Lauri Võsandi
029ee357fb
Token mechanism fixes:
...
* Save token secret to config
* OpenVPN profile fixes for Ubuntu 16.04
* Raise correct exceptions for invalid tokens
* Display token expiration time in local time
2017-04-22 14:10:54 +03:00
Lauri Võsandi
7651c220c8
Remove unused import
2017-04-22 06:04:55 +00:00
Lauri Võsandi
0344141faf
Add token based auth for profiles
2017-04-21 21:22:08 +00:00
Lauri Võsandi
9a793088c6
Use local MTA for sending e-mail
2017-04-21 16:58:01 +00:00
Lauri Võsandi
66e2b5fc35
api: Validate certificate serial only if serial is supplied
2017-04-20 14:17:03 +00:00
Lauri Võsandi
a5b880c020
Fix dependency on subprocess
2017-04-20 05:23:09 +00:00
Lauri Võsandi
5e812f5194
Fixes
2017-04-20 05:20:10 +00:00
Lauri Võsandi
772886e4d4
Fix typo
2017-04-14 20:32:59 +03:00
Lauri Võsandi
ca0386b649
StrongSwan gateway setup script cleanups
2017-04-14 20:21:31 +03:00
Lauri Võsandi
b57fbfa696
Fix typo
2017-04-14 11:08:26 +00:00
Lauri Võsandi
b9ac55fe26
Configuration generation fixes for nchan
2017-04-14 11:06:09 +00:00
Lauri Võsandi
d6265c10d6
Fix font family name for headings
2017-04-14 10:14:14 +00:00
Lauri Võsandi
91f8f09854
StrongSwan client setup fixes
2017-04-14 02:49:11 +03:00
Lauri Võsandi
8bf9ebfebb
Merge branch 'master' of github.com:laurivosandi/certidude
2017-04-14 01:50:33 +03:00
Lauri Võsandi
a3adba02a5
Fix CRL path for configuration generators
2017-04-14 01:50:04 +03:00
Lauri Võsandi
216af460cf
Better system keytab checking for client
2017-04-14 01:49:32 +03:00
Lauri Võsandi
bc43fdc402
Lazier evaluation for dependencies
2017-04-13 22:37:31 +00:00
Lauri Võsandi
1c5913ee3b
Add dynamic package installation via decorators
2017-04-13 22:30:20 +00:00
Lauri Võsandi
6264846284
Add OpenSSL as dependency for P12 generation
2017-04-13 21:20:02 +00:00
Lauri Võsandi
721cce05ac
Don't enforce dependency on ldap module
2017-04-13 21:03:26 +00:00
Lauri Võsandi
02b2f041cc
Clean up dependencies and Travis
2017-04-13 20:52:09 +00:00
Lauri Võsandi
52d35012a4
Various fixes
2017-04-13 20:30:56 +00:00
Lauri Võsandi
d91e12942d
Tagging fixes
2017-04-13 15:42:38 +00:00
Lauri Võsandi
7a7f22c1a1
Add clock sync tolerance of 5min for signed certs
2017-04-13 15:35:08 +00:00
Lauri Võsandi
4a9abab362
Fix nginx configuration generation
2017-04-13 15:19:26 +00:00
Lauri Võsandi
d7a2c7c193
Fix OpenVPN client configuration generation
2017-04-13 18:17:05 +03:00
Lauri Võsandi
a22e1eb557
Fix server certificate extensions for StrongSwan
2017-04-13 15:12:56 +00:00
Lauri Võsandi
02482e8d79
Migrate to python-gssapi
2017-04-13 14:33:40 +00:00
Lauri Võsandi
51d7dffa9b
Bugfixes
2017-04-12 13:56:29 +00:00
Lauri Võsandi
0201a84a64
Merge branch 'master' of github.com:laurivosandi/certidude
2017-04-12 13:22:21 +00:00
Lauri Võsandi
09724e04dc
Add preliminary bootstrap API call
2017-04-12 13:21:49 +00:00
Lauri Võsandi
e68829732d
Merge branch 'master' of github.com:laurivosandi/certidude
2017-04-07 10:57:38 +03:00
Lauri Võsandi
f477fb9ad8
cli: Add Yubikey enrollment command
2017-04-07 10:57:25 +03:00
Lauri Võsandi
848763160b
Merge github.com:laurivosandi/certidude
2017-04-04 05:03:33 +00:00
Lauri Võsandi
90b663ce26
Add file based rotating log handler
2017-04-04 05:02:08 +00:00
Lauri Võsandi
5c6097cc40
Fix CSR listing command
2017-03-28 12:24:51 +03:00
Lauri Võsandi
d5dcadc346
Remove dependency on pycountries
2017-03-26 20:47:45 +00:00
Lauri Võsandi
44b6f13669
Use random serial for CA certificate
2017-03-26 20:44:47 +00:00
Lauri Võsandi
a663efd39e
Create directories and set selinux context for `certidude request`
2017-03-26 17:40:39 +00:00
Lauri Võsandi
77db728294
Fix attribute API call whitelist handling
2017-03-26 16:58:29 +00:00
Lauri Võsandi
32356013fd
Correct configuration file tagging section name
2017-03-26 10:12:08 +00:00
Lauri Võsandi
f806545bee
Use filesystem extended attribute user.xdg.tags for tags, move leases to user.lease namespace
2017-03-26 10:09:18 +00:00
Lauri Võsandi
1813056fc7
Move leases and tagging backend to filesystem extended attributes
2017-03-26 00:10:09 +00:00
Lauri Võsandi
79aa1e18c0
Add explicit renewal flag for `certiude request`
2017-03-13 19:47:58 +02:00
Lauri Võsandi
7b1dae0901
Renew certificate only when 25% of certificate lifetime remains
2017-03-13 19:42:21 +02:00
Lauri Võsandi
7eb8378562
Attempt to fix tests
2017-03-13 17:20:41 +02:00
Lauri Võsandi
06010ceaf3
Refactor
...
* Remove PyOpenSSL based wrapper classes
* Remove unused API calls
* Add certificate renewal via X-Renewal-Signature header
* Remove (extended) key usage handling
* Clean up OpenVPN and nginx server setup code
* Use UDP port 51900 for OpenVPN by default
* Add basic auth fallback for iOS in addition to Android
* Reduce complexity
2017-03-13 11:42:58 +00:00
Lauri Võsandi
4eed940a66
Clean up PKCS#12 generation
2017-02-09 17:02:33 +00:00
Lauri Võsandi
dae282973e
Passphraseless PKCS#12 doesn't play well with Firefox
2017-02-09 16:59:01 +00:00
Lauri Võsandi
94757cf25c
Conform to RFC 5280, remove unused variable and a comment
2017-02-09 14:16:01 +00:00