Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,938 Commits 4 Branches 45 Tags 7.5 MiB
fbba3034fc
Commit Graph

268 Commits

Author SHA1 Message Date
kevgliss
c367e4f73f Prevents the silencing of notifications that are actively deployed. (#454) 
* Renaming 'active' to 'notify' as this is clearer and more aligned to what this value is actually controlling. 'active' is now a property that depends on whether any endpoints were found to be using the certificate. Also added logic for issue #405 disallowing for a certificates' notifications to be silenced when it is actively deployed on an endpoint.

* Adding migration script to alter 'active' column.
 2016-10-15 00:12:11 -07:00
Charles Hendrie
9065aa3750 Update the private key regex validation (#435) 
* Update the private key regex validation

Private keys provided by the Let's Encrypt certificate authority as part
of their certificate bundle fail the import/upload certificate private
key validation. The validation is looking for a specific character
sequence at the begin of the certificate. In order to support valid
Let's Encrypt private keys, the regex has been updated to check for both
the existing sequence and the Let's Encrypt character sequence.

Example Let's Encrypt private key:

-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCvsiwV8A5+r0tQ
QzUAJO0DfoEb9tMWvoFi0DLs9tx88IwMqItPPl9+RNzQnv9qqZR1h4W97sxP8aWY
...
AeS667IJO/2DMKaGiEldaVZtgqdUhCL8Rm4XUFVb1GjLa03E4VRU6W7eQ4hgT2a7
cHDAR8MiovNyfT0fm8Xz3ac=
-----END PRIVATE KEY-----

* Add private key regex for footer

Update the import/upload private key validation regex to verify both the
header and footer are matching.
 2016-10-10 22:42:09 -07:00
kevgliss
72a390c563 Ensure the openssl and cryptography work under python3. (#438) 2016-10-09 00:06:15 -07:00
kevgliss
a19c918c68 Closes #411 (#439) 2016-10-09 00:06:03 -07:00
kevgliss
d4732d3ab0 Closes #335. (#392) 2016-07-04 16:08:16 -07:00
kevgliss
cb9631b122 Closes #356. (#391) 2016-07-04 15:38:51 -07:00
kevgliss
c8eca56690 Closes #366 (#387) 2016-07-04 13:03:46 -07:00
kevgliss
eefff8497a Adding a new default issuer. 2016-06-28 17:46:26 -07:00
kevgliss
fe9703dd94 Closes #284 (#336) 2016-06-27 14:40:46 -07:00
kevgliss
77f13c9edb Fixing issue were, after a user changes their mind validity years wil… (#349) 2016-06-06 12:11:40 -07:00
kevgliss
42001be9ec Fixing the way filters were toggled. (#345) 2016-06-03 09:24:17 -07:00
kevgliss
b2539b843b Fixing and error causing duplicate roles to be created. (#339) 
* Fixing and error causing duplicate roles to be created.

* Fixing python3

* Fixing python2 and python3
 2016-05-31 15:44:54 -07:00
kevgliss
be5dff8472 Adding a visualization for authorities. (#338) 
* Adding a visualization for authorities.

* Fixing some lint.

* Fixing some lint.
 2016-05-30 21:52:34 -07:00
kevgliss
6688b279e7 Fixing some bad renaming. (#331) 2016-05-24 10:43:40 -07:00
kevgliss
1ca38015bc Fixes (#329) 
* Modifying the way roles are assigned.

* Adding migration scripts.

* Adding endpoints field for future use.

* Fixing dropdowns.
 2016-05-23 18:38:04 -07:00
kevgliss
656269ff17 Closes #147 (#328) 
* Closes #147

* Fixing tests

* Ensuring we can validate max dates.
 2016-05-23 11:28:25 -07:00
kevgliss
bd727b825d Making roles more apparent for certificates and authorities. (#327) 2016-05-20 12:48:12 -07:00
kevgliss
e04c1e7dc9 Fixing a few things, adding tests. (#326) 2016-05-20 09:03:34 -07:00
kevgliss
615df76dd5 Closes 262 (#324) 
Moves the authority -> role relationship from a 1 -> many to a many -> many. This will allow one role to control and have access to many authorities.
 2016-05-19 13:37:05 -07:00
kevgliss
b13370bf0d Making dropdowns look a bit better. (#322) 
* Making dropdowns look a bit better.

