Priit Laes
bfcd8ef95b
api: tag: Drop unused imports
2018-02-03 14:05:02 +02:00
Priit Laes
f90a19deeb
api: token: Drop unused imports
2018-02-03 14:05:02 +02:00
Priit Laes
82b8185bc5
api: bootstrap: Drop unused imports
2018-02-03 14:05:02 +02:00
Priit Laes
b82a38edee
api: attrib: Drop unused imports
2018-02-03 14:05:02 +02:00
Priit Laes
c9dd058d75
api: Use common AuthorityResource where possible
2018-02-03 14:05:02 +02:00
Priit Laes
4580663608
api: Create common AuthorityHandler class with authority attribute
2018-02-03 14:02:23 +02:00
Priit Laes
f7d138e303
api: token: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
7d514a3bc6
api: tag: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
4e50ddfc54
api: signed: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
29f3e1fce9
api: script: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
1cfb1b3293
api: scep: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
239538371f
api: revoked: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
916afba685
api: request: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
7f2729e6f4
api: ocsp: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
be454d7a65
api: lease: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
937c81bd5f
api: bootstrap: drop usage of global authority import
2018-02-03 14:02:23 +02:00
Priit Laes
863deafa59
api: attrib: drop usage of global authority import
2018-02-03 12:37:06 +02:00
Lauri Võsandi
5cb7f89c1b
Bugfixes, OU support and image builder fixes
2018-01-26 14:03:13 +02:00
Priit Laes
936743c13e
Drop unused imports from certidude.config
2018-01-05 22:13:41 +02:00
Priit Laes
9d142dee36
Update dependency list so certidude client actually works
2018-01-05 21:55:15 +02:00
Lauri Võsandi
098aa5657d
tests: More explicit errors for OCSP and SCEP
2018-01-05 12:42:14 +00:00
Lauri Võsandi
67dcf4a156
cli: Fix image builder command order
2018-01-03 22:34:52 +00:00
Lauri Võsandi
fba8f5d776
Integrate LEDE image builder
2018-01-03 22:17:35 +00:00
Lauri Võsandi
345c2802ea
api: Fix request submission form
2018-01-03 22:17:35 +00:00
Lauri Võsandi
3d1e6768bb
cli: Self-enroll again only if cert is about to expire
2018-01-03 22:17:35 +00:00
Lauri Võsandi
e594371ee3
api: Update last seen status for VPN gateway during client update
2018-01-03 22:17:35 +00:00
Lauri Võsandi
15f3e19da7
cli: Atomic write of /etc/systemd/system/openvpn-reconnect.service
2017-12-30 18:56:12 +00:00
Lauri Võsandi
59bedc1f16
Major refactor
...
* Migrate to Python 3
* Update token generator mechanism
* Switch to Bootstrap 4
* Switch from Iconmonstr to Font Awesome icons
* Rename default CA common name to "Certidude at ca.example.lan"
* Add self-enroll for the TLS server certificates
* TLS client auth for lease updating
* Compile assets from npm packages to /var/lib/certidude/ca.example.lan/assets
2017-12-30 14:00:19 +00:00
Lauri Võsandi
c45a5df773
Remove unused setproctitle import
2017-08-16 23:30:42 +03:00
Lauri Võsandi
509f7bfaa8
Migrate from cryptography.io to oscrypto
2017-08-16 20:25:16 +00:00
Lauri Võsandi
789d80d712
api: Save enrollment IP address
2017-08-10 00:45:43 +03:00
Lauri Võsandi
bce906db36
Migrate authority setup to certbuilder
2017-07-29 20:55:46 +00:00
Lauri Võsandi
f069688a9a
Add basic DoS prevention measures
2017-07-29 23:19:37 +03:00
Lauri Võsandi
03b9778170
Better starttup/shutdown notification
2017-07-11 18:57:19 +00:00
Lauri Võsandi
d44b6035c2
Embed OCSP responder URL in certificate
2017-07-08 12:08:39 +00:00
Lauri Võsandi
47d2d37684
Add missing import for setxattr
2017-07-08 12:08:23 +00:00
Lauri Võsandi
9008744c48
api: Make logger use unicode literals
2017-07-08 08:56:01 +00:00
Lauri Võsandi
a48331a9cb
tests: Add test for machine attribute updates
2017-07-07 21:07:25 +00:00
Lauri Võsandi
39363a57c7
tests: More coverage
2017-07-06 09:29:02 +00:00
Lauri Võsandi
34c72aaa9e
tests: Fixes and better code coverage
2017-07-06 08:15:44 +00:00
Lauri Võsandi
e25c774fa3
Bugfixes and test for SCEP
2017-07-05 21:22:02 +00:00
Lauri Võsandi
9b5511212e
Several changes
...
