Archives
/
algo
mirror of https://github.com/trailofbits/algo
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
516 Commits
5 Branches
2 Tags
10 MiB
fix/14704
dependabot/pip/ansible-9.4.0
master
dependabot/github_actions/actions/setup-python-5.1.0
dependabot/pip/jinja2-approx-eq-3.1.3
v1.1
v1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '050583ecd1'
${ noResults }
Commit Graph

180 Commits (050583ecd1ee2fc1e58f66d3598bb7eb26bf05f6)

Author SHA1 Message Date
Josh Soref 84bbcb88d0 Spelling fixes (#342) 
* spelling: algorithm

* spelling: bertrand

* spelling: between

* spelling: checking

* spelling: conjunction

* spelling: contributor

* spelling: delimited

* spelling: fashion

* spelling: droplet

* spelling: javascript

* spelling: nameserver

* spelling: obligatory

* spelling: official

* spelling: overridden

* spelling: overwrite

* spelling: parameter

* spelling: suppressing
 8 years ago
James Hale 41ed682213 Reduce VPC CIDR size to /16 (#341) 8 years ago
Josh Meisels d37c6b72c5 Add new Azure regions and allow user to select VM size (#332) 
* Update Azure Region List

Included several additional regions in the Azure list.

In a future version we may want to ask users to choose a continent, then present region options since this list is getting long.

* Add VM size selection

Added prompt for user to choose VM size. Useful because the default size is not available in all regions, and there are cheaper sizes.

* Handle vm_size choice in "Create an Instance" step

Use the variable passed in that the user chose for vm_size.

* Differentiate Basic A0 and Standard A0

* Remove vm_size D1 since it's being deprecated

* Fix syntax issue - missing semicolons

* Remove note to self comment

* Remove changes to let user select VM size

Removing my previous additions that let the user select their Azure VM size.

* Hard code VM size to cheapest size

Remove my usage of a variable for VM size. Update to use the Basic_A0, which is the cheapest size of VM.
 8 years ago
Matt Mankins b8d2dc68bb Change EC2 VPC CIDR blocks to uncommon non-routable addresses (#335) 8 years ago
Josh Watson 84a3b5f675 Change EC2 VPC CIDR blocks to non-routable addresses. (#330) 
The previous address ranges were actually routable addresses, which caused some concern for some people because it looked suspicious in tracert. The new CIDR blocks are non-routable addresses, which resolves this concern.
 8 years ago
brad2014 09e5d87c7b Minor name and documentation edits (#327) 8 years ago
James Hale 3b3fb601ef Fix name tag key (#282) 8 years ago
Dan Guido 655a917dd2 iptables filter table fix (#285) 8 years ago
Jack Ivanov 6facb6cb4f FreeBSD / HardenedBSD (#262) 
* FreeBSD draft

