81 Commits

Author	SHA1	Message	Date
Herman Slatman	77893ea55c	Change authority policy to use dbPolicy model	2022-05-02 15:55:26 +02:00
Herman Slatman	d82e51b748	Update AllowWildcardNames configuration name	2022-04-29 15:08:19 +02:00
Herman Slatman	2b7f6931f3	Change Subject Common Name verification ... Subject Common Names can now also be configured to be allowed or denied, similar to SANs. When a Subject Common Name is not explicitly allowed or denied, its type will be determined and its value will be validated according to the constraints for that type of name (i.e. URI).	2022-04-28 14:49:23 +02:00
Herman Slatman	bddd08d4b0	Remove "proto:" prefix from bad proto JSON messages	2022-04-26 14:01:16 +02:00
Herman Slatman	2a7620641f	Fix more PR comments	2022-04-26 10:15:17 +02:00
Herman Slatman	ef110a94df	Change pointer booleans to regular boolean configuration	2022-04-21 23:45:05 +02:00
Herman Slatman	e9f5a1eb98	Improve policy bad request handling	2022-04-21 17:16:02 +02:00
Herman Slatman	b72430f4ea	Block all APIs when using linked deployment mode	2022-04-21 16:18:55 +02:00
Herman Slatman	fb81407d6f	Fix ACME policy comments	2022-04-21 13:21:06 +02:00
Herman Slatman	a2cfbe3d54	Fix (part of) PR comments	2022-04-21 12:14:03 +02:00
Herman Slatman	3eecc4f7bb	Improve test coverage for reloadPolicyEngines	2022-04-19 17:10:13 +02:00
Herman Slatman	72bbe53376	Add additional policy options	2022-04-19 14:41:36 +02:00
Herman Slatman	9a21208f22	Add deduplication of policy configuration values	2022-04-19 13:21:37 +02:00
Herman Slatman	f2f9cb899e	Add conditional defaults to policy protobuf request bodies	2022-04-19 12:09:45 +02:00
Herman Slatman	7f9034d22a	Add additional policy options	2022-04-19 10:24:52 +02:00
Herman Slatman	def9438ad6	Improve handling of bad JSON protobuf bodies	2022-04-18 23:38:13 +02:00
Herman Slatman	2ca5c0170f	Fix flaky test behavior for protobuf messages	2022-04-18 22:39:47 +02:00
Herman Slatman	8d15a027a7	Fix if-else linting issue	2022-04-18 21:47:13 +02:00
Herman Slatman	99702d3648	Fix case of no authority policy existing	2022-04-18 21:14:30 +02:00
Herman Slatman	30d5d89a13	Improve test coverage for Policy Admin API	2022-04-15 10:43:25 +02:00
Herman Slatman	256fe113f7	Improve tests for ACME account policy	2022-04-11 15:25:55 +02:00
Herman Slatman	7df52dbb76	Add ACME EAB policy	2022-04-07 14:11:53 +02:00
Herman Slatman	679e2945f2	Disallow name constraint wildcard notation	2022-04-04 15:35:49 +02:00
Herman Slatman	96f4c49b0c	Improve how policy errors are returned and used	2022-04-04 13:58:16 +02:00
Herman Slatman	571b21abbc	Fix (most) PR comments	2022-03-31 16:12:29 +02:00
Herman Slatman	bfa4d809fd	Improve middleware test coverage	2022-03-30 18:21:25 +02:00
Herman Slatman	2fbdf7d5b0	Merge branch 'master' into herman/allow-deny	2022-03-30 14:50:14 +02:00
Herman Slatman	0e052fe299	Add authority policy API	2022-03-30 14:21:39 +02:00
Panagiotis Siatras	00634fb648	api/render, api/log: initial implementation of the packages (#860) ... * api/render: initial implementation of the package * acme/api: refactored to support api/render * authority/admin: refactored to support api/render * ca: refactored to support api/render * api: refactored to support api/render * api/render: implemented Error * api: refactored to support api/render.Error * acme/api: refactored to support api/render.Error * authority/admin: refactored to support api/render.Error * ca: refactored to support api/render.Error * ca: fixed broken tests * api/render, api/log: moved error logging to this package * acme: refactored Error so that it implements render.RenderableError * authority/admin: refactored Error so that it implements render.RenderableError * api/render: implemented RenderableError * api/render: added test coverage for Error * api/render: implemented statusCodeFromError * api: refactored RootsPEM to work with render.Error * acme, authority/admin: fixed pointer receiver name for consistency * api/render, errs: moved StatusCoder & StackTracer to the render package	2022-03-30 11:22:22 +03:00
Herman Slatman	b49307f326	Fix ACME order tests with mock ACME CA	2022-03-24 18:34:04 +01:00
Herman Slatman	613c99f00f	Fix linting issues	2022-03-24 13:10:49 +01:00
Herman Slatman	dc23fd23bf	Merge branch 'master' into herman/allow-deny-next	2022-03-24 12:36:12 +01:00
Herman Slatman	6b620c8e9c	Improve protobuf unmarshaling error handling	2022-03-24 10:54:45 +01:00
Herman Slatman	101ca6a2d3	Check admin subjects before changing policy	2022-03-21 15:53:59 +01:00
Panagiotis Siatras	4fb38afc57	authority/admin/api: refactored to use the read package	2022-03-18 20:21:00 +02:00
Herman Slatman	81b0c6c37c	Add API implementation for authority and provisioner policy	2022-03-15 15:56:04 +01:00
Herman Slatman	5b713a564c	Change CM link	2022-02-10 12:55:47 +01:00
Herman Slatman	d00729df0b	Refactor ACME Admin API	2022-02-08 13:26:30 +01:00
Herman Slatman	fd9845e9c7	Add cursor and limit to ACME EAB DB interface	2022-01-24 14:03:56 +01:00
Herman Slatman	868cc4ad7f	Increase test coverage for additional indexes	2022-01-20 17:06:23 +01:00
Herman Slatman	8838961b68	Merge branch 'master' into hs/acme-eab	2022-01-20 11:05:28 +01:00
Herman Slatman	ef16febf40	Refactor ACME EAB queries ... The ACME EAB keys are now also indexed by the provisioner. This solves part of the issue in which too many EAB keys may be in memory at a given time.	2022-01-07 16:59:55 +01:00
Herman Slatman	30859d3c83	Remove server-side paging logic for ExternalAccountKeys	2022-01-06 14:09:35 +01:00
Mariano Cano	6a1d0cb9f8	Add linkedca conversions.	2022-01-04 18:42:57 -08:00
Herman Slatman	5fe9909174	Refactor AdminAuthority interface	2021-12-22 15:30:40 +01:00
Herman Slatman	f9ae875f9d	Use short if-style statements	2021-12-20 14:30:01 +01:00
Herman Slatman	5f224b729e	Add tests for Provisioner Admin API	2021-12-09 23:15:38 +01:00
Herman Slatman	43a78f495f	Add tests for Admin API	2021-12-09 17:29:23 +01:00
Herman Slatman	bd169f505f	Add Admin API Middleware tests	2021-12-09 15:26:18 +01:00
Herman Slatman	63371a8fb6	Add additional tests for ACME EAB Admin	2021-12-09 13:46:47 +01:00