Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,019 Commits
41 Branches
214 Tags
91 MiB
master
mariano/signer
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'herman/configure-server-http-timeout'
${ noResults }
Commit Graph

4019 Commits (herman/configure-server-http-timeout)
 

Author SHA1 Message Date
Herman Slatman f515f42aa6
Add (experimental) `STEP_CA_HTTP_TIMEOUT` for server HTTP timeouts 5 months ago
github-actions[bot] c25273d7a7
Merge pull request #1638 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.28.1 
Bump github.com/newrelic/go-agent/v3 from 3.28.0 to 3.28.1
 5 months ago
dependabot[bot] 439ace3086
Bump github.com/newrelic/go-agent/v3 from 3.28.0 to 3.28.1 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.28.0 to 3.28.1.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.28.0...v3.28.1)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
Herman Slatman f453323ba9
Merge pull request #1631 from smallstep/herman/fix-apple-acmeclient-invalid-signatures 6 months ago
Herman Slatman 405aae798c
Simplify the `copy` logic used when patching JWS signature 6 months ago
Max 7bfe11c687
Bump go.step.sm/crypto (#1635) 6 months ago
Max d34f0f6a97
Fix linter warnings (#1634) 6 months ago
Herman Slatman 26a3bb3c11
Make the Apple JWS fix more robust and catch more cases. 6 months ago
Herman Slatman 31ba1b33fb
Merge pull request #1633 from smallstep/update-changelog-20231122 
Set `v0.25.1` release date
 6 months ago
Herman Slatman 528aad86dd
Set `v0.25.1` release date 6 months ago
Herman Slatman 3bb469274d
Merge pull request #1632 from smallstep/update-changelog-20231122 
Update changelog for `v0.25.1` release
 6 months ago
Herman Slatman f01b48fdcd
Update changelog for `v0.25.1` release 6 months ago
Herman Slatman 113491e7af
Remove TODO for patching other algorithms for Apple ACME client 6 months ago
Herman Slatman 06f4cbbcda
Add (temporary) fix for missing null bytes in Apple JWS signatures 
Apparently the Apple macOS (and iOS?) ACME client seems to omit
leading null bytes from JWS signatures. The base64-url encoded
bytes decode to a shorter byte slice than what the JOSE library
expects (e.g. 63 bytes instead of 64 bytes for ES256), and then
results in a `jose.ErrCryptoFailure`.

This commit retries verification of the JWS in case the first
verification fails with `jose.ErrCryptoFailure`. The signatures are
checked to be of the correct length, and if not, null bytes are
prepended to the signature. Then verification is retried, which
might fail again, but for other reasons. On success, the payload
is returned.

Apple should fix this in their ACME client, but in the meantime
this commit prevents some "bad request" error cases from happening.
 6 months ago
github-actions[bot] cf6e189d7c
Merge pull request #1629 from smallstep/dependabot/go_modules/github.com/go-jose/go-jose/v3-3.0.1 
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1
 6 months ago
dependabot[bot] 350ad9006c
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] 1dacf50776
Merge pull request #1626 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.37.0 
Bump go.step.sm/crypto from 0.36.1 to 0.37.0
 6 months ago
dependabot[bot] 66df354f2f
Bump go.step.sm/crypto from 0.36.1 to 0.37.0 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.36.1 to 0.37.0.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.36.1...v0.37.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] c6db7673bf
Merge pull request #1628 from smallstep/dependabot/go_modules/google.golang.org/api-0.151.0 
Bump google.golang.org/api from 0.150.0 to 0.151.0
 6 months ago
github-actions[bot] a36cf81d6a
Merge pull request #1627 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.28.0 
Bump github.com/newrelic/go-agent/v3 from 3.27.0 to 3.28.0
 6 months ago
dependabot[bot] 5b07ae7f52
Bump google.golang.org/api from 0.150.0 to 0.151.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.150.0 to 0.151.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.150.0...v0.151.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
dependabot[bot] 74597e6fbb
Bump github.com/newrelic/go-agent/v3 from 3.27.0 to 3.28.0 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.27.0 to 3.28.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.27.0...v3.28.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] 8308e1ac54
Merge pull request #1619 from smallstep/dependabot/go_modules/golang.org/x/net-0.18.0 
Bump golang.org/x/net from 0.17.0 to 0.18.0
 6 months ago
dependabot[bot] 6826ca9ebb
Bump golang.org/x/net from 0.17.0 to 0.18.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] 4f6ca083aa
Merge pull request #1620 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.15.0 
Bump golang.org/x/crypto from 0.14.0 to 0.15.0
 6 months ago
dependabot[bot] 2eefd2ce63
Bump golang.org/x/crypto from 0.14.0 to 0.15.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] 6ebd5264ec
Merge pull request #1621 from smallstep/dependabot/go_modules/google.golang.org/api-0.150.0 
Bump google.golang.org/api from 0.149.0 to 0.150.0
 6 months ago
dependabot[bot] 48d9ea188b
Bump google.golang.org/api from 0.149.0 to 0.150.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.149.0 to 0.150.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.149.0...v0.150.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
Herman Slatman a4b7bbf2d9
Merge pull request #1617 from smallstep/herman/scep-webhook-provisioner-name 
Add `provisionerName` to SCEP webhook request body
 6 months ago
Herman Slatman f082cbc421
Denormalize provisioner name in SCEP webhook 6 months ago
Herman Slatman 9ebc8779f5
Normalize SCEP provisioner name in webhook body 6 months ago
Herman Slatman e815864ed8
Add verification of `provisionerName` in test 6 months ago
Herman Slatman de45d66cdb
Add `provisionerName` to webhook request body 6 months ago
Mariano Cano a7ed79bb21
Merge pull request #1616 from smallstep/fix-1611 
Use the same version for building and running
 6 months ago
Mariano Cano 875512c79e
Use the same version for building and running 
This commit makes sure to use the same version for building step-ca with
CGO and running it.

