Mariano Cano
0b748f2d03
Merge pull request #955 from shuLhan/cas-cloudcas-test-go119
...
cas/cloudcas: update test on createPublicKey for the next Go release
2 years ago
Shulhan
ee53530d1f
cas/cloudcas: update test on createPublicKey for the next Go release
...
The next Go release call panic on elliptic.Marshal [1][2], which
affect the test case fail_ec_marshal on createPublicKey.
This changes fix this by initializing the P and B in test case
PublicKey CurveParams to prevent panic.
[1] https://github.com/golang/go/issues/50975
[2] a218b3520a
2 years ago
Shulhan
fe04f93d7f
all: reformat all go files with the next gofmt (Go 1.19)
...
There are some changes that manually edited, for example using '-' as
default list and grouping imports.
2 years ago
Mariano Cano
304cc5a70f
Merge pull request #950 from gdbelvin/pinsrc
...
step-pkcs11-init pin-file support
2 years ago
Gary Belvin
fed09047f9
pinfile
2 years ago
Max
34d141e4d5
Merge pull request #945 from smallstep/changelog-update
...
Update changelog
2 years ago
max furman
5e56a7b4ec
Changelog update for 0.20.0
...
- added line for new WithOptions on authority Init
2 years ago
Herman Slatman
b4b9893fcd
Update changelog
2 years ago
Mariano Cano
6d580a69e8
Update changelog
2 years ago
Mariano Cano
de00e01f1b
Merge pull request #947 from smallstep/fix-ssh-revocation
...
Fix SSH certificate revocation
2 years ago
Mariano Cano
2adf8caac7
Fix Dependabot warning on an indirect dependency
2 years ago
Mariano Cano
9c049eec5a
Add revoke ssh unit test
2 years ago
Mariano Cano
ce9a23a0f7
Fix SSH certificate revocation
2 years ago
Herman Slatman
abfbbc8d49
Merge pull request #946 from smallstep/herman/acme-csr-padding
...
Strip base64-url padding from ACME CSR
2 years ago
Herman Slatman
fd546287ac
Strip base64-url padding from ACME CSR
...
This commit strips the padding from a base64-url encoded CSR
submitted by a client that doesn't use raw base64-url encoding.
2 years ago
Herman Slatman
a564b4f32e
Merge pull request #944 from smallstep/herman/tls-wasm-client
...
Set nil dial context for js/wasm runtime
2 years ago
Herman Slatman
a7dd3a986f
Set nil dial context for js/wasm runtime
2 years ago
Mariano Cano
911cec21da
Merge pull request #943 from smallstep/ssh-renew-provisioner
...
Add provisioner to SSH renewals
2 years ago
Mariano Cano
94f5b92513
Use proper context in authority package
2 years ago
Mariano Cano
1be74eca62
Merge branch 'master' into ssh-renew-provisioner
2 years ago
Mariano Cano
539bfddba5
Merge pull request #914 from smallstep/context-authority
...
Retrieve authority from the context
2 years ago
Mariano Cano
e7f4eaf6c4
Remove explicit deprecation notice
...
This will avoid linter errors on other projects for now.
2 years ago
Mariano Cano
26dd97e718
Merge branch 'master' into context-authority
2 years ago
Mariano Cano
02fd0e7170
Merge pull request #913 from delamart/master
...
Vault Kubernetes Auth
2 years ago
Erik DeLamarter
07984a968f
better error messages
...
Co-authored-by: Mariano Cano <mariano.cano@gmail.com>
2 years ago
Erik De Lamarter
9ec154aab0
rewrite and improve secret-id config
2 years ago
Erik De Lamarter
6989c7f146
vault auth unit tests
2 years ago
Erik De Lamarter
6c44291d8d
refactor vault auth
2 years ago
Erik De Lamarter
dec1067add
vault kubernetes auth
2 years ago
Mariano Cano
6b3a8f22f3
Add provisioner to SSH renewals
...
This commit allows to report the provisioner to the linkedca when
a SSH certificate is renewed.
2 years ago
Mariano Cano
3c4d0412ef
Merge pull request #941 from smallstep/ssh-provisioner
...
Report SSH provisioner
2 years ago
Mariano Cano
eebbd65dd5
Fix linter error
2 years ago
Max
f8148071fb
Merge pull request #915 from smallstep/max/removing-beta
...
exposing authority configuration for provisioner cli commands
2 years ago
max furman
5443aa073a
gofmt -s
2 years ago
max furman
8ca9442fe9
Add -s to make fmt and bump golangci-lint to 1.45.2
2 years ago
Max
586e4fd3b5
Update authority/options.go
...
Co-authored-by: Mariano Cano <mariano@smallstep.com>
2 years ago
Mariano Cano
1ad75a3bdb
Skip failing test for now
...
This test fails randomly on VMs, there's an issue to fix this so
skipping it for now
2 years ago
Mariano Cano
dd985ce154
Clarify errors when sending renewed certificates
2 years ago
Mariano Cano
a627f21440
Fix AuthorizeSSHSign tests with extra SignOption
2 years ago
Mariano Cano
e7d7eb1a94
Add provisioner as a signOption for SSH
2 years ago
Mariano Cano
293586079a
Store provisioner with SignSSH
...
This change also allows to store the old certificate on renewal on
linkedca or if the db interface supports it.
2 years ago
Mariano Cano
c8d7ad7ab9
Fix store certificates methods with new interface
2 years ago
Mariano Cano
de99c3cac0
Report provisioner and parent on linkedca
2 years ago
Mariano Cano
20b2c6a201
Extract cert storer methods from AuthDB
...
To be able to extend the AuthDB with methods that also extend the
provisioner we need to either create a new method or to split the
interface. This change splits the interface so we can have a cleaner
implementation.
2 years ago
Herman Slatman
9e05cc4d51
Merge pull request #940 from smallstep/herman/improve-renew-expired-cert-error
...
Improve error message when client renews with expired certificate
2 years ago
Herman Slatman
479eda7339
Improve error message when client renews with expired certificate
...
When a client provides an expired certificate and `AllowAfterExpiry`
is not enabled, the client would get a rather generic error with
instructions to view the CA logs. Viewing the CA logs can be done
when running `step-ca`, but they can't be accessed easily in the
hosted solution.
This commit returns a slightly more informational message to the
client in this specific situation.
2 years ago
max furman
fff00aca78
Updates to issue templates
2 years ago
max furman
bfb406bf70
Fixes for PR review
2 years ago
Herman Slatman
14524d7916
Merge pull request #938 from smallstep/herman/update-crypto-0.16.2
...
Update go.step.sm/crypto to v0.16.2
2 years ago
Herman Slatman
d1ab1d5431
Merge branch 'master' into herman/update-crypto-0.16.2
2 years ago