-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[pull] master from smallstep:master #210
Commits on Oct 2, 2023
-
Prevent invalid provisioner name on
step ca init
An unfortunate combination of `--provisioner acme` and the `--acme` flags on `step ca init` could lead to an invalidat CA configuration. This commit prevent this case from happening. A similar error could occur for the `sshpop` provisioner, so a fix was implemented for that case too. The fix doesn't catch all cases, e.g. it doesn't check for multiple provisioners having the same `acme-` or `sshpop-` prefix. The code that is called is intended to be only called from a `step ca init` invocation, so should work for these cases, but might not if the methods are invoked at other times.
Configuration menu - View commit details
-
Copy full SHA for 3c08482 - Browse repository at this point
Copy the full SHA 3c08482View commit details -
Configuration menu - View commit details
-
Copy full SHA for 991a9a6 - Browse repository at this point
Copy the full SHA 991a9a6View commit details -
Add some basic tests for
GenerateConfig
So far the `GenerateConfig` method wasn't tested. This commit adds a couple of basic tests for this method. It's not fully covered yet, nor are all properties being checked, but it provides a starting point for refactoring the CA (configuration) initialization process.
Configuration menu - View commit details
-
Copy full SHA for 2e560ca - Browse repository at this point
Copy the full SHA 2e560caView commit details
Commits on Oct 3, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 3c12b4f - Browse repository at this point
Copy the full SHA 3c12b4fView commit details
Commits on Oct 4, 2023
-
Implement workaround for weird macOS SCEP message in query
Apparently the macOS SCEP client sends a SCEP message in the query that's not fully escaped. Only the base64 padding is escaped, the '+' and '/' characters aren't. This is a bit of a special case, because the macOS SCEP client will default to using HTTP POST for the PKIOperation. But if the CA is configured without the POSTPKIOperation capability, the macOS SCEP client will use HTTP GET instead. This behavior might be the same on iOS.
Configuration menu - View commit details
-
Copy full SHA for cd78b9f - Browse repository at this point
Copy the full SHA cd78b9fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 965d7aa - Browse repository at this point
Copy the full SHA 965d7aaView commit details -
Configuration menu - View commit details
-
Copy full SHA for 25f4b40 - Browse repository at this point
Copy the full SHA 25f4b40View commit details -
Merge pull request #1570 from smallstep/herman/improve-scep-request-h…
…andling Improve SCEP request handling
Configuration menu - View commit details
-
Copy full SHA for d1dd1fa - Browse repository at this point
Copy the full SHA d1dd1faView commit details -
Merge pull request #1566 from smallstep/herman/fix-init-with-duplicat…
…e-provisioner-name Fix `step ca init` with duplicate provisioner name (`--provisioner acme --acme`)
Configuration menu - View commit details
-
Copy full SHA for 06750b0 - Browse repository at this point
Copy the full SHA 06750b0View commit details
Commits on Oct 6, 2023
-
Allow for identity certificate signing (in sshSign) by skipping valid…
…ators (#1572) - skip urisValidator for identity certificate signing. Implemented by building the validator with the context in a hacky way.
Configuration menu - View commit details
-
Copy full SHA for 9f84f7c - Browse repository at this point
Copy the full SHA 9f84f7cView commit details