* Pleasing Lint.
 2016-05-19 09:04:50 -07:00
kevgliss
b187d8f836 Adding a better comparison. (#320) 2016-05-16 19:03:10 -07:00
kevgliss
1763a1a717 254 duplication certificate name (#319) 2016-05-16 15:59:40 -07:00
kevgliss
62b61ed980 Fixing various issues. (#318) 
* Fixing various issues.

* Fixing tests
 2016-05-16 11:09:50 -07:00
kevgliss
c11034b9bc Fixes various issues. (#317) 2016-05-16 09:23:48 -07:00
kevgliss
58e8fe0bd0 Fixes various issues. (#316) 2016-05-13 14:35:38 -07:00
kevgliss
a0c8765588 Various bug fixes. (#314) 2016-05-12 12:38:44 -07:00
kevgliss
5e9f1437ad Marsmallowing sources (#310) 2016-05-10 13:16:33 -07:00
kevgliss
f9655213b3 Marshmallowing notifications. (#308) 2016-05-10 11:27:57 -07:00
kevgliss
008d608ec4 Fixing error in notifications. (#307) 2016-05-09 17:35:18 -07:00
kevgliss
78c8d12ad8 Cleaning up the way authorities are selected and upgrading uib dependencies. 2016-05-09 17:17:00 -07:00
kevgliss
df0ad4d875 Authorities marshmallow addition (#303) 2016-05-09 11:00:16 -07:00
kevgliss
6ec3bad49a Closes #278 (#298) 
* Closes #278
 2016-05-05 15:28:17 -07:00
kevgliss
52f44c3ea6 Closes #278 and #199, Starting transition to marshmallow (#299) 
* Closes #278  and #199, Starting transition to marshmallow
 2016-05-05 12:52:08 -07:00
kevgliss
8e1b7c0036 Removing validation because regex is hard 2016-04-25 16:13:33 -07:00
kevgliss
82b4f5125d Fixes an issue where custom OIDs would clear out san extensions 2016-04-11 11:17:18 -07:00
kevgliss
3f89d6d009 Merge pull request #271 from kevgliss/195 
Closes #195
 2016-04-08 12:01:10 -07:00
kevgliss
c2387dc120 Fixes an issue where custom OIDs would clear out san extensions 2016-04-07 10:29:08 -07:00
kevgliss
b5a4b293a9 Merge pull request #270 from kevgliss/248 
Closes #248
 2016-04-01 14:28:52 -07:00
kevgliss
bfcfdb83a7 Closes #195 2016-04-01 14:27:57 -07:00
kevgliss
4ccbfa8164 Closes #248 2016-04-01 13:29:08 -07:00
kevgliss
2cde7336dc Closes #263 2016-04-01 13:01:56 -07:00
kevgliss
bd46440d12 relaxing keystore password validation 2016-01-29 10:29:04 -08:00
Edward Barker
b36e72bfcc Minor spelling fix 
Using the possessive “Your” rather than “You’re” in “Your passphrase
is:”
 2016-01-12 22:04:42 -08:00
Robert Picard
a1395a5808 Fix how the provider settings are passed to Satellizer 2016-01-05 17:26:09 -08:00
kevgliss
3f024c1ef4 Adds ability for domains to be marked as sensitive and only be allowed to be issued by an admin closes #5 2015-12-30 15:11:08 -08:00
kevgliss
00cb66484b Merge pull request #188 from kevgliss/csr 
Adding the ability to submit a third party CSR
 2015-12-29 12:11:11 -08:00
kevgliss
cabe2ae18d Adding the ability to issue third party created CSRs 2015-12-29 10:49:33 -08:00
kevgliss
3b5d7eaab6 More Linting 2015-12-27 18:08:17 -05:00
kevgliss
aa2358aa03 Fixing linting 2015-12-27 18:02:38 -05:00
kevgliss
a7decc1948 Fixing some issues with dynamically supporting multiple SSO providers 2015-12-27 17:54:11 -05:00
Robert Picard
60856cb7b9 Add an endpoint to return active authentication providers 
This endpoint can be used by Angular to figure out what authentication
options to display to the user. It returns a dictionary of configuration
details that the front-end needs for each provider.
 2015-12-22 18:03:56 -05:00
Robert Picard
350d013043 Add Google SSO 
This pull request adds Google SSO support. There are two main changes:

