lauri
/
certidude
mirror of https://github.com/laurivosandi/certidude
1
0
Fork 0
Code Issues Activity
435 Commits 2 Branches 0 Tags 18 MiB
Commit Graph

16 Commits

Author SHA1 Message Date
Lauri Võsandi bfdd8c4887 Several updates #3 
* Move SessionResource and CertificateAuthorityResource to api/session.py
* Log browser user agent for logins
* Remove static sink from backend, nginx always serves static now
* Don't emit 'attribute-update' event if no attributes were changed
* Better CN extraction from DN during lease update
* Log user who deleted request
* Remove long polling CRL fetch API call and relevant test
* Merge auth decorators ldap_authenticate, kerberos_authenticate, pam_authenticate
* Add 'kerberos subnets' to distinguish authentication method
* Add 'admin subnets' to filter traffic to administrative API calls
* Highlight recent log events
* Links to switch between 2, 3 and 4 column layouts in the dashboard
* Restored certidude client snippets in request dialog
* Various bugfixes, improved log messages
 2018-05-04 08:55:49 +00:00
Lauri Võsandi 4e4b551cc2 Several updates #2 
* Reverse RDN components for all certs
* Less side effects in unittests
* Split help dialog shell snippets into separate files
* Restore 'admin subnets' config option
* Embedded subnets, IKE and ESP proposals now configurable in builder.conf
* Use expr instead of bc for math operations in shell
* Better frontend support for Let's Encrypt certificates
 2018-05-02 08:11:01 +00:00
Lauri Võsandi 5e9251f365 Several updates 
* Subnets configuration option for Kerberos machine enrollment
* Configurable script snippets via [service] configuration section
* Preliminary revocation reason support
* Improved signature profile support
* Add domain components to DN to distinguish certificate CN's namespace
* Image builder improvements, add Elliptic Curve support
* Added GetCACaps operation and more digest algorithms for SCEP
* Generate certificate and CRL serial from timestamp (64+32bits) and random bytes (56bits)
* Move client storage pool to /etc/certidude/authority/
* Cleanups & bugfixes
 2018-04-27 07:48:15 +00:00
Priit Laes 2f0569abb4 Move certidude.firewall to api.utils.firewall where it belongs 2018-02-03 14:43:43 +02:00
Priit Laes b82a38edee api: attrib: Drop unused imports 2018-02-03 14:05:02 +02:00
Priit Laes 863deafa59 api: attrib: drop usage of global authority import 2018-02-03 12:37:06 +02:00
Lauri Võsandi 59bedc1f16 Major refactor 
* Migrate to Python 3
* Update token generator mechanism
* Switch to Bootstrap 4
* Switch from Iconmonstr to Font Awesome icons
* Rename default CA common name to "Certidude at ca.example.lan"
* Add self-enroll for the TLS server certificates
* TLS client auth for lease updating
* Compile assets from npm packages to /var/lib/certidude/ca.example.lan/assets
 2017-12-30 14:00:19 +00:00
Lauri Võsandi 9b5511212e Several changes 
* OCSP workaround for StrongSwan
* Machine attributes framework
* Scripting support
* Default to nginx frontend
 2017-07-05 18:22:03 +03:00
Lauri Võsandi b77a427949 api: Submit inner and outer IP address when updating lease 2017-05-08 20:33:20 +00:00
Lauri Võsandi de1d182320 Add API call for rendering scripts, bugfixes 2017-05-04 17:56:53 +00:00
Lauri Võsandi a75fb58cb5 tests: Lease and attribute API call fixes 2017-05-04 10:02:14 +00:00
Lauri Võsandi ba9dca910f Add tests for API calls 2017-04-25 13:06:59 +03:00
Lauri Võsandi 52d35012a4 Various fixes 2017-04-13 20:30:56 +00:00
Lauri Võsandi 90b663ce26 Add file based rotating log handler 2017-04-04 05:02:08 +00:00
Lauri Võsandi 77db728294 Fix attribute API call whitelist handling 2017-03-26 16:58:29 +00:00
Lauri Võsandi 1813056fc7 Move leases and tagging backend to filesystem extended attributes 2017-03-26 00:10:09 +00:00