Fixes #1611
 6 months ago
Mariano Cano 1697dc63a7
Merge pull request #1608 from smallstep/mariano/ra-template 
Build RA token using SANs from the template
 6 months ago
Mariano Cano 690d1c3c50
Merge pull request #1609 from smallstep/mariano/jwk-commonname 
Change CommonName validator in JWK
 6 months ago
github-actions[bot] 111bc1d789
Merge pull request #1613 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.5.4 
Bump cloud.google.com/go/longrunning from 0.5.3 to 0.5.4
 6 months ago
dependabot[bot] 8c5d26e1c5
Bump cloud.google.com/go/longrunning from 0.5.3 to 0.5.4 
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go) from 0.5.3 to 0.5.4.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/longrunning/v0.5.3...longrunning/v0.5.4)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
github-actions[bot] 444cfe2fcd
Merge pull request #1614 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.15.4 
Bump cloud.google.com/go/security from 1.15.3 to 1.15.4
 6 months ago
dependabot[bot] 8406f75806
Bump cloud.google.com/go/security from 1.15.3 to 1.15.4 
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.15.3 to 1.15.4.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/kms/v1.15.3...kms/v1.15.4)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 6 months ago
Herman Slatman 132e888f36
Merge pull request #1610 from abelgvidal/fixcontrib 
Amend link to Contribution Guide in README
 7 months ago
Abel Gonzalez 807c7562f5 Amend wrong link to Contribution Guide in README 7 months ago
Mariano Cano 49045a1150
Change CommonName validator in JWK 
This commit changes the common name validator in the JWK provisioner to
accept either the token subject or any of the sans in the token.
 7 months ago
Mariano Cano 6705b7dde4
Build RA token using SANs from the template 
This commit updates the RA token to use the SANs coming from the
template instead of the CSR.

Note that this PR might break some admin tokens.
 7 months ago
github-actions[bot] ef2b43d888
Merge pull request #1604 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.15.3 
Bump cloud.google.com/go/security from 1.15.2 to 1.15.3
 7 months ago
dependabot[bot] 3528012614
Bump cloud.google.com/go/security from 1.15.2 to 1.15.3 
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go) from 1.15.2 to 1.15.3.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/kms/v1.15.2...kms/v1.15.3)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 7 months ago
github-actions[bot] a278e707e8
Merge pull request #1605 from smallstep/dependabot/go_modules/github.com/google/uuid-1.4.0 
Bump github.com/google/uuid from 1.3.1 to 1.4.0
 7 months ago
github-actions[bot] 7043ff1464
Merge pull request #1606 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.5.3 
Bump cloud.google.com/go/longrunning from 0.5.2 to 0.5.3
 7 months ago
dependabot[bot] 15383bae66
Bump cloud.google.com/go/longrunning from 0.5.2 to 0.5.3 
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go) from 0.5.2 to 0.5.3.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/longrunning/v0.5.2...longrunning/v0.5.3)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 7 months ago