* OCSP workaround for StrongSwan
* Machine attributes framework
* Scripting support
* Default to nginx frontend
2017-07-05 18:22:03 +03:00
Lauri Võsandi
d08a3f9f92
cli: Fix `certidude request` dependency handling
2017-06-04 14:48:28 +00:00
Lauri Võsandi
ecb1d9b3f3
Better fallback for FQDN detection
2017-06-04 14:33:47 +00:00
Lauri Võsandi
0a98b3f82e
Add tests for OCSP, several bugfixes
2017-06-04 14:19:29 +00:00
Lauri Võsandi
61aa54695e
cli: Migrate client side to oscrypto
2017-05-27 21:17:21 +03:00
Lauri Võsandi
5d48abe973
api: Preliminary OCSP support
2017-05-25 22:20:45 +03:00
Lauri Võsandi
5ae872e1ea
api: Add preliminary SCEP support
2017-05-18 22:29:49 +03:00
Lauri Võsandi
a5ad9238a1
cli: Lazier import for pwd
2017-05-12 20:52:25 +00:00
Lauri Võsandi
f4901593e1
cli: Use variable name authority instead of server
2017-05-12 20:52:06 +00:00
Lauri Võsandi
eecfbee384
tests: Fix signer shutdown and add tests for event source
2017-05-09 09:48:24 +00:00
Lauri Võsandi
b77a427949
api: Submit inner and outer IP address when updating lease
2017-05-08 20:33:20 +00:00
Lauri Võsandi
09f5b11505
tests: Add tests for machine keytab auth
2017-05-08 16:25:59 +00:00
Lauri Võsandi
17c4e157e7
tests: Attempt to build for trusty and xenial both
2017-05-08 10:27:02 +00:00
Lauri Võsandi
4e41655532
api: Better error message when confronted with NTLM
2017-05-08 10:26:11 +00:00
Lauri Võsandi
545febf3d0
tests: Cover LDAP auth and more
2017-05-07 22:14:58 +00:00
Lauri Võsandi
a4a31ca2c6
Mailer always enabled
2017-05-07 20:49:58 +00:00
Lauri Võsandi
b1dd6f0093
tests: Checks for /etc/cron.hourly/certidude
2017-05-07 19:51:40 +00:00
Lauri Võsandi
8440cd840d
tests: Fix race condition bugs
2017-05-07 19:29:07 +00:00
Lauri Võsandi
71e77154d7
tests: Preliminary tests for Kerberos/LDAP auth
2017-05-07 19:11:24 +00:00
Lauri Võsandi
60a0f2ba7c
tests: Set up nchan as part of certidude setup authority
2017-05-06 21:35:02 +00:00
Lauri Võsandi
b19e163a82
tests: Attempt to set up nchan as part of unittests
2017-05-06 21:07:41 +00:00
Lauri Võsandi
de1d182320
Add API call for rendering scripts, bugfixes
2017-05-04 17:56:53 +00:00
Lauri Võsandi
a75fb58cb5
tests: Lease and attribute API call fixes
2017-05-04 10:02:14 +00:00
Lauri Võsandi
94944e37f1
tests: Better coverage for tagging tests
2017-05-04 09:14:47 +00:00
Lauri Võsandi
2ffcc64d86
tests: Test CRL checks on client side
2017-05-04 07:38:49 +00:00
Lauri Võsandi
68f6b9f6f6
tests: Attempt to install NetworkManager
2017-05-04 06:55:26 +00:00
Lauri Võsandi
505fa9d557
tests: Fix NetworkManager setup tests
2017-05-04 06:40:47 +00:00
Lauri Võsandi
9922516d24
tests: Test request deletion and signing API calls
2017-05-03 21:54:08 +00:00
Lauri Võsandi
ba678e4b29
api: Remove unused event_source decorator
2017-05-04 00:24:25 +03:00
Lauri Võsandi
aeb5d81aa6
