00
kevgliss bfcbd1b065 Fixes issue where client authentication was not displaying in the UI 2015-08-11 15:43:59 -07:00
kevgliss 32ef793c4d Switch to relying on the configuration key in the configuration file 2015-08-08 16:12:29 -07:00
kevgliss 63b1babf7b Fixing a few syntax errors 2015-08-03 21:16:55 -07:00
kevgliss fc68552d0f Making Lemur py3 compatible 2015-08-03 21:07:28 -07:00
kevgliss 888e75e7f7 Fixing tests 2015-08-03 16:15:59 -07:00
kevgliss 710b4d45bc Allowing notifications to be marked as in-active 2015-08-03 16:10:00 -07:00
kevgliss a873e5c7ea Lots of minor fixes 2015-08-03 15:52:39 -07:00
kevgliss 7d169f7c4c Fixing up some of the sync related code 2015-08-03 13:51:27 -07:00
kevgliss 0360ccc666 Cleaning up some documentation 2015-08-03 09:49:33 -07:00
kevgliss cdb3814469 Fixing notification deduplication and roll up 2015-08-02 09:14:27 -07:00
kevgliss c9e9a9ed7c Fixing upload description 2015-08-02 07:45:10 -07:00
kevgliss 02b717dd7c Fixing upload, and removing old unneeded code 2015-08-02 05:57:26 -07:00
kevgliss e61de4578e Ensuring that default notifications are made based on app configuration during app initialization 2015-08-02 05:10:50 -07:00
kevgliss aef1587635 Adding default notifications 2015-08-01 19:08:46 -07:00
kevgliss b2a4219a0f Removing AWS bootstrapping 2015-08-01 18:33:31 -07:00
kevgliss e7e6a99ff4 Adding more source syncing logic 2015-08-01 18:31:38 -07:00
kevgliss 46652ba117 Purging ELB and Listener specific models 2015-08-01 15:47:14 -07:00
kevgliss abf21d2931 Adding in frontend javascript for sources 2015-08-01 15:37:47 -07:00
kevgliss e247d635fc Adding backend code for sources models 2015-08-01 15:29:34 -07:00
kevgliss c5a6a0570a adding link to python packaging documentation 2015-07-31 19:02:44 -07:00
kevgliss d3b0822e14 updating docs with new API endpoints and plugin information 2015-07-30 22:54:59 -07:00
kevgliss 2e1abdd2f1 Fixing tests and pinning versions 2015-07-29 21:54:29 -07:00
kevgliss 79353c142a Pleasing jshint gods 2015-07-29 19:24:05 -07:00
kevgliss 1e748a64d7 Initial support for notification plugins closes #8, closes #9, closes #7, closes #4, closes #16 2015-07-29 17:13:06 -07:00
kevgliss 7d8cac6605 Adding support for SMTP emails 2015-07-23 13:46:54 -07:00
kevgliss c02390d63b PEP8 2015-07-23 09:08:07 -07:00
kevgliss 017eab6e39 Adding tests to AWS plugin 2015-07-23 08:52:56 -07:00
kevgliss a4ed83cb62 Refactoring out challenge 2015-07-23 08:52:30 -07:00
kevgliss 49c7421591 More test fixes 2015-07-22 20:32:29 -07:00
kevgliss 412d2a1bbe adding testing conf 2015-07-22 10:53:35 -07:00
kevgliss 8d576aa3d8 Fixing tests 2015-07-22 10:51:55 -07:00
kevgliss a826bd16f7 Pleasing the JSHint gods 2015-07-21 13:36:03 -07:00
kevgliss c75e20a1ea Pleasing the PEP8 gods 2015-07-21 13:06:13 -07:00
kevgliss 309590fb6b Removing unneeded directory 2015-07-21 09:50:33 -07:00
kevgliss 9c0f2917ad Merge branch 'master' into ci
* master:
  Fixed issue where hardcoded localhost:port combination existed in Javascript, added another step to setup.py 'package' that removes such instances and creates a more agnostic javascript blob.
  Fixing issue where nginx was not sending the right mimetype for CSS files.

Conflicts:
	gulp/build.js
2015-07-20 16:53:58 -07:00
kevgliss c89dff7994 Getting travisCI setup 2015-07-20 16:13:42 -07:00
kevgliss 5ce3f9427b Fixed issue where hardcoded localhost:port combination existed in Javascript, added another step to setup.py 'package' that removes
such instances and creates a more agnostic javascript blob.
