aboutsummaryrefslogtreecommitdiff
path: root/cmd
AgeCommit message (Collapse)Author
2016-07-31Use a KRL for revoked certsNiall Sheridan
2016-07-24Add a page for revoking certsNiall Sheridan
Add a template for revocation Use DATETIME type to store created/expires times Require auth for the /admin and /revoke endpoints
2016-07-17Add some handlers testsNiall Sheridan
2016-07-03first pass at a certificate storeNiall Sheridan
2016-06-30Configurable logfile locationNiall Sheridan
2016-06-28http loggingNiall Sheridan
2016-06-27Updated agent lib accepts *ed25519.PrivateKeyNiall Sheridan
2016-06-06Merge pull request #18 from nsheridan/agent_lifetimeNiall Sheridan
Remove certs from the agent when they expire
2016-06-06Merge pull request #16 from nsheridan/s3Niall Sheridan
Add AWS S3 and Google GCS virtual filesystems
2016-06-06Save oauth 'state' identifier in the clientNiall Sheridan
2016-06-05Add AWS S3 and Google GCS virtual filesystems.Niall Sheridan
This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>.
2016-06-02Set an expiry on keys added to the agentNiall Sheridan
2016-05-29Switch from json to hcl configsNiall Sheridan
This is backward-compatible with the JSON config format - this is a non-breaking change. HCL treats config blocks as repeated fields so the config has to be unmarshalled into a struct comprised of []Server, []Auth, []SSH first.
2016-05-29Use flags as defaults, allow them to override config fileNiall Sheridan
2016-05-29fix client_test.go invocations of send methodPatrick O'Doherty
2016-05-29Add validate_tls_certificate option to client configPatrick O'Doherty
To allow for easier development on localhost where one cannot get a root-CA signed TLS certificate, add a new validate_tls_certificate option to the configuration file which optionally allows for certificate chain checking to be disabled.
2016-05-29Fix testsNiall Sheridan
2016-05-29Use a simple config file for configuring the client.Niall Sheridan
2016-05-28Set expiry time in the github auth packageNiall Sheridan
2016-05-28Define the token tmpl as a stringNiall Sheridan
2016-05-24Don't allow wide-open Google or Github configsPatrick O'Doherty
Fail loudly if either the google_opts domain value or github_opts organization values are not set in the configuration. The lack of these values means that a) in the Google case any @gmail.com address will be allowed b) the Github case any Github user will be allowed. This was previously documented but left as a foot-gun in the code. Future commits will allow for explicit wildcards to be set.
2016-05-22Make template directory configurableNiall Sheridan
2016-05-22Move binaries into cmd/ directoryNiall Sheridan