Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-07-17 | Add some handlers tests | Niall Sheridan | |
2016-07-03 | first pass at a certificate store | Niall Sheridan | |
2016-06-30 | Configurable logfile location | Niall Sheridan | |
2016-06-29 | Add CI image | Niall Sheridan | |
2016-06-28 | http logging | Niall Sheridan | |
2016-06-28 | i have no idea what i'm doing | Niall Sheridan | |
2016-06-28 | remove origin | Niall Sheridan | |
2016-06-28 | run tests using tip | Niall Sheridan | |
2016-06-27 | Updated agent lib accepts *ed25519.PrivateKey | Niall Sheridan | |
2016-06-15 | Merge pull request #22 from nsheridan/whitelist | Niall Sheridan | |
Update whitelisting | |||
2016-06-14 | Update whitelisting | Niall Sheridan | |
Whitelist Google users based on their email address instead of the username part of the email address. Plain gmail (non Google Apps) accounts don't necessarily end in '@gmail.com', and whitelisting on username alone is open to abuse. Skip testing for a Google Apps domain (ui.Hd) if no domain is configured. Principals will still be added as the user part of the email address. For the Github provider, skip checking that the user is a member of an organization is none is configured. | |||
2016-06-14 | Update README | Niall Sheridan | |
2016-06-14 | Merge pull request #21 from nsheridan/whitelist_support | Marco Bonetti | |
Add support for a users whitelist | |||
2016-06-14 | Add support for a users whitelist | Marco Bonetti | |
2016-06-13 | Don't test against tip | Niall Sheridan | |
2016-06-13 | Run the linter as part of tests. | Niall Sheridan | |
Fix lint warnings. | |||
2016-06-06 | Merge pull request #18 from nsheridan/agent_lifetime | Niall Sheridan | |
Remove certs from the agent when they expire | |||
2016-06-06 | Update agent package | Niall Sheridan | |
Added support for certificate lifetimes | |||
2016-06-06 | Merge pull request #17 from nsheridan/vendor | Niall Sheridan | |
update dependencies | |||
2016-06-06 | Merge pull request #16 from nsheridan/s3 | Niall Sheridan | |
Add AWS S3 and Google GCS virtual filesystems | |||
2016-06-06 | Merge pull request #15 from nsheridan/auth_state | Niall Sheridan | |
Save oauth 'state' identifier in the client | |||
2016-06-06 | update vendor | Niall Sheridan | |
2016-06-06 | Save oauth 'state' identifier in the client | Niall Sheridan | |
2016-06-05 | Add AWS S3 and Google GCS virtual filesystems. | Niall Sheridan | |
This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>. | |||
2016-06-02 | Set an expiry on keys added to the agent | Niall Sheridan | |
2016-06-02 | Validate tokens correctly | Niall Sheridan | |
This switch statement doesn't do what I thought it does | |||
2016-06-01 | Fix | Niall Sheridan | |
2016-05-29 | Add tmp to .gitignore | Patrick O'Doherty | |
2016-05-29 | Merge pull request #10 from nsheridan/hcl | Niall Sheridan | |
Switch from json to hcl configs | |||
2016-05-29 | Filter vendor packages from tests | Niall Sheridan | |
2016-05-29 | Replace json examples with hcl examples | Niall Sheridan | |
2016-05-29 | Ignore new default config file. | Niall Sheridan | |
2016-05-29 | Switch from json to hcl configs | Niall Sheridan | |
This is backward-compatible with the JSON config format - this is a non-breaking change. HCL treats config blocks as repeated fields so the config has to be unmarshalled into a struct comprised of []Server, []Auth, []SSH first. | |||
2016-05-29 | Merge pull request #7 from nsheridan/client_config | Niall Sheridan | |
client: use a config file in addition to command-line flags | |||
2016-05-29 | Merge pull request #11 from nsheridan/go_versions | Niall Sheridan | |
Run more CI checks | |||
2016-05-29 | Run more CI checks | Niall Sheridan | |
Re-enable go 1.5 Run `go build`, `gofmt` and `go vet` in addition to tests. | |||
2016-05-29 | Use flags as defaults, allow them to override config file | Niall Sheridan | |
2016-05-29 | Remove unneeded template_dir | Niall Sheridan | |
2016-05-29 | Mention GO15VENDOREXPERIMENT | Niall Sheridan | |
2016-05-29 | fix client_test.go invocations of send method | Patrick O'Doherty | |
2016-05-29 | Add validate_tls_certificate option to client config | Patrick O'Doherty | |
To allow for easier development on localhost where one cannot get a root-CA signed TLS certificate, add a new validate_tls_certificate option to the configuration file which optionally allows for certificate chain checking to be disabled. | |||
2016-05-29 | Fix tests | Niall Sheridan | |
2016-05-29 | Use a simple config file for configuring the client. | Niall Sheridan | |
2016-05-28 | Merge pull request #9 from nsheridan/github_auth | Niall Sheridan | |
Set expiry time in the github auth package | |||
2016-05-28 | Set expiry time in the github auth package | Niall Sheridan | |
2016-05-28 | Define the token tmpl as a string | Niall Sheridan | |
2016-05-25 | Fix key name in example config. | Patrick O'Doherty | |
Add config.json to a gitignore to prevent it being versioned. | |||
2016-05-24 | Merge pull request #4 from patrickod/patrickod/fail-open-open-config | Patrick O'Doherty | |
Don't allow wide-open Google or Github configs | |||
2016-05-24 | Don't allow wide-open Google or Github configs | Patrick O'Doherty | |
Fail loudly if either the google_opts domain value or github_opts organization values are not set in the configuration. The lack of these values means that a) in the Google case any @gmail.com address will be allowed b) the Github case any Github user will be allowed. This was previously documented but left as a foot-gun in the code. Future commits will allow for explicit wildcards to be set. | |||
2016-05-22 | Update README | Niall Sheridan | |