1. Add the Google auth view resource
2. Make passwords optional when creating a new user. This allows an admin
to create a user without a password so that they can only login via Google.
 2015-12-22 13:44:30 -05:00
kevgliss
de9478a992 Disabling one-time binding 2015-12-03 16:57:37 -08:00
kevgliss
78037dc9ec Fixing the startup port 2015-12-02 17:13:52 -08:00
kevgliss
6aac2d62be Closes #160 2015-12-01 09:40:27 -08:00
kevgliss
c3091a7346 Adding missing files. 2015-11-30 14:08:17 -08:00
kevgliss
f194e2a1be Linting 2015-11-30 10:24:53 -08:00
kevgliss
ec896461a7 Adding final touches to #125 2015-11-30 09:47:36 -08:00
kevgliss
8eeed821d3 Adding UI elements 2015-11-27 13:27:14 -08:00
kevgliss
1c6e9caa40 Closes #144 2015-11-24 16:07:44 -08:00
kevgliss
d6b3f5af81 Closes #122 2015-11-24 14:53:22 -08:00
kevgliss
e14eefdc31 Added the ability to find an authority even if a user only types the name in and does not select it. 2015-11-23 16:41:31 -08:00
kevgliss
f0324e4755 Merge pull request #148 from kevgliss/120-error-length 
Closes #120
 2015-11-23 15:25:30 -08:00
kevgliss
00f0f957c0 Lint again 2015-11-23 15:13:18 -08:00
kevgliss
146c599deb Lint cleanup 2015-11-23 14:47:34 -08:00
kevgliss
574c4033ab Closes #120 2015-11-23 14:30:23 -08:00
kevgliss
eb0f6a04d8 Closes #140 2015-11-23 10:43:07 -08:00
kevgliss
df4364714e Closes #139 2015-11-23 09:53:55 -08:00
Ryan Clough
2073090628 Use american english for consistency 2015-10-28 19:39:10 -07:00
kevgliss
168f46a436 Adding the ability to track a certificates signing key algorithm 2015-10-06 12:51:59 -07:00
kevgliss
798a6295ee Fixes destination stat 2015-10-06 09:43:31 -07:00
kevgliss
63b7b71b49 adding clipboard functionality 2015-10-05 16:06:56 -07:00
kevgliss
9965af9ccd fixing links, and adding zeroclipboard 2015-10-05 09:48:52 -07:00
kevgliss
867be09e29 more double quotes 2015-10-05 09:24:11 -07:00
kevgliss
8362a92898 fixing double quotes 2015-10-05 09:19:14 -07:00
kevgliss
162482dbc4 Adding ui router and perma links to certificates and authorities 2015-10-05 09:00:51 -07:00
kevgliss
2187898494 adding copy and a better profile picture for non-sso users 2015-10-02 15:36:50 -07:00
Eric Mill
a3385bd2ac Rename SSL to TLS 2015-09-21 18:15:25 -04:00
kevgliss
ef72de89b3 Minor fixes 2015-09-18 15:50:59 -07:00
kevgliss
8ab9c06778 removing more netflix 2015-09-04 15:54:52 -07:00
kevgliss
0afd4c94b4 removing more netflix 2015-09-04 15:54:02 -07:00
kevgliss
aaae4d5a1f unifying lemur defaults 2015-09-04 15:52:56 -07:00
kevgliss
9da713ab06 cleaning up references to netflix 2015-09-04 15:29:57 -07:00
kevgliss
46a5355377 Allows authorities to have editable owners and descriptions 2015-09-01 14:15:40 -07:00
kevgliss
7471984ecf removing silly description validation from lemur and enforcing it on the cloudca plugin (who actually cares) 2015-08-29 13:57:07 -07:00
kevgliss
03e2991ced Closes #57 2015-08-29 11:48:39 -07:00
kevgliss
80136834b5 Merge pull request #59 from kevgliss/cleanup 
Cleanup
 2015-08-29 10:30:03 -07:00
kevgliss
783acf6d8c Removing Meechum specific code 2015-08-29 10:11:03 -07:00
kevgliss
9a04371680 Adding ability to define distinguished names in config 2015-08-27 12:59:40 -07:00
kevgliss
b4c348aef7 switching out default orgname 2015-08-24 09:41:03 -07:00
kevgliss
0f0d11a828 Merge pull request #45 from kevgliss/authByOwner 
Fixes #35
 2015-08-19 18:08:55 -07:00
kevgliss
6b2da2fe6b Fixes #35 2015-08-19 18:05:18 -07:00
kevgliss
cbcc8af3bd Fixing bug were domains would not have correct pagination 2015-08-19 16:42:56 -07:00
kevgliss
b96af3a1f1 Editing footer text 2015-08-19 10:10:19 -07:00
kevgliss
c6747439fb Misc fixed around certificate syncing 2015-08-18 16:17:20 -07:00
kevgliss
f09f5eb0f1 Fixing issue with creating roles 2015-08-17 22:51:29 -07:00
kevgliss
bfcbd1b065 Fixes issue where client authentication was not displaying in the UI 2015-08-11 15:43:59 -07:00
kevgliss
a873e5c7ea Lots of minor fixes 2015-08-03 15:52:39 -07:00
kevgliss
7d169f7c4c Fixing up some of the sync related code 2015-08-03 13:51:27 -07:00
kevgliss
cdb3814469 Fixing notification deduplication and roll up 2015-08-02 09:14:27 -07:00
kevgliss
02b717dd7c Fixing upload, and removing old unneeded code 2015-08-02 05:57:26 -07:00
kevgliss
46652ba117 Purging ELB and Listener specific models 2015-08-01 15:47:14 -07:00
kevgliss
abf21d2931 Adding in frontend javascript for sources 2015-08-01 15:37:47 -07:00
kevgliss
e247d635fc Adding backend code for sources models 2015-08-01 15:29:34 -07:00
kevgliss
79353c142a Pleasing jshint gods 2015-07-29 19:24:05 -07:00
kevgliss
1e748a64d7 Initial support for notification plugins closes #8, closes #9, closes #7, closes #4, closes #16 2015-07-29 17:13:06 -07:00
kevgliss
a826bd16f7 Pleasing the JSHint gods 2015-07-21 13:36:03 -07:00
kevgliss
c75e20a1ea Pleasing the PEP8 gods 2015-07-21 13:06:13 -07:00
kevgliss
9c0f2917ad Merge branch 'master' into ci 
* master:
  Fixed issue where hardcoded localhost:port combination existed in Javascript, added another step to setup.py 'package' that removes such instances and creates a more agnostic javascript blob.
  Fixing issue where nginx was not sending the right mimetype for CSS files.

