af60fd8047
cli: Fix authority setup script
2016-03-29 18:37:28 +03:00
476a312b4e
ui: Fix autosign subnets listing
2016-03-29 15:47:00 +03:00
09a67718ab
Expose certificate and CRL lifetime via session API call
2016-03-29 15:43:34 +03:00
d8f1e36ecf
Reduce default CRL lifetime to 20min
2016-03-29 15:17:44 +03:00
6de010a411
Make /api/revoked conform to RFC5280
2016-03-29 13:28:58 +03:00
1475828899
Fix CRL distriution points and add authority information access extensions
2016-03-29 12:29:15 +03:00
e721648328
Use common name instead of IP address as listening address for IPSec gateway
2016-03-29 12:28:10 +03:00
799b9e19c8
Use unicode literals for logging
2016-03-29 08:54:55 +03:00
acc0e29109
Add AKID and SKID
2016-03-29 08:47:43 +03:00
ff71ca42d7
Move GSSAPI credcache from authorization config section to accounts
2016-03-29 08:45:17 +03:00
22846327a0
Fix is_admin of PosixUserManager
2016-03-29 08:44:07 +03:00
de42d97b59
Add $ssl_client_s_dn_cn for nginx config template
2016-03-29 08:28:48 +03:00
f88a970e2a
Attempt to fix CA test
2016-03-28 00:18:41 +03:00
8ca809b546
Remove dependency on particular version of configparser
2016-03-28 00:07:39 +03:00
9afafea833
Add sudo for Travis' apt-get
2016-03-28 00:04:03 +03:00
3d32de8cad
Documentation fixes and attempt to fix Travis
2016-03-28 00:00:41 +03:00
925bc0ef9a
Refactor users, add OpenVPN and mailing support
...
* Add abstraction for user objects
* Mail authority admins about pending, revoked and signed certificates
* Add NetworkManager's OpenVPN plugin support
* Improve CRL support
* Refactor CSRF protection
* Update documentation
2016-03-27 23:38:14 +03:00
811e6dbb08
Complete overhaul
...
* Switch to Python 2.x due to lack of decent LDAP support in Python 3.x
* Add LDAP backend for authentication/authorization
* Add PAM backend for authentication
* Add getent backend for authorization
* Add preliminary CSRF protection
* Update icons
* Update push server documentation, use nchan from now on
* Add P12 bundle generation
* Add thin wrapper around Python's SQL connectors
* Enable mailing subsystem
* Add Kerberos TGT renewal cronjob
* Add HTTPS server setup commands for nginx
2016-03-21 23:42:39 +02:00
ffdab4d36d
Update strongSwan leftupdown script
2016-03-01 13:52:10 +02:00
d38a9a8103
Add preliminary PKCS#12 bundle generation
2016-03-01 11:01:53 +02:00
449dcea821
Add preliminary PAM authentication backend
2016-02-29 23:06:42 +02:00
4240d55fe4
Add preliminary Python 2.x support
2016-02-28 22:37:56 +02:00
5eed7cb6d9
ui: Add blue color for recently seen clients
2016-02-17 21:44:33 +02:00
489de4ec79
ui: Bundle template JavaScript
2016-02-17 16:16:00 +02:00
114e67ed6a
api: Use nchan headers for pushing events
2016-02-17 16:15:06 +02:00
b830ce7671
api: Fix exception includes
2016-01-25 11:19:08 +02:00
661e7608ef
ui: Precompile nunjucks templates
2016-01-25 11:18:19 +02:00
7cb9f04972
Add routes for NetworkManager only if they have been specified
2016-01-15 18:09:03 +02:00
6bfa1ccf9c
cli: Fix typo
2016-01-15 13:50:45 +02:00
589a31eb3d
Sanitize configuration file section names
2016-01-15 13:48:24 +02:00
704523626b
Rename spawn commands
2016-01-15 11:18:27 +02:00
f2df17bb88
Refactor signature request submission
...
Certidude client now reads configuration from
/etc/certidude/client.conf, submits CSR-s and
once signed configures services based on
/etc/certidude/services.conf
2016-01-15 00:47:30 +02:00
d8abde3d53
Refactor request submission
...
API now properly distinguishes duplicate request from other requests with same common name.
2016-01-14 11:02:57 +02:00
aacf94bb28
Fix encoding error in duplicate request check
2016-01-14 10:44:26 +02:00
21c436ec88
Merge branch 'master' of https://github.com/laurivosandi/certidude
...
Conflicts:
certidude/cli.py
2016-01-10 19:53:02 +02:00
de08ba759d
Release version 0.1.20
2016-01-10 19:51:54 +02:00
6a45592cd0
api: Fix CRL generation
2016-01-02 01:08:04 +02:00
0fb605ce27
api: Fix packaging
2016-01-02 01:06:30 +02:00
67c6a49dff
api: Use uwsgi provided socket for nginx
2016-01-02 01:05:48 +02:00
1b50b8a371
cli: Fix group ownership for authority setup
2015-12-24 13:58:24 +00:00
8864af6072
Merge branch 'master' of github.com:laurivosandi/certidude
2015-12-23 14:49:00 +00:00
7f48476173
doc: Cleaned up nginx configration bits
2015-12-23 14:48:31 +00:00
Lauri Võsandi
6977d7148e
cli: Send Accept header when requesting signed certificate
2015-12-23 16:10:00 +02:00
af4d50db17
ui: Added product serial tag
2015-12-23 11:46:27 +00:00
c59198887c
api: Fixed API call for querying leases
2015-12-18 12:49:37 +00:00
ece05a21e0
cli: Added closeaction=restart to ipsec.conf template
2015-12-16 21:55:49 +00:00
da6600e2e9
api: Added signed certificate tagging mechanism
2015-12-16 17:41:49 +00:00
901b0f7224
api: Fix lookup of user context variable
2015-12-13 18:27:09 +00:00
fbbf7a320d
Add preliminary support for logging
...
Current logging mechanism makes use of Python's logging module.
MySQL logging handler inserts log entries to MySQL server and
another logging handler is used to stream events to web interface
via nginx streaming push.
2015-12-13 15:11:22 +00:00
b788d701eb
Refactor wrappers
...
Completely remove wrapper class for CA,
use certidude.authority module instead.
2015-12-12 22:39:17 +00:00