Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-11 07:11:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,787 Commits 37 Branches 223 Tags 44 MiB
fc1fb51854
Commit Graph

3787 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Herman Slatman
fc1fb51854
Improve SCEP authority initialization and reload 2023-08-02 18:35:38 +02:00
Herman Slatman
7163c4f95f
Add helper for getting the appropriate SCEP response signer 2023-08-02 16:01:58 +02:00
Herman Slatman
59b7419dcf
Rely on latest linkedca commit with SCEPDecrypter support 2023-08-02 15:49:32 +02:00
Herman Slatman
569a1be12c
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-08-02 15:45:45 +02:00
github-actions[bot]
c07124e374
Merge pull request #1499 from smallstep/dependabot/go_modules/google.golang.org/api-0.134.0 
Bump google.golang.org/api from 0.132.0 to 0.134.0
 2023-07-31 10:20:37 -07:00
dependabot[bot]
74240092e9
Bump google.golang.org/api from 0.132.0 to 0.134.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.132.0 to 0.134.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.132.0...v0.134.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-31 17:12:25 +00:00
github-actions[bot]
edd718d89e
Merge pull request #1498 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.57.0 
Bump google.golang.org/grpc from 1.56.2 to 1.57.0
 2023-07-31 10:10:53 -07:00
dependabot[bot]
a8b67cd9e6
Bump google.golang.org/grpc from 1.56.2 to 1.57.0 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.2 to 1.57.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.2...v1.57.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-31 15:12:12 +00:00
Mariano Cano
d8a9c69eaa
Merge pull request #1484 from smallstep/fix-620 
Add support for the disableSmallstepExtensions claim
 2023-07-28 08:30:13 -07:00
Mariano Cano
d0fd9ebe42
Update Makefile preparing for a new release 2023-07-27 15:05:04 -07:00
Mariano Cano
cce7d9e839
Address comments from code review 2023-07-27 15:05:04 -07:00
Mariano Cano
c7c7decd5e
Add support for the disableSmallstepExtensions claim 
This commit adds a new claim to exclude the Smallstep provisioner
extension from the generated certificates.

Fixes #620
 2023-07-27 15:05:01 -07:00
Mariano Cano
d7efceadb1
Merge pull request #1493 from smallstep/steppath 
Remove automatic initialization of the STEPPATH
 2023-07-27 12:33:35 -07:00
Mariano Cano
7429008599
Use tagged versions of crypto and cli-utils 2023-07-27 12:24:17 -07:00
Herman Slatman
1ce80cf740
Merge branch 'master' into herman/scep-provisioner-decrypter 2023-07-27 01:03:26 +02:00
Herman Slatman
567fc25404
Use the RSA decryption configuration for signing responses too 2023-07-27 00:55:39 +02:00
Mariano Cano
7061147885
Use step.Abs to load the certificate templates 
step.Abs has been removed from crypto and they need to be set when those
methods are used
 2023-07-26 15:44:02 -07:00
Mariano Cano
40a2f53589
Remove automatic initialization of the STEPPATH 
This commit upgrades cli-utils and crypto packages that remove the
automatic initialization of the STEPPATH.
 2023-07-26 15:34:05 -07:00
Herman Slatman
557672bb4b
Add some notes for SCEP provisioners 2023-07-26 19:11:51 +02:00
Mariano Cano
95887ebf40
Merge pull request #1481 from smallstep/remove-user-regex 
Remove OIDC user regexp check
 2023-07-25 10:56:13 -07:00
Josh Drake
a1350b14fb
Merge pull request #1489 from smallstep/josh/authorization-principal-in-webhook 
Include authorization principal in provisioner webhooks.
 2023-07-24 21:22:46 -05:00
Mariano Cano
c9df65ebae
Merge pull request #1490 from smallstep/dry-run-migration 
Add option to dry-run the migration
 2023-07-24 16:39:39 -07:00
Mariano Cano
d9d7c52997
Add option to dry-run the migration 
This commit adds an option that runs the migration on a virtual database
that doesn't do anything. This option can be used to see how many rows
there are.
 2023-07-24 16:35:22 -07:00
Josh Drake
ff424fa944
Fix tests. 2023-07-24 15:27:49 -05:00
github-actions[bot]
7282245e88
Merge pull request #1488 from smallstep/dependabot/go_modules/go.step.sm/linkedca-0.20.0 
Bump go.step.sm/linkedca from 0.19.1 to 0.20.0
 2023-07-24 18:21:34 +02:00
github-actions[bot]
9a7582d1d3
Merge pull request #1487 from smallstep/dependabot/go_modules/google.golang.org/api-0.132.0 
Bump google.golang.org/api from 0.131.0 to 0.132.0
 2023-07-24 18:20:32 +02:00
dependabot[bot]
7796ad8f90
Bump go.step.sm/linkedca from 0.19.1 to 0.20.0 
Bumps [go.step.sm/linkedca](https://github.com/smallstep/linkedca) from 0.19.1 to 0.20.0.
- [Release notes](https://github.com/smallstep/linkedca/releases)
- [Commits](https://github.com/smallstep/linkedca/compare/v0.19.1...v0.20.0)