Conflicts:
	gulp/build.js
 2015-07-20 16:53:58 -07:00
kevgliss
5ce3f9427b Fixed issue where hardcoded localhost:port combination existed in Javascript, added another step to setup.py 'package' that removes 
such instances and creates a more agnostic javascript blob.
 2015-07-19 19:04:42 -07:00
kevgliss
c79905cd92 Refactoring views to use modals for create/edit instead of their own pages. 2015-07-10 17:08:39 -07:00
kevgliss
1e902750c3 Adding destination javascript controllers and partials. 2015-07-10 17:07:41 -07:00
kevgliss
0c7204cdb9 Refactored 'accounts' to be more general with 'destinations' 2015-07-10 17:06:57 -07:00
kevgliss
5476547e74 Simplifiying SAN identification. 2015-07-08 16:45:19 -07:00
kevgliss
601d80388f Adding links to the roles that Authorities are associated with. 2015-07-08 16:44:48 -07:00
kevgliss
0ed3918113 Changing default as 'State' cannot be abbreviated in a CSR 2015-07-08 16:44:06 -07:00
kevgliss
67dc12347e Removing verisign specific frontend code, we also give some more hints to user on how to make SAN certificates. 2015-07-08 16:42:57 -07:00
Kevin Glisson
4330ac9c05 initial commit 2015-06-22 13:47:27 -07:00