Certificator Certgen merge requestshttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests2020-05-26T17:26:21+02:00https://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/17certs: Implement --skip-renew option2020-05-26T17:26:21+02:00Martin Prudekcerts: Implement --skip-renew optionThis option is useful primary during upstart when we want to start
Sentinel:proxy quickly. There surely must be a valid cert before proxy start so
it must be downloaded when there's no. But in case we have a valid cert
\- which is nea...This option is useful primary during upstart when we want to start
Sentinel:proxy quickly. There surely must be a valid cert before proxy start so
it must be downloaded when there's no. But in case we have a valid cert
\- which is nearly expired - we do not want ask for renew right on. The renew
could be done later on - probably as a backgroud job.Turris OS 5.1https://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/16Prepare directory for mailpass2019-07-29T13:40:41+02:00Vojtech MyslivecPrepare directory for mailpassFixes #12Fixes #12Turris OS 4.0https://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/15Fix private key permissions2019-07-08T14:00:11+02:00Vojtech MyslivecFix private key permissionsFixes #11
I have inverted group bits in umask :rolling\_eyes:Fixes #11
I have inverted group bits in umask :rolling\_eyes:Vojtech MyslivecVojtech Myslivechttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/14Fix non-existent constant import2019-06-25T11:06:34+02:00Vojtech MyslivecFix non-existent constant importFix an error introduced in !12 during fixup or rebaseFix an error introduced in !12 during fixup or rebaseTurris OS 4.0Vojtech MyslivecVojtech Myslivechttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/13Private key permissions2019-06-25T10:52:00+02:00Vojtech MyslivecPrivate key permissionsCreate private key with restrictive permission and check them on loadCreate private key with restrictive permission and check them on loadTurris OS 4.0Vojtech MyslivecVojtech Myslivechttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/12Hooks directory2019-06-25T10:54:15+02:00Vojtech MyslivecHooks directory(Optionally) run hooks from a directory when a certificate is issued
Closes #8
Please review !11 first(Optionally) run hooks from a directory when a certificate is issued
Closes #8
Please review !11 firstTurris OS 4.0Vojtech MyslivecVojtech Myslivechttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/11Wait delay limits2019-06-24T15:06:08+02:00Vojtech MyslivecWait delay limits- Implement wait delay boundaries (closes #6)
- Add dummy `WAIT` state to handle wait delay in one common place (with max wait tries)
- A bit of refactoring
Please review !10 first- Implement wait delay boundaries (closes #6)
- Add dummy `WAIT` state to handle wait delay in one common place (with max wait tries)
- A bit of refactoring
Please review !10 firstTurris OS 4.0Vojtech MyslivecVojtech Myslivechttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/10Package2019-07-15T17:49:09+02:00Vojtech MyslivecPackageConvert Certgen to packageConvert Certgen to packageTurris OS 4.0Vojtech MyslivecVojtech Myslivechttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/9Requests errors2019-04-29T18:47:09+02:00Vojtech MyslivecRequests errorsHandle requests http error
Needs to merge !8 first.Handle requests http error
Needs to merge !8 first.Turris OS 4.0Vojtech MyslivecVojtech Myslivechttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/8Limit max tries2019-04-29T18:47:09+02:00Vojtech MyslivecLimit max tries- Prevent *Certgen* to stuck forever
- Add "transition" state `FAIL`
- Lower `ERROR_WAIT` time to one minute
- It should fail quickly so it does not block other utilities, such as `sentinel-proxy` or `notifier`
- Refactor the cod...- Prevent *Certgen* to stuck forever
- Add "transition" state `FAIL`
- Lower `ERROR_WAIT` time to one minute
- It should fail quickly so it does not block other utilities, such as `sentinel-proxy` or `notifier`
- Refactor the code a bit
The code is prepared to add a command line option to change `max_tries` variable, however it is not needed at the moment.
Closes #7
Vojtech MyslivecVojtech Myslivechttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/7Rename parameter names2019-04-29T18:47:09+02:00Vojtech MyslivecRename parameter names- `csr` → `csr_str`
- `atsha204` → `atsha`
- `digest` → `signature`
**Backward incompatible changes!**
Closes #4- `csr` → `csr_str`
- `atsha204` → `atsha`
- `digest` → `signature`
**Backward incompatible changes!**
Closes #4Turris OS 4.0Vojtech MyslivecVojtech Myslivechttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/6OTP2019-04-29T18:47:09+02:00Martin PrudekOTPUse **crypto-wrapper** and support **MOX OTP**
Closes #2 Use **crypto-wrapper** and support **MOX OTP**
Closes #2 Turris OS 4.0Martin PrudekMartin Prudekhttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/5Mailpass2019-03-29T13:49:52+01:00Martin PrudekMailpassCloses #3
Allow **certgen** to obtain password for out smtp server the same way as Sentinel certificates.
First, slightly refactoring of the original state machine. One parent object was added to handle common functions - like aut...Closes #3
Allow **certgen** to obtain password for out smtp server the same way as Sentinel certificates.
First, slightly refactoring of the original state machine. One parent object was added to handle common functions - like authentication (processing *AUTH* state) and http/s communication. On the top of that child objects which implement one of the two main actions - **certs** and **mailpass** were added.
These two new objects implement child-specific functions like processing *GET* and *INIT* states in which child-specific data is processed.Turris OS 4.0Martin PrudekMartin Prudekhttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/4Prepare for deploy2019-03-12T11:03:31+01:00Martin PrudekPrepare for deployCloses #1. Adds default values for all cli parameters. Removes some TODOs. + a small bug fixCloses #1. Adds default values for all cli parameters. Removes some TODOs. + a small bug fixMartin PrudekMartin Prudekhttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/2Improve cryptographic code2018-06-27T17:05:57+02:00Martin PrudekImprove cryptographic code- use propper name of elliptic curve constant
- use more readable code style in csr generating- use propper name of elliptic curve constant
- use more readable code style in csr generatingMartin PrudekMartin Prudekhttps://gitlab.nic.cz/turris/sentinel/certgen/-/merge_requests/1Sentinel:Certgen2019-04-18T14:28:11+02:00Martin PrudekSentinel:CertgenRobin ObůrkaRobin Obůrka