ifconfig fix

Pre-tasks fixes

fix hardcoded IP

some refactoring

disable system-based tags

disable freebsd tags

FreeBSD vpn role

add defaults

ssh role freebsd

default fix

dns_adblocking freebsd

ubuntu dict fix

* HardenedBSD

update-users BSD

* Rebuild the kernel

docs changing
 8 years ago
Jack Ivanov 49ba1f76b4 Some improvements in the mobileconfig. Fixes #270 8 years ago
Jack Ivanov 045ff4bb9f Azure security group. Fixes #264 8 years ago
Jack Ivanov 906d962d4d GCE. env variables #195 8 years ago
Jack Ivanov 573c2f2322 DO. env variables #195 8 years ago
Jack Ivanov fc30f8bb10 GCE. Tags fixed #267 8 years ago
Jack Ivanov 0aff3ebb6f EC2 instance_initiated_shutdown_behavior to terminate. Close #124 8 years ago
Jack Ivanov c52024d4cc Azure. Add to the inventory #30 8 years ago
Jack Ivanov 0d1731e058 update tags for azure resources 8 years ago
Jack Ivanov 6e538627db gce inventory #30 8 years ago
Jack Ivanov 9cc9cf7b5f local inventory #30 8 years ago
Jack Ivanov 69ff22f9bb fix typo 8 years ago
Jack Ivanov dfb1cbc282 DigitalOcean dynamic inventory 8 years ago
Jack Ivanov f7da2e3888 EC2 dynamic enventory. Fixes #73 8 years ago
Jack Ivanov 5cbf125202 Some refactoring. Disable unneeded variables. 8 years ago
Jack Ivanov 237fcc7a7f additional variables 8 years ago
Jack Ivanov 2a4d1837b5 Some fixes. Fedora client. Close #44 8 years ago
Jack Ivanov 0bf3e809a4 Linux clients installation vpn #44 8 years ago
Jack Ivanov d7d976784c Fixes #207 8 years ago
Jack Ivanov 8eb208c5b7 enable ipv6 if the default gateway is defined. Fixes #244 8 years ago
Craig 43c2f5c31a Installs the recommended packages with strongswan, because we need the OpenSSL (#260) 
plugin from libstrongswan-standard-plugins for ECDH to work.
 8 years ago
Jack Ivanov b8f3d43eee enable some additional debug info 8 years ago
Jack Ivanov 2a7dd88a3c Changed to ECDSA #102 8 years ago
Jack Ivanov e31f10da6d Fixes #255 8 years ago
Jack Ivanov aca036142f AndroidVPNClientProfiles #240 8 years ago
Jacob Wilder 7b468fae79 Fixed the azure role for situations where the user does not use a ~/.azure/credentials file (#242) 8 years ago
Jack Ivanov 20ebd7a595 rename connection 8 years ago
akirilov 05ab1f5feb Modified certificate generation to address issues #234 and #228 (#235) 
* Modified certificate generation to address issues #234 and #228

I have made the following modifications to comply with the IKEv2 client certificate requirements:

- Changed client certificate CN to {{ IP_subject_alt_name }}_{{ item }} from {{ item }}
- Changed client certificate SAN to {{IP_subject_alt_name }} from {{ item }}
- Added clientAuth to client certificate EKU

I have made the following changes to address a mismatch in the windows deployment script and file names:

- Changed the client certificate (.p12) filename in config/{{ IP_subject_alt_name }} to {{ IP_subject_alt_name}}_{{ item }}.p12 from {{ item }}.p12 to match the ps1 script

Testing:

I have tested the changes on Windows 10 client, Ubuntu 16.04.1 server (DigitalOcean) - the config described in Issue #234

I apologize for not being able to test on other configurations. I hope that someone else can verify my changes

* fixed iOS issues

* fixed accidentall user change

* simplified changes

* Final iteration. I think that's all I can do to minimize the changes
 8 years ago
Jack Ivanov 35faf4bca7 Local openssl tasks (#169) 
* Draft

works with ECDSA

RSA support for Windows

* update-users with local_openssl_tasks

* move prompts to the algo script

* additional directory for SSH keys

* move easyrsa_p12_export_password to pre_tasks

* update-users testing

* Fix hardcoded vars

* Delete the CA key

* Hardcoded IP. Fixes #219

* Some fixes
 8 years ago
Jack Ivanov 257be0f395 make the fail message more understandable. Fixes #217 8 years ago
Jack Ivanov 2798f84d3f ensure that apparmor is supported by the kernel #215 8 years ago
Jack Ivanov 3e852caf04 disable compression #146 8 years ago
Jack Ivanov cbf59addb3 additional tags 8 years ago
Jack Ivanov a50a396b94 addtiional fixes 8 years ago
Defunct b0f9ab94b1 ec2_ami_copy boto3 module, KMS, tagging, AMI caching (Encrypted support) 8 years ago
Defunct 0eb048383a refactored ec2 encryption 8 years ago
Jack Ivanov 1a81372192 EC2 Encryption Implemented #133 8 years ago
Jack Ivanov f246165298 Fix a typo 8 years ago
Glenn Rempe 9a46b671f7 Fixes #198, replace typo ECXLUDE with EXCLUDE 8 years ago
Damian Gerow b444398fab Drop the MSS for GCE instances 8 years ago
Defunct a9dd0af3fe resolves #176 + other ec2 env issues 8 years ago
Dan Guido 75194675eb closes #175 8 years ago