Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7762d6ed52
lemur/lemur/common
History
Marti Raudsepp 7762d6ed52 Reworked sensitive domain name and restriction logic (#878) 
* This is a fix for a potential security issue; the old code had edge
  cases with unexpected behavior.
* LEMUR_RESTRICTED_DOMAINS is no more, instead LEMUR_WHITELISTED_DOMAINS
  is a list of *allowed* domain name patterns. Per discussion in PR #600
* Domain restrictions are now checked everywhere: in domain name-like
  CN (common name) values and SAN DNSNames, including raw CSR requests.
* Common name values that contain a space are exempt, since they cannot
  be valid domain names.
2017-08-16 19:24:49 -07:00
..
__init__.py initial commit 2015-06-22 13:47:27 -07:00
defaults.py Source syncing tweaks. (#705) 2017-03-03 14:53:56 -08:00
fields.py Reworked sensitive domain name and restriction logic (#878) 2017-08-16 19:24:49 -07:00
health.py Add Check of DB connections on healthcheck URL (#812) 2017-05-22 17:15:41 -07:00
managers.py Allow Lemur "start" to use the global config. (#596) 2016-12-14 13:23:50 -08:00
missing.py Time (#482) 2016-11-09 10:56:22 -08:00
schema.py Adding additional failure conditions to sentry tracking. (#853) 2017-07-13 14:49:04 -07:00
utils.py Adding max notification constraint. (#704) 2017-03-03 12:59:16 -08:00
validators.py Reworked sensitive domain name and restriction logic (#878) 2017-08-16 19:24:49 -07:00