lauri
/
certidude
mirror of https://github.com/laurivosandi/certidude
1
0
Fork 0
Code Issues Activity
461 Commits 2 Branches 0 Tags 18 MiB
Commit Graph

331 Commits

Author SHA1 Message Date
Priit Laes bfcd8ef95b api: tag: Drop unused imports 2018-02-03 14:05:02 +02:00
Priit Laes f90a19deeb api: token: Drop unused imports 2018-02-03 14:05:02 +02:00
Priit Laes 82b8185bc5 api: bootstrap: Drop unused imports 2018-02-03 14:05:02 +02:00
Priit Laes b82a38edee api: attrib: Drop unused imports 2018-02-03 14:05:02 +02:00
Priit Laes c9dd058d75 api: Use common AuthorityResource where possible 2018-02-03 14:05:02 +02:00
Priit Laes 4580663608 api: Create common AuthorityHandler class with authority attribute 2018-02-03 14:02:23 +02:00
Priit Laes f7d138e303 api: token: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes 7d514a3bc6 api: tag: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes 4e50ddfc54 api: signed: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes 29f3e1fce9 api: script: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes 1cfb1b3293 api: scep: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes 239538371f api: revoked: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes 916afba685 api: request: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes 7f2729e6f4 api: ocsp: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes be454d7a65 api: lease: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes 937c81bd5f api: bootstrap: drop usage of global authority import 2018-02-03 14:02:23 +02:00
Priit Laes 863deafa59 api: attrib: drop usage of global authority import 2018-02-03 12:37:06 +02:00
Lauri Võsandi 5cb7f89c1b Bugfixes, OU support and image builder fixes 2018-01-26 14:03:13 +02:00
Priit Laes 936743c13e Drop unused imports from certidude.config 2018-01-05 22:13:41 +02:00
Priit Laes 9d142dee36 Update dependency list so certidude client actually works 2018-01-05 21:55:15 +02:00
Lauri Võsandi 098aa5657d tests: More explicit errors for OCSP and SCEP 2018-01-05 12:42:14 +00:00
Lauri Võsandi 67dcf4a156 cli: Fix image builder command order 2018-01-03 22:34:52 +00:00
Lauri Võsandi fba8f5d776 Integrate LEDE image builder 2018-01-03 22:17:35 +00:00
Lauri Võsandi 345c2802ea api: Fix request submission form 2018-01-03 22:17:35 +00:00
Lauri Võsandi 3d1e6768bb cli: Self-enroll again only if cert is about to expire 2018-01-03 22:17:35 +00:00
Lauri Võsandi e594371ee3 api: Update last seen status for VPN gateway during client update 2018-01-03 22:17:35 +00:00
Lauri Võsandi 15f3e19da7 cli: Atomic write of /etc/systemd/system/openvpn-reconnect.service 2017-12-30 18:56:12 +00:00
Lauri Võsandi 59bedc1f16 Major refactor 
* Migrate to Python 3
* Update token generator mechanism
* Switch to Bootstrap 4
* Switch from Iconmonstr to Font Awesome icons
* Rename default CA common name to "Certidude at ca.example.lan"
* Add self-enroll for the TLS server certificates
* TLS client auth for lease updating
* Compile assets from npm packages to /var/lib/certidude/ca.example.lan/assets
 2017-12-30 14:00:19 +00:00
Lauri Võsandi c45a5df773 Remove unused setproctitle import 2017-08-16 23:30:42 +03:00
Lauri Võsandi 509f7bfaa8 Migrate from cryptography.io to oscrypto 2017-08-16 20:25:16 +00:00
Lauri Võsandi 789d80d712 api: Save enrollment IP address 2017-08-10 00:45:43 +03:00