---
updated-dependencies:
- dependency-name: go.step.sm/linkedca
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-24 15:30:23 +00:00
dependabot[bot]
2d666cfc4f
Bump google.golang.org/api from 0.131.0 to 0.132.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.131.0 to 0.132.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.131.0...v0.132.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-24 15:30:12 +00:00
Josh Drake
904f416d20
Include authorization principal in provisioner webhooks. 2023-07-24 00:30:05 -05:00
Mariano Cano
d89c3a942e
Merge pull request #1486 from smallstep/migrate-admindb 
Add to the migration script the admin tables
 2023-07-20 20:55:35 -07:00
Mariano Cano
aa30c2c73c
Add to the migration script the admin tables 2023-07-20 18:07:28 -07:00
Mariano Cano
31533c4a15
Merge pull request #1485 from smallstep/webhooks-x5c 
Send X5C leaf certificate to webhooks
 2023-07-20 14:02:59 -07:00
Mariano Cano
5bfe96d8c7
Send X5C leaf certificate to webhooks 
This commit adds a new property that will be sent to authorizing and
enriching webhooks when signing certificates using the X5C provisioner.
 2023-07-20 13:03:45 -07:00
Mariano Cano
d604a900ed
Merge pull request #1482 from smallstep/fix-reload-tests 
Wait for Accept in TestBootstrapClientServerRotation
 2023-07-19 15:03:52 -07:00
Mariano Cano
0c3a1aea38
Wait for Accept in TestBootstrapClientServerRotation 
The TestBootstrapClientServerRotation often fails because the reload
returns once the Server loop gets the new listener, but the server
hasn't really started yet. This commit makes the test pass, adding a
small sleep after the reload.

A proper fix might require a wrapper over the listener and an ACK
callback on a sync.Once on a custom Accept.
 2023-07-19 14:56:09 -07:00
Mariano Cano
7fa97bedec
Remove OIDC user regexp check 
This commit removes the regular expression check on OIDC usernames.
Although it is not recommended to use any character in a username,
it is possible to create and use them. The tool useradd has the flag
--badname and adduser has --allow-badname and --allow-all-names to
create new users with any character.

Moreover, it is possible to create any username with the rest of
provisioners.

Fixes #1436
 2023-07-19 11:05:01 -07:00
Mariano Cano
cbc46d11e5
Merge pull request #1477 from smallstep/badger-migration 
Add tool to migrate data from badger to mysql or postgresql
 2023-07-18 14:36:06 -07:00
Mariano Cano
1755c8d60f
Fix typo in comment 2023-07-18 14:21:55 -07:00
Mariano Cano
f7da9a6f30
Allow to resume badger migration using a given key 2023-07-18 13:11:19 -07:00
Mariano Cano
f7c33d0878
Fix typos in badger migration script 2023-07-18 10:27:36 -07:00
Mariano Cano
7bca0c2349
Add tool to migrate data from badger to mysql or postgresql 2023-07-17 17:40:43 -07:00
Mariano Cano
90bac46a00
Merge pull request #1476 from smallstep/fix-1463 
Upgrade go.step.sm/crypto with yubikey fix
 2023-07-17 09:53:58 -07:00
Mariano Cano
9edf43b188
Upgrade go.step.sm/crypto with yubikey fix 
This commit upgrades the go.step.sm/crypto with a version that includes
a mutex on YubiKey sign and decrypt operations.

Fixes #1463
 2023-07-17 09:45:40 -07:00
github-actions[bot]
f998b19bb3
Merge pull request #1474 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.32.3 
Bump go.step.sm/crypto from 0.32.2 to 0.32.3
 2023-07-17 18:35:23 +02:00
github-actions[bot]
41ff437a6b
Merge pull request #1475 from smallstep/dependabot/go_modules/google.golang.org/api-0.131.0 
Bump google.golang.org/api from 0.130.0 to 0.131.0
 2023-07-17 18:25:38 +02:00
dependabot[bot]
d1607e460d
Bump google.golang.org/api from 0.130.0 to 0.131.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.130.0 to 0.131.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.130.0...v0.131.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-17 15:19:47 +00:00
dependabot[bot]
b9a3031b84
Bump go.step.sm/crypto from 0.32.2 to 0.32.3 
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.32.2 to 0.32.3.
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.32.2...v0.32.3)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-17 15:19:33 +00:00
Carl Tashian
4059184b43
Merge pull request #1446 from smallstep/carl/check-cgo-deps 
Address Makefile issues around the cgo build
 2023-07-13 16:07:00 -07:00
Herman Slatman
0607027412
Merge branch 'master' into carl/check-cgo-deps 2023-07-11 11:26:07 +02:00
Herman Slatman
d39a28535d
Merge pull request #1462 from testwill/ioutil 
chore: log error
 2023-07-11 11:21:58 +02:00