Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-07-31 | Use a KRL for revoked certs | Niall Sheridan | |
2016-07-24 | Add a page for revoking certs | Niall Sheridan | |
Add a template for revocation Use DATETIME type to store created/expires times Require auth for the /admin and /revoke endpoints | |||
2016-07-17 | Add some handlers tests | Niall Sheridan | |
2016-07-03 | first pass at a certificate store | Niall Sheridan | |
2016-06-30 | Configurable logfile location | Niall Sheridan | |
2016-06-28 | http logging | Niall Sheridan | |
2016-06-27 | Updated agent lib accepts *ed25519.PrivateKey | Niall Sheridan | |
2016-06-06 | Merge pull request #18 from nsheridan/agent_lifetime | Niall Sheridan | |
Remove certs from the agent when they expire | |||
2016-06-06 | Merge pull request #16 from nsheridan/s3 | Niall Sheridan | |
Add AWS S3 and Google GCS virtual filesystems | |||
2016-06-06 | Save oauth 'state' identifier in the client | Niall Sheridan | |
2016-06-05 | Add AWS S3 and Google GCS virtual filesystems. | Niall Sheridan | |
This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>. | |||
2016-06-02 | Set an expiry on keys added to the agent | Niall Sheridan | |
2016-05-29 | Switch from json to hcl configs | Niall Sheridan | |
This is backward-compatible with the JSON config format - this is a non-breaking change. HCL treats config blocks as repeated fields so the config has to be unmarshalled into a struct comprised of []Server, []Auth, []SSH first. | |||
2016-05-29 | Use flags as defaults, allow them to override config file | Niall Sheridan | |
2016-05-29 | fix client_test.go invocations of send method | Patrick O'Doherty | |
2016-05-29 | Add validate_tls_certificate option to client config | Patrick O'Doherty | |
To allow for easier development on localhost where one cannot get a root-CA signed TLS certificate, add a new validate_tls_certificate option to the configuration file which optionally allows for certificate chain checking to be disabled. | |||
2016-05-29 | Fix tests | Niall Sheridan | |
2016-05-29 | Use a simple config file for configuring the client. | Niall Sheridan | |
2016-05-28 | Set expiry time in the github auth package | Niall Sheridan | |
2016-05-28 | Define the token tmpl as a string | Niall Sheridan | |
2016-05-24 | Don't allow wide-open Google or Github configs | Patrick O'Doherty | |
Fail loudly if either the google_opts domain value or github_opts organization values are not set in the configuration. The lack of these values means that a) in the Google case any @gmail.com address will be allowed b) the Github case any Github user will be allowed. This was previously documented but left as a foot-gun in the code. Future commits will allow for explicit wildcards to be set. | |||
2016-05-22 | Make template directory configurable | Niall Sheridan | |
2016-05-22 | Move binaries into cmd/ directory | Niall Sheridan | |