Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,118 Commits 4 Branches 45 Tags
Commit Graph

1096 Commits

Author SHA1 Message Date
Hossein Shafagh
605663704b
Merge branch 'master' into hosseinsh-celeryjob-sync-src-dst 2019-02-05 12:41:33 -08:00
Hossein Shafagh
e139b92b24
Merge branch 'master' into hshafagh-src-dst-register 2019-02-05 12:41:26 -08:00
Hossein Shafagh
6d1ef933c4 creating a new celery task to sync sources with destinations. This is as a measure to make sure important new destinations are also present as sources. 2019-02-05 10:48:52 -08:00
Hossein Shafagh
2107d58050
Merge branch 'master' into get_by_attributes 2019-02-05 10:31:35 -08:00
Hossein Shafagh
8d261b4120
Merge branch 'master' into special-issuer-for-selfsigned-certs 2019-02-05 10:29:20 -08:00
Marti Raudsepp
51248c1938 Use special issuer values <selfsigned> and <unknown> in special cases 
This way it's easy to find/distinguish selfsigned certificates stored in
Lemur.
 2019-02-05 16:56:09 +02:00
Hossein Shafagh
1d2771b014
Merge branch 'master' into get_by_attributes 2019-02-04 21:07:09 -08:00
Hossein Shafagh
f249a82d71 renaming destination to source. 2019-02-04 16:10:48 -08:00
Hossein Shafagh
44a060b159 adding support for creating a source while creating a new dst, while the destination is from AWS 2019-02-04 15:36:39 -08:00
sirferl
c1cf8d7a92
Merge branch 'master' into ADCS-plugin 2019-02-02 19:21:22 +01:00
Hossein Shafagh
45fbaf159a
Merge branch 'master' into master 2019-02-01 16:50:09 -08:00
Hossein Shafagh
8e93d007be
Merge branch 'master' into get_by_attributes 2019-02-01 16:48:50 -08:00
Hossein Shafagh
6705a0e030
Merge branch 'master' into ADCS-plugin 2019-02-01 16:38:39 -08:00
sirferl
36ab1c0bec
Merge branch 'master' into ADCS-plugin 2019-02-01 19:10:46 +01:00
Marti Raudsepp
e24a94d798 Enforce that PEM strings (certs, keys, CSR) are internally passed as str, not bytes 
This was already true in most places but not 100%, leading to lots of redundant checks and conversions.
 2019-01-30 18:11:24 +02:00
Curtis
e475d90e2e
Merge branch 'master' into master 2019-01-30 07:20:44 -08:00
Hossein Shafagh
e5ddf08f48
Merge branch 'master' into master 2019-01-29 16:37:29 -08:00
Hossein Shafagh
7f4f4ffded
Merge branch 'master' into master 2019-01-29 16:30:15 -08:00
Hossein Shafagh
48ad20faca moving the 2 year validity issue to the Verisign plugin, and address it there 2019-01-29 16:17:08 -08:00
Curtis
1e708bf1c7
Merge branch 'master' into password_noninteractive 2019-01-29 15:21:34 -08:00
Curtis Castrapel
d2317acfc5 allowing create_user with noninteractive PW;updating reqs 2019-01-29 15:17:40 -08:00
Curtis
29638c7f3b
Merge branch 'master' into master 2019-01-29 14:59:55 -08:00
Curtis
93021a5d89
Merge branch 'master' into expose-cert-distinguished-name 2019-01-29 14:56:31 -08:00
alwaysjolley
c68a9cf80a fixing linting issues 2019-01-29 11:10:56 -05:00
alwaysjolley
254a3079f2 fix whitespace 2019-01-29 11:01:55 -05:00
alwaysjolley
b4d1b80e04 Adding support for cfssl auth mode signing 2019-01-29 10:13:44 -05:00
sirferl
c77ccdf46e
Merge branch 'master' into ADCS-plugin 2019-01-28 17:57:46 +01:00
Hossein Shafagh
c47fa0f9a2 adjusting the tests to reflect on the new full year convert limit! 2019-01-24 17:52:22 -08:00
Hossein Shafagh
a9724e7383 Resolving the 2 years error from UI during cert creation: 
Though a CA would accept two year validity, we were getting error for being beyond 2 years.
This is because our current conversion is just current date plus 2 years,
1/25/2019 + 2 years ==> 1/25/2019
This is more strictly seen two years and 1 day extra, violating the 2 year's limit.
 2019-01-24 17:23:40 -08:00
Marti Raudsepp
4b893ab5b4 Expose full certificate RFC 4514 Distinguished Name string 
Using rfc4514_string() method added in cryptography version 2.5.
 2019-01-23 10:03:40 +02:00
Ronald Moesbergen
4c4fbf3e48 Implement certificates delete API call by marking a cert as 'deleted' in the database. Only certificates that have expired can be deleted. 2019-01-21 10:25:28 +01:00
Ronald Moesbergen
cb35f19d6c Add 'delete_cert' to enum log_type in logs table 2019-01-21 10:22:03 +01:00
Curtis Castrapel
0336d68ee2 Merge remote-tracking branch 'upstream/master' 2019-01-17 14:56:12 -08:00
Curtis Castrapel
7f88c24e83 Fix LetsEncrypt Dyn flow for duplicate CN/SAN 2019-01-17 14:56:04 -08:00
Hossein Shafagh
d3284a4006 adjusting the query to filter authorities based on matching CN 2019-01-14 17:52:06 -08:00
Curtis Castrapel
3567a768d5 Compare certificate hashes to determine if Lemur already has a synced certificate 2019-01-14 13:35:55 -08:00
Curtis Castrapel
31a86687e7 Reduce the expense of joins 2019-01-14 09:20:02 -08:00
Curtis Castrapel
c4e6e7c59b Optimize DB cert filtering 2019-01-14 08:02:27 -08:00
Curtis
638a8450a3
Merge branch 'master' into more_retries 2019-01-11 11:25:00 -08:00
Curtis Castrapel
0e02e6da79 Be more forgiving to throttling 2019-01-11 11:13:43 -08:00
sirferl
a1ca61d813 changed a too long comment 2019-01-09 09:50:26 +01:00
sirferl
a43476bc87 minor errors after lint fix 2019-01-07 11:04:27 +01:00
sirferl
054685fc38
Merge branch 'master' into ADCS-plugin 2019-01-07 10:23:18 +01:00
sirferl
c62bcd1456 repaired several lint errors 2019-01-07 10:02:37 +01:00
Marti Raudsepp
542e953919 Check that stored private keys match certificates 
This is done in two places:
* Certificate import validator -- throws validation errors.
* Certificate model constructor -- to ensure integrity of Lemur's data
  even when issuer plugins or other code paths have bugs.
 2018-12-31 16:28:20 +02:00
Curtis
6a31856d0d
Update plugin.py 2018-12-21 12:33:47 -08:00
Curtis
b5d6abb01f
Merge branch 'master' into kubernetes-improvment 2018-12-21 12:06:09 -08:00
Curtis
b7332957e7
Merge branch 'master' into unicode-in-issuer-name 2018-12-21 07:59:20 -08:00
Curtis
70381c4c89
Merge branch 'master' into kubernetes-fix 2018-12-21 07:44:11 -08:00
Curtis
a14fe08a63
Merge branch 'master' into kubernetes-improvment 2018-12-21 07:42:13 -08:00