Lauri Võsandi bce906db36 Migrate authority setup to certbuilder 2017-07-29 20:55:46 +00:00
Lauri Võsandi f069688a9a Add basic DoS prevention measures 2017-07-29 23:19:37 +03:00
Lauri Võsandi 03b9778170 Better starttup/shutdown notification 2017-07-11 18:57:19 +00:00
Lauri Võsandi d44b6035c2 Embed OCSP responder URL in certificate 2017-07-08 12:08:39 +00:00
Lauri Võsandi 47d2d37684 Add missing import for setxattr 2017-07-08 12:08:23 +00:00
Lauri Võsandi 9008744c48 api: Make logger use unicode literals 2017-07-08 08:56:01 +00:00
Lauri Võsandi a48331a9cb tests: Add test for machine attribute updates 2017-07-07 21:07:25 +00:00
Lauri Võsandi 39363a57c7 tests: More coverage 2017-07-06 09:29:02 +00:00
Lauri Võsandi 34c72aaa9e tests: Fixes and better code coverage 2017-07-06 08:15:44 +00:00
Lauri Võsandi e25c774fa3 Bugfixes and test for SCEP 2017-07-05 21:22:02 +00:00
Lauri Võsandi 9b5511212e Several changes 
* OCSP workaround for StrongSwan
* Machine attributes framework
* Scripting support
* Default to nginx frontend
 2017-07-05 18:22:03 +03:00
Lauri Võsandi d08a3f9f92 cli: Fix `certidude request` dependency handling 2017-06-04 14:48:28 +00:00
Lauri Võsandi ecb1d9b3f3 Better fallback for FQDN detection 2017-06-04 14:33:47 +00:00
Lauri Võsandi 0a98b3f82e Add tests for OCSP, several bugfixes 2017-06-04 14:19:29 +00:00
Lauri Võsandi 61aa54695e cli: Migrate client side to oscrypto 2017-05-27 21:17:21 +03:00
Lauri Võsandi 5d48abe973 api: Preliminary OCSP support 2017-05-25 22:20:45 +03:00
Lauri Võsandi 5ae872e1ea api: Add preliminary SCEP support 2017-05-18 22:29:49 +03:00
Lauri Võsandi a5ad9238a1 cli: Lazier import for pwd 2017-05-12 20:52:25 +00:00
Lauri Võsandi f4901593e1 cli: Use variable name authority instead of server 2017-05-12 20:52:06 +00:00
Lauri Võsandi eecfbee384 tests: Fix signer shutdown and add tests for event source 2017-05-09 09:48:24 +00:00
Lauri Võsandi b77a427949 api: Submit inner and outer IP address when updating lease 2017-05-08 20:33:20 +00:00
Lauri Võsandi 09f5b11505 tests: Add tests for machine keytab auth 2017-05-08 16:25:59 +00:00
Lauri Võsandi 17c4e157e7 tests: Attempt to build for trusty and xenial both 2017-05-08 10:27:02 +00:00
Lauri Võsandi 4e41655532 api: Better error message when confronted with NTLM 2017-05-08 10:26:11 +00:00
Lauri Võsandi 545febf3d0 tests: Cover LDAP auth and more 2017-05-07 22:14:58 +00:00
Lauri Võsandi a4a31ca2c6 Mailer always enabled 2017-05-07 20:49:58 +00:00
Lauri Võsandi b1dd6f0093 tests: Checks for /etc/cron.hourly/certidude 2017-05-07 19:51:40 +00:00
Lauri Võsandi 8440cd840d tests: Fix race condition bugs 2017-05-07 19:29:07 +00:00
Lauri Võsandi 71e77154d7 tests: Preliminary tests for Kerberos/LDAP auth 2017-05-07 19:11:24 +00:00
Lauri Võsandi 60a0f2ba7c tests: Set up nchan as part of certidude setup authority 2017-05-06 21:35:02 +00:00
Lauri Võsandi b19e163a82 tests: Attempt to set up nchan as part of unittests 2017-05-06 21:07:41 +00:00
Lauri Võsandi de1d182320 Add API call for rendering scripts, bugfixes 2017-05-04 17:56:53 +00:00
Lauri Võsandi a75fb58cb5 tests: Lease and attribute API call fixes 2017-05-04 10:02:14 +00:00
Lauri Võsandi 94944e37f1 tests: Better coverage for tagging tests 2017-05-04 09:14:47 +00:00
