Commit Graph

979 Commits

Author SHA1 Message Date
Michael Treacher ce5a45037a Fix for status representation in the view (#778) 2017-05-05 11:04:40 -07:00
kevgliss 9c9ca37586 Enabling hex serial numbers without breaking backward compatibility. (#779)
* Enabling hex serial numbers without breaking backward compatibility.

* Fixing tests.
2017-05-05 11:04:09 -07:00
csv7 381cd2e1ff Updated apache config (#776)
You guys asked for one that worked... It took me a little while to tweak, esp. since I'm not a guru with python.  The comment about needing mod_wsgi isn't true, unless you want to run lemur as a cgi program... I suspect that's from an older version that ran as cgi and not as a standalone webserver.
2017-05-04 08:45:55 -07:00
kevgliss 2a2d5a5583 Adding an example digicert url. Closes #700. (#775) 2017-05-01 10:59:49 -07:00
Ian Stahnke 5c41dafc97 fix unit and interval transposition in schemas.py (#752) (#774) 2017-04-30 12:23:34 -07:00
kevgliss 6367a98134 Creating a user named 'lemur' in postgres (#773)
Creating a user named 'lemur' in postgres
2017-04-28 15:31:08 -07:00
Rick Breidenstein 0bbe2b0331 config LEMUR_MAIL to LEMUR_EMAIL (#772)
I referenced https://github.com/Netflix/lemur/blob/master/lemur/plugins/lemur_email/plugin.py and it appears this configuration option should be "LEMUR_EMAIL"
2017-04-28 15:01:21 -07:00
Doppins 6a77d511e8 Upgrade dependency xmltodict to ==0.11.0 (#769) 2017-04-28 15:00:41 -07:00
Paul Van de Vreede 989e3733a2 Add docker setup for running tests on a docker enabled dev environment. (#771) 2017-04-28 09:28:06 -07:00
kevgliss fbc24ea400 There is an issue when iterating over extensions where certificates might not have been issued in adherence with basic constraints. Here we log these errors instead of failing out right. (#770) 2017-04-27 17:45:34 -07:00
Doppins 2b8c2f612e Upgrade dependency pyjwt to ==1.5.0 (#768) 2017-04-27 12:16:36 -07:00
kevgliss 4905020e77 ensuring stdout has a default log level (#766) 2017-04-27 10:11:47 -07:00
kevgliss 75787d20bc ensuring that lemur's default user has a valid email (#765) 2017-04-27 09:53:35 -07:00
kevgliss ca9f120988 fixing some pep8 issues (#764) 2017-04-27 09:44:39 -07:00
Doppins 5fb6753445 Upgrade dependency marshmallow to ==2.13.5 (#753) 2017-04-27 09:20:03 -07:00
Rick Breidenstein e86954e8ea Destination Plugin/Lemur_linuxdst (#736)
* Added lemur_linuxdst

* Revert "Added lemur_linuxdst"

This reverts commit 010c19bd1937320189ee5a0660f9e356221121f3.

* added plugin\lemur_linuxdst

Destination plugin for a target linux host

* Update remote_host.py

* Update plugin.py

* Update remote_host.py

* Update plugin.py

* Update plugin.py

* chaning var and funct names

* Write data with local temp

* .

* .

* typo

* tested plugin successfully

* Update plugin.py

* Update remote_host.py

* removed whitespace

* set permissions on exported keys to 600

sftp.chmod(dst_dir_cn + '/' + dst_file, (stat.S_IRUSR))

* Update plugin.py

* Update remote_host.py

* Update plugin.py

* added 'paramiko==2.1.2'

required for lemur_linuxdst plugin

* data stored in clear text at rest

* Update plugin.py

* Update plugin.py

* Update remote_host.py
2017-04-27 09:19:49 -07:00
Paul Van de Vreede 604cd60dbe Return correct intermediate certificate on digicert creation. (#762)
This commit also removes the unused DIGICERT_INTERMEDIATE env
var as it is not used.
2017-04-27 09:14:20 -07:00
Michael Treacher 05f4ae8e58 Hexify cert serial (#763)
* Hexify serial at the serialization layer

* Fix for flakey test. Change test to test for uppercased string
2017-04-27 09:13:04 -07:00
kevgliss 88ac783fd2 PEP8 Fixes (#760) 2017-04-25 09:23:18 -07:00
Travis McPeak bc66ede9aa Fixing Bandit findings and adding travis Bandit job (#759)
* Fixes for Bandit

This commit fixes a couple of issues so that Bandit can run
cleanly using medium+ severity and confidence filtering.