2015-07-19 19:04:42 -07:00
kevgliss a30a8481d0 Adding support for multiple plugin types. 2015-07-10 17:09:22 -07:00
kevgliss c79905cd92 Refactoring views to use modals for create/edit instead of their own pages. 2015-07-10 17:08:39 -07:00
kevgliss 1e902750c3 Adding destination javascript controllers and partials. 2015-07-10 17:07:41 -07:00
kevgliss 0c7204cdb9 Refactored 'accounts' to be more general with 'destinations' 2015-07-10 17:06:57 -07:00
kevgliss b26de2b000 Adding support for marshaling bare lists. 2015-07-10 17:03:28 -07:00
kevgliss 76049b4ff1 Fixing how we feed a list of destinations to be saved. 2015-07-10 17:02:23 -07:00
kevgliss 5476547e74 Simplifiying SAN identification. 2015-07-08 16:45:19 -07:00
kevgliss 601d80388f Adding links to the roles that Authorities are associated with. 2015-07-08 16:44:48 -07:00
kevgliss 0ed3918113 Changing default as 'State' cannot be abbreviated in a CSR 2015-07-08 16:44:06 -07:00
kevgliss 67dc12347e Removing verisign specific frontend code, we also give some more hints to user on how to make SAN certificates. 2015-07-08 16:42:57 -07:00
kevgliss bc6202adf7 Refactoring out static methods and removing the old SHA1 intermediate certificates. 2015-07-08 16:41:45 -07:00
kevgliss 1a2e437b33 Factoring out 'dry' run. This doesn't really make sense to have as we don't have a concept of a pre-flight request. Plugin tests should mock out their particular dependencies. 2015-07-08 16:40:46 -07:00
kevgliss 5156371913 Modify the naming structure for certificates. AWS is pretty picky about what is a valid name. 2015-07-08 16:39:00 -07:00
kevgliss 002f83092d Changing the signature of save_cert, we don't create a csr_config anymore so it doesn't make sense to store it. Additionally 'challenge' is a verisign specific thing and should be factored out. We have stopped saving it as well. 2015-07-08 16:37:48 -07:00
kevgliss f660450043 Aligning config variables 2015-07-07 17:23:46 -07:00
kevgliss 8239aa55e1 fixing conflicts 2015-07-07 16:26:37 -07:00
kevgliss 82c4be29a4 fixing merge conflict 2015-07-07 15:36:39 -07:00
kevgliss a7d20cb3a5 fixing conflict 2015-07-07 15:33:29 -07:00
kevgliss 6d384f342f adding test utils 2015-07-07 15:32:55 -07:00
kevgliss c59bf3f257 Fixing tests 2015-07-06 10:53:12 -07:00
kevgliss 737d4d62d4 Merge pull request #15 from kevgliss/master
General cleanup and hotfixes
2015-07-04 12:57:17 -07:00
kevgliss b04fb471e9 Ensuring that path to to the default config is correct regardless of how the app was started. 2015-07-04 12:55:28 -07:00
kevgliss 277599f0e5 fixing an a small typo 2015-07-04 12:50:41 -07:00
kevgliss 3f49bb95ff Starting to move to new plugin architecture. 2015-07-04 12:47:57 -07:00
kevgliss b17e12bed4 Doc fix 2015-07-03 12:59:48 -07:00
kevgliss 95bab9331d Enabling CSR generation and reducing complexity of encryption/decrypting the 'key' dir. 2015-07-03 10:30:17 -07:00
kevgliss 8cbc6b8325 Initial work at removing openssl 2015-07-02 15:48:56 -07:00
Kevin Glisson 7123e77edf Extending certificate tests. 2015-07-02 15:48:56 -07:00
Kevin Glisson 9def00d1a2 Adding basic authority tests. 2015-07-02 15:48:56 -07:00
Kevin Glisson bc0f9534c2 Refactoring 'create_name' out of our certificate class, fixed an issuer were key size was being calculated and removing unused functions 2015-07-02 15:48:56 -07:00
Kevin Glisson 096d88bc9b Ensuring a 404 is returned when we can't find the specified certificate 2015-07-02 15:48:56 -07:00
