1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-11-10 23:20:35 +00:00
Commit Graph

213 Commits

Author SHA1 Message Date
6de010a411 Make /api/revoked conform to RFC5280 2016-03-29 13:28:58 +03:00
1475828899 Fix CRL distriution points and add authority information access extensions 2016-03-29 12:29:15 +03:00
e721648328 Use common name instead of IP address as listening address for IPSec gateway 2016-03-29 12:28:10 +03:00
799b9e19c8 Use unicode literals for logging 2016-03-29 08:54:55 +03:00
acc0e29109 Add AKID and SKID 2016-03-29 08:47:43 +03:00
ff71ca42d7 Move GSSAPI credcache from authorization config section to accounts 2016-03-29 08:45:17 +03:00
22846327a0 Fix is_admin of PosixUserManager 2016-03-29 08:44:07 +03:00
de42d97b59 Add $ssl_client_s_dn_cn for nginx config template 2016-03-29 08:28:48 +03:00
f88a970e2a Attempt to fix CA test 2016-03-28 00:18:41 +03:00
8ca809b546 Remove dependency on particular version of configparser 2016-03-28 00:07:39 +03:00
9afafea833 Add sudo for Travis' apt-get 2016-03-28 00:04:03 +03:00
3d32de8cad Documentation fixes and attempt to fix Travis 2016-03-28 00:00:41 +03:00
925bc0ef9a Refactor users, add OpenVPN and mailing support
* Add abstraction for user objects
* Mail authority admins about pending, revoked and signed certificates
* Add NetworkManager's OpenVPN plugin support
* Improve CRL support
* Refactor CSRF protection
* Update documentation
2016-03-27 23:38:14 +03:00
811e6dbb08 Complete overhaul
* Switch to Python 2.x due to lack of decent LDAP support in Python 3.x
* Add LDAP backend for authentication/authorization
* Add PAM backend for authentication
* Add getent backend for authorization
* Add preliminary CSRF protection
* Update icons
* Update push server documentation, use nchan from now on
* Add P12 bundle generation
* Add thin wrapper around Python's SQL connectors
* Enable mailing subsystem
* Add Kerberos TGT renewal cronjob
* Add HTTPS server setup commands for nginx
2016-03-21 23:42:39 +02:00
ffdab4d36d Update strongSwan leftupdown script 2016-03-01 13:52:10 +02:00
d38a9a8103 Add preliminary PKCS#12 bundle generation 2016-03-01 11:01:53 +02:00
449dcea821 Add preliminary PAM authentication backend 2016-02-29 23:06:42 +02:00
4240d55fe4 Add preliminary Python 2.x support 2016-02-28 22:37:56 +02:00
5eed7cb6d9 ui: Add blue color for recently seen clients 2016-02-17 21:44:33 +02:00
489de4ec79 ui: Bundle template JavaScript 2016-02-17 16:16:00 +02:00
114e67ed6a api: Use nchan headers for pushing events 2016-02-17 16:15:06 +02:00
b830ce7671 api: Fix exception includes 2016-01-25 11:19:08 +02:00
661e7608ef ui: Precompile nunjucks templates 2016-01-25 11:18:19 +02:00
7cb9f04972 Add routes for NetworkManager only if they have been specified 2016-01-15 18:09:03 +02:00
6bfa1ccf9c cli: Fix typo 2016-01-15 13:50:45 +02:00
589a31eb3d Sanitize configuration file section names 2016-01-15 13:48:24 +02:00
704523626b Rename spawn commands 2016-01-15 11:18:27 +02:00
f2df17bb88 Refactor signature request submission
Certidude client now reads configuration from
/etc/certidude/client.conf, submits CSR-s and
once signed configures services based on
/etc/certidude/services.conf
2016-01-15 00:47:30 +02:00
d8abde3d53 Refactor request submission
API now properly distinguishes duplicate request from other requests with same common name.
2016-01-14 11:02:57 +02:00
aacf94bb28 Fix encoding error in duplicate request check 2016-01-14 10:44:26 +02:00
21c436ec88 Merge branch 'master' of https://github.com/laurivosandi/certidude
Conflicts:
	certidude/cli.py
2016-01-10 19:53:02 +02:00
de08ba759d Release version 0.1.20 2016-01-10 19:51:54 +02:00
6a45592cd0 api: Fix CRL generation 2016-01-02 01:08:04 +02:00
0fb605ce27 api: Fix packaging 2016-01-02 01:06:30 +02:00
67c6a49dff api: Use uwsgi provided socket for nginx 2016-01-02 01:05:48 +02:00
1b50b8a371 cli: Fix group ownership for authority setup 2015-12-24 13:58:24 +00:00
8864af6072 Merge branch 'master' of github.com:laurivosandi/certidude 2015-12-23 14:49:00 +00:00
7f48476173 doc: Cleaned up nginx configration bits 2015-12-23 14:48:31 +00:00
Lauri Võsandi
6977d7148e cli: Send Accept header when requesting signed certificate 2015-12-23 16:10:00 +02:00
af4d50db17 ui: Added product serial tag 2015-12-23 11:46:27 +00:00
c59198887c api: Fixed API call for querying leases 2015-12-18 12:49:37 +00:00
ece05a21e0 cli: Added closeaction=restart to ipsec.conf template 2015-12-16 21:55:49 +00:00
da6600e2e9 api: Added signed certificate tagging mechanism 2015-12-16 17:41:49 +00:00
901b0f7224 api: Fix lookup of user context variable 2015-12-13 18:27:09 +00:00
fbbf7a320d Add preliminary support for logging
Current logging mechanism makes use of Python's logging module.
MySQL logging handler inserts log entries to MySQL server and
another logging handler is used to stream events to web interface
via nginx streaming push.
2015-12-13 15:11:22 +00:00
b788d701eb Refactor wrappers
Completely remove wrapper class for CA,
use certidude.authority module instead.
2015-12-12 22:39:17 +00:00
5876f61e15 Reverted nginx configuration example 2015-11-20 21:18:16 +01:00
8397d02f26 Removed leftfirewall=yes from strongSwan config template 2015-11-20 21:17:46 +01:00
f893582338 Major refactoring, CA is associated with it's hostname now 2015-11-15 15:55:26 +01:00
e6f050c257 Added preliminary interfacing with updown scripts 2015-11-13 23:20:51 +01:00