* Adding Lemur Bandit job to TravisCI
2017-04-24 18:37:03 -07:00
Michael Treacher 1c295896e6 Add test for when there are no notifications on a certificate (#757) 2017-04-24 09:04:49 -07:00
Michael Treacher f90076abe9 Update index.rst (#754)
Seems the api for these actions have changed. Thought I would update the documentation around this. Let me know if I've misunderstood something.
2017-04-19 16:06:32 -07:00
kevgliss 01aa372e59 Version bump. (#751) 2017-04-08 13:23:48 -07:00
kevgliss 479ac81aa9 0.5 Release (#750) 2017-04-08 13:17:24 -07:00
Doppins 9c69c6d129 [Doppins] Upgrade dependency marshmallow-sqlalchemy to ==0.13.1 (#719)
* Upgrade dependency marshmallow-sqlalchemy to ==0.13.0

* Upgrade dependency marshmallow-sqlalchemy to ==0.13.1
2017-04-08 12:43:51 -07:00
Doppins ea1e9cb4c6 Upgrade dependency psycopg2 to ==2.7.1 (#721) 2017-04-08 12:34:17 -07:00
Doppins dac7a77afb Upgrade dependency gunicorn to ==19.7.1 (#733) 2017-04-08 12:33:57 -07:00
Doppins 9b21197fec Upgrade dependency SQLAlchemy-Utils to ==0.32.14 (#745) 2017-04-08 12:33:46 -07:00
Doppins e4255649c0 Upgrade dependency acme to ==0.13.0 (#746) 2017-04-08 12:33:28 -07:00
kevgliss 81aff42e03 Removing this exception handling, that error should be caught above. (#749) 2017-04-07 16:01:40 -07:00
Rick Breidenstein 221851abc1 supervisor ; cause services not to start (#744)
the ; in the supervisor/conf.d/app.conf file cause the service not to start.
2017-04-06 09:21:13 -07:00
Michael Treacher 7f019583f2 Don’t set ‘custom_expiration_date’ if validity years is set in the UI. (#742)
* Don’t set ‘custom_expiration_date’ if validity years is set in the UI.

* Use single quotes instead of double quotes.
2017-04-04 17:11:17 -07:00
Brint O'Hearn e18a188723 Spell fixes in docs (#740) 2017-03-30 21:09:30 -07:00
kevgliss f91ae5b319 Fixes bug where authority status was not set correctly. (#739) 2017-03-29 10:10:51 -07:00
Henry Megarry dd39b9ebe8 adding url context path to build, adding documentation on url contextpath (#737) 2017-03-28 15:21:13 -07:00
Jason Spriggs 15896a3b11 Fix spelling error in LEMUR_DEFAULT_COUNTRY (#734) 2017-03-22 15:49:16 -07:00
Doppins e092606181 Upgrade dependency marshmallow to ==2.13.4 (#732) 2017-03-20 09:08:26 -07:00
Rick Breidenstein a4707c5fc9 added a few steps (#731)
Added a few steps that are needed during the install on a fresh Ubuntu image
2017-03-18 21:36:26 -07:00
kevgliss f0dde845db Adding ability to exclude certificates from expiration (#730)
* adding ability to exclude certificates from expiration

* fixing tests
2017-03-15 11:25:19 -07:00
kevgliss b0ea027769 Underscores should not be in hostnames (#728) 2017-03-15 08:41:06 -07:00
Doppins d9f2faa462 Upgrade dependency pytest to ==3.0.7 (#727) 2017-03-14 15:06:54 -07:00
Rick Breidenstein 7b4d31d4f6 added steps for loading custom plugin (#725)
* added steps for loading custom plugin

added steps for loading a custom plugin into Lemur once the files have been put into place (/www/lemur/lemur/plugins/) and the setup.py file (/www/lemur/setup.py) has been modified.

* updated __init__.py section


except Exception as e:
2017-03-14 09:30:22 -07:00
Rick Breidenstein 522e182694 added python3-dev to dependencies (#724)
make release fails without it
2017-03-13 15:45:10 -07:00
Rick Breidenstein 6c8a6620d2 specify python3 when creating virtualenv (#723)
Lemur is developed against Python3.5. If you do not specify the Python version it is possible the virtualenv will be built on a different version.
2017-03-13 13:58:44 -07:00
putz612 d68b2b22e0 Update bower.json (#722)
Angular angular-sanitize is pulling in an incompatible version of angular knocking out the webUI by breaking chart.js.
2017-03-13 12:28:08 -07:00
kevgliss a4068001a3 Updating docs to align with normal deployment. (#718) 2017-03-12 15:01:21 -07:00
Doppins 574fed2618 Upgrade dependency marshmallow to ==2.13.3 (#717) 2017-03-11 11:07:17 -08:00
Neil Schelly 8762e1c5ae Issue #703 bugfix (#711)
* Ensures that both AKI serial/issue _and_ keyid won't be included.
Validation issues crop up if both types of AKI fields are present.

* Ensure that SAN extension includes the certificate's common name

* Fix scenario where subAltNames are getting dropped when applying a template

* Ensure that SAN includes the CN

* Ensuring that getting here without a SAN extension won't break things.

* New cleaner approach

* Some bits of handling the extensions are a bit hacky, requiring access to attributes inside the objects in x509.
I think this is pretty clean though.

* lintian check

* Fixing tests
2017-03-10 09:09:18 -08:00
Doppins d94e3113ff Upgrade dependency marshmallow to ==2.13.2 (#716) 2017-03-10 09:08:34 -08:00
kevgliss 3c5b2618c0 Rely on the lemur generating the correct name for rotated certificates. (#714)
* Rely on the lemur generating the correct name for rotated certificates.

* Fixing tests.
2017-03-09 13:09:20 -08:00