tests: Generate DH params file in single location
2017-05-03 21:12:51 +00:00
Lauri Võsandi
189c604832
tests: Better code coverage
2017-05-03 21:04:34 +00:00
Lauri Võsandi
47aded48d5
tests: Add e-mailing and more cli commands
2017-05-03 14:42:37 +00:00
Lauri Võsandi
649863a77e
tests: Handle forking
2017-05-03 07:04:52 +00:00
Lauri Võsandi
9a7b806ff6
tests: Fix /run/certidude permissions
2017-05-01 23:06:45 +00:00
Lauri Võsandi
a9c29d2fbb
tests: Improvements
2017-05-01 22:41:41 +00:00
Lauri Võsandi
58491e7933
tests: Cleanups
2017-05-01 22:32:55 +00:00
Lauri Võsandi
227902b563
tests: More debugging info for CRL API calls
2017-05-01 21:19:28 +00:00
Lauri Võsandi
128369f6f6
tests: More detailed error captures for API calls
2017-05-01 20:49:25 +00:00
Lauri Võsandi
ffdcbcc41a
tests: Attempt to catch CRL export errors
2017-05-01 20:40:22 +00:00
Lauri Võsandi
e228963bd2
api: More detailed logging for CRL API call
2017-05-01 20:25:08 +00:00
Lauri Võsandi
9668fa549b
tests: More checks for CRL validation
2017-05-01 19:18:50 +00:00
Lauri Võsandi
986953f10f
tests: Prevent nginx setup on Travis
2017-05-01 18:45:15 +00:00
Lauri Võsandi
f7a27c6044
tests: More verbose output while setting up CA
2017-05-01 18:06:47 +00:00
Lauri Võsandi
e0eb3ee471
tests: Create certidude user in advance
2017-05-01 17:56:10 +00:00
Lauri Võsandi
bba1edb070
tests: Lazier const import to prevent early FQDN lookup
2017-05-01 16:57:43 +00:00
Lauri Võsandi
b0683b268d
Attempt to run client as part of unittests
2017-05-01 16:20:50 +00:00
Lauri Võsandi
cc4f13086e
Improve init/openvpn handler
...
* Create systemd service for signaling OpenVPN client after suspend
* Use tun instead of tap
* Update DNS server/domain upon (dis)connect
* Include necessary templates
2017-04-29 22:09:31 +03:00
Lauri Võsandi
9aab212647
Add tests for token mechanism
2017-04-26 09:13:41 +03:00
Lauri Võsandi
5ddbf87ed2
Add test for fetching logs
2017-04-26 00:10:12 +03:00
Lauri Võsandi
d6d998a9e6
Add tests for SQLite based logging
2017-04-25 23:42:55 +03:00
Lauri Võsandi
b867eee67e
Add more API tests for lease, attribs etc
2017-04-25 23:32:21 +03:00
Lauri Võsandi
15ae064f55
Preliminary tests for auth
2017-04-25 21:47:41 +03:00
Lauri Võsandi
3ef4d96b1c
Use application/x-pem-file mimetype for user certs
2017-04-25 16:48:04 +03:00
Lauri Võsandi
f9429b2e94
Add autosign handling for request submission test
2017-04-25 16:40:33 +03:00
Lauri Võsandi
4c9744308a
Better branch handling for request API calls
2017-04-25 16:15:39 +03:00
Lauri Võsandi
7225726d66
Add request submission API call tests
2017-04-25 16:04:11 +03:00
Lauri Võsandi
4eb3c4146f
Add tests for non-existant certificate
2017-04-25 13:58:21 +03:00
Lauri Võsandi
ba9dca910f
Add tests for API calls
2017-04-25 13:06:59 +03:00
Lauri Võsandi
d5edbe50c5
Token mechanism fixes
2017-04-24 20:33:55 +03:00