aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-07-31Use a KRL for revoked certsNiall Sheridan
2016-07-24Add a page for revoking certsNiall Sheridan
Add a template for revocation Use DATETIME type to store created/expires times Require auth for the /admin and /revoke endpoints
2016-07-17Update vendor libsNiall Sheridan
2016-07-17Add some handlers testsNiall Sheridan
2016-07-03first pass at a certificate storeNiall Sheridan
2016-06-30Configurable logfile locationNiall Sheridan
2016-06-29Add CI imageNiall Sheridan
2016-06-28http loggingNiall Sheridan
2016-06-28i have no idea what i'm doingNiall Sheridan
2016-06-28remove originNiall Sheridan
2016-06-28run tests using tipNiall Sheridan
2016-06-27Updated agent lib accepts *ed25519.PrivateKeyNiall Sheridan
2016-06-15Merge pull request #22 from nsheridan/whitelistNiall Sheridan
Update whitelisting
2016-06-14Update whitelistingNiall Sheridan
Whitelist Google users based on their email address instead of the username part of the email address. Plain gmail (non Google Apps) accounts don't necessarily end in '@gmail.com', and whitelisting on username alone is open to abuse. Skip testing for a Google Apps domain (ui.Hd) if no domain is configured. Principals will still be added as the user part of the email address. For the Github provider, skip checking that the user is a member of an organization is none is configured.
2016-06-14Update READMENiall Sheridan
2016-06-14Merge pull request #21 from nsheridan/whitelist_supportMarco Bonetti
Add support for a users whitelist
2016-06-14Add support for a users whitelistMarco Bonetti
2016-06-13Don't test against tipNiall Sheridan
2016-06-13Run the linter as part of tests.Niall Sheridan
Fix lint warnings.
2016-06-06Merge pull request #18 from nsheridan/agent_lifetimeNiall Sheridan
Remove certs from the agent when they expire
2016-06-06Update agent packageNiall Sheridan
Added support for certificate lifetimes
2016-06-06Merge pull request #17 from nsheridan/vendorNiall Sheridan
update dependencies
2016-06-06Merge pull request #16 from nsheridan/s3Niall Sheridan
Add AWS S3 and Google GCS virtual filesystems
2016-06-06Merge pull request #15 from nsheridan/auth_stateNiall Sheridan
Save oauth 'state' identifier in the client
2016-06-06update vendorNiall Sheridan
2016-06-06Save oauth 'state' identifier in the clientNiall Sheridan
2016-06-05Add AWS S3 and Google GCS virtual filesystems.Niall Sheridan
This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>.
2016-06-02Set an expiry on keys added to the agentNiall Sheridan
2016-06-02Validate tokens correctlyNiall Sheridan
This switch statement doesn't do what I thought it does
2016-06-01FixNiall Sheridan
2016-05-29Add tmp to .gitignorePatrick O'Doherty
2016-05-29Merge pull request #10 from nsheridan/hclNiall Sheridan
Switch from json to hcl configs
2016-05-29Filter vendor packages from testsNiall Sheridan
2016-05-29Replace json examples with hcl examplesNiall Sheridan
2016-05-29Ignore new default config file.Niall Sheridan
2016-05-29Switch from json to hcl configsNiall Sheridan
This is backward-compatible with the JSON config format - this is a non-breaking change. HCL treats config blocks as repeated fields so the config has to be unmarshalled into a struct comprised of []Server, []Auth, []SSH first.
2016-05-29Merge pull request #7 from nsheridan/client_configNiall Sheridan
client: use a config file in addition to command-line flags
2016-05-29Merge pull request #11 from nsheridan/go_versionsNiall Sheridan
Run more CI checks
2016-05-29Run more CI checksNiall Sheridan
Re-enable go 1.5 Run `go build`, `gofmt` and `go vet` in addition to tests.
2016-05-29Use flags as defaults, allow them to override config fileNiall Sheridan
2016-05-29Remove unneeded template_dirNiall Sheridan
2016-05-29Mention GO15VENDOREXPERIMENTNiall Sheridan
2016-05-29fix client_test.go invocations of send methodPatrick O'Doherty
2016-05-29Add validate_tls_certificate option to client configPatrick O'Doherty
To allow for easier development on localhost where one cannot get a root-CA signed TLS certificate, add a new validate_tls_certificate option to the configuration file which optionally allows for certificate chain checking to be disabled.
2016-05-29Fix testsNiall Sheridan
2016-05-29Use a simple config file for configuring the client.Niall Sheridan
2016-05-28Merge pull request #9 from nsheridan/github_authNiall Sheridan
Set expiry time in the github auth package
2016-05-28Set expiry time in the github auth packageNiall Sheridan
2016-05-28Define the token tmpl as a stringNiall Sheridan
2016-05-25Fix key name in example config.Patrick O'Doherty
Add config.json to a gitignore to prevent it being versioned.