Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-17 15:29:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,237 Commits 39 Branches 223 Tags 44 MiB
65cfee56df
Commit Graph

4237 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
51612b6345
Bump google.golang.org/api from 0.143.0 to 0.145.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.143.0 to 0.145.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.143.0...v0.145.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-09 15:14:33 +00:00
Max
9f84f7ce35
Allow for identity certificate signing (in sshSign) by skipping validators (#1572) 
- skip urisValidator for identity certificate signing. Implemented
  by building the validator with the context in a hacky way.
 2023-10-06 14:02:19 -07:00
Herman Slatman
06750b03fe
Merge pull request #1566 from smallstep/herman/fix-init-with-duplicate-provisioner-name 
Fix `step ca init` with duplicate provisioner name (`--provisioner acme --acme`)
 2023-10-04 23:29:58 +02:00
Herman Slatman
d1dd1fa69c
Merge pull request #1570 from smallstep/herman/improve-scep-request-handling 
Improve SCEP request handling
 2023-10-04 22:51:44 +02:00
Herman Slatman
25f4b4014d
Add base64 to the raw message decoding error 2023-10-04 13:34:26 +02:00
Herman Slatman
965d7aa7f4
Fix linting issues 2023-10-04 13:33:01 +02:00
Herman Slatman
cd78b9fd43
Implement workaround for weird macOS SCEP message in query 
Apparently the macOS SCEP client sends a SCEP message in the query
that's not fully escaped. Only the base64 padding is escaped, the
'+' and '/' characters aren't.

This is a bit of a special case, because the macOS SCEP client
will default to using HTTP POST for the PKIOperation. But if the
CA is configured without the POSTPKIOperation capability, the
macOS SCEP client will use HTTP GET instead. This behavior might
be the same on iOS.
 2023-10-04 13:16:48 +02:00
Herman Slatman
3c12b4f5ad
Improve decoding SCEP requests 2023-10-03 16:32:55 +02:00
github-actions[bot]
829de7cf58
Merge pull request #1568 from smallstep/dependabot/go_modules/google.golang.org/api-0.143.0 
Bump google.golang.org/api from 0.142.0 to 0.143.0
 2023-10-03 01:00:42 +02:00
github-actions[bot]
2e4bb34363
Merge pull request #1567 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.26.0 
Bump github.com/newrelic/go-agent/v3 from 3.25.1 to 3.26.0
 2023-10-03 01:00:18 +02:00
dependabot[bot]
08dcf39cf7
Bump google.golang.org/api from 0.142.0 to 0.143.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.142.0 to 0.143.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.142.0...v0.143.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:55:28 +00:00
dependabot[bot]
9e0abb7c1d
Bump github.com/newrelic/go-agent/v3 from 3.25.1 to 3.26.0 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.25.1 to 3.26.0.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.25.1...v3.26.0)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:55:09 +00:00
Herman Slatman
2e560caf68
Add some basic tests for GenerateConfig 
So far the `GenerateConfig` method wasn't tested. This commit adds
a couple of basic tests for this method. It's not fully covered yet,
nor are all properties being checked, but it provides a starting
point for refactoring the CA (configuration) initialization process.
 2023-10-02 15:58:31 +02:00
Herman Slatman
991a9a6223
Merge branch 'master' into herman/fix-init-with-duplicate-provisioner-name 2023-10-02 14:17:53 +02:00
Herman Slatman
3c084822b3
Prevent invalid provisioner name on step ca init 
An unfortunate combination of `--provisioner acme` and the `--acme`
flags on `step ca init` could lead to an invalidat CA configuration.
This commit prevent this case from happening. A similar error could
occur for the `sshpop` provisioner, so a fix was implemented for that
case too.

The fix doesn't catch all cases, e.g. it doesn't check for multiple
provisioners having the same `acme-` or `sshpop-` prefix. The code
that is called is intended to be only called from a `step ca init`
invocation, so should work for these cases, but might not if the
methods are invoked at other times.
 2023-10-02 13:30:35 +02:00
Max
454cec7cdc
Remove gitleaks ignore file (#1565) 2023-09-29 20:02:51 +02:00
Max
5758657b53
[action] remove gitleaks key from code-scan-cron (#1564) 2023-09-29 19:34:28 +02:00
Carl Tashian
88dda9cd37
Merge pull request #1563 from smallstep/carl/fix-cosign-regexp 
Fix cosign identity regexp
 2023-09-28 17:18:03 -07:00
Carl Tashian
13db94721a
Fix cosign identity regexp 2023-09-28 17:06:03 -07:00
Carl Tashian
c1d0a90db5
Merge pull request #1562 from smallstep/carl/winget-pr 
Small tweaks to Winget & Scoop configs
 2023-09-27 14:46:02 -07:00
Carl Tashian
aa6de4059f
Small tweaks to Winget & Scoop configs 2023-09-27 14:42:34 -07:00
Max
4e3b344b00
Update changelog for 0.25.0 release (#1561) 2023-09-26 22:09:15 -07:00
Mariano Cano
f9db22d311
Merge pull request #1555 from smallstep/scep-password 
Change scep password type to string
 2023-09-26 13:25:47 -07:00
Mariano Cano
86c029df36
Merge pull request #1559 from smallstep/no-color 
Allow to disable color in the text formatter
 2023-09-26 12:19:56 -07:00
Mariano Cano
00d8d8f995
Allow to disable color in the text formatter 
This commit adds support for NO_COLOR environment variable, if this is
set, colors will be disabled in the logrus text formatter.