Lauri Võsandi 2ffcc64d86 tests: Test CRL checks on client side 2017-05-04 07:38:49 +00:00
Lauri Võsandi 68f6b9f6f6 tests: Attempt to install NetworkManager 2017-05-04 06:55:26 +00:00
Lauri Võsandi 505fa9d557 tests: Fix NetworkManager setup tests 2017-05-04 06:40:47 +00:00
Lauri Võsandi 9922516d24 tests: Test request deletion and signing API calls 2017-05-03 21:54:08 +00:00
Lauri Võsandi ba678e4b29 api: Remove unused event_source decorator 2017-05-04 00:24:25 +03:00
Lauri Võsandi aeb5d81aa6 tests: Generate DH params file in single location 2017-05-03 21:12:51 +00:00
Lauri Võsandi 189c604832 tests: Better code coverage 2017-05-03 21:04:34 +00:00
Lauri Võsandi 47aded48d5 tests: Add e-mailing and more cli commands 2017-05-03 14:42:37 +00:00
Lauri Võsandi 649863a77e tests: Handle forking 2017-05-03 07:04:52 +00:00
Lauri Võsandi 9a7b806ff6 tests: Fix /run/certidude permissions 2017-05-01 23:06:45 +00:00
Lauri Võsandi a9c29d2fbb tests: Improvements 2017-05-01 22:41:41 +00:00
Lauri Võsandi 58491e7933 tests: Cleanups 2017-05-01 22:32:55 +00:00
Lauri Võsandi 227902b563 tests: More debugging info for CRL API calls 2017-05-01 21:19:28 +00:00
Lauri Võsandi 128369f6f6 tests: More detailed error captures for API calls 2017-05-01 20:49:25 +00:00
Lauri Võsandi ffdcbcc41a tests: Attempt to catch CRL export errors 2017-05-01 20:40:22 +00:00
Lauri Võsandi e228963bd2 api: More detailed logging for CRL API call 2017-05-01 20:25:08 +00:00
Lauri Võsandi 9668fa549b tests: More checks for CRL validation 2017-05-01 19:18:50 +00:00
Lauri Võsandi 986953f10f tests: Prevent nginx setup on Travis 2017-05-01 18:45:15 +00:00
Lauri Võsandi f7a27c6044 tests: More verbose output while setting up CA 2017-05-01 18:06:47 +00:00
Lauri Võsandi e0eb3ee471 tests: Create certidude user in advance 2017-05-01 17:56:10 +00:00
Lauri Võsandi bba1edb070 tests: Lazier const import to prevent early FQDN lookup 2017-05-01 16:57:43 +00:00
Lauri Võsandi b0683b268d Attempt to run client as part of unittests 2017-05-01 16:20:50 +00:00
Lauri Võsandi cc4f13086e Improve init/openvpn handler 
* Create systemd service for signaling OpenVPN client after suspend
* Use tun instead of tap
* Update DNS server/domain upon (dis)connect
* Include necessary templates
 2017-04-29 22:09:31 +03:00
Lauri Võsandi 9aab212647 Add tests for token mechanism 2017-04-26 09:13:41 +03:00
Lauri Võsandi 5ddbf87ed2 Add test for fetching logs 2017-04-26 00:10:12 +03:00
Lauri Võsandi d6d998a9e6 Add tests for SQLite based logging 2017-04-25 23:42:55 +03:00
Lauri Võsandi b867eee67e Add more API tests for lease, attribs etc 2017-04-25 23:32:21 +03:00
Lauri Võsandi 15ae064f55 Preliminary tests for auth 2017-04-25 21:47:41 +03:00
Lauri Võsandi 3ef4d96b1c Use application/x-pem-file mimetype for user certs 2017-04-25 16:48:04 +03:00
Lauri Võsandi f9429b2e94 Add autosign handling for request submission test 2017-04-25 16:40:33 +03:00
Lauri Võsandi 4c9744308a Better branch handling for request API calls 2017-04-25 16:15:39 +03:00
Lauri Võsandi 7225726d66 Add request submission API call tests 2017-04-25 16:04:11 +03:00
Lauri Võsandi 4eb3c4146f Add tests for non-existant certificate 2017-04-25 13:58:21 +03:00
Lauri Võsandi ba9dca910f Add tests for API calls 2017-04-25 13:06:59 +03:00
Lauri Võsandi d5edbe50c5 Token mechanism fixes 2017-04-24 20:33:55 +03:00