b3a45cf2ab
Expose insecure flag for turning off HTTPS
2017-01-10 15:01:16 +02:00
86244d294b
Reorder and reformat usecases
2016-09-18 19:06:10 +03:00
ece565c451
Attempt to fix Codecov
2016-09-18 18:52:51 +03:00
d68a9acac2
Work around Travis' long hostnames in const.py instead
2016-09-18 18:46:11 +03:00
00c0bdfb52
Fix indent/nesting in .travis.yml
2016-09-18 18:39:22 +03:00
934b67c94f
Set shorter hostname for Travis
2016-09-18 18:36:08 +03:00
e86f9d4e3b
Remove disallowed packages
2016-09-18 18:32:34 +03:00
f19cf4652e
Clean up tests
2016-09-18 18:30:31 +03:00
65b401538e
Move to container based Travis
2016-09-18 17:47:11 +03:00
6f99c32c38
Describe usecases
2016-09-18 17:27:34 +03:00
fab52dca76
Add request submission from web interface
2016-09-18 16:25:52 +03:00
2590340355
Remove generated templates.js, add graceful fallback when not generated
2016-09-18 16:21:07 +03:00
e56b1b3f2b
Upgrade to nunjucks v2.5.2
2016-09-18 15:11:23 +03:00
b8cb12ecd8
Improve installation instructions
2016-09-18 14:33:13 +03:00
23d8942ffe
Add fallbacks for e-mail handling if outbox is not defined
2016-09-18 14:32:39 +03:00
1b04a848e3
Improve Unicode handling in bundle generation
2016-09-18 14:32:14 +03:00
9cf5e298e8
Fix systemd service template
2016-09-18 00:21:24 +03:00
f448aefc08
Sort requirements.txt and remove duplicates
2016-09-18 00:05:50 +03:00
b4d006227a
Refactor codebase
...
* Replace PyOpenSSL with cryptography.io
* Rename constants to const
* Drop support for uwsgi
* Use systemd to launch certidude server
* Signer automatically spawned as part of server
* Update requirements.txt
* Clean up certidude client configuration handling
* Add automatic enroll with Kerberos machine cerdentials
2016-09-18 00:00:14 +03:00
15858083b3
Use UTC for log entries
2016-04-05 15:30:50 +03:00
c33da46f19
Push server fixes
2016-04-05 15:02:05 +03:00
7012f5b365
Make user certificate enrollment configurable
2016-04-01 01:55:51 +03:00
fa27253b50
Add 'certidude users' command for listing user accounts
2016-04-01 00:01:58 +03:00
816cf32353
Include robots.txt in MANIFEST.in
2016-04-01 00:00:24 +03:00
ff2e983711
ui: Update CRL fetching command example
2016-03-30 22:06:15 +03:00
ec2dea7a13
cli: Authority setup script fixes
2016-03-30 22:05:32 +03:00
456fe586c3
Add revocation list JSON serialization
2016-03-30 22:00:18 +03:00
5bdf986b47
cli: Send Accept: application/x-pem-file while downloading CRL
2016-03-29 23:39:19 +03:00
833fb82354
Upload 0.1.21 to PyPI
2016-03-29 22:19:55 +03:00
d2a259b887
Merge authority setup and production setup
2016-03-29 22:03:27 +03:00
a094db794b
cli: Fix extended key usage flags for authority setup script
2016-03-29 19:43:50 +03:00
c644b065ef
Migrate authority setup from PyOpenSSL to cryptography.io
2016-03-29 19:29:06 +03:00
af60fd8047
cli: Fix authority setup script
2016-03-29 18:37:28 +03:00
476a312b4e
ui: Fix autosign subnets listing
2016-03-29 15:47:00 +03:00
09a67718ab
Expose certificate and CRL lifetime via session API call
2016-03-29 15:43:34 +03:00
d8f1e36ecf
Reduce default CRL lifetime to 20min
2016-03-29 15:17:44 +03:00
6de010a411
Make /api/revoked conform to RFC5280
2016-03-29 13:28:58 +03:00
1475828899
Fix CRL distriution points and add authority information access extensions
2016-03-29 12:29:15 +03:00
e721648328
Use common name instead of IP address as listening address for IPSec gateway
2016-03-29 12:28:10 +03:00
799b9e19c8
Use unicode literals for logging
2016-03-29 08:54:55 +03:00
acc0e29109
Add AKID and SKID
2016-03-29 08:47:43 +03:00
ff71ca42d7
Move GSSAPI credcache from authorization config section to accounts
2016-03-29 08:45:17 +03:00
22846327a0
Fix is_admin of PosixUserManager
2016-03-29 08:44:07 +03:00
de42d97b59
Add $ssl_client_s_dn_cn for nginx config template
2016-03-29 08:28:48 +03:00
f88a970e2a
Attempt to fix CA test
2016-03-28 00:18:41 +03:00
8ca809b546
Remove dependency on particular version of configparser
2016-03-28 00:07:39 +03:00
9afafea833
Add sudo for Travis' apt-get
2016-03-28 00:04:03 +03:00
3d32de8cad
Documentation fixes and attempt to fix Travis
2016-03-28 00:00:41 +03:00
925bc0ef9a
Refactor users, add OpenVPN and mailing support
...
* Add abstraction for user objects
* Mail authority admins about pending, revoked and signed certificates
* Add NetworkManager's OpenVPN plugin support
* Improve CRL support
* Refactor CSRF protection
* Update documentation
2016-03-27 23:38:14 +03:00
811e6dbb08
Complete overhaul
...
* Switch to Python 2.x due to lack of decent LDAP support in Python 3.x
* Add LDAP backend for authentication/authorization
* Add PAM backend for authentication
* Add getent backend for authorization
* Add preliminary CSRF protection
* Update icons
* Update push server documentation, use nchan from now on
* Add P12 bundle generation
* Add thin wrapper around Python's SQL connectors
* Enable mailing subsystem
* Add Kerberos TGT renewal cronjob
* Add HTTPS server setup commands for nginx
2016-03-21 23:42:39 +02:00