Kevin Glisson 7ab3e27c79 Starting add certificate tests 2015-07-02 15:48:56 -07:00
Kevin Glisson 57ec9c068a Adding role tests 2015-07-02 15:48:55 -07:00
Kevin Glisson 9f20880615 Adding domain module tests 2015-07-02 15:48:55 -07:00
Kevin Glisson 8a6abc6f82 Adding for handling proxy-based errors 2015-07-02 15:48:55 -07:00
Kevin Glisson 6b5383633d Removing duplicated commit 2015-07-02 15:48:55 -07:00
Kevin Glisson 6aa1a12ef6 Removing netflix specific role 2015-07-02 15:48:55 -07:00
Kevin Glisson bea8e6f2a3 Adding more tests to the accounts model 2015-07-02 15:48:55 -07:00
Kevin Glisson f28d3a54c5 API change in cryptography 2015-07-02 15:48:55 -07:00
Kevin Glisson 0285422654 Adding some structure for authenticated tests 2015-07-02 15:48:54 -07:00
Kevin Glisson 37669b906c Fixes an issue where the issuer has special chars in the name. AWS dislikes special chars in certificate names so we strip them out here. In general we want to have the name tracked by Lemur be the same as what is uploaded to various destinations. 2015-07-02 15:48:54 -07:00
Kevin Glisson 39ad270dad Adding in some initial tests 2015-07-02 15:48:54 -07:00
kevgliss eadfaaeed0 Fixing an issue you couldn't create a configuration because one did not yet exist. 2015-07-02 14:12:39 -07:00
kevgliss fc18e0f2bf Making the creation of AWS accounts optional. 2015-07-02 13:49:31 -07:00
kevgliss 5c9bcc5c23 Ensuring that we are looking for LEMUR_ENCRYPTION_KEY configuration variable and not ENCRYPTION_KEY configuration variable. 2015-07-02 12:50:03 -07:00
kevgliss 1a01209e78 Merge pull request #10 from kevgliss/tests
Tests
2015-06-29 14:10:54 -07:00
Kevin Glisson bde556aa10 Extending certificate tests. 2015-06-29 13:51:52 -07:00
Kevin Glisson b025a45046 Adding basic authority tests. 2015-06-29 12:36:27 -07:00
Kevin Glisson 964d1c1c52 Refactoring 'create_name' out of our certificate class, fixed an issuer were key size was being calculated and removing unused functions 2015-06-26 16:18:31 -07:00
Kevin Glisson 1f9d943a4c Ensuring a 404 is returned when we can't find the specified certificate 2015-06-26 16:17:22 -07:00
Kevin Glisson c8cbc82062 Starting add certificate tests 2015-06-26 16:16:13 -07:00
Kevin Glisson c6ae689dc8 Adding role tests 2015-06-26 10:31:55 -07:00
Kevin Glisson 9637383f63 Adding domain module tests 2015-06-26 08:09:10 -07:00
Kevin Glisson e2475fb024 Adding for handling proxy-based errors 2015-06-25 18:08:04 -07:00
Kevin Glisson 7c996e2f48 Removing duplicated commit 2015-06-25 18:07:21 -07:00
Kevin Glisson 457a63c000 Removing netflix specific role 2015-06-25 18:06:47 -07:00
Kevin Glisson 2a3fac11e4 Adding more tests to the accounts model 2015-06-25 18:05:52 -07:00
kevgliss b1f93c5dd2 Merge pull request #3 from kevgliss/hotfix/upload
API change in cryptography
2015-06-25 13:57:45 -07:00
Kevin Glisson e92113d28f API change in cryptography 2015-06-25 13:50:46 -07:00
Kevin Glisson 75e5bdfa55 Adding some structure for authenticated tests 2015-06-25 13:43:42 -07:00
Kevin Glisson be97f3dcc2 Fixes an issue where the issuer has special chars in the name. AWS dislikes special chars in certificate names so we strip them out here. In general we want to have the name tracked by Lemur be the same as what is uploaded to various destinations. 2015-06-24 16:51:44 -07:00
Kevin Glisson 5111f055fa Adding in some initial tests 2015-06-24 16:48:40 -07:00
Kevin Glisson 4330ac9c05 initial commit 2015-06-22 13:47:27 -07:00