This commit also adds support for the environment variables supported by
logrus, CLICOLOR and CLICOLOR_FORCE

Related to #1549
 2023-09-26 12:10:22 -07:00
Mariano Cano
52baf52f84
Change scep password type to string 
This commit changes the type of the decrypter key password to string to
be consistent with other passwords in the ca.json
 2023-09-26 10:36:58 -07:00
Mariano Cano
b66a92ca41
Merge pull request #1414 from smallstep/herman/scep-provisioner-decrypter 
Add SCEP provisioner decrypter
 2023-09-25 17:37:37 -07:00
Mariano Cano
8fdcbd3ad0
Merge pull request #1554 from smallstep/fix-redacted-types 
Fix redacted types in SCEP provisioner
 2023-09-25 16:01:18 -07:00
Mariano Cano
33bdae4a34
Fix redacted tests 2023-09-25 15:57:01 -07:00
Mariano Cano
4d5fbfa439
Fix redacted types in SCEP provisioner 
This commit uses the same types for the fields in the provisioner.SCEP
type and the "redacted" models.SCEP.
 2023-09-25 15:49:45 -07:00
Herman Slatman
f505acbaa3
Merge pull request #1553 from smallstep/herman/change-scep-authority-initialization 
Change SCEP authority initialization
 2023-09-26 00:06:17 +02:00
Herman Slatman
c0fbace882
Address review remarks 2023-09-26 00:00:08 +02:00
Herman Slatman
4dc5a688fd
Set SCEP authority options once 2023-09-25 22:24:13 +02:00
Herman Slatman
15c46ebbaa
Switch logic for SCEP initialization around 2023-09-25 22:00:30 +02:00
Herman Slatman
f1da256ca4
Change SCEP authority initialization 2023-09-25 21:55:19 +02:00
Herman Slatman
0a5ae396c7
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-25 19:53:51 +02:00
Herman Slatman
4554f86f16
Make SCEP decrypter properties use omitempty 2023-09-25 19:48:12 +02:00
Herman Slatman
aea3f752bd
Upgrade to linkedca v0.20.1 2023-09-25 19:47:33 +02:00
github-actions[bot]
8989dbdb82
Merge pull request #1550 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.25.1 
Bump github.com/newrelic/go-agent/v3 from 3.24.1 to 3.25.1
 2023-09-25 19:46:40 +02:00
github-actions[bot]
eba23216d7
Merge pull request #1552 from smallstep/dependabot/go_modules/google.golang.org/api-0.142.0 
Bump google.golang.org/api from 0.141.0 to 0.142.0
 2023-09-25 19:46:01 +02:00
dependabot[bot]
f1b40a7dfb
Bump google.golang.org/api from 0.141.0 to 0.142.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.141.0 to 0.142.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.141.0...v0.142.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-25 16:20:58 +00:00
github-actions[bot]
0d430d4cdf
Merge pull request #1551 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.58.2 
Bump google.golang.org/grpc from 1.58.1 to 1.58.2
 2023-09-25 18:19:20 +02:00
dependabot[bot]
44662c6544
Bump google.golang.org/grpc from 1.58.1 to 1.58.2 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.1 to 1.58.2.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.58.1...v1.58.2)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-25 15:29:44 +00:00
dependabot[bot]
4df79cc974
Bump github.com/newrelic/go-agent/v3 from 3.24.1 to 3.25.1 
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent) from 3.24.1 to 3.25.1.
- [Release notes](https://github.com/newrelic/go-agent/releases)
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md)
- [Commits](https://github.com/newrelic/go-agent/compare/v3.24.1...v3.25.1)

---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-25 15:29:24 +00:00
Herman Slatman
ffe079f31b
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-09-23 00:06:56 +02:00
Herman Slatman
0d66158bf1
Merge pull request #1544 from smallstep/herman/scep-notifying-webhook 
Add SCEP issuance notification webhook
 2023-09-23 00:05:44 +02:00
Mariano Cano
e766ca7a38
Merge pull request #1546 from smallstep/fix-webhook-signature 
Fix webhooks signature
 2023-09-22 13:28:42 -07:00
Mariano Cano
31da66c124
Fix webhooks signature 
This commit fixes the way webhooks signatures are created. Before this
change, the signature of an empty body was prepended by the body itself.
 2023-09-22 13:22:52 -07:00
Herman Slatman
68a1c859b0
Merge pull request #1543 from dnwe/chi 
chore(deps): upgrade github.com/go-chi/chi to v5
 2023-09-22 13:49:04 +02:00
Herman Slatman
3f3b67e05c
Merge branch 'herman/scep-provisioner-decrypter' into herman/scep-notifying-webhook 2023-09-22 12